--[[
process_logs is the starting function that fluent-bit calls
  - return codes : -1 record must be deleted
                    0 record not modified, keep the original
                    1 record was modified, replace timestamp and record
                    2 record was modified, replace record and keep timestamp
]]

function process_logs(tag, timestamp, record)
  local new_record = {}
  new_record = record

  -- bypass severity filtering by setting log_class=replay
  new_record["log_class"] = "replay"

  if record["original-log"] then
    new_record["message"] = record["original-log"]
    new_record["original-log"] = nil
    
    -- In the event a replay severity isn't added 
    if record["replay_severity"] == nil then 
      new_record["replay_severity"] = "info"
    end
  end

  -- when the logreplay container dumps the original log messages for a pod it also sets an
  -- "original-time" field which is the time that the original log message was written.
  -- So we need to take this and set it as the "timestamp" field so that it shows up in
  -- GCP as the time the log originally occurred rather than the time the log was replayed.
  if record["original-time"] then
    return 1, record["original-time"], new_record
  else
    return 2, timestamp, new_record
  end
end

--[[
  return a table of functions here so we can import them in unit tests
  ]]
  return {
    process_logs = process_logs,
  }