#!/usr/bin/env ruby
# frozen_string_literal: true

ALLOWED = [
  # https://gitlab.com/gitlab-org/gitaly/issues/760
  'lib/elasticsearch/git/repository.rb',

  # Needed to handle repositories that are not in any storage
  'lib/gitlab/bare_repository_import/repository.rb',

  # Needed to avoid using the git binary to validate a branch name
  'lib/gitlab/git_ref_validator.rb',

  # Reverted Rugged calls due to Gitaly atop NFS performance
  # See https://docs.gitlab.com/ee/development/gitaly.html#legacy-rugged-code.
  'lib/gitlab/git/rugged_impl/',
  'lib/gitlab/gitaly_client/storage_settings.rb',

  # Needed to detect Rugged enabled: https://gitlab.com/gitlab-org/gitlab/issues/35371
  'lib/gitlab/config_checker/puma_rugged_checker.rb',

  # Needed for GPG/X509 commit signature API
  #
  'app/models/commit.rb',
  'lib/api/entities/commit_signature.rb',

  # Needed for logging
  'config/initializers/peek.rb',
  'config/initializers/lograge.rb',
  'lib/gitlab/grape_logging/loggers/perf_logger.rb',
  'lib/gitlab/instrumentation_helper.rb',
  'lib/gitlab/sidekiq_middleware/instrumentation_logger.rb',
  'lib/gitlab/rugged_instrumentation.rb',
  'lib/peek/views/rugged.rb'
].freeze

rugged_lines = IO.popen(%w[git grep -i -n rugged -- app config lib], &:read).lines
rugged_lines = rugged_lines.select { |l| /^[^:]*\.rb:/ =~ l }
rugged_lines = rugged_lines.reject { |l| l.start_with?(*ALLOWED) }
rugged_lines = rugged_lines.reject { |l| /(include|prepend) Gitlab::Git::RuggedImpl/ =~ l }
rugged_lines = rugged_lines.reject { |l| l.include?('Gitlab::ConfigChecker::PumaRuggedChecker.check') }
rugged_lines = rugged_lines.reject do |line|
  code, _comment = line.split('# ', 2)
  code !~ /rugged/i
end

exit if rugged_lines.empty?

puts "Using Rugged is only allowed in test and #{ALLOWED}\n\n"

puts rugged_lines

exit(false)