Add pre-commit and clean up

2020-02-14 12:12:07 -08:00 · 2020-02-14 12:12:07 -08:00 · 8d6ffea6b3
parent 6d460b176f
commit 8d6ffea6b3
16 changed files with 101 additions and 46 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -0,0 +1,17 @@
 ---
 repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v2.4.0
    hooks:
      - id: check-added-large-files
      - id: trailing-whitespace
      - id: end-of-file-fixer
      - id: check-merge-conflict
      - id: mixed-line-ending
      - id: check-executables-have-shebangs
      - id: check-symlinks
      - id: check-case-conflict
  - repo: git://github.com/jumanjihouse/pre-commit-hooks
    rev: 1.11.0
    hooks:
      - id: shellcheck
--- a/.travis.yml
+++ b/.travis.yml
@ -4,6 +4,7 @@ services: docker
 before_script:
  - docker run --rm --privileged multiarch/qemu-user-static:register --reset
  - pip install pre-commit
 script:
-  - make all
+  - make check all
--- a/14
+++ b/14
@ -36,13 +36,17 @@ VOLUME /var/lock/duplicity
 ENV BACKUP_DEST="file:///backups"
 ENV BACKUP_NAME="backup"
-ENV PATH_TO_BACKUP="/data"
+ENV CLEANUP_COMMAND=""
 ENV PASSPHRASE="Correct.Horse.Battery.Staple"
 ENV FLOCK_WAIT=60
 # Cron schedules
 ENV CRON_SCHEDULE=""
 ENV FLOCK_WAIT=60
 ENV FULL_CRON_SCHEDULE=""
 ENV GPG_KEY_ID=""
 ENV OPT_ARGUMENTS=""
 ENV PASSPHRASE="Correct.Horse.Battery.Staple"
 ENV PATH_TO_BACKUP="/data"
 ENV RESTORE_ON_EMPTY_START=""
 ENV SKIP_ON_START=""
 ENV VERIFY_CRON_SCHEDULE=""
 ENV VERIFY_CRON_SCHEDULE=""
 # Create script dirs
--- a/4
+++ b/4
@ -9,6 +9,10 @@ all: build-all test-all test-s3-all
 .PHONY: test
 test: test-amd64
 .PHONY: check
 check:
 	pre-commit run --all-files
 .PHONY: build-amd64
 build-amd64:
 	docker build --build-arg REPO=library -f ./Dockerfile -t $(DOCKER_TAG):amd64 .
--- a/backup.sh
+++ b/backup.sh
@ -1,39 +1,48 @@
 #! /bin/bash
-set -e
+set -euf
 BACKUP_CMD=""
 if test $# -gt 0; then
    BACKUP_CMD="$1"
 fi
 (
-    if ! flock -x -w $FLOCK_WAIT 200 ; then
+    if ! flock -x -w "$FLOCK_WAIT" 200 ; then
        echo 'ERROR: Could not obtain lock. Exiting.'
        exit 1
    fi
    # Run pre-backup scripts
    for f in /scripts/backup/before/*; do
-        if [ -f $f -a -x $f ]; then
+        if [ -f "$f" ] && [ -x "$f" ]; then
-            bash $f
+            bash "$f"
        fi
    done
    # Intentionally not wrapping BACKUP_CMD and OPT_ARGUMENTS
    # shellcheck disable=SC2086
    duplicity \
-        $1 \
+        $BACKUP_CMD \
        --asynchronous-upload \
        --log-file /root/duplicity.log \
-        --name $BACKUP_NAME \
+        --name "$BACKUP_NAME" \
        $OPT_ARGUMENTS \
-        $PATH_TO_BACKUP \
+        "$PATH_TO_BACKUP" \
-        $BACKUP_DEST
+        "$BACKUP_DEST"
    if [ -n "$CLEANUP_COMMAND" ]; then
        # Intentionally not wrapping CLEANUP_COMMAND
        # shellcheck disable=SC2086
        duplicity $CLEANUP_COMMAND \
            --log-file /root/duplicity.log \
-            --name $BACKUP_NAME \
+            --name "$BACKUP_NAME" \
-            $BACKUP_DEST
+            "$BACKUP_DEST"
    fi
    # Run post-backup scripts
    for f in /scripts/backup/after/*; do
-        if [ -f $f -a -x $f ]; then
+        if [ -f "$f" ] && [ -x "$f" ]; then
-            bash $f
+            bash "$f"
        fi
    done
--- a/cron-exec.sh
+++ b/cron-exec.sh
@ -4,8 +4,15 @@ ENV=/env.sh
 LOG=/cron.log
 HEALTH_FILE=/unhealthy
-touch $ENV
+if [ -f "$ENV" ]; then
-source $ENV
+    # shellcheck disable=SC1090
    source "$ENV"
 fi
 # Execute command and write output to log
-$@ 2>> $LOG && rm -f $HEALTH_FILE || { touch $HEALTH_FILE; exit 1; }
+if eval "$@" 2>> "$LOG"; then
    rm -f "$HEALTH_FILE"
 else
    touch "$HEALTH_FILE"
    exit 1;
 fi
--- a/healthcheck.sh
+++ b/healthcheck.sh
@ -2,4 +2,8 @@
 HEALTH_FILE=/unhealthy
-test -f $HEALTH_FILE || exit 0 && exit 1
+if [ -f "$HEALTH_FILE" ]; then
    exit 1
 else
    exit 0
 fi
--- a/multi-arch-manifest-tmpl.yml
+++ b/multi-arch-manifest-tmpl.yml
@ -35,4 +35,4 @@ manifests:
  - image: "{DOCKER_REPO}:{TAG_ROOT}-ppc64le"
    platform:
      architecture: ppc64le
-      os: linux
+      os: linux
--- a/restore.sh
+++ b/restore.sh
@ -1,32 +1,34 @@
 #! /bin/bash
-set -e
+set -euf
 (
-    if ! flock -x -w $FLOCK_WAIT 200 ; then
+    if ! flock -x -w "$FLOCK_WAIT" 200 ; then
        echo 'ERROR: Could not obtain lock. Exiting.'
        exit 1
    fi
    # Run pre-restore scripts
    for f in /scripts/restore/before/*; do
-        if [ -f $f -a -x $f ]; then
+        if [ -f "$f" ] && [ -x "$f" ]; then
-            bash $f
+            bash "$f"
        fi
    done
    # Intentionally not wrapping OPT_ARGUMENTS
    # shellcheck disable=SC2086
    duplicity restore \
        --force \
        --log-file /root/duplicity.log \
-        --name $BACKUP_NAME \
+        --name "$BACKUP_NAME" \
        $OPT_ARGUMENTS \
-        $@ \
+        "$@" \
-        $BACKUP_DEST \
+        "$BACKUP_DEST" \
-        $PATH_TO_BACKUP
+        "$PATH_TO_BACKUP"
    # Run post-restore scripts
    for f in /scripts/restore/after/*; do
-        if [ -f $f -a -x $f ]; then
+        if [ -f "$f" ] && [ -x "$f" ]; then
-            bash $f
+            bash "$f"
        fi
    done
--- a/start.sh
+++ b/start.sh
@ -1,23 +1,24 @@
 #! /bin/bash
 set -euf
 # If first arg is bash, we'll just execute directly
-if [ "$1" == "bash" ]; then
+if [ $# -gt 0 ] && [ "$1" == "bash" ]; then
    exec "$@"
    exit 0
 fi
 # If no env variable set, get from command line
 if [ "$OPT_ARGUMENTS" == "" ]; then
-    export OPT_ARGUMENTS="$@"
+    export OPT_ARGUMENTS="$*"
 fi
 # If key id is provied add arg
-if [ -e "$GPG_KEY_ID" ]; then
+if [ -n "$GPG_KEY_ID" ]; then
    export OPT_ARGUMENTS="$OPT_ARGUMENTS --encrypt-sign-key=\"$GPG_KEY_ID\""
 fi
 # If set to restore on start, restore if the data volume is empty
-if [ "$RESTORE_ON_EMPTY_START" == "true" -a -z "$(ls -A $PATH_TO_BACKUP)" ]; then
+if [ "$RESTORE_ON_EMPTY_START" == "true" ] && [ -z "$(ls -A "$PATH_TO_BACKUP")" ]; then
    /cron-exec.sh /restore.sh
 fi
--- a/tests/test-pre-scripts/backup/after/post-backup.sh
+++ b/tests/test-pre-scripts/backup/after/post-backup.sh
@ -1,3 +1,4 @@
 #! /bin/bash
 set -e
 cd /data
--- a/tests/test-pre-scripts/backup/before/pre-backup.sh
+++ b/tests/test-pre-scripts/backup/before/pre-backup.sh
@ -1,3 +1,4 @@
 #! /bin/bash
 set -e
 cd /data
--- a/tests/test-pre-scripts/restore/after/post-restore.sh
+++ b/tests/test-pre-scripts/restore/after/post-restore.sh
@ -1,3 +1,4 @@
 #! /bin/bash
 set -e
 cd /data
--- a/tests/test-pre-scripts/restore/before/pre-restore.sh
+++ b/tests/test-pre-scripts/restore/before/pre-restore.sh
@ -1,3 +1,4 @@
 #! /bin/bash
 set -e
 # Don't really need to do anything here
--- a/tests/test.sh
+++ b/tests/test.sh
@ -1,10 +1,10 @@
 #! /bin/bash
-set -e
+set -euf
 image="$1"
-if [ "$IN_CONTAINER" != "true" ] ; then
+if [ -z "${IN_CONTAINER+x}" ] ; then
    # Run the test script within the container
    image="$1"
    docker run --rm \
        -e IN_CONTAINER=true \
        -e SKIP_ON_START=true \
@ -31,7 +31,7 @@ else
    /cron-exec.sh /verify.sh || { cat /cron.log && exit 1; }
    echo "Delete test data..."
-    rm -fr /data/*
+    rm -fr /data/test.txt
    echo "Verify deleted..."
    test -f /data/test.txt && exit 1 || echo "Gone"
@ -48,7 +48,7 @@ else
    /cron-exec.sh /verify.sh || { cat /cron.log && exit 1; }
    echo "Delete test data again..."
-    rm -fr /data/*
+    rm -fr /data/test.txt
    echo "Verify deleted..."
    test -f /data/test.txt && exit 1 || echo "Gone"
--- a/verify.sh
+++ b/verify.sh
@ -1,10 +1,12 @@
 #! /bin/bash
-set -e
+set -euf
 # Intentionally not wrapping OPT_ARGUMENTS
 # shellcheck disable=SC2086
 duplicity verify \
    --compare-data \
    --log-file /root/duplicity.log \
-    --name $BACKUP_NAME \
+    --name "$BACKUP_NAME" \
    $OPT_ARGUMENTS \
-    $BACKUP_DEST \
+    "$BACKUP_DEST" \
-    $PATH_TO_BACKUP
+    "$PATH_TO_BACKUP"