#!/usr/bin/env bash
set -eo pipefail

FLUX_PATH="${1:-.}"

if [ -z "$POLARIS_CONFIG" ]; then
    POLARIS_CONFIG=(
        "--format=pretty"
        "--set-exit-code-on-danger"
        "--set-exit-code-below-score=80"
        "--only-show-failed-tests=true"
        "--audit-path=-"
    )
else
    # shellcheck disable=SC2128
    IFS=', ' read -r -a POLARIS_CONFIG <<<"$POLARIS_CONFIG"
fi

if [ -z "$FLUX_LOCAL_CONFIG" ]; then
    FLUX_LOCAL_CONFIG=(
        "--enable-helm"
        "--skip-secrets"
        "--skip-crds"
    )
else
    # shellcheck disable=SC2128
    IFS=' ' read -r -a FLUX_LOCAL_CONFIG <<<"$FLUX_LOCAL_CONFIG"
fi

printf "\nINFO - Auditing clusters\n"
find "${FLUX_PATH%/}" -mindepth 1 -maxdepth 1 -type d -print0 | while IFS= read -r -d $'\0' cluster; do
    printf "INFO - Auditing cluster %s\n" "${cluster##*/}"
    flux-local build "${FLUX_LOCAL_CONFIG[@]}" "${cluster}" |
        polaris audit "${POLARIS_CONFIG[@]}"
    echo
    if [[ ${PIPESTATUS[0]} != 0 ]]; then
        exit 1
    fi
done