# Import secrets to local file and update some of them with correct values
aws secretsmanager list-secrets --region eu-west-2 --query "SecretList[?starts_with(Name, 'env/r2d2/')].Name" --output json | \
  jq -r '.[]' | \
  xargs -I {} aws secretsmanager get-secret-value --region eu-west-2 --secret-id {} --output json | \
  jq --arg newvalue "$ENV_NAME" '.Name |= sub("r2d2"; $newvalue) | .SecretString |= sub("r2d2"; $newvalue) | {Name: .Name, SecretString: (.SecretString | @base64)}' | \
  jq -s -c '.' >> secrets.json
  
# Export secrets to AWS secrets

JSON_FILE="secrets.json"
# Iterate through each object in the JSON array
for secret in $(jq -c '.[]' "$JSON_FILE"); do
    # Extract values from each JSON object
    SECRET_NAME=$(echo "$secret" | jq -r '.Name')
    SECRET_STRING_BASE64=$(echo "$secret" | jq -r '.SecretString')

    # Decode base64 string
    SECRET_STRING=$(echo "$SECRET_STRING_BASE64" | base64 -d)


    # Check if the secret already exists
    aws secretsmanager describe-secret --region eu-west-2 --secret-id "$SECRET_NAME" >/dev/null 2>&1
    if [ $? -eq 0 ]; then
        echo "Secret $SECRET_NAME already exists. Skipping creation."
    else
    # Create the AWS Secrets Manager secret
        aws secretsmanager create-secret --region eu-west-2 \
            --name "$SECRET_NAME"  \
            --secret-string "$SECRET_STRING"
    fi
done