#!/bin/bash
# Copyright (C) 2023 Rusbitech-Astra <support@rusbitech.ru>

if [[ $# -lt 1 ]]; then
    echo "Usage:
    kub-fingerprints <cluster> [host]
    Get fingerprints fpr one host or for all"
    exit 0
fi

print-fingerprints() {
    #br30 192.168.2.30 D dklushin Astra2008
    local BR_HOSTNAME=$1
    local BR_IP=$2
    local BR_TYPE=$3
    if ! ping -c 1 -W 4 "${BR_IP}" >/dev/null ; then
        echo "${BR_HOSTNAME}: ${BR_IP} is unavailable"
        return 1
    fi

    if [[ "${BR_TYPE}" == *E* ]]; then
        echo "SKIPPED: scan for external host is not allowed"
        return 0
    fi

    if ssh-keygen -F "${BR_HOSTNAME}" &>/dev/null || ssh-keygen -F "${BR_IP}" &>/dev/null ; then
        echo -n "ADDED: "
    else
        echo -n "NEW: "
    fi
    #TODO:changed
    echo -n "${BR_HOSTNAME}: "
    ssh-keyscan -t "ssh-ed25519" "${BR_IP}" 2>&1 | ssh-keygen -lf - || exit-err "Failed to scan fingerprints for ${BR_IP}"

    #quiet if fingerprint added: https://unix.stackexchange.com/questions/132791/have-ssh-add-be-quiet-if-key-already-there

    # нужно ли добавить реальную возможность добавлять отпечатки???
}

BR_CLUSTER=$1
BR_HOST=$2
# shellcheck disable=SC1091
source /var/lib/brest-kub/scripts/init-user-env.sh

#ssh-keygen -F <hostname>

EXIT_CODE=0

if [[ -n $BR_HOST ]]; then # Gather for one host
    # shellcheck disable=SC2086
    print-fingerprints ${BR_HOST} ${BR_CONFIG[$BR_HOST]} || EXIT_CODE=1
else # Gather for all
    for BR_HOST in "${!BR_CONFIG[@]}"; do
        # shellcheck disable=SC2086
        print-fingerprints ${BR_HOST} ${BR_CONFIG[$BR_HOST]} || EXIT_CODE=1
    done
fi
exit $EXIT_CODE
