#!/usr/bin/env bash

# Copyright 2016 Red Hat Inc., Durham, North Carolina.
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
#
# Authors:
#      Martin Preisler <mpreisle@redhat.com>

function die()
{
    echo "$*" >&2
    exit 1
}

function invalid()
{
    echo -e "$*\n" >&2
    usage
    exit 1
}

function usage()
{
    echo "oscap-chroot -- Tool for offline SCAP evaluation of filesystems mounted in arbitrary paths."
    echo
    echo "Usage:"
    echo
    echo "$ oscap-chroot CHROOT_PATH xccdf eval [options] INPUT_CONTENT"
    echo
    echo "supported oscap xccdf eval options are:"
    echo "  --profile"
    echo "  --tailoring-file"
    echo "  --tailoring-id"
    echo "  --cpe (external OVAL dependencies are not supported yet!)"
    echo "  --oval-results"
    echo "  --check-engine-results"
    echo "  --results"
    echo "  --results-arf"
    echo "  --report"
    echo "  --skip-valid"
    echo "  --fetch-remote-resources"
    echo "  --progress"
    echo "  --datastream-id"
    echo "  --xccdf-id"
    echo "  --benchmark-id"
    echo
    echo "$ oscap-chroot CHROOT_PATH oval eval [options] INPUT_CONTENT"
    echo
    echo "supported oscap oval eval options are:"
    echo "  --id"
    echo "  --variables"
    echo "  --directives"
    echo "  --results"
    echo "  --report"
    echo "  --skip-valid"
    echo "  --datastream-id"
    echo "  --oval-id"
    echo
    echo "$ oscap-chroot CHROOT_PATH oval collect [options] INPUT_CONTENT"
    echo
    echo "supported oscap oval collect options are:"
    echo "  --id"
    echo "  --syschar"
    echo "  --variables"
    echo "  --skip-valid"
    echo
    echo "See \`man oscap\` to learn more about semantics of these options."
}

if [ $# -lt 1 ]; then
    invalid "No arguments provided."
elif [ "$1" == "-h" ] || [ "$1" == "--help" ]; then
    usage
    exit 0
elif [ "$#" -gt 1 ]; then
    true
else
    invalid "Invalid arguments provided."
fi

# Learn more at https://www.redhat.com/archives/open-scap-list/2013-July/msg00000.html
export OSCAP_PROBE_ROOT
OSCAP_PROBE_ROOT="$(cd "$1" && pwd)" || die "Invalid CHROOT_PATH argument."
export OSCAP_EVALUATION_TARGET="chroot://$OSCAP_PROBE_ROOT"
shift 1

oscap "$@"
EXIT_CODE=$?

exit $EXIT_CODE