#!/bin/bash
#
# Scan the bug numbers in commit logs and check whether it's still embargoed
#
# Put me on pre-push git hook
#

if [ ! -x /usr/bin/jq ]; then
    echo >&2 "embargoed check: jq is not present, please install jq package"
    exit 1
fi

remote="$1"
url="$2"

z40=0000000000000000000000000000000000000000

jsonf="$(mktemp)" || exit 1
trap "rm \"$jsonf\"" 0 1 2 3 15

curl -s -o "$jsonf" https://smash.suse.de/api/embargoed-bugs/ || exit 1

ids=$(jq -r '.[].bug.name | capture("^bnc#(?<id>[[:digit:]]+)").id' "$jsonf") \
	|| exit 1

declare -A emb_bugs
for e in $ids; do
    emb_bugs[$e]=1
done

while read local_ref local_sha remote_ref remote_sha
do
    test "$local_sha" = $z40 && continue
    case "$remote_ref" in
	*_EMBARGO/*|*_EMBARGO)
	    continue;;
	refs/heads/users/*/for-next)
	    base=${remote_ref#refs/heads/users/*/}
	    base=${base%/*}
	    ;;
	refs/heads/cve-*|refs/heads/SLE*|refs/heads/openSUSE*)
	    base=${remote_ref#refs/heads/}
	    ;;
	*)
	    continue;;
    esac

    if [ "$remote_sha" = $z40 ]; then
	range="refs/remotes/origin/$base..$local_sha"
    else
	range="$remote_sha..$local_sha"
    fi
    bugs=$(git log "$range" | grep -E '\(bsc|bnc|boo)#?[0-9]\+' | sed -e's/[^a-z0-9#]/ /g')
    test -z "$bugs" && continue
    for w in $bugs; do
	case "$w" in
	    bnc\#[0-9]*|bsc\#[0-9]*|boo\#[0-9]*)
		bug=${w#b*#}
		if [ -n "${emb_bugs[$bug]}" ]; then
		    echo >&2 "Found EMABARGO bug (in bsc#$bug) at $local_ref, not pushing"
		    exit 1
		fi
	esac
    done
done

exit 0