#!/usr/bin/bash
# This script will print a message in the serial console
# if no ssh keys were added by Ignition/Afterburn.
main() {
    # Change the output color to yellow
    warn='\033[0;33m'
    # No color
    nc='\033[0m'

    # See https://github.com/coreos/ignition/pull/964 for the MESSAGE_ID
    # source. It will track the authorized-ssh-keys entries in journald
    # provided via Ignition. Limit journal output to the most recent boot
    # so we don't get output from re-used /var/ partitions.
    ignitionusers=$(
            journalctl -b 0 -o json-pretty MESSAGE_ID=225067b87bbd4a0cb6ab151f82fa364b | \
            jq -r '.MESSAGE' | \
            xargs -I{} echo "Ignition: {}")

    # See https://github.com/coreos/afterburn/pull/397 for the MESSAGE_ID
    # source. It will track the authorized-ssh-keys entries in journald
    # provided via Afterburn.Limit journal output to the most recent boot
    # so we don't get output from re-used /var/ partitions.

    afterburnusers=$(
            journalctl -b 0 -o json-pretty MESSAGE_ID=0f7d7a502f2d433caa1323440a6b4190 | \
            jq -r '.MESSAGE' | \
            xargs -I{} echo "Afterburn: {}")

    output=''
    if [ -n "$ignitionusers" ]; then
        output+="$ignitionusers"
    fi
    if [ -n "$afterburnusers" ]; then
        # add newline if needed
        if [ -n "$output" ]; then
            output+=$'\n'
        fi
        output+="$afterburnusers"
    fi

    if [ -n "$output" ]; then
        echo "$output" > /etc/issue.d/30_ssh_authorized_keys.issue
    else
        echo -e "${warn}No SSH authorized keys provided by Ignition or Afterburn${nc}" \
            > /etc/issue.d/30_ssh_authorized_keys.issue
    fi
}

main