From 8fe1d28aa7bfa06a824ec01b979e51871bc770ed Mon Sep 17 00:00:00 2001 From: Max Leonard Inden Date: Mon, 18 Jun 2018 23:00:48 +0200 Subject: [PATCH] format: Introduce shellcheck [1] for shell script analysis [1] https://github.com/koalaman/shellcheck --- Makefile | 6 ++++- contrib/kube-prometheus/Makefile | 5 +---- contrib/kube-prometheus/README.md | 2 +- contrib/kube-prometheus/build.sh | 2 +- .../custom-metrics-api/gencerts.sh | 9 ++++---- contrib/kube-prometheus/test.sh | 7 +++--- hack/concat-kubernetes-manifests.sh | 2 +- hack/run-external.sh | 4 ++-- hack/show-image.sh | 2 +- helm/hack/e2e-test.sh | 22 +++++++++---------- helm/hack/helm-package.sh | 20 +++++++++-------- helm/hack/sync-repo.sh | 13 +++++------ helm/hack/wait-pods-running-state.sh | 7 +++--- scripts/check_license.sh | 11 +++++----- scripts/create-minikube.sh | 6 ++--- scripts/travis-e2e-helm.sh | 6 +++-- scripts/travis-e2e.sh | 6 +++-- 17 files changed, 69 insertions(+), 61 deletions(-) diff --git a/Makefile b/Makefile index 9edd6d842..b644e7436 100644 --- a/Makefile +++ b/Makefile @@ -145,7 +145,7 @@ $(TO_BE_EXTENDED_DOCS): $(EMBEDMD_BINARY) $(shell find example) kube-prometheus ############## .PHONY: format -format: go-fmt check-license +format: go-fmt check-license shellcheck .PHONY: go-fmt go-fmt: @@ -155,6 +155,10 @@ go-fmt: check-license: ./scripts/check_license.sh +.PHONY: shellcheck +shellcheck: + docker run -v "${PWD}:/mnt" koalaman/shellcheck:stable $(shell find -type f -name "*.sh" -not -path "*vendor*") + ########### # Testing # diff --git a/contrib/kube-prometheus/Makefile b/contrib/kube-prometheus/Makefile index bab98bcb0..74ccee14a 100644 --- a/contrib/kube-prometheus/Makefile +++ b/contrib/kube-prometheus/Makefile @@ -3,8 +3,6 @@ JSONNET_FMT := jsonnet fmt -n 2 --max-blank-lines 2 --string-style s --comment-s JB_BINARY:=$(GOPATH)/bin/jb EMBEDMD_BINARY:=$(GOPATH)/bin/embedmd -# edit 1 - all: generate fmt test ../../hack/jsonnet-docker-image: ../../scripts/jsonnet/Dockerfile @@ -26,10 +24,9 @@ generate-in-docker: ../../hack/jsonnet-docker-image generate: manifests **.md **.md: $(EMBEDMD_BINARY) $(shell find examples) build.sh example.jsonnet - echo '>>> inside **.md' $(EMBEDMD_BINARY) -w `find . -name "*.md" | grep -v vendor` -manifests: vendor example.jsonnet +manifests: vendor example.jsonnet build.sh rm -rf manifests ./build.sh diff --git a/contrib/kube-prometheus/README.md b/contrib/kube-prometheus/README.md index 5b2141c89..bf61d9aeb 100644 --- a/contrib/kube-prometheus/README.md +++ b/contrib/kube-prometheus/README.md @@ -112,7 +112,7 @@ rm -rf manifests mkdir manifests # optional, but we would like to generate yaml, not json -jsonnet -J vendor -m manifests ${1-example.jsonnet} | xargs -I{} sh -c 'cat $1 | gojsontoyaml > $1.yaml; rm -f $1' -- {} +jsonnet -J vendor -m manifests "${1-example.jsonnet}" | xargs -I{} sh -c 'cat {} | gojsontoyaml > {}.yaml; rm -f {}' -- {} ``` diff --git a/contrib/kube-prometheus/build.sh b/contrib/kube-prometheus/build.sh index 6037c3db7..4eaf5ac56 100755 --- a/contrib/kube-prometheus/build.sh +++ b/contrib/kube-prometheus/build.sh @@ -9,5 +9,5 @@ rm -rf manifests mkdir manifests # optional, but we would like to generate yaml, not json -jsonnet -J vendor -m manifests ${1-example.jsonnet} | xargs -I{} sh -c 'cat $1 | gojsontoyaml > $1.yaml; rm -f $1' -- {} +jsonnet -J vendor -m manifests "${1-example.jsonnet}" | xargs -I{} sh -c 'cat {} | gojsontoyaml > {}.yaml; rm -f {}' -- {} diff --git a/contrib/kube-prometheus/experimental/custom-metrics-api/gencerts.sh b/contrib/kube-prometheus/experimental/custom-metrics-api/gencerts.sh index 7cd8af931..b1e16031f 100755 --- a/contrib/kube-prometheus/experimental/custom-metrics-api/gencerts.sh +++ b/contrib/kube-prometheus/experimental/custom-metrics-api/gencerts.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash # Detect if we are on mac or should use GNU base64 options -case `uname` in +case $(uname) in Darwin) b64_opts='-b=0' ;; @@ -17,7 +17,8 @@ echo '{"signing":{"default":{"expiry":"43800h","usages":["signing","key encipher export SERVICE_NAME=custom-metrics-apiserver export ALT_NAMES='"custom-metrics-apiserver.monitoring","custom-metrics-apiserver.monitoring.svc"' -echo '{"CN":"'${SERVICE_NAME}'","hosts":['${ALT_NAMES}'],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=metrics-ca.crt -ca-key=metrics-ca.key -config=metrics-ca-config.json - | cfssljson -bare apiserver +echo "{\"CN\":\"${SERVICE_NAME}\", \"hosts\": [${ALT_NAMES}], \"key\": {\"algo\": \"rsa\",\"size\": 2048}}" | \ + cfssl gencert -ca=metrics-ca.crt -ca-key=metrics-ca.key -config=metrics-ca-config.json - | cfssljson -bare apiserver cat <<-EOF > cm-adapter-serving-certs.yaml apiVersion: v1 @@ -25,6 +26,6 @@ kind: Secret metadata: name: cm-adapter-serving-certs data: - serving.crt: $(cat apiserver.pem | base64 ${b64_opts}) - serving.key: $(cat apiserver-key.pem | base64 ${b64_opts}) + serving.crt: $(base64 ${b64_opts} < apiserver.pem) + serving.key: $(base64 ${b64_opts} < apiserver-key.pem) EOF diff --git a/contrib/kube-prometheus/test.sh b/contrib/kube-prometheus/test.sh index dad4e75fa..cfdf584c5 100755 --- a/contrib/kube-prometheus/test.sh +++ b/contrib/kube-prometheus/test.sh @@ -8,7 +8,8 @@ for i in examples/jsonnet-snippets/*.jsonnet; do [ -f "$i" ] || break echo "Testing: ${i}" echo "" - snippet="local kp = $(<${i}); + fileContent=$(<"$i") + snippet="local kp = $fileContent; $( "test.jsonnet" @@ -25,8 +26,8 @@ for i in examples/*.jsonnet; do echo "Testing: ${i}" echo "" echo "\`\`\`" - echo "$(<${i})" + cat "${i}" echo "\`\`\`" echo "" - jsonnet -J vendor ${i} > /dev/null + jsonnet -J vendor "${i}" > /dev/null done diff --git a/hack/concat-kubernetes-manifests.sh b/hack/concat-kubernetes-manifests.sh index da029b1ea..e97016a2c 100755 --- a/hack/concat-kubernetes-manifests.sh +++ b/hack/concat-kubernetes-manifests.sh @@ -3,4 +3,4 @@ # Concatenate all files with "---" because that's how to specify multiple # Kubernetes manifests in one file. Because the first `awk` also adds "---" in # the first line, we remove it with the second `awk` call. -awk 'FNR==1{print "---"}1' $@ | awk '{if (NR!=1) {print}}' +awk 'FNR==1{print "---"}1' "$@" | awk '{if (NR!=1) {print}}' diff --git a/hack/run-external.sh b/hack/run-external.sh index cf5298d76..742cf258b 100755 --- a/hack/run-external.sh +++ b/hack/run-external.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/usr/bin/env bash if [[ -z "$1" ]]; then echo "missing cluster name" @@ -10,4 +10,4 @@ cafile=$(kubectl config view -o jsonpath="{.clusters[?(@.name == \"$1\")].cluste certfile=$(kubectl config view -o jsonpath="{.users[?(@.name == \"$1\")].user.client-certificate}") keyfile=$(kubectl config view -o jsonpath="{.users[?(@.name == \"$1\")].user.client-key}") -./operator --apiserver=$apiserver --ca-file=$cafile --cert-file=$certfile --key-file=$keyfile +./operator --apiserver="${apiserver}" --ca-file="${cafile}" --cert-file="${certfile}" --key-file="${keyfile}" diff --git a/hack/show-image.sh b/hack/show-image.sh index a4d8e6875..4fb245494 100755 --- a/hack/show-image.sh +++ b/hack/show-image.sh @@ -1,3 +1,3 @@ #!/bin/bash -kubectl get pods --all-namespaces -l app=$1 -ojsonpath=\{\.items\[\*\]\.spec\.containers\[\?\(\@.name==\"$1\"\)\].image\} +kubectl get pods --all-namespaces -l app="${1}" -ojsonpath="{.items[*].spec.containers[?(@.name==\"$1\")].image}" diff --git a/helm/hack/e2e-test.sh b/helm/hack/e2e-test.sh index f93e7d21a..623fde518 100755 --- a/helm/hack/e2e-test.sh +++ b/helm/hack/e2e-test.sh @@ -9,7 +9,7 @@ set -o xtrace HELM_URL=https://storage.googleapis.com/kubernetes-helm HELM_TARBALL=helm-v2.7.2-linux-amd64.tar.gz NAMESPACE="helm-monitoring" -CUR_DIR=$(dirname "$BASH_SOURCE") +CUR_DIR=$(dirname "${BASH_SOURCE[0]}") wget -q ${HELM_URL}/${HELM_TARBALL} tar xzfv ${HELM_TARBALL} @@ -22,23 +22,23 @@ kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceac helm init --service-account tiller --upgrade # wait until all minkube pods, including tiller, are in reading state -$(dirname "$BASH_SOURCE")/wait-pods-running-state.sh kube-system +"${CUR_DIR}"/wait-pods-running-state.sh kube-system kubectl create ns ${NAMESPACE} # replace current http repository to the helm path -sed -ie 's/ repository/# repository/g' $(pwd)/helm/*/requirements.yaml -sed -ie 's/#e2e-repository/repository/g' $(pwd)/helm/*/requirements.yaml +sed -ie 's/ repository/# repository/g' "$(pwd)"/helm/*/requirements.yaml +sed -ie 's/#e2e-repository/repository/g' "$(pwd)"/helm/*/requirements.yaml -# package charts and install all -$(dirname "$BASH_SOURCE")/helm-package.sh prometheus-operator -$(dirname "$BASH_SOURCE")/helm-package.sh kube-prometheus +# package charts and install all +"${CUR_DIR}"/helm-package.sh prometheus-operator +"${CUR_DIR}"/helm-package.sh kube-prometheus -helm install --namespace=${NAMESPACE} $(pwd)/helm/prometheus-operator --name prometheus-operator -helm install --namespace=${NAMESPACE} $(pwd)/helm/kube-prometheus --name kube-prometheus +helm install --namespace="${NAMESPACE}" "$(pwd)/helm/prometheus-operator" --name prometheus-operator +helm install --namespace="${NAMESPACE}" "$(pwd)/helm/kube-prometheus" --name kube-prometheus # check if all pods are ready -$(dirname "$BASH_SOURCE")/wait-pods-running-state.sh ${NAMESPACE} +"${CUR_DIR}"/wait-pods-running-state.sh ${NAMESPACE} # reset helm changes -git reset --hard \ No newline at end of file +git reset --hard diff --git a/helm/hack/helm-package.sh b/helm/hack/helm-package.sh index c8072d3d9..23bd44b32 100755 --- a/helm/hack/helm-package.sh +++ b/helm/hack/helm-package.sh @@ -17,24 +17,26 @@ HELM_INDEX="${HELM_CHARTS_PACKAGED_DIR}/index.yaml" wget ${HELM_URL}/${HELM_TARBALL} tar xzfv ${HELM_TARBALL} -export PATH=${PATH}:$(pwd)/linux-amd64/ +PATH=${PATH}:$(pwd)/linux-amd64/ +export PATH # Clean up tarball rm -f ${HELM_TARBALL} # Package helm and dependencies -mkdir -p ${HELM_CHARTS_PACKAGED_DIR} +mkdir -p "${HELM_CHARTS_PACKAGED_DIR}" helm init --client-only helm repo add ${HELM_BUCKET_NAME} ${HELM_REPO_URL} # check if charts has dependencies, for chart in ${HELM_PACKAGES} -do - # # update dependencies before package the chart - cd ${HELM_CHARTS_DIRECTORY}/${chart} - helm dep update - helm package . -d ${HELM_CHARTS_PACKAGED_DIR} - cd - +do + ( + # update dependencies before package the chart + cd "${HELM_CHARTS_DIRECTORY}/${chart}" + helm dep update + helm package . -d "${HELM_CHARTS_PACKAGED_DIR}" + ) done # donwload the current remote index.yaml @@ -42,4 +44,4 @@ if [ ! -f "${HELM_INDEX}" ]; then wget ${HELM_REPO_URL}index.yaml -O "${HELM_INDEX}" fi -helm repo index ${HELM_CHARTS_PACKAGED_DIR} --url ${HELM_REPO_URL} --debug --merge ${HELM_INDEX} \ No newline at end of file +helm repo index "${HELM_CHARTS_PACKAGED_DIR}" --url "${HELM_REPO_URL}" --debug --merge "${HELM_INDEX}" diff --git a/helm/hack/sync-repo.sh b/helm/hack/sync-repo.sh index 221f14411..6adff10cb 100755 --- a/helm/hack/sync-repo.sh +++ b/helm/hack/sync-repo.sh @@ -6,18 +6,17 @@ set -o xtrace HELM_BUCKET_NAME="coreos-charts" SYNC_TO_S3=${1:-"false"} HELM_CHARTS_PACKAGED_DIR=${2:-"/tmp/helm-packaged"} -AWS_REGION=${3:-"eu-west-1"} #Check if the current chart has the same hash from the remote one -for tgz in $(ls ${HELM_CHARTS_PACKAGED_DIR}) +for tgz in "${HELM_CHARTS_PACKAGED_DIR}"/* do if echo "${tgz}" | grep -vq "kube-prometheus" then # if remote file doesn't exist we can skip the comparison - status_code=$(curl -s -o /dev/null -w "%{http_code}" https://s3-eu-west-1.amazonaws.com/${HELM_BUCKET_NAME}/stable/${tgz}) + status_code=$(curl -s -o /dev/null -w "%{http_code}" "https://s3-eu-west-1.amazonaws.com/${HELM_BUCKET_NAME}/stable/${tgz}") if [ "$status_code" == "200" ] then - cur_hash=$(md5sum ${HELM_CHARTS_PACKAGED_DIR}/${tgz} | awk '{print $1}' ) - remote_hash=$(curl -s https://s3-eu-west-1.amazonaws.com/${HELM_BUCKET_NAME}/stable/${tgz} | md5sum | awk '{print $1}') + cur_hash=$(md5sum "${HELM_CHARTS_PACKAGED_DIR}/${tgz}" | awk '{print $1}' ) + remote_hash=$(curl -s "https://s3-eu-west-1.amazonaws.com/${HELM_BUCKET_NAME}/stable/${tgz}" | md5sum | awk '{print $1}') if [ "${tgz}" != "index.yaml" ] && [ "$cur_hash" != "$remote_hash" ] then echo "ERROR: Current hash should be the same as the remote hash. Please bump the version of chart {$tgz}." @@ -28,9 +27,9 @@ do done # sync charts -if [ ${SYNC_TO_S3} = true ] +if [ "${SYNC_TO_S3}" = true ] then - aws s3 sync --acl public-read ${HELM_CHARTS_PACKAGED_DIR} s3://${HELM_BUCKET_NAME}/stable/ + aws s3 sync --acl public-read "${HELM_CHARTS_PACKAGED_DIR}" "s3://${HELM_BUCKET_NAME}/stable/" fi exit 0 diff --git a/helm/hack/wait-pods-running-state.sh b/helm/hack/wait-pods-running-state.sh index 37d210be4..6d5fc1add 100755 --- a/helm/hack/wait-pods-running-state.sh +++ b/helm/hack/wait-pods-running-state.sh @@ -11,14 +11,13 @@ set -o xtrace NAMESPACE=$1 # Ensure all pods in the namespace entered a Running state -SUCCESS=0 PODS_FOUND=0 POD_RETRY_COUNT=0 RETRY=60 RETRY_DELAY=10 while [ "$POD_RETRY_COUNT" -lt "$RETRY" ]; do POD_RETRY_COUNT=$((POD_RETRY_COUNT+1)) - POD_STATUS=`kubectl get pods --no-headers --namespace $NAMESPACE` + POD_STATUS=$(kubectl get pods --no-headers --namespace "${NAMESPACE}") if [ -z "$POD_STATUS" ];then echo "INFO: No pods found for this release, retrying after sleep" POD_RETRY_COUNT=$((POD_RETRY_COUNT+1)) @@ -34,8 +33,8 @@ while [ "$POD_RETRY_COUNT" -lt "$RETRY" ]; do CONTAINER_RETRY_COUNT=0 while [ "$CONTAINER_RETRY_COUNT" -lt "$RETRY" ]; do - UNREADY_CONTAINERS=`kubectl get pods --namespace $NAMESPACE \ - -o jsonpath="{.items[*].status.containerStatuses[?(@.ready!=true)].name}"` + UNREADY_CONTAINERS=$(kubectl get pods --namespace "${NAMESPACE}" \ + -o jsonpath="{.items[*].status.containerStatuses[?(@.ready!=true)].name}") if [ -n "$UNREADY_CONTAINERS" ];then echo "INFO: Some containers are not yet ready; retrying after sleep" CONTAINER_RETRY_COUNT=$((CONTAINER_RETRY_COUNT+1)) diff --git a/scripts/check_license.sh b/scripts/check_license.sh index 07b14db8e..655d9f362 100755 --- a/scripts/check_license.sh +++ b/scripts/check_license.sh @@ -1,10 +1,11 @@ -#!/bin/sh +#!/usr/bin/env bash licRes=$( -for file in $(find . -type f -iname '*.go' ! -path '*/vendor/*'); do - head -n3 "${file}" | grep -Eq "(Copyright|generated|GENERATED)" || echo -e " ${file}" -done;) + find . -type f -iname '*.go' ! -path '*/vendor/*' -exec \ + sh -c 'head -n3 $1 | grep -Eq "(Copyright|generated|GENERATED)" || echo -e $1' {} {} \; +) + if [ -n "${licRes}" ]; then - echo -e "license header checking failed:\n${licRes}" + echo -e "license header checking failed:\\n${licRes}" exit 255 fi diff --git a/scripts/create-minikube.sh b/scripts/create-minikube.sh index f910ea57a..5db83868f 100755 --- a/scripts/create-minikube.sh +++ b/scripts/create-minikube.sh @@ -26,8 +26,8 @@ export MINIKUBE_WANTUPDATENOTIFICATION=false export MINIKUBE_WANTREPORTERRORPROMPT=false export MINIKUBE_HOME=$HOME export CHANGE_MINIKUBE_NONE_USER=true -mkdir $HOME/.kube || true -touch $HOME/.kube/config +mkdir "${HOME}"/.kube || true +touch "${HOME}"/.kube/config export KUBECONFIG=$HOME/.kube/config minikube version @@ -41,4 +41,4 @@ JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.ty kubectl apply -f scripts/minikube-rbac.yaml # waiting for kube-dns to be ready -JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}'; until kubectl -n kube-system get pods -lk8s-app=kube-dns -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True"; do sleep 1;echo "waiting for kube-dns to be available"; kubectl get pods --all-namespaces; done \ No newline at end of file +JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}'; until kubectl -n kube-system get pods -lk8s-app=kube-dns -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True"; do sleep 1;echo "waiting for kube-dns to be available"; kubectl get pods --all-namespaces; done diff --git a/scripts/travis-e2e-helm.sh b/scripts/travis-e2e-helm.sh index 092e2d531..a10617792 100755 --- a/scripts/travis-e2e-helm.sh +++ b/scripts/travis-e2e-helm.sh @@ -8,7 +8,9 @@ set -u # print each command before executing it set -x -$(dirname "$BASH_SOURCE")/create-minikube.sh +SCRIPT_DIR=$(dirname "${BASH_SOURCE[0]}") + +"${SCRIPT_DIR}"/create-minikube.sh # build nsenter # https://github.com/kubernetes/helm/issues/966 @@ -20,4 +22,4 @@ cd .tmp/util-linux-2.30.2 && ./autogen.sh && ./configure && make nsenter && sudo make test-e2e-helm -$(dirname "$BASH_SOURCE")/delete-minikube.sh +"${SCRIPT_DIR}"/delete-minikube.sh diff --git a/scripts/travis-e2e.sh b/scripts/travis-e2e.sh index 6edde9efa..36951351f 100755 --- a/scripts/travis-e2e.sh +++ b/scripts/travis-e2e.sh @@ -8,7 +8,9 @@ set -u # print each command before executing it set -x -$(dirname "$BASH_SOURCE")/create-minikube.sh +SCRIPT_DIR=$(dirname "${BASH_SOURCE[0]}") + +"${SCRIPT_DIR}"/create-minikube.sh # waiting for kube-dns to be ready JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}'; until kubectl -n kube-system get pods -lk8s-app=kube-dns -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True"; do sleep 1;echo "waiting for kube-dns to be available"; kubectl get pods --all-namespaces; done @@ -16,4 +18,4 @@ JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.ty make build image make test-e2e -$(dirname "$BASH_SOURCE")/delete-minikube.sh +"${SCRIPT_DIR}"/delete-minikube.sh