From cdc1cfac301e93c0a443b488ab49a8f5a6a54351 Mon Sep 17 00:00:00 2001
From: ViViDboarder <ViViDboarder@gmail.com>
Date: Mon, 14 Jun 2021 15:55:26 -0700
Subject: [PATCH] Add pre-commit and lint

---
 .pre-commit-config.yaml                        | 17 +++++++++++++++++
 Makefile                                       | 11 +++++++++++
 backup.sh                                      | 18 ++++++++++++------
 cron-exec.sh                                   | 13 ++++++++++---
 restore.sh                                     | 15 ++++++++-------
 start.sh                                       |  6 +++---
 tests/test-pre-scripts.sh                      |  4 ++--
 .../backup/after/post-backup.sh                |  1 +
 .../backup/before/pre-backup.sh                |  1 +
 .../restore/after/post-restore.sh              |  1 +
 .../restore/before/pre-restore.sh              |  1 +
 tests/test.sh                                  |  7 +++++--
 verify.sh                                      |  2 +-
 13 files changed, 73 insertions(+), 24 deletions(-)
 create mode 100644 .pre-commit-config.yaml

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..293b189
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,17 @@
+---
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.0.1
+    hooks:
+      - id: check-merge-conflict
+      - id: check-yaml
+      - id: end-of-file-fixer
+  - repo: https://github.com/shellcheck-py/shellcheck-py
+    rev: v0.7.2.1
+    hooks:
+      - id: shellcheck
+  - repo: https://github.com/IamTheFij/docker-pre-commit
+    rev: v2.0.0
+    hooks:
+      - id: docker-compose-check
+      - id: hadolint
diff --git a/Makefile b/Makefile
index 2536d52..5760609 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,8 @@
 DOCKER_TAG ?= docker-restic-cron
 
+.PHONY: all
+all: check test-all
+
 .PHONY: default
 default: build-x86
 
@@ -42,3 +45,11 @@ shell: shell-x86
 .PHONY: clean
 clean:
 	docker-compose -f docker-compose-test-s3.yml down -v
+
+.PHONY: install-hooks
+install-hooks:
+	pre-commit install
+
+.PHONY: check
+check:
+	pre-commit run --all-files
diff --git a/backup.sh b/backup.sh
index 750f9f5..cd89d45 100755
--- a/backup.sh
+++ b/backup.sh
@@ -3,27 +3,33 @@ set -e
 
 # Run pre-backup scripts
 for f in /scripts/backup/before/*; do
-    if [ -f $f -a -x $f ]; then
-        bash $f
+    if [ -f "$f" ] && [ -x "$f" ]; then
+        bash "$f"
     fi
 done
 
+# shellcheck disable=SC2086
 restic \
-    -r $BACKUP_DEST \
+    -r "$BACKUP_DEST" \
     $OPT_ARGUMENTS \
     backup \
     "$PATH_TO_BACKUP"
 
 if [ -n "$CLEANUP_COMMAND" ]; then
+    # Clean up old snapshots via provided policy
+    # shellcheck disable=SC2086
     restic \
-        -r $BACKUP_DEST \
+        -r "$BACKUP_DEST" \
         forget \
         $CLEANUP_COMMAND
+
+    # Verify that nothing is corrupted
+    restic check -r "$BACKUP_DEST"
 fi
 
 # Run post-backup scripts
 for f in /scripts/backup/after/*; do
-    if [ -f $f -a -x $f ]; then
-        bash $f
+    if [ -f "$f" ] && [ -x "$f" ]; then
+        bash "$f"
     fi
 done
diff --git a/cron-exec.sh b/cron-exec.sh
index 2812ca8..c42607d 100755
--- a/cron-exec.sh
+++ b/cron-exec.sh
@@ -4,8 +4,15 @@ ENV=/env.sh
 LOG=/cron.log
 HEALTH_FILE=/unhealthy
 
-touch $ENV
-source $ENV
+if [ -f "$ENV" ]; then
+    # shellcheck disable=SC1090
+    source "$ENV"
+fi
 
 # Execute command and write output to log
-$@ 2>> $LOG && rm -f $HEALTH_FILE || { touch $HEALTH_FILE; exit 1; }
+if eval "$@" 2>> "$LOG"; then
+    rm -f "$HEALTH_FILE"
+else
+    touch "$HEALTH_FILE"
+    exit 1;
+fi
diff --git a/restore.sh b/restore.sh
index 9e8f8be..ea8ac8c 100755
--- a/restore.sh
+++ b/restore.sh
@@ -1,25 +1,26 @@
 #! /bin/bash
 set -e
 
-restore_snapshot=$1
+restore_snapshot="$1"
 
 # Run pre-restore scripts
 for f in /scripts/restore/before/*; do
-    if [ -f $f -a -x $f ]; then
-        bash $f
+    if [ -f "$f" ] && [ -x "$f" ]; then
+        bash "$f"
     fi
 done
 
+# shellcheck disable=SC2086
 restic \
-    -r $BACKUP_DEST \
+    -r "$BACKUP_DEST" \
     $OPT_ARGUMENTS \
     restore \
-    $restore_snapshot \
+    "$restore_snapshot" \
     -t /
 
 # Run post-restore scripts
 for f in /scripts/restore/after/*; do
-    if [ -f $f -a -x $f ]; then
-        bash $f
+    if [ -f "$f" ] && [ -x "$f" ]; then
+        bash "$f"
     fi
 done
diff --git a/start.sh b/start.sh
index e4e3f73..f8580b0 100755
--- a/start.sh
+++ b/start.sh
@@ -8,14 +8,14 @@ fi
 
 # If no env variable set, get from command line
 if [ "$OPT_ARGUMENTS" == "" ]; then
-    export OPT_ARGUMENTS="$@"
+    export OPT_ARGUMENTS="$*"
 fi
 
 # Init the repo
-restic -r $BACKUP_DEST snapshots || restic -r $BACKUP_DEST init
+restic -r "$BACKUP_DEST" snapshots || restic -r "$BACKUP_DEST" init
 
 # If set to restore on start, restore if the data volume is empty
-if [ "$RESTORE_ON_EMPTY_START" == "true" -a -z "$(ls -A $PATH_TO_BACKUP)" ]; then
+if [ "$RESTORE_ON_EMPTY_START" == "true" ] && [ -z "$(ls -A "$PATH_TO_BACKUP")" ]; then
     /cron-exec.sh /restore.sh latest
 fi
 
diff --git a/tests/test-pre-scripts.sh b/tests/test-pre-scripts.sh
index d09625e..6397994 100755
--- a/tests/test-pre-scripts.sh
+++ b/tests/test-pre-scripts.sh
@@ -1,7 +1,7 @@
 #! /bin/bash
 set -e
 
-image=$1
+image="$1"
 
 if [ "$IN_CONTAINER" != "true" ] ; then
     # Run the test script within the container
@@ -11,7 +11,7 @@ if [ "$IN_CONTAINER" != "true" ] ; then
         -e RESTIC_PASSWORD="Correct.Horse.Battery.Staple" \
         -v "$(pwd)/test-pre-scripts.sh:/test.sh" \
         -v "$(pwd)/test-pre-scripts:/scripts" \
-        $image \
+        "$image" \
         bash -c "/test.sh"
 else
     echo "Performing backup tests"
diff --git a/tests/test-pre-scripts/backup/after/post-backup.sh b/tests/test-pre-scripts/backup/after/post-backup.sh
index a606858..65cf8df 100755
--- a/tests/test-pre-scripts/backup/after/post-backup.sh
+++ b/tests/test-pre-scripts/backup/after/post-backup.sh
@@ -1,3 +1,4 @@
+#! /bin/bash
 set -e
 
 cd /data
diff --git a/tests/test-pre-scripts/backup/before/pre-backup.sh b/tests/test-pre-scripts/backup/before/pre-backup.sh
index b0da835..7c35bfc 100755
--- a/tests/test-pre-scripts/backup/before/pre-backup.sh
+++ b/tests/test-pre-scripts/backup/before/pre-backup.sh
@@ -1,3 +1,4 @@
+#! /bin/bash
 set -e
 
 cd /data
diff --git a/tests/test-pre-scripts/restore/after/post-restore.sh b/tests/test-pre-scripts/restore/after/post-restore.sh
index 7ede126..c1a4ea7 100755
--- a/tests/test-pre-scripts/restore/after/post-restore.sh
+++ b/tests/test-pre-scripts/restore/after/post-restore.sh
@@ -1,3 +1,4 @@
+#! /bin/bash
 set -e
 
 cd /data
diff --git a/tests/test-pre-scripts/restore/before/pre-restore.sh b/tests/test-pre-scripts/restore/before/pre-restore.sh
index ea3e3e4..1869dbd 100755
--- a/tests/test-pre-scripts/restore/before/pre-restore.sh
+++ b/tests/test-pre-scripts/restore/before/pre-restore.sh
@@ -1,3 +1,4 @@
+#! /bin/bash
 set -e
 
 # Don't really need to do anything here
diff --git a/tests/test.sh b/tests/test.sh
index ee5480c..5cd36e0 100755
--- a/tests/test.sh
+++ b/tests/test.sh
@@ -1,7 +1,7 @@
 #! /bin/bash
 set -e
 
-image=$1
+image="$1"
 
 if [ "$IN_CONTAINER" != "true" ] ; then
     # Run the test script within the container
@@ -10,7 +10,7 @@ if [ "$IN_CONTAINER" != "true" ] ; then
         -e SKIP_ON_START=true \
         -e RESTIC_PASSWORD="Correct.Horse.Battery.Staple" \
         -v "$(pwd)/test.sh:/test.sh" \
-        $image \
+        "$image" \
         bash -c "/test.sh"
 else
     echo "Performing backup tests"
@@ -31,6 +31,9 @@ else
     echo "Verify backup..."
     /cron-exec.sh /verify.sh || { cat /cron.log && exit 1; }
 
+    echo "Auto cleanup on second backup..."
+    CLEANUP_COMMAND="--prune --keep-last 1" /cron-exec.sh /backup.sh || { cat /cron.log && exit 1; }
+
     echo "Delete test data..."
     rm -fr /data/*
 
diff --git a/verify.sh b/verify.sh
index 7dec438..d932a0e 100755
--- a/verify.sh
+++ b/verify.sh
@@ -2,6 +2,6 @@
 set -e
 
 restic \
-    -r $BACKUP_DEST \
+    -r "$BACKUP_DEST" \
     $OPT_ARGUMENTS \
     check