#!/bin/bash

INSTANCE_ID=$(curl -s -H Metadata-Flavor:Google http://metadata.google.internal/computeMetadata/v1/instance/id)
PROJECT_ID=$(curl -s -H Metadata-Flavor:Google http://metadata/computeMetadata/v1/project/project-id)

python3 3< <(gcloud logging read --format=json "logName=\"projects/${PROJECT_ID}/logs/compute.googleapis.com%2Fshielded_vm_integrity\" AND resource.labels.instance_id=\"${INSTANCE_ID}\" AND jsonPayload.@type=\"type.googleapis.com/cloud_integrity.IntegrityEvent\"") <<EOF
import os
import json

fh = os.fdopen(3)
data = json.loads(fh.read())

RED = '\033[0;31m'
GREEN = '\033[0;32m'
RESET = '\033[0m'

boots = {}
for item in data:
    if not item.get('jsonPayload'):
        continue

    boot_counter = item.get("jsonPayload").get('bootCounter')
    event_types = ['earlyBootReportEvent', 'lateBootReportEvent']
    for event_type in event_types:
        event = item.get('jsonPayload').get(event_type)
        if not event:
            continue

        policy_measurements = {}
        actual_measurements = {}
        for m in event['policyMeasurements']:
            policy_measurements[m["pcrNum"]] = m["value"]

        for m in event['actualMeasurements']:
            actual_measurements[m["pcrNum"]] = m["value"]

        if not boots.get(boot_counter):
            boots[boot_counter] = {}

        boots[boot_counter][event_type] = (event['policyEvaluationPassed'], policy_measurements, actual_measurements)

for boot_counter in sorted(boots.keys()):
    print(f"Boot #{boot_counter}:")
    print()

    for event_type in sorted(boots[boot_counter].keys()):
        has_passed, policy_measurements, actual_measurements = boots[boot_counter][event_type]

        color = GREEN if has_passed else RED
        print(f"Event: {event_type}, passed: {color}{has_passed}{RESET}")
        print(f"PCR #\t{'POLICY'.rjust(28)}\t{'ACTUAL'.rjust(28)}")
        for pcr in sorted(policy_measurements.keys()):
            policy = policy_measurements.get(pcr)
            actual = actual_measurements.get(pcr)
            color = GREEN if policy == actual else RED
            print(f"{pcr}: {color}{policy_measurements[pcr]}\t{actual}{RESET}")
        print()
    print()
EOF