#!/usr/bin/env sh

set -eo pipefail

#
# `morph build ...` output is like
#
#   Selected 2/2 hosts (name filter:-0, limits:-0):
#             0: xx.xx.xx.xx (secrets: 1, health checks: 0)
#             1: yy.yy.yy.yy (secrets: 2, health checks: 0)
#
#   /nix/store/d7spc457nnzh0rnv0f5lh1q2j435j1b9-morph
#   nix result path:
#   /nix/store/d7spc457nnzh0rnv0f5lh1q2j435j1b9-morph
#
# Get the last line so we can scan it.
#

OUTPUT=$1

rm -v scan-target
nix-shell --run '
object=$(morph build morph/grid/testing/grid.nix 2>&1 | tail -n 1)
ln -s "$object" scan-target
'

nix-shell -p vulnix --run 'vulnix ./scan-target/' | tee "$OUTPUT"