#!/usr/bin/env bash

# Compare licenses of Go dependencies against a whitelist.

set -e -o pipefail

not_allowed() {
  echo "license not allowed for package: $line"
  err=1
}

go mod download

go-licenses csv ./... | {
while read line; do

  pkg=${line%%,*}
  lic=${line##*,}

  case $lic in
    Apache-2.0|BSD-2-Clause|BSD-3-Clause|ISC|MIT)
      ;;

    MPL-2.0)
      case $pkg in
        github.com/talos-systems/talos/pkg/machinery/config/encoder)
          ;;
        github.com/letsencrypt/boulder)
          ;;
        github.com/hashicorp/*)
          ;;
        *)
          not_allowed
          ;;
      esac
      ;;

    AGPL-3.0)
      case $pkg in
        github.com/edgelesssys/constellation/v2)
          ;;
        *)
          not_allowed
          ;;
      esac
      ;;

    Unknown)
      case $pkg in
        *)
          not_allowed
          ;;
      esac
      ;;

    *)
      echo "unknown license: $line"
      err=1
      ;;
  esac

done
exit $err
}