#!/usr/bin/env bash

docker run \
    --rm \
    -ti \
    --pull=always \
    --platform linux/arm64 \
    --workdir=/srv/workspace \
    --mount type=bind,source=.,target=/srv/workspace \
    -e AWS_ACCESS_KEY=$(rbw get -f username "CloudFlare TFState") \
    -e AWS_SECRET_KEY=$(rbw get "CloudFlare TFState") \
    -e ARM_CLIENT_ID=$(rbw get -f username "Azure Infrastructure App Registration") \
    -e ARM_CLIENT_SECRET=$(rbw get "Azure Infrastructure App Registration") \
    -e ARM_TENANT_ID=$(rbw get -f TenantID "Azure Infrastructure App Registration") \
    -e ARM_SUBSCRIPTION_ID=$(rbw get -f SubscriptionID "Azure Infrastructure App Registration") \
    -e HCLOUD_TOKEN="$(rbw get "HCloud API")" \
    -e CLOUDFLARE_API_TOKEN="$(rbw get -f "DNS API Token" "CloudFlare")" \
    ghcr.io/opentofu/opentofu:latest \
    $@