TheLocehiliosan_yadm/contrib/hooks/encrypt_with_checksums/post_status

#!/usr/bin/env bash

# yadm - Yet Another Dotfiles Manager
# Copyright (C) 2015-2021 Tim Byrne and Martin Zuther

# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.


YADM_CHECKSUMS="$YADM_HOOK_DIR/files.checksums"
WARNING_MESSAGE="Checksums were not verified"

# unpack exported array; filenames including a newline character (\n)
# are NOT supported
OLD_IFS="$IFS"
IFS=$'\n'
YADM_ENCRYPT_INCLUDE_FILES=( $YADM_ENCRYPT_INCLUDE_FILES )
IFS="$OLD_IFS"


function get_checksum_command {
    # check if "shasum" exists and supports the algorithm (which is
    # tested by sending an empty string to "shasum")
    if command -v "shasum" > /dev/null && printf "" | shasum --algorithm "256" &> /dev/null; then
        printf "shasum --algorithm 256"
    # check if "sha256sum" exists
    elif command -v "sha256sum" > /dev/null; then
        printf "sha256sum"
    # check if "gsha256sum" exists
    elif command -v "gsha256sum" > /dev/null; then
        printf "gsha256sum"
    else
        # display warning in bright yellow
        printf "\033[1;33m" >&2
        printf "\nWARNING: \"shasum\", \"sha256sum\" and \"gsha256sum\" not found.   %s\n" "$WARNING_MESSAGE." >&2

        # reset output color
        printf "\033[0m" >&2

        # signal error
        return 1
    fi
}


# if there is no checksum file, exit with original status of yadm
# command
if [ ! -f "$YADM_CHECKSUMS" ]; then
    exit "$YADM_HOOK_EXIT"
fi

# get checksum command
CHECKSUM_COMMAND=$(get_checksum_command)

# no command found
if (($?)); then
    # return original exit status of yadm command
    exit "$YADM_HOOK_EXIT"
fi

# check encrypted files for differences and capture output and error
# messages
YADM_CHECKSUM_OUTPUT=$($CHECKSUM_COMMAND --check "$YADM_CHECKSUMS" 2>&1)
ERROR_CODE=$?

# handle mismatched checksums and errors
if (($ERROR_CODE)); then
    printf "\nSome SHA-256 sums do not match (or an error occurred):\n\n"

    # display differing files and errors (highlighted in red)
    printf "\033[0;31m"

    while IFS= read -r line; do
        # beautify output and get rid of unnecessary lines
        line="${line%%*: [Oo][Kk]}"
        line="${line%%: [Ff][Aa][Ii][Ll][Ee][Dd]}"
        line="${line##*WARNING:*did NOT match}"

        if [ -n "$line" ]; then
            printf "%s\n" "$line"
        fi
    done <<< "$YADM_CHECKSUM_OUTPUT"

    # reset output color
    printf "\033[0m"

    # display advice for differing files and signal error
    printf "\nConsider running either \"yadm encrypt\" or \"yadm decrypt\".\n"
    exit $ERROR_CODE
fi