#!/bin/sh

set -e

# this helps with running the test outside of the autopkgtest environment
if [ -z "${AUTOPKGTEST_TMP:-}" ]; then
  AUTOPKGTEST_TMP="$(mktemp -d --suffix=.autopkgtest)"
fi
if [ -z "${AUTOPKGTEST_ARTIFACTS:-}" ]; then
  AUTOPKGTEST_ARTIFACTS=$AUTOPKGTEST_TMP
fi

# certspotter uses these to override the default ~/.certspotter path.
# We use the environment variables (rather than -watchlist and -state_dir)
# in our systemd service, so it's better to test with these for parity
export CERTSPOTTER_CONFIG_DIR=$AUTOPKGTEST_TMP/certspotter-cfg
export CERTSPOTTER_STATE_DIR=$AUTOPKGTEST_TMP/certspotter

mkdir $CERTSPOTTER_CONFIG_DIR $CERTSPOTTER_STATE_DIR

# monitor all domains - this should always have traffic
echo '.' > $CERTSPOTTER_CONFIG_DIR/watchlist

# start the log from the beginning, and fetch some lines of output, which
# should have plenty of certificates in it
certspotter -no_save -stdout | head -n 500 > $AUTOPKGTEST_ARTIFACTS/stdout

# now check for at least one logged certificate
grep -q Pubkey $AUTOPKGTEST_ARTIFACTS/stdout
