#!/bin/sh
if [ $# -lt 3 ]; then
  echo "Usage: $0 file.json majorversion fullversion"
  echo "e.g. $0 OpenJDK17_sbom.json 17 17.0.8"
  exit 1
fi
SBOMFILE="$1"
MAJORVERSION="$2"
FULLVERSION="$3"

GLIBC=$(jq '.metadata.tools[] | select(.name|test("GLIBC")) | .version' $1 | tr -d \")
GCC=$(jq '.metadata.tools[] | select(.name|test("GCC")) | .version' $1 | tr -d \")
BOOTJDK=$(jq '.metadata.tools[] | select(.name|test("BOOTJDK")) | .version' $1  | tr -d \")
ALSA=$(jq '.metadata.tools[] | select(.name|test("ALSA")) | .version' $1 | tr -d \" | sed -e 's/^.*alsa-lib-//' -e 's/\.tar.bz2//')
FreeType=$(jq '.metadata.tools[] | select(.name|test("FreeType")) | .version' $1  | tr -d \")
FreeMarker=$(jq '.metadata.tools[] | select(.name|test("FreeMarker")) | .version' $1  | tr -d \")

EXPECTED_GLIBC=2.17
EXPECTED_GCC=NotDefined
[ "${MAJORVERSION}" = "17" ] && EXPECTED_GCC=10.3.0
EXPECTED_ALSA=1.1.6
RC=0
[ "${GLIBC}" != "$EXPECTED_GLIBC"   ] && echo "GLIBC version not ${EXPECTED_GLIBC}" && RC=1
[ "${GCC}"   != "$EXPECTED_GCC"     ] && echo "GCC version not ${EXPECTED_GCC}"     && RC=1
echo "BOOTJDK is ${BOOTJDK}"
[ "${ALSA}"  != "$EXPECTED_ALSA"    ] && echo "ALSA version not ${EXPECTED_ALSA}"   && RC=1

echo -n "Checking for JDK source SHA validity: "
GITSHA=$(jq '.components[].properties[] | select(.name|test("OpenJDK Source Commit")) | .value' $1 | tr -d \")
GITREPO=$(echo $GITSHA | cut -d/ -f1-5)
GITSHA=$(echo  $GITSHA | cut -d/ -f7)
git ls-remote ${GITREPO} | grep ${GITSHA} || RC=1

echo -n "Checking for temurin-build SHA validity: "
GITSHA=$(jq '.components[].properties[] | select(.name|test("Temurin Build Ref")) | .value' $1 | tr -d \")
GITREPO=$(echo $GITSHA | cut -d/ -f1-5)
GITSHA=$(echo  $GITSHA | cut -d/ -f7)
git ls-remote ${GITREPO} | grep ${GITSHA} || RC=1

exit $RC