## Init Container Script
##
## Author: Stefan Dourado
## Email : stefan.dourado@ncr.com

set -e 

filter_map=/samhain/config/filter

host_dir=/ien_fs
tmp_dir=/tmp

info_level=err #none, crit, err, info, etc.
samhain="/samhain/sbin/samhain -p $info_level"

pod_db=/samhain/db/samhain_db
iso_db=$host_dir/rofs/var/samhain/db/samhain_db
static_iso_checksum=$(cat $host_dir/rofs/var/samhain/config/db_checksum | awk -F ':' '{print $2}')

pod_files=$tmp_dir/pod_db_files
iso_files=$tmp_dir/iso_db_files

pod_filter=$tmp_dir/pod_filter
iso_filter=$tmp_dir/iso_filter

filtered_pod=$tmp_dir/pod_db
filtered_iso=$tmp_dir/iso_db

ien_version_full=$(head -n1 $host_dir/ien-version)

config_path=/samhain/config/samhainrc

merge_db() { 
  # 1 - Init Pod DB
  [ -f $pod_db ] && mv $pod_db /tmp/   
  $samhain -t init

  # 2 - Create list of files of both pod and iso DB
  $samhain --delimited --list-database=$pod_db | awk -F ', ' '{print $17}' | sed 's/\\ / /g' | sort > $pod_files
  $samhain --delimited --list-database=$iso_db | awk -F ', ' '{print $17}' | sed 's/\\ / /g' | sort > $iso_files

  # 3 - Create filter for both pod and iso DB
  comm -1 -2 $pod_files $iso_files > $iso_filter

  # Use mounted filter file to ignore some iso entries
  sort $filter_map | comm -2 -3 $iso_filter - > $tmp_dir/temp_filter
  mv $tmp_dir/temp_filter $iso_filter
  cat $pod_files $iso_filter | sort | uniq -u > $pod_filter

  # 4 - Create partial DBs
  [ -s $pod_filter ] && $samhain --outfile=$filtered_pod --binary --list-filter=$pod_filter --list-database=$pod_db
  [ -s $iso_filter ] && $samhain --outfile=$filtered_iso --binary --list-filter=$iso_filter --list-database=$iso_db

  # 5 - Merge DBs and set IEN version before [SOF] line
  [ -s $pod_filter ] && sed -i '1,2d' $filtered_pod
  echo $ien_version_full > $tmp_dir/samhain_db
  $samhain -H $config_path | awk -F ':' '{print $2}' >> $tmp_dir/samhain_db
  [ -f $filtered_iso ] && cat $filtered_iso >> $tmp_dir/samhain_db || { echo "Filtered ISO DB was empty. Proceeding with only Pod DB entries."; echo [SOF] >> $tmp_dir/samhain_db; }
  [ -s $pod_filter ] && cat $filtered_pod >> $tmp_dir/samhain_db

  # 6 - Copy db to PV
  cp $tmp_dir/samhain_db $pod_db
}

# If ISO DB does not exist, we exit out
if ! test -f "$iso_db"; then
  echo "Error: ISO DB doesn't exist!!"
  exit 1
fi

computed_iso_checksum=$($samhain -H $iso_db | awk -F ':' '{print $2}')
if ! test "$static_iso_checksum" = "$computed_iso_checksum"; then
  echo "Warning: DB checksum doesn't match!!"
fi

# If PV DB does not exist, we generate one
if ! test -f "$pod_db"; then
  merge_db
else
  db_ien_version=$(head -n1 $pod_db)
  db_config_version=$(head -n2 $pod_db | tail -1)
  computed_config_checksum=$($samhain -H $config_path | awk -F ':' '{print $2}')
  # In case it exists, check if patching or creation is needed
  if test -z "$db_ien_version" || ! test "$db_ien_version" = "$ien_version_full"; then
    merge_db
  elif test -z "$db_config_version" || ! test "$db_config_version" = "$computed_config_checksum"; then
    merge_db
  fi
  echo "OK - DB Successfully created."
fi