diff --git a/.github/scripts/ci.sh b/.github/scripts/ci.sh index 82d2c919..16bff948 100755 --- a/.github/scripts/ci.sh +++ b/.github/scripts/ci.sh @@ -14,7 +14,7 @@ function test_get_builder() { for os in $operating_systems; do for ac in $architectures; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version $profile + $script "$cm" "$os" "$ac" "$version" $profile done done done @@ -26,7 +26,7 @@ function test_get_builder() { for os in $operating_systems; do for ac in $architectures; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version $profile + $script "$cm" "$os" "$ac" "$version" $profile done done done @@ -38,7 +38,7 @@ function test_get_builder() { for ac in $architectures; do for version in v1.5.0 v1.6.0; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version $profile + $script "$cm" "$os" "$ac" "$version" $profile done done # tiflow-operator @@ -47,7 +47,7 @@ function test_get_builder() { for ac in $architectures; do for version in v6.4.0-20221102-1667359250 v20221018; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version $profile + $script "$cm" "$os" "$ac" "$version" $profile done done @@ -57,7 +57,7 @@ function test_get_builder() { for ac in $architectures; do for version in v0.5.0 v0.6.0; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version $profile + $script "$cm" "$os" "$ac" "$version" $profile done done @@ -67,7 +67,7 @@ function test_get_builder() { for ac in $architectures; do for version in v0.1.2 v0.1.3; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version $profile + $script "$cm" "$os" "$ac" "$version" $profile done done } @@ -85,7 +85,7 @@ function test_gen_package_artifacts_script() { for os in $operating_systems; do for ac in $architectures; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version $profile branch-xxx 123456789abcdef + $script "$cm" "$os" "$ac" "$version" $profile branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-artifacts.sh done done @@ -98,7 +98,7 @@ function test_gen_package_artifacts_script() { for os in $operating_systems; do for ac in $architectures; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version enterprise branch-xxx 123456789abcdef + $script "$cm" "$os" "$ac" "$version" enterprise branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-artifacts.sh done done @@ -111,7 +111,7 @@ function test_gen_package_artifacts_script() { for os in $operating_systems; do for ac in $architectures; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version failpoint branch-xxx 123456789abcdef + $script "$cm" "$os" "$ac" "$version" failpoint branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-artifacts.sh done done @@ -125,7 +125,7 @@ function test_gen_package_artifacts_script() { for ac in $architectures; do for version in v1.5.0 v1.6.0; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version $profile branch-xxx 123456789abcdef + $script "$cm" "$os" "$ac" "$version" $profile branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-artifacts.sh done done @@ -136,7 +136,7 @@ function test_gen_package_artifacts_script() { for ac in $architectures; do for version in v6.4.0-20221102-1667359250 v20221018; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version $profile branch-xxx 123456789abcdef + $script "$cm" "$os" "$ac" "$version" $profile branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-artifacts.sh done done @@ -147,7 +147,7 @@ function test_gen_package_artifacts_script() { for ac in $architectures; do for version in v0.5.0 v0.6.0; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version $profile branch-xxx 123456789abcdef + $script "$cm" "$os" "$ac" "$version" $profile branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-artifacts.sh done done @@ -158,7 +158,7 @@ function test_gen_package_artifacts_script() { for ac in $architectures; do for version in v0.1.2 v0.1.3; do echo "$cm $os $ac $version:" - $script $cm $os $ac $version $profile branch-xxx 123456789abcdef + $script "$cm" "$os" "$ac" "$version" $profile branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-artifacts.sh done done @@ -175,7 +175,7 @@ function test_gen_package_images_script() { for cm in $components; do for ac in $architectures; do echo "$cm $os $ac $version:" - $script $cm linux $ac $version $profile branch-xxx 123456789abcdef + $script "$cm" linux "$ac" "$version" "$profile" branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-images.sh done done @@ -186,7 +186,7 @@ function test_gen_package_images_script() { for version in $versions; do for ac in $architectures; do echo "$cm $os $ac $version:" - $script $cm linux $ac $version $profile branch-xxx 123456789abcdef + $script "$cm" linux "$ac" "$version" "$profile" branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-images.sh done done @@ -198,7 +198,7 @@ function test_gen_package_images_script() { for ac in $architectures; do for version in v1.6.0 v1.5.0; do echo "$cm $os $ac $version:" - $script $cm linux $ac $version $profile branch-xxx 123456789abcdef + $script "$cm" linux "$ac" "$version" "$profile" branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-images.sh done done @@ -208,7 +208,7 @@ function test_gen_package_images_script() { for ac in $architectures; do for version in v6.4.0-20221102-1667359250 v20221018; do echo "$cm $os $ac $version:" - $script $cm linux $ac $version $profile branch-xxx 123456789abcdef + $script "$cm" linux "$ac" "$version" "$profile" branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-images.sh done done @@ -219,7 +219,7 @@ function test_gen_package_images_script() { for version in v0.5.0 v0.6.0; do for ac in $architectures; do echo "$cm $os $ac $version:" - $script $cm linux $ac $version $profile branch-xxx 123456789abcdef + $script "$cm" linux "$ac" "$version" "$profile" branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-images.sh done done @@ -230,7 +230,7 @@ function test_gen_package_images_script() { for ac in $architectures; do for version in v0.1.2 v0.1.3; do echo "$cm $os $ac $version:" - $script $cm linux $ac $version $profile branch-xxx 123456789abcdef + $script "$cm" linux "$ac" "$version" "$profile" branch-xxx 123456789abcdef shellcheck -S error packages/scripts/build-package-images.sh done done @@ -248,7 +248,7 @@ function test_gen_offline_package_artifacts_script() { for ac in $architectures; do for edition in $editions; do echo "$os $ac $version $edition:" - $script $os $ac $version $edition + $script "$os" "$ac" "$version" "$edition" shellcheck -S error packages/scripts/compose-offline-packages-artifacts.sh done done diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000..f3c9547d --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,20 @@ +ci: + autofix_commit_msg: | + fix: auto fixes from pre-commit.com hooks + + for more information, see https://pre-commit.ci + autoupdate_commit_msg: "chore: pre-commit autoupdate" +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v2.3.0 + hooks: + - id: end-of-file-fixer + - id: trailing-whitespace + - repo: https://github.com/shellcheck-py/shellcheck-py + rev: v0.10.0.1 + hooks: + - id: shellcheck + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks diff --git a/dockerfiles/bases/build-old.sh b/dockerfiles/bases/build-old.sh index 8567247c..6aa1cb6c 100755 --- a/dockerfiles/bases/build-old.sh +++ b/dockerfiles/bases/build-old.sh @@ -8,25 +8,25 @@ build() { case "${PLATFORMS}" in linux/amd64) echo "building for linux/amd64 platform..." - docker build --tag=$IMAGE --platform=$PLATFORMS --target amd64 . -f "$dockerfile" + docker build --tag="$IMAGE" --platform="$PLATFORMS" --target amd64 . -f "$dockerfile" if $PUSH_IMAGE; then - docker push $IMAGE + docker push "$IMAGE" fi ;; linux/arm64) echo "building for linux/arm64 platform..." - docker build --tag=$IMAGE --platform=$PLATFORMS --target arm64 . -f "$dockerfile" + docker build --tag="$IMAGE" --platform="$PLATFORMS" --target arm64 . -f "$dockerfile" if $PUSH_IMAGE; then - docker push $IMAGE + docker push "$IMAGE" fi ;; linux/arm64,linux/amd64 | linux/amd64,linux/arm64) echo "building for linux/arm64 and linux/amd64 platforms..." - docker build --tag=${IMAGE}_linux_amd64 --platform=linux/amd64 --target amd64 . -f "$dockerfile" - docker build --tag=${IMAGE}_linux_arm64 --platform=linux/arm64 --target arm64 . -f "$dockerfile" + docker build --tag="${IMAGE}_linux_amd64" --platform=linux/amd64 --target amd64 . -f "$dockerfile" + docker build --tag="${IMAGE}_linux_arm64" --platform=linux/arm64 --target arm64 . -f "$dockerfile" if $PUSH_IMAGE; then - docker push ${IMAGE}_linux_amd64 - docker push ${IMAGE}_linux_arm64 + docker push "${IMAGE}_linux_amd64" + docker push "${IMAGE}_linux_arm64" # compose manifest for multi-arch image. pushed_repo="${IMAGE%:*}" @@ -35,14 +35,14 @@ build() { yq -i ".tags = [\"$tag\"]" manifest.yaml # linux/amd64 - manifest-tool inspect --raw ${IMAGE}_linux_amd64 >manifest_linux_amd64.json + manifest-tool inspect --raw "${IMAGE}_linux_amd64" >manifest_linux_amd64.json yq -i '.manifests += [{}]' manifest.yaml digest=$(jq -r '.digest' manifest_linux_amd64.json) yq -i ".manifests[-1].image = \"${pushed_repo}@${digest}\"" manifest.yaml yq -i '.manifests[-1].platform.os = "linux"' manifest.yaml yq -i '.manifests[-1].platform.architecture = "amd64"' manifest.yaml # linux/arm64 - manifest-tool inspect --raw ${IMAGE}_linux_arm64 >manifest_linux_arm64.json + manifest-tool inspect --raw "${IMAGE}_linux_arm64" >manifest_linux_arm64.json yq -i '.manifests += [{}]' manifest.yaml digest=$(jq -r '.digest' manifest_linux_arm64.json) yq -i ".manifests[-1].image = \"${pushed_repo}@${digest}\"" manifest.yaml diff --git a/packages/scripts/gen-delivery-images-with-config.sh b/packages/scripts/gen-delivery-images-with-config.sh index d074b811..70c6fb9c 100755 --- a/packages/scripts/gen-delivery-images-with-config.sh +++ b/packages/scripts/gen-delivery-images-with-config.sh @@ -9,27 +9,24 @@ main() { local image_url_with_tag="$1" local yaml_file="${2:-${PROJECT_ROOT_DIR}/packages/delivery.yaml}" local out_file="${3:-${RELEASE_SCRIPTS_DIR}/delivery-images.sh}" - rm -rf $out_file + rm -rf "$out_file" # Extract image URL and tag - local image_url=$(echo "$image_url_with_tag" | cut -d ':' -f1) - local tag=$(echo "$image_url_with_tag" | cut -d ':' -f2) + image_url="$(echo "$image_url_with_tag" | cut -d ':' -f1)" + tag=$(echo "$image_url_with_tag" | cut -d ':' -f2) # Retrieve rules for the source repository from the YAML config - local rules=$(yq ".image_copy_rules[\"$image_url\"]" "$yaml_file") - local rule_count=$(yq ".image_copy_rules[\"$image_url\"] | length" "$yaml_file") - if [ $rule_count -eq 0 ]; then + rule_count=$(yq ".image_copy_rules[\"$image_url\"] | length" "$yaml_file") + if [ "$rule_count" -eq 0 ]; then echo "🤷 none rules found for image: $image_url" exit 0 fi # Loop through each rule for the source repository for ri in $(seq 0 $((rule_count - 1))); do - echo $ri - local rule=$(yq ".image_copy_rules[\"$image_url\"][$ri]" "$yaml_file") + rule=$(yq ".image_copy_rules[\"$image_url\"][$ri]" "$yaml_file") description=$(yq '.description' <<< "$rule") dest_repos=$(yq '.dest_repositories[]' <<< "$rule") - dest_tags= # Check if the tag matches the tags regex if yq -e ".tags_regex[] | select(. | test \"$tag\")" 2>&1> /dev/null <<< "$rule" ; then diff --git a/packages/scripts/gen-package-artifacts-with-config.sh b/packages/scripts/gen-package-artifacts-with-config.sh index 621394e2..d50c7e3d 100755 --- a/packages/scripts/gen-package-artifacts-with-config.sh +++ b/packages/scripts/gen-package-artifacts-with-config.sh @@ -66,7 +66,7 @@ function main() { exit 0 fi - gomplate --context .=release-router.yaml -f $RELEASE_SCRIPTS_DIR/build-package-artifacts.sh.tmpl --chmod "755" --out $out_file + gomplate --context .=release-router.yaml -f "$RELEASE_SCRIPTS_DIR/build-package-artifacts.sh.tmpl" --chmod "755" --out "$out_file" echo "✅ Generated shell script: $out_file" } diff --git a/packages/scripts/gen-package-images-with-config.sh b/packages/scripts/gen-package-images-with-config.sh index 2ab671b8..cb172bbd 100755 --- a/packages/scripts/gen-package-images-with-config.sh +++ b/packages/scripts/gen-package-images-with-config.sh @@ -72,7 +72,7 @@ function main() { exit 0 fi - gomplate --context .=release-router.yaml -f $RELEASE_SCRIPTS_DIR/build-package-images.sh.tmpl --chmod "755" --out $out_file + gomplate --context .=release-router.yaml -f "$RELEASE_SCRIPTS_DIR/build-package-images.sh.tmpl" --chmod "755" --out "$out_file" echo "✅ Generated shell script: $out_file" } diff --git a/packages/scripts/gen-package-offline-package-with-config.sh b/packages/scripts/gen-package-offline-package-with-config.sh index 82dfb1ba..7a1e9d99 100755 --- a/packages/scripts/gen-package-offline-package-with-config.sh +++ b/packages/scripts/gen-package-offline-package-with-config.sh @@ -65,9 +65,9 @@ function main() { } function install_tiup_tool() { - local run_os="$(uname -s)" - local run_arch="$(uname -m)" - local tiup_ver="v1.15.2" + run_os="$(uname -s)" + run_arch="$(uname -m)" + tiup_ver="v1.15.2" local tiup_tarball case "${run_os}/${run_arch}" in diff --git a/packages/scripts/get-package-builder-with-config.sh b/packages/scripts/get-package-builder-with-config.sh index 75dad2e6..a3fd94eb 100755 --- a/packages/scripts/get-package-builder-with-config.sh +++ b/packages/scripts/get-package-builder-with-config.sh @@ -40,7 +40,7 @@ function main() { fi # get the builder image. - yq -e '.builders[0].image' release-package.yaml | tee $out_file + yq -e '.builders[0].image' release-package.yaml | tee "$out_file" } main "$@"