diff --git a/.github/scripts/_shared_functions.sh b/.github/scripts/_shared_functions.sh index 00dfbcc..caa706e 100644 --- a/.github/scripts/_shared_functions.sh +++ b/.github/scripts/_shared_functions.sh @@ -9,13 +9,13 @@ function dockerhub_repo { CURL_OUT="curl_out" function process_curl_response { cat "${CURL_OUT}" - status_code=$(cat "${CURL_OUT}" | grep -e '^HTTP/' | awk '{ print $2 }') + status_code=$(grep -e '^HTTP/' "${CURL_OUT}" | awk '{ print $2 }') [[ ${status_code} =~ 2[0-9]{2} ]] return $? } function print_curl_response_json { # We need to cut off headers; search for first opening brace - cat "${CURL_OUT}" | sed '/^{/,$!d' + sed '/^{/,$!d' "${CURL_OUT}" echo "" } diff --git a/.github/scripts/build-image.sh b/.github/scripts/build-image.sh index 7e8da6a..bf086d2 100755 --- a/.github/scripts/build-image.sh +++ b/.github/scripts/build-image.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -source "$(dirname $0)/_shared_functions.sh" +source "$(dirname "${0}")/_shared_functions.sh" set -eu @@ -9,7 +9,7 @@ image_tag_list="${IMAGE_TAG_LIST:-/dev/stdout}" ref="${1}" profile="${2:-minimal}" -commit_time="$(date --date=@$(git show -s --format=%ct HEAD) --rfc-3339=seconds)" +commit_time="$(date --date="@$(git show -s --format=%ct HEAD)" --rfc-3339=seconds)" # Use commit time for (more) reproducible builds; format is required by OCI annotation spec. tlversion="$(docker run --rm "${installer_image}" | head -n 1 | awk '{print $5 }')" @@ -30,38 +30,39 @@ case "${ref}" in docker build \ --cache-from "${installer_image}" \ - --tag "$(make_docker_tag ${profile} ${version})" \ - --tag "$(make_docker_tag ${profile} latest)" \ + --tag "$(make_docker_tag "${profile}" "${version}")" \ + --tag "$(make_docker_tag "${profile}" latest)" \ --build-arg "profile=${profile}" \ --build-arg "label_created=${commit_time}" \ --build-arg "label_version=${version}" \ --build-arg "label_tlversion=${tlversion}" \ --build-arg "label_revision=$(git rev-parse --verify HEAD)" \ . - make_docker_tag ${profile} ${version} >> ${image_tag_list} - make_docker_tag ${profile} latest >> ${image_tag_list} + make_docker_tag "${profile}" "${version}" >> "${image_tag_list}" + make_docker_tag "${profile}" latest >> "${image_tag_list}" ;; refs/tags/pre-* ) version="${ref##*/pre-}" docker build \ --cache-from "${installer_image}" \ - --tag $(make_docker_tag ${profile} ${version}) \ + --tag "$(make_docker_tag "${profile}" "${version}")" \ --build-arg "profile=${profile}" \ --build-arg "label_created=${commit_time}" \ --build-arg "label_version=${version}" \ --build-arg "label_tlversion=${tlversion}" \ --build-arg "label_revision=$(git rev-parse --verify HEAD)" \ . - make_docker_tag ${profile} ${version} >> ${image_tag_list} + # shellcheck disable=SC2086 + make_docker_tag "${profile}" "${version}" >> ${image_tag_list} ;; * ) version="${ref##*/}" # This is testing, just build the thing. docker build \ --cache-from "${installer_image}" \ - --tag $(make_docker_tag ${profile} ${version}) \ + --tag "$(make_docker_tag "${profile}" "${version}")" \ --build-arg "profile=${profile}" \ . - make_docker_tag ${profile} ${version} >> ${image_tag_list} + make_docker_tag "${profile}" "${version}" >> "${image_tag_list}" ;; esac diff --git a/.github/scripts/make-release-tag.sh b/.github/scripts/make-release-tag.sh index cd1172a..5fe652f 100755 --- a/.github/scripts/make-release-tag.sh +++ b/.github/scripts/make-release-tag.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -source "$(dirname $0)/_shared_functions.sh" +source "$(dirname "${0}")/_shared_functions.sh" installer_image=${TEXLIVE_INSTALLER_IMAGE:-'texlive-installer:latest'} @@ -9,11 +9,12 @@ tlversion="$(docker run --rm "${installer_image}" | head -n 1 | awk '{ print $5 # Check if this version was released before set -o pipefail -last_minor_version="$(git tag | grep release-${tlversion}. | sed -e "s/release-${tlversion}\.//" | sort -rn | head -n 1)" +last_minor_version="$(git tag | grep "release-${tlversion}." | sed -e "s/release-${tlversion}\.//" | sort -rn | head -n 1)" +# shellcheck disable=SC2181 # we need the output if [[ $? -eq 0 ]]; then # Increment "minor version" - next_version="${tlversion}.$(($last_minor_version + 1))" + next_version="${tlversion}.$((last_minor_version + 1))" else # No tag for this TeXlive version yet, start over next_version="${tlversion}.1" @@ -26,9 +27,9 @@ echo "Will try to create tag ${new_tag} on ${GITHUB_REPOSITORY}:${current_commit # First, create the tag _object_ (for the annotation) # cf. https://developer.github.com/v3/git/tags/#create-a-tag-object -curl -siX POST https://api.github.com/repos/${GITHUB_REPOSITORY}/git/tags \ +curl -siX POST "https://api.github.com/repos/${GITHUB_REPOSITORY}/git/tags" \ -H "Authorization: token ${GITHUB_TOKEN}" \ - -o ${CURL_OUT} \ + -o "${CURL_OUT}" \ -d @- \ << PAYLOAD { @@ -49,9 +50,9 @@ process_curl_response || exit 1 # Now, create the tag _reference_ (to have an actual Git tag) # cf. https://developer.github.com/v3/git/refs/#create-a-reference -curl -siX POST https://api.github.com/repos/${GITHUB_REPOSITORY}/git/refs \ +curl -siX POST "https://api.github.com/repos/${GITHUB_REPOSITORY}/git/refs" \ -H "Authorization: token ${GITHUB_TOKEN}" \ - -o ${CURL_OUT} \ + -o "${CURL_OUT}" \ -d @- \ << PAYLOAD { diff --git a/.github/scripts/run-example.sh b/.github/scripts/run-example.sh index 578d29c..27d7b24 100755 --- a/.github/scripts/run-example.sh +++ b/.github/scripts/run-example.sh @@ -6,6 +6,6 @@ image=${1} example=${2} cd examples -./${example}.sh ${image} +./"${example}.sh" "${image}" [[ -f hello_world.log ]] && [[ -f hello_world.pdf ]] rm -f hello_world.log hello_world.pdf diff --git a/.github/scripts/update-dockerhub-info.sh b/.github/scripts/update-dockerhub-info.sh index 9fed666..f8e4882 100755 --- a/.github/scripts/update-dockerhub-info.sh +++ b/.github/scripts/update-dockerhub-info.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -source "$(dirname $0)/_shared_functions.sh" +source "$(dirname "${0}")/_shared_functions.sh" # TODO: It would be nicer to use the original action: # https://github.com/peter-evans/dockerhub-description/blob/master/entrypoint.sh @@ -31,14 +31,14 @@ BADGES sed \ -e "s/\(# TeXlive Docker Image\)s/\1 (${profile})/" \ - -e '/^\[.\+\]:[[:space:]]\+https:\/\//! s#^\[\(.\+\)\]:[[:space:]]\+\([[:alnum:]]\)#[\1]: https://github.com/'${GITHUB_REPOSITORY}'/blob/master/\2#g' \ + -e '/^\[.\+\]:[[:space:]]\+https:\/\//! s#^\[\(.\+\)\]:[[:space:]]\+\([[:alnum:]]\)#[\1]: https://github.com/'"${GITHUB_REPOSITORY}"'/blob/master/\2#g' \ "${readme_filepath}" \ >> "${readme_profile_filepath}" # Retrieve Github repo information # TODO: make an action out of this? -curl -siX GET https://api.github.com/repos/${GITHUB_REPOSITORY} \ - -o ${CURL_OUT} +curl -siX GET "https://api.github.com/repos/${GITHUB_REPOSITORY}" \ + -o "${CURL_OUT}" process_curl_response || exit 1 gh_description=$(print_curl_response_json | jq -r .description) @@ -46,7 +46,7 @@ gh_description=$(print_curl_response_json | jq -r .description) echo "Acquire Docker Hub login token" curl -siX POST https://hub.docker.com/v2/users/login/ \ -H "Content-Type: application/json" \ - -o ${CURL_OUT} \ + -o "${CURL_OUT}" \ -d @- \ << PAYLOAD { @@ -60,11 +60,11 @@ process_curl_response | grep -v token || exit 1 dh_token=$(print_curl_response_json | jq -r .token) echo "Will try to update the description of ${dh_repo}" -curl -siX PATCH https://hub.docker.com/v2/repositories/${dh_repo}/ \ +curl -siX PATCH "https://hub.docker.com/v2/repositories/${dh_repo}/" \ -H "Authorization: JWT ${dh_token}" \ - -o ${CURL_OUT} \ - --data-urlencode description=${gh_description} \ - --data-urlencode full_description@${readme_profile_filepath} + -o "${CURL_OUT}" \ + --data-urlencode description="${gh_description}" \ + --data-urlencode full_description@"${readme_profile_filepath}" # TODO: tags/categories/topics? << Github topics # TODO: icon? diff --git a/.github/scripts/update-github-release.sh b/.github/scripts/update-github-release.sh index 2d344cd..7069d2b 100755 --- a/.github/scripts/update-github-release.sh +++ b/.github/scripts/update-github-release.sh @@ -1,23 +1,24 @@ #!/usr/bin/env bash -source "$(dirname $0)/_shared_functions.sh" +source "$(dirname "${0}")/_shared_functions.sh" set -eu release_id="${1}" +# shellcheck disable=SC2153 # false positive image_tag_list="${IMAGE_TAG_LIST}" # Get current values -curl -siX GET https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/${release_id} \ +curl -siX GET "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/${release_id}" \ -H "Authorization: token ${GITHUB_TOKEN}" \ - -o ${CURL_OUT} + -o "${CURL_OUT}" process_curl_response || exit 1 release_name="$(print_curl_response_json | jq '."name"' )" release_body="$(print_curl_response_json | jq '."body" // ""' )" # Remove version prefix from title -new_name="$(echo "${release_name}" | sed -e 's/\(pre-\|release-\)//')" +new_name="${release_name//@(pre-|release-)/}" # Add list with new images to body function list_entry { @@ -34,15 +35,16 @@ new_body="$(tr -d '\n' << BODY ${release_body%\"} \\r\\n \\r\\n ### Published images \\r\\n \\r\\n -$(grep -ve ':latest$' ${image_tag_list} | xargs -n 1 -I {} bash -c 'list_entry "${@}"' _ {})" +# shellcheck disable=SC2016 # false positive +$(grep -ve ':latest$' "${image_tag_list}" | xargs -n 1 -I {} bash -c 'list_entry "${@}"' _ {})" BODY )" # Update release -curl -siX PATCH https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/${release_id} \ +curl -siX PATCH "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/${release_id}" \ -H "Authorization: token ${GITHUB_TOKEN}" \ - -o ${CURL_OUT} \ + -o "${CURL_OUT}" \ -d @- \ << PAYLOAD { diff --git a/.github/trigger-release.sh b/.github/trigger-release.sh index f00124d..baf1279 100755 --- a/.github/trigger-release.sh +++ b/.github/trigger-release.sh @@ -1,5 +1,7 @@ #!/usr/bin/env bash +# TODO: Obsolete? Can trigger Workflow from web UI these days. + set -eu read -sp "Github API Token: " ght