From f657a816b9074f5bf2b3d300d93266269c1f05a5 Mon Sep 17 00:00:00 2001 From: "guillaume.lambert" Date: Tue, 7 Dec 2021 20:21:17 +0100 Subject: [COMMON] Fix "local var=XX" bashisms Variable attribute 'local' is not POSIX but is LSB supported. It is available in other shells such as ash or dash. And in ksh, local is the default scope of functions vaiables. Though, the syntax "local var=XX" is only supported and found in bash. Sadly, this is not detected by checkbashims. - fix "local var=XX" bashisms - add a manual command in tox.ini to detect them in the CI https://wiki.ubuntu.com/DashAsBinSh#local https://wiki.ubuntu.com/DashAsBinSh#declare_or_typeset https://stackoverflow.com/questions/12000949/scope-of-variables-in-ksh Issue-ID: OOM-2643 Signed-off-by: guillaume.lambert Change-Id: Iff26e50cd352eeb760d923a4740a6f92184fe0f2 --- .../resources/config/docker-entrypoint.sh | 3 ++- kubernetes/config/prepull_docker.sh | 11 ++++++-- .../deploy_dns.sh | 21 ++++++++++----- .../install-metallb-on-cluster.sh | 9 ++++--- .../resources/config/mariadb/docker-entrypoint.sh | 31 +++++++++++++++------- tox.ini | 1 + 6 files changed, 53 insertions(+), 23 deletions(-) diff --git a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh index 4dcebc8883..f9f62739f2 100644 --- a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh +++ b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh @@ -29,7 +29,8 @@ _ip_address() { # "sed -i", but without "mv" (which doesn't work on a bind-mounted file, for example) _sed_in_place() { - local filename="$1"; shift + local filename + filename="$1"; shift local tempFile tempFile="$(mktemp)" sed "$@" "$filename" > "$tempFile" diff --git a/kubernetes/config/prepull_docker.sh b/kubernetes/config/prepull_docker.sh index 596ace6ad5..bfd679bf3e 100755 --- a/kubernetes/config/prepull_docker.sh +++ b/kubernetes/config/prepull_docker.sh @@ -27,8 +27,15 @@ EOF #calling syntax: parse_yaml parse_yaml () { - local prefix=$2 - local s='[[:space:]]*' w='[a-zA-Z0-9_]*' fs=$(echo @|tr @ '\034') + local prefix + prefix=$2 + local s + s='[[:space:]]*' + local w + w='[a-zA-Z0-9_]*' + local fs + fs=$(echo @|tr @ '\034') + sed -ne "s|^\($s\):|\1|" \ -e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \ -e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" $1 | diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh index 3c66feeb46..294ae0a55e 100755 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh @@ -49,10 +49,13 @@ Extra DNS server already deployed: list_node_with_external_addrs() { - local WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}') + local WORKER_NODES + WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}') for worker in $WORKER_NODES; do - local external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }') - local internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }') + local external_ip + external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }') + local internal_ip + internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }') if [ $internal_ip != $external_ip ]; then echo $external_ip break @@ -61,7 +64,8 @@ list_node_with_external_addrs() } ingress_controller_ip() { - local metal_ns=$(kubectl get ns --no-headers --output=custom-columns=NAME:metadata.name |grep metallb-system) + local metal_ns + metal_ns=$(kubectl get ns --no-headers --output=custom-columns=NAME:metadata.name |grep metallb-system) if [ -z $metal_ns ]; then echo $CLUSTER_IP else @@ -70,13 +74,16 @@ ingress_controller_ip() { } deploy() { - local ingress_ip=$(ingress_controller_ip) + local ingress_ip + ingress_ip=$(ingress_controller_ip) initdir = $(pwd) cd $SPATH/bind9dns if [ $# -eq 0 ]; then - local cl_domain="simpledemo.onap.org" + local cl_domain + cl_domain="simpledemo.onap.org" else - local cl_domain=$1 + local cl_domain + cl_domain=$1 shift fi if [ $# -ne 0 ]; then diff --git a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh b/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh index c62e2a51bd..495d540905 100755 --- a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh +++ b/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh @@ -29,10 +29,13 @@ $0 [cluster_ip1] ... [cluster_ipn] Cluster address or ip ranges find_nodes_with_external_addrs() { - local WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}') + local WORKER_NODES + WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}') for worker in $WORKER_NODES; do - local external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }') - local internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }') + local external_ip + external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }') + local internal_ip + internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }') if [ $internal_ip != $external_ip ]; then echo $external_ip fi diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh index a363ab3bb0..fe496bc47d 100644 --- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh +++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh @@ -5,7 +5,8 @@ shopt -s nullglob # logging functions mysql_log() { - local type="$1"; shift + local type + type="$1"; shift printf '%s [%s] [Entrypoint]: %s\n' "$(date --rfc-3339=seconds)" "$type" "$*" } mysql_note() { @@ -24,13 +25,17 @@ mysql_error() { # (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of # "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" + local var + var="$1" + local fileVar + fileVar="${var}_FILE" + local def + def="${2:-}" if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then mysql_error "Both $var and $fileVar are set (but are exclusive)" fi - local val="$def" + local val + val="$def" # val="${!var}" # val="$(< "${!fileVar}")" # eval replacement of the bashism equivalents above presents no security issue here @@ -85,7 +90,9 @@ docker_process_init_files() { } mysql_check_config() { - local toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" ) errors + local toRun + local errors + toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" ) if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then mysql_error "$(printf 'mysqld failed while attempting to check config\n\tcommand was: ')${toRun[*]}$(printf'\n\t')$errors" fi @@ -95,7 +102,8 @@ mysql_check_config() { # We use mysqld --verbose --help instead of my_print_defaults because the # latter only show values present in config files, and not server defaults mysql_get_config() { - local conf="$1"; shift + local conf + conf="$1"; shift "$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null \ | awk -v conf="$conf" '$1 == conf && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }' # match "datadir /some/path with/spaces in/it here" but not "--xyz=abc\n datadir (xyz)" @@ -141,7 +149,8 @@ docker_verify_minimum_env() { # creates folders for the database # also ensures permission for user mysql of run as root docker_create_db_directories() { - local user; user="$(id -u)" + local user + user="$(id -u)" # TODO other directories that are used by default? like /var/lib/mysql-files # see https://github.com/docker-library/mysql/issues/562 @@ -216,7 +225,8 @@ docker_setup_db() { # Aria in 10.4+ is slow due to "transactional" (crash safety) # https://jira.mariadb.org/browse/MDEV-23326 # https://github.com/docker-library/mariadb/issues/262 - local tztables=( time_zone time_zone_leap_second time_zone_name time_zone_transition time_zone_transition_type ) + local tztables + tztables=( time_zone time_zone_leap_second time_zone_name time_zone_transition time_zone_transition_type ) for table in "${tztables[@]}"; do echo "/*!100400 ALTER TABLE $table TRANSACTIONAL=0 */;" done @@ -237,7 +247,8 @@ docker_setup_db() { mysql_note "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD" fi # Sets root password and creates root users for non-localhost hosts - local rootCreate= + local rootCreate + rootCreate= # default root to listen for connections from anywhere if [ -n "$MYSQL_ROOT_HOST" ] && [ "$MYSQL_ROOT_HOST" != 'localhost' ]; then # no, we don't care if read finds a terminating character in this heredoc diff --git a/tox.ini b/tox.ini index bbd00f85c4..61acbbba2a 100644 --- a/tox.ini +++ b/tox.ini @@ -65,6 +65,7 @@ commands = || (echo "checkbashisms command not found - please install it (e.g. sudo apt-get install devscripts | \ yum install devscripts-minimal )" >&2 && exit 1)' find . -not -path '*/\.*' -name *.sh -exec checkbashisms \{\} + + sh -c "! find . -not -path '*/\.*' -name *.sh -exec grep 'local .*=' \{\} + || exit 2" [testenv:autopep8] deps = -- cgit 1.2.3-korg