#!/bin/sh

#set -v
set -e

if test -z "$1"
then
    echo "syntax: $0 DCAP-VERSION"
    exit 1
fi

VERSION=$1

TARBALL=DCAP_${VERSION}.tar.gz

if ! test -f $TARBALL
then
    echo "error: $0 missing $TARBALL"
    exit 1
fi
tar xfz $TARBALL
DIRNAME=SGXDataCenterAttestationPrimitives-DCAP_${VERSION}
pushd $DIRNAME

# Apply patches from linux-sgx.spec since they update the package-lock.json
# to pull in security fixes. See linux-sgx.spec for the github URL of the
# source-git repo where the patches are maintained.
PATCHES="
0130-Bump-tar-fs-from-2.1.2-to-2.1.3-in-QuoteGeneration-p.patch
0131-Bump-on-headers-and-morgan-in-QuoteGeneration-pccs-4.patch
0132-Bump-brace-expansion-from-1.1.11-to-1.1.12-in-QuoteG.patch
0133-Bump-tar-fs-from-2.1.3-to-2.1.4-in-QuoteGeneration-p.patch
0134-PCCS-dependencies-updated-to-latest-minor.patch
0135-pccs-force-override-tar-module-to-7.0.0-series.patch
"
for p in $PATCHES
do
    patch -p1 < ../$p
done
pushd QuoteGeneration/pccs
echo " Downloading prod dependencies"
npm install --omit=dev --omit=optional --ignore-scripts
if ! npm audit
then
    echo "error: $0 some dependencies have known vulnerabilities"
    if test -z "$NPM_IGNORE_AUDIT"
    then
       exit 1
    fi
fi
rm -rf node_modules/*/prebuilds
rm -f node_modules/sqlite3/deps/sqlite-autoconf-*.tar.gz
popd

function find_package {
    find . -type f -name "package.json"  -not \( -path './QuoteGeneration/pccs/node_modules/resolve/test/*' -o -path './QuoteGeneration/pccs/node_modules/github-from-package/example/*' \)   "$@"
}

echo "LICENSES IN BUNDLE:"
find_package -exec jq '.license | strings' {} \; >> ../dcap-${VERSION}-pccs-nodejs-licenses.txt
find_package -exec jq '.license | objects | .type' {} \; >> ../dcap-${VERSION}-pccs-nodejs-licenses.txt 2>/dev/null
find_package -exec jq '.licenses[] .type' {} \; >> ../dcap-${VERSION}-pccs-nodejs-licenses.txt 2>/dev/null
sort -u -o ../dcap-${VERSION}-pccs-nodejs-licenses.txt ../dcap-${VERSION}-pccs-nodejs-licenses.txt

IGNORE_NO_LICENSE="(PCCS|seq-queue)"
# Locate any dependencies without a provided license
find_package -execdir jq 'if .license==null and .licenses==null then .name else null end' '{}' '+' \
  | grep -vE '^null$' | grep -v -E $IGNORE_NO_LICENSE | sort -u > ../nolicense.txt

if [ -s ../nolicense.txt ]; then
  echo -e "\e[5m\e[41mSome dependencies do not list a license. Manual verification required!\e[0m"
  cat ../nolicense.txt
  echo -e "\e[5m\e[41m======================================================================\e[0m"
else
  rm -f ../nolicense.txt
fi


if [ -d QuoteGeneration/pccs/node_modules ] ; then
  TODAY=$(date +"%Y%m%d")
  OUTPUT=dcap-${VERSION}-${TODAY}-pccs-node-modules.tar.xz
  tar cJf ../$OUTPUT --sort=name $(find QuoteGeneration/pccs -type d -name node_modules)

  echo "Review dcap-${VERSION}-pccs-nodejs-licenses.txt for any new"
  echo "licenses to be added to linux-sgx.spec"
  echo "New archive is $OUTPUT"
fi

popd

rm -rf $DIRNAME
