#!/usr/bin/env bash
set -o errexit
set -o nounset
set -o pipefail

section() {
  printf '\n== %s ==\n' "$1"
}

if ! command -v virsh >/dev/null 2>&1; then
  printf 'INFO: virsh is not installed; VM audit skipped\n'
  exit 0
fi

section "Virtual machines"
virsh list --all || printf 'WARNING: unable to list virtual machines\n'

section "Storage pools"
virsh pool-list --all || printf 'WARNING: unable to list storage pools\n'

mapfile -t pools < <(virsh pool-list --all --name 2>/dev/null | sed '/^[[:space:]]*$/d' || true)
for pool in "${pools[@]}"; do
  section "Volumes in pool: $pool"
  virsh vol-list "$pool" || printf 'WARNING: unable to list volumes in pool %s\n' "$pool"
done

section "Possible VM disk and installation images"
search_roots=()
for path in /var/lib/libvirt /srv /opt; do
  [[ -d "$path" ]] && search_roots+=("$path")
done

if ((${#search_roots[@]} == 0)); then
  printf 'INFO: no configured search roots are present\n'
else
  find "${search_roots[@]}" -xdev -type f \
    \( -iname '*.qcow2' -o -iname '*.raw' -o -iname '*.iso' \) \
    -printf '%12s bytes  %p\n' 2>/dev/null \
    | sort -nr || true
fi

printf '\nINFO: audit complete; no files or libvirt resources were modified\n'