#!/usr/bin/expect -f
# Note: Expects to be able to run 'sudo install' without a password

set timeout -1
set send_human {0.05 0 1 0.05 0.3}
set CTRLC \003
set record_name [lindex $argv 0];

proc expect_prompt {} {
    # This matches the trailing 0m of our ANSI control sequence. See PS1 in Dockerfile.
    expect "0m "
}

proc run_command {cmd} {
    send -h "$cmd"
    send "\r"
    expect -timeout 1
}

# Start recording
spawn asciinema rec --overwrite /recordings/verify-cli.cast
send "\r"
expect_prompt

run_command "# Step 1: Install SLSA verifier"
expect_prompt
run_command "curl -sLO https://github.com/slsa-framework/slsa-verifier/releases/latest/download/slsa-verifier-linux-amd64"
expect_prompt
run_command "sudo install slsa-verifier-linux-amd64 /usr/local/bin/slsa-verifier"
expect_prompt

run_command "# Step 2: Download Constellation CLI and provenance"
expect_prompt
run_command "curl -sLO https://github.com/edgelesssys/constellation/releases/latest/download/constellation-linux-amd64"
expect_prompt
run_command "curl -sLO https://github.com/edgelesssys/constellation/releases/latest/download/constellation.intoto.jsonl"
expect_prompt

run_command "# Step 3: Verify provenance"
expect_prompt
run_command "slsa-verifier verify-artifact constellation-linux-amd64 --provenance-path constellation.intoto.jsonl --source-uri github.com/edgelesssys/constellation"
expect_prompt

run_command "# Step 4: Install the CLI"
expect_prompt
run_command "sudo install constellation-linux-amd64 /usr/local/bin/constellation"
expect_prompt
run_command "# Done! You can now use the verified CLI"
expect_prompt
run_command "constellation -h"
expect_prompt

# Stop recording
send "exit"