Skip to content

Commit a53dd67

Browse files
reactive-firewallreactive-firewall
committed
[STYLE] numerous style fixes to satisfy shellcheck and improve consistancy (- WIP #74 -)
1 parent 86f5dcd commit a53dd67

File tree

2 files changed

+54
-49
lines changed

2 files changed

+54
-49
lines changed

.github/workflows/Tests.yml

Lines changed: 27 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -95,7 +95,7 @@ jobs:
9595
run: |
9696
python -m pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37"
9797
pip install -r ./requirements.txt
98-
pip install --user -r ./test-requirements.txt || true
98+
pip install -r ./test-requirements.txt || true
9999
- name: Pre-build
100100
id: bootstrap
101101
run: |
@@ -153,7 +153,7 @@ jobs:
153153
- name: Install dependencies for ${{ matrix.python-version }}
154154
run: |
155155
pip install -r ./requirements.txt
156-
pip install --user -r ./test-requirements.txt || true
156+
pip install -r ./test-requirements.txt || true
157157
- name: Pre-Clean
158158
id: clean
159159
run: make -j1 -f Makefile clean || true ;
@@ -201,16 +201,16 @@ jobs:
201201
run: |
202202
pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37"
203203
pip install -r ./requirements.txt
204-
pip install --user -r ./test-requirements.txt || true
204+
pip install -r ./test-requirements.txt || true
205205
- name: Install code-climate tools for ${{ matrix.python-version }}
206-
if: ${{ runner.os }} != "Linux"
206+
if: runner.os != "Linux"
207207
shell: bash
208-
run: if [ $OS == macos-latest ] ; then ./tests/fetch_cc-test-reporter || true ; fi ;
208+
run: if [ "$OS" == "macos-latest" ] ; then ./tests/fetch_cc-test-reporter || true ; fi ;
209209
- name: Install deepsource tools for ${{ matrix.python-version }}
210-
if: ${{ runner.os }} == "Linux"
210+
if: runner.os == "Linux"
211211
shell: bash
212212
run: |
213-
if [ $OS == ubuntu-latest ] ; then (curl https://deepsource.io/cli | sh) || true ; else echo "SKIP deepsource" ; fi ;
213+
if [ "$OS" == "ubuntu-latest" ] ; then (curl https://deepsource.io/cli | sh) || true ; else echo "SKIP deepsource" ; fi ;
214214
- name: Pre-Clean
215215
id: clean
216216
run: make -j1 -f Makefile clean || true ;
@@ -237,15 +237,15 @@ jobs:
237237
path: ./test-reports/
238238
if-no-files-found: ignore
239239
- name: code-climate for ${{ matrix.python-version }}
240-
if: ${{ runner.os }} != "Linux"
240+
if: $runner.os != "Linux"
241241
shell: bash
242242
run: |
243-
if [ $OS == macos-latest ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ;
243+
if [ "$OS" == "macos-latest" ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ;
244244
- name: deepsource for ${{ matrix.python-version }}
245-
if: ${{ runner.os }} == "Linux"
245+
if: runner.os == "Linux"
246246
shell: bash
247247
run: |
248-
if [ $OS == ubuntu-latest ] ; then ./bin/deepsource report --analyzer test-coverage --key python --value-file ./coverage.xml 2>/dev/null || true ; else echo "SKIP deepsource" ; fi ;
248+
if [ "$OS" == "ubuntu-latest" ] ; then ./bin/deepsource report --analyzer test-coverage --key python --value-file ./coverage.xml 2>/dev/null || true ; else echo "SKIP deepsource" ; fi ;
249249
- name: Post-Clean
250250
id: post
251251
run: make -j1 -f Makefile clean || true ;
@@ -280,24 +280,24 @@ jobs:
280280
run: |
281281
pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" ;
282282
pip install -r ./requirements.txt ;
283-
pip install --user -r ./test-requirements.txt || true ;
283+
pip install -r ./test-requirements.txt || true ;
284284
- name: Install code-climate tools for ${{ matrix.python-version }}
285-
if: ${{ runner.os }} == "Linux"
285+
if: runner.os == "Linux"
286286
shell: bash
287-
run: if [ $OS == ubuntu-latest ] ; then ./tests/fetch_cc-test-reporter || true ; fi ;
287+
run: if [ "$OS" == "ubuntu-latest" ] ; then ./tests/fetch_cc-test-reporter || true ; fi ;
288288
- name: Install deepsource tools for ${{ matrix.python-version }}
289-
if: ${{ runner.os }} == "Linux"
289+
if: runner.os == "Linux"
290290
shell: bash
291291
run: |
292-
if [ $OS == ubuntu-latest ] ; then (curl https://deepsource.io/cli | sh) || true ; else echo "SKIP deepsource" ; fi ;
292+
if [ "$OS" == "ubuntu-latest" ] ; then (curl https://deepsource.io/cli | sh) || true ; else echo "SKIP deepsource" ; fi ;
293293
- name: Pre-Clean
294294
id: clean
295295
run: make -j1 -f Makefile clean || true ;
296296
- name: Generate Coverage for py3.9 on ${{ matrix.os }}
297-
if: ${{ runner.python-version }} == "3.9"
297+
if: runner.python-version == "3.9"
298298
run: make -f Makefile test ;
299299
- name: Generate Coverage for py${{ matrix.python-version }} on ${{ matrix.os }}
300-
if: ${{ runner.python-version }} != "3.9"
300+
if: runner.python-version != "3.9"
301301
run: make -f Makefile test-pytest ;
302302
- name: Upload Python ${{ matrix.python-version }} coverage to Codecov
303303
uses: codecov/codecov-action@v4
@@ -316,15 +316,15 @@ jobs:
316316
path: ./test-reports/
317317
if-no-files-found: ignore
318318
- name: code-climate for ${{ matrix.python-version }}
319-
if: ${{ runner.os }} == "Linux"
319+
if: runner.os == "Linux"
320320
shell: bash
321321
run: |
322-
if [ $OS == ubuntu-latest ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ;
322+
if [ "$OS" == "ubuntu-latest" ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ;
323323
- name: deepsource for ${{ matrix.python-version }}
324-
if: ${{ runner.os }} == "Linux"
324+
if: runner.os == "Linux"
325325
shell: bash
326326
run: |
327-
if [ $OS == ubuntu-latest ] ; then ./bin/deepsource report --analyzer test-coverage --key python --value-file ./coverage.xml 2>/dev/null || true ; else echo "SKIP deepsource" ; fi ;
327+
if [ "$OS" == "ubuntu-latest" ] ; then ./bin/deepsource report --analyzer test-coverage --key python --value-file ./coverage.xml 2>/dev/null || true ; else echo "SKIP deepsource" ; fi ;
328328
- name: Post-Clean
329329
id: post
330330
run: make -j1 -f Makefile clean || true ;
@@ -350,7 +350,7 @@ jobs:
350350
run: |
351351
pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" ;
352352
pip install -r ./requirements.txt ;
353-
pip install --user -r ./test-requirements.txt || true ;
353+
pip install -r ./test-requirements.txt || true ;
354354
- name: Pre-Clean
355355
id: clean
356356
run: make -j1 -f Makefile clean || true ;
@@ -394,7 +394,7 @@ jobs:
394394
run: |
395395
pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" ;
396396
pip install -r ./requirements.txt ;
397-
pip install --user -r ./test-requirements.txt || true ;
397+
pip install -r ./test-requirements.txt || true ;
398398
- name: Install code-climate tools for ${{ matrix.python-version }}
399399
if: ${{ runner.os }} != "Linux"
400400
run: if [ $OS == macos-latest ] ; then ./tests/fetch_cc-test-reporter || true ; fi ;
@@ -430,9 +430,9 @@ jobs:
430430
path: ./test-reports/
431431
if-no-files-found: ignore
432432
- name: code-climate for ${{ matrix.python-version }}
433-
if: ${{ runner.os }} != "Linux"
433+
if: runner.os != "Linux"
434434
run: |
435-
if [ $OS == macos-latest ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ;
435+
if [ "$OS" == "macos-latest" ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ;
436436
- name: Post-purge
437437
id: post-uninstall
438438
run: make -j1 -f Makefile purge || true ;
@@ -463,7 +463,7 @@ jobs:
463463
run: |
464464
pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" "tox>=3.0";
465465
pip install -r ./requirements.txt ;
466-
pip install --user -r ./test-requirements.txt || true ;
466+
pip install -r ./test-requirements.txt || true ;
467467
- name: Pre-Clean
468468
id: clean
469469
run: make -j1 -f Makefile clean || true ;

tests/fetch_cc-test-reporter

Lines changed: 27 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -69,27 +69,28 @@ umask 127
6969
LOCK_FILE="${TMPDIR:-/tmp}/org.pak.tests.scripts.code-climate.lock"
7070
EXIT_CODE=0
7171

72-
test -x $(command -v grep) || exit 126 ;
73-
test -x $(command -v curl) || exit 126 ;
72+
test -x "$(command -v grep)" || exit 126 ;
73+
test -x "$(command -v curl)" || exit 126 ;
7474
hash -p ./.github/tool_shlock_helper.sh shlock || exit 255 ;
7575
test -x "$(command -v shlock)" || exit 126 ;
76-
test -x $(command -v gpgv) || exit 126 ;
77-
test -x $(command -v shasum) || exit 126 ;
76+
test -x "$(command -v gpgv)" || exit 126 ;
77+
test -x "$(command -v shasum)" || exit 126 ;
7878

7979
# sorry no windows support here
80-
if [[ $( \uname -s ) == "*arwin" ]] ; then
80+
if [[ $( command uname -s ) == *arwin ]] ; then
8181
CI_OS="darwin"
8282
else
8383
CI_OS="linux"
8484
fi
8585

8686
function cleanup() {
87-
rm -f ${LOCK_FILE} 2>/dev/null || true ; wait ;
87+
rm -f "${LOCK_FILE}" 2>/dev/null || true ; wait ;
8888
rm -f ./test-reporter-latest-*-amd64.SHA*.sig 2>/dev/null || true ; wait ;
89+
rm -f ./test-reporter-latest-*-amd64.SHA* 2>/dev/null > /dev/null || true ; wait ;
8990
hash -d shlock 2>/dev/null > /dev/null || true ;
9091
}
9192

92-
if [[ ( $(shlock -f ${LOCK_FILE} -p $$ ) -eq 0 ) ]] ; then
93+
if [[ ( $(shlock -f "${LOCK_FILE}" -p $$ ) -eq 0 ) ]] ; then
9394
trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit 129 ;' SIGHUP || EXIT_CODE=129
9495
trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit 143 ;' SIGTERM || EXIT_CODE=143
9596
trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit 131 ;' SIGQUIT || EXIT_CODE=131
@@ -100,7 +101,8 @@ if [[ ( $(shlock -f ${LOCK_FILE} -p $$ ) -eq 0 ) ]] ; then
100101
trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit ${EXIT_CODE} ;' EXIT || EXIT_CODE=1
101102
trap 'cleanup ; wait ; exit ${EXIT_CODE} ;' EXIT || EXIT_CODE=1
102103
else
103-
echo "CodeCov already in progress by "`head ${LOCK_FILE}` ;
104+
# shellcheck disable=SC2046
105+
printf "\t%s\n" "CodeClimate already in progress by "$(head "${LOCK_FILE}") >&2 ;
104106
false ;
105107
exit 126 ;
106108
fi
@@ -114,13 +116,14 @@ if [[ -d ./.git ]] ; then
114116
elif [[ -d ./tests ]] ; then
115117
_TEST_ROOT_DIR="./" ;
116118
else
117-
echo "FAIL: missing valid folder or file"
119+
printf "%s\n" "FAIL: missing valid folder or file"
118120
EXIT_CODE=1
119121
fi
120122

121123
# This File MUST BE GIT-IGNORED
122124
# to be SAFELY USED to store Tokens and env vars (update logic as needed)
123125
if [[ ( -r ./codecov_env ) ]] ; then
126+
# shellcheck disable=SC2086,SC1091
124127
source ./codecov_env 2>/dev/null || true ;
125128
fi
126129

@@ -130,20 +133,23 @@ fi
130133
#########################
131134
curl -fLso ./test-reporter-latest-${CI_OS:-linux}-amd64 https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64 ;
132135
for i in 1 256 512 ; do
133-
curl -fLso test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} "https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}" ; wait ;
134-
curl -fLso test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig "https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig" ; wait ;
136+
curl -fLso test-reporter-latest-${CI_OS:-linux}-amd64.sha${i} "https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}" ; wait ;
137+
curl -fLso test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}.sig "https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}.sig" ; wait ;
135138
# test sha1/sha512 signatures if found and sha256 even if not found
136-
if [[ ( -r test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} ) ]] || [[ ( ${i} -eq 256 ) ]] ; then
137-
if [[ ( -r test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig ) ]] ; then
138-
# configure your CI evironment to trust the key at ????
139-
# FP: KEY FP
139+
if [[ ( -r test-reporter-latest-${CI_OS:-linux}-amd64.sha${i} ) ]] || [[ ( ${i} -eq 256 ) ]] ; then
140+
if [[ ${i} -eq 1 ]]; then
141+
printf "%s\n" "WARNING: SHA-1 is deprecated and should be avoided when possible. Consider using SHA-256 or SHA-512 for stronger integrity checks. (CWE-327: Use of a Broken or Risky Cryptographic Algorithm)"
142+
fi
143+
if [[ ( -r test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}.sig ) ]] ; then
144+
# configure your CI evironment to trust the key at gpg --keyserver keys.openpgp.org --recv-keys 9BD9E2DD46DA965A537E5B0A5CBF320243B6FD85
145+
# FP: KEY FP 9BD9 E2DD 46DA 965A 537E 5B0A 5CBF 3202 43B6 FD85
140146
# OR...
141147
# Set CI=true to continue on missing keys
142-
gpgv test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} || ${CI} || EXIT_CODE=126
143-
rm -vf codecov.SHA${i}SUM.sig 2>/dev/null ;
148+
gpg --verify test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}.sig test-reporter-latest-${CI_OS:-linux}-amd64.sha${i} || ${CI} || EXIT_CODE=126
149+
rm -vf test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}.sig 2>/dev/null ;
144150
fi
145-
shasum -a $i -c --ignore-missing test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} || EXIT_CODE=126
146-
rm -vf test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} 2>/dev/null ;
151+
shasum -a $i -c --ignore-missing test-reporter-latest-${CI_OS:-linux}-amd64.sha${i} || EXIT_CODE=126
152+
rm -vf test-reporter-latest-${CI_OS:-linux}-amd64.sha${i} 2>/dev/null ;
147153
fi
148154
done
149155

@@ -153,14 +159,13 @@ if [[ ( ${EXIT_CODE} -eq 0 ) ]] ; then
153159
fi
154160

155161
if [[ ( ${EXIT_CODE} -eq 0 ) ]] ; then
156-
./cc-test-reporter || EXIT_CODE=10 ;
162+
./cc-test-reporter before-build || EXIT_CODE=10 ;
157163
fi
158164

159165

160166
unset _TEST_ROOT_DIR 2>/dev/null || true ;
161167

162-
rm -f ./test-reporter-latest-*-amd64.SHA* 2>/dev/null > /dev/null || true ; wait ;
163-
rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ;
168+
cleanup 2>/dev/null || rm -f "${LOCK_FILE}" 2>/dev/null > /dev/null || true ; wait ;
164169

165170
# goodbye
166171
exit ${EXIT_CODE:-255} ;

0 commit comments

Comments
 (0)