From 8370da9ea608b0f59c9da495910bbc3e45236ed6 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Wed, 29 Sep 2021 19:55:24 +0200 Subject: [PATCH 1/5] ci: shellcheck-ify CI scripts --- .github/workflows/build_test.sh | 5 ++-- .github/workflows/unit_tests.sh | 1 + .semaphore/semaphore-runner.sh | 44 +++++++++++++++++---------------- coccinelle/run-coccinelle.sh | 25 ++++++++++--------- 4 files changed, 41 insertions(+), 34 deletions(-) diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh index bdcb71ba9c..57df14e2fc 100755 --- a/.github/workflows/build_test.sh +++ b/.github/workflows/build_test.sh @@ -75,7 +75,7 @@ if [[ "$COMPILER" == clang ]]; then # Following snippet was borrowed from https://apt.llvm.org/llvm.sh wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - add-apt-repository -y "deb http://apt.llvm.org/$RELEASE/ llvm-toolchain-$RELEASE-$COMPILER_VERSION main" - PACKAGES+=(clang-$COMPILER_VERSION lldb-$COMPILER_VERSION lld-$COMPILER_VERSION clangd-$COMPILER_VERSION) + PACKAGES+=("clang-$COMPILER_VERSION" "lldb-$COMPILER_VERSION" "lld-$COMPILER_VERSION" "clangd-$COMPILER_VERSION") elif [[ "$COMPILER" == gcc ]]; then CC="gcc-$COMPILER_VERSION" CXX="g++-$COMPILER_VERSION" @@ -83,7 +83,7 @@ elif [[ "$COMPILER" == gcc ]]; then # Latest gcc stack deb packages provided by # https://launchpad.net/~ubuntu-toolchain-r/+archive/ubuntu/test add-apt-repository -y ppa:ubuntu-toolchain-r/test - PACKAGES+=(gcc-$COMPILER_VERSION) + PACKAGES+=("gcc-$COMPILER_VERSION") else fatal "Unknown compiler: $COMPILER" fi @@ -108,6 +108,7 @@ for args in "${ARGS[@]}"; do SECONDS=0 info "Checking build with $args" + # shellcheck disable=SC2086 if ! AR="$AR" CC="$CC" CXX="$CXX" CFLAGS="-Werror" CXXFLAGS="-Werror" meson -Dtests=unsafe -Dslow-tests=true -Dfuzz-tests=true --werror $args build; then fatal "meson failed with $args" fi diff --git a/.github/workflows/unit_tests.sh b/.github/workflows/unit_tests.sh index 17e73f1856..bc5050fd1c 100755 --- a/.github/workflows/unit_tests.sh +++ b/.github/workflows/unit_tests.sh @@ -1,5 +1,6 @@ #!/bin/bash +# shellcheck disable=SC2206 PHASES=(${@:-SETUP RUN RUN_ASAN_UBSAN CLEANUP}) RELEASE="$(lsb_release -cs)" ADDITIONAL_DEPS=( diff --git a/.semaphore/semaphore-runner.sh b/.semaphore/semaphore-runner.sh index e7dbcb2ac1..a0a4153cde 100755 --- a/.semaphore/semaphore-runner.sh +++ b/.semaphore/semaphore-runner.sh @@ -1,17 +1,19 @@ #!/bin/bash set -eux +set -o pipefail # default to Debian testing -DISTRO=${DISTRO:-debian} -RELEASE=${RELEASE:-bullseye} -BRANCH=${BRANCH:-upstream-ci} -ARCH=${ARCH:-amd64} -CONTAINER=${RELEASE}-${ARCH} -CACHE_DIR=${SEMAPHORE_CACHE_DIR:=/tmp} +DISTRO="${DISTRO:-debian}" +RELEASE="${RELEASE:-bullseye}" +BRANCH="${BRANCH:-upstream-ci}" +ARCH="${ARCH:-amd64}" +CONTAINER="${RELEASE}-${ARCH}" +CACHE_DIR="${SEMAPHORE_CACHE_DIR:-/tmp}" AUTOPKGTEST_DIR="${CACHE_DIR}/autopkgtest" # semaphore cannot expose these, but useful for interactive/local runs ARTIFACTS_DIR=/tmp/artifacts +# shellcheck disable=SC2206 PHASES=(${@:-SETUP RUN}) UBUNTU_RELEASE="$(lsb_release -cs)" @@ -20,18 +22,18 @@ create_container() { # GPG key from keyserver", so retry a few times with different keyservers. for keyserver in "" "keys.gnupg.net" "keys.openpgp.org" "keyserver.ubuntu.com"; do for retry in {1..5}; do - sudo lxc-create -n $CONTAINER -t download -- -d $DISTRO -r $RELEASE -a $ARCH ${keyserver:+--keyserver "$keyserver"} && break 2 + sudo lxc-create -n "$CONTAINER" -t download -- -d "$DISTRO" -r "$RELEASE" -a "$ARCH" ${keyserver:+--keyserver "$keyserver"} && break 2 sleep $((retry*retry)) done done # unconfine the container, otherwise some tests fail - echo 'lxc.apparmor.profile = unconfined' | sudo tee -a /var/lib/lxc/$CONTAINER/config + echo 'lxc.apparmor.profile = unconfined' | sudo tee -a "/var/lib/lxc/$CONTAINER/config" - sudo lxc-start -n $CONTAINER + sudo lxc-start -n "$CONTAINER" # enable source repositories so that apt-get build-dep works - sudo lxc-attach -n $CONTAINER -- sh -ex <> /etc/apt/sources.list.d/sources.list # wait until online while [ -z "\$(ip route list 0/0)" ]; do sleep 1; done @@ -44,11 +46,11 @@ apt-get purge --auto-remove -y unattended-upgrades systemctl unmask systemd-networkd systemctl enable systemd-networkd EOF - sudo lxc-stop -n $CONTAINER + sudo lxc-stop -n "$CONTAINER" } for phase in "${PHASES[@]}"; do - case $phase in + case "$phase" in SETUP) # remove semaphore repos, some of them don't work and cause error messages sudo rm -f /etc/apt/sources.list.d/* @@ -59,17 +61,17 @@ for phase in "${PHASES[@]}"; do sudo apt-get install -y -t "$UBUNTU_RELEASE-backports" lxc sudo apt-get install -y python3-debian git dpkg-dev fakeroot python3-jinja2 - [ -d $AUTOPKGTEST_DIR ] || git clone --quiet --depth=1 https://salsa.debian.org/ci-team/autopkgtest.git "$AUTOPKGTEST_DIR" + [ -d "$AUTOPKGTEST_DIR" ] || git clone --quiet --depth=1 https://salsa.debian.org/ci-team/autopkgtest.git "$AUTOPKGTEST_DIR" create_container ;; RUN) # add current debian/ packaging - git fetch --depth=1 https://salsa.debian.org/systemd-team/systemd.git $BRANCH + git fetch --depth=1 https://salsa.debian.org/systemd-team/systemd.git "$BRANCH" git checkout FETCH_HEAD debian # craft changelog - UPSTREAM_VER=$(git describe | sed 's/^v//;s/-/./g') + UPSTREAM_VER="$(git describe | sed 's/^v//;s/-/./g')" cat << EOF > debian/changelog.new systemd (${UPSTREAM_VER}.0) UNRELEASED; urgency=low @@ -78,7 +80,7 @@ systemd (${UPSTREAM_VER}.0) UNRELEASED; urgency=low -- systemd test $(date -R) EOF - cat debian/changelog >> debian/changelog.new + cat debian/changelog >>debian/changelog.new mv debian/changelog.new debian/changelog # clean out patches @@ -91,15 +93,15 @@ EOF echo '1.0' > debian/source/format # build source package - dpkg-buildpackage -S -I -I$(basename "$CACHE_DIR") -d -us -uc -nc + dpkg-buildpackage -S -I -I"$(basename "$CACHE_DIR")" -d -us -uc -nc # now build the package and run the tests rm -rf "$ARTIFACTS_DIR" # autopkgtest exits with 2 for "some tests skipped", accept that - $AUTOPKGTEST_DIR/runner/autopkgtest --env DEB_BUILD_OPTIONS=noudeb \ - --env TEST_UPSTREAM=1 ../systemd_*.dsc \ - -o "$ARTIFACTS_DIR" \ - -- lxc -s $CONTAINER \ + "$AUTOPKGTEST_DIR/runner/autopkgtest" --env DEB_BUILD_OPTIONS=noudeb \ + --env TEST_UPSTREAM=1 ../systemd_*.dsc \ + -o "$ARTIFACTS_DIR" \ + -- lxc -s "$CONTAINER" \ || [ $? -eq 2 ] ;; *) diff --git a/coccinelle/run-coccinelle.sh b/coccinelle/run-coccinelle.sh index d1af412acc..e7a6d51f49 100755 --- a/coccinelle/run-coccinelle.sh +++ b/coccinelle/run-coccinelle.sh @@ -10,19 +10,20 @@ EXCLUDED_PATHS=( "src/libsystemd/sd-journal/lookup3.c" ) -top="$(git rev-parse --show-toplevel)" -args= +TOP_DIR="$(git rev-parse --show-toplevel)" +ARGS=() # Create an array from files tracked by git... -mapfile -t files < <(git ls-files ':/*.[ch]') +mapfile -t FILES < <(git ls-files ':/*.[ch]') # ...and filter everything that matches patterns from EXCLUDED_PATHS for excl in "${EXCLUDED_PATHS[@]}"; do - files=(${files[@]//$excl}) + # shellcheck disable=SC2206 + FILES=(${FILES[@]//$excl}) done case "$1" in -i) - args="$args --in-place" + ARGS+=(--in-place) shift ;; esac @@ -32,12 +33,14 @@ if ! parallel -h >/dev/null; then exit 1 fi -for SCRIPT in ${@-$top/coccinelle/*.cocci}; do - echo "--x-- Processing $SCRIPT --x--" - TMPFILE=`mktemp` - echo "+ spatch --sp-file $SCRIPT $args ..." +[[ ${#@} -ne 0 ]] && SCRIPTS=("$@") || SCRIPTS=("$TOP_DIR"/coccinelle/*.cocci) + +for script in "${SCRIPTS[@]}"; do + echo "--x-- Processing $script --x--" + TMPFILE="$(mktemp)" + echo "+ spatch --sp-file $script ${ARGS[*]} ..." parallel --halt now,fail=1 --keep-order --noswap --max-args=20 \ - spatch --macro-file="$top/coccinelle/macros.h" --sp-file $SCRIPT $args ::: "${files[@]}" \ + spatch --macro-file="$TOP_DIR/coccinelle/macros.h" --sp-file "$script" "${ARGS[@]}" ::: "${FILES[@]}" \ 2>"$TMPFILE" || cat "$TMPFILE" - echo -e "--x-- Processed $SCRIPT --x--\n" + echo -e "--x-- Processed $script --x--\n" done From 91c64ad620d9bfdfcaeedc952ccf8a380e09e663 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Thu, 30 Sep 2021 12:11:27 +0200 Subject: [PATCH 2/5] test: drop an unused file --- test/mocks/fsck | 27 --------------------------- 1 file changed, 27 deletions(-) delete mode 100755 test/mocks/fsck diff --git a/test/mocks/fsck b/test/mocks/fsck deleted file mode 100755 index 241583bb4e..0000000000 --- a/test/mocks/fsck +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/env bash -fd=0 - -OPTIND=1 -while getopts "C:aTlM" opt; do - case "$opt" in - C) - fd=$OPTARG - ;; - \?);; - esac -done - -shift "$((OPTIND-1))" -device=$1 - -echo "Running fake fsck on $device" - -declare -a maxpass=(30 5 2 30 60) - -for pass in {1..5}; do - maxprogress=${maxpass[$((pass-1))]} - for (( current=0; current<=${maxprogress}; current++)); do - echo "$pass $current $maxprogress $device">&$fd - sleep 0.1 - done -done From 1c3f490f230c1dad83901b1768456082159f2cbe Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Wed, 29 Sep 2021 20:30:08 +0200 Subject: [PATCH 3/5] test: shellcheck-ify test scripts --- test/TEST-13-NSPAWN-SMOKE/test.sh | 2 +- test/TEST-57-ONSUCCESS-UPHOLD/test.sh | 3 +- test/TEST-58-REPART/test.sh | 5 +- test/TEST-59-RELOADING-RESTART/test.sh | 5 +- test/TEST-60-MOUNT-RATELIMIT/test.sh | 4 +- test/TEST-62-RESTRICT-IFACES/test.sh | 9 ++-- test/hwdb-test.sh | 5 +- test/run-integration-tests.sh | 17 +++--- test/test-functions | 11 ++-- test/test-network-generator-conversion.sh | 6 ++- test/test-path-util/script.sh | 4 +- test/testsuite-16.units/extend-timeout.sh | 64 +++++++++++------------ test/udev-dmi-memory-id-test.sh | 3 +- test/units/testsuite-04.sh | 4 +- test/units/testsuite-17.06.sh | 10 ++-- test/units/testsuite-54.sh | 2 +- test/units/testsuite-61.sh | 3 +- test/units/testsuite-62.sh | 28 +++++----- test/units/testsuite-64.sh | 2 + 19 files changed, 103 insertions(+), 84 deletions(-) diff --git a/test/TEST-13-NSPAWN-SMOKE/test.sh b/test/TEST-13-NSPAWN-SMOKE/test.sh index e7e6371fb6..a708465bdd 100755 --- a/test/TEST-13-NSPAWN-SMOKE/test.sh +++ b/test/TEST-13-NSPAWN-SMOKE/test.sh @@ -14,7 +14,7 @@ test_append_files() { # On openSUSE the static linked version of busybox is named "busybox-static". busybox="$(type -P busybox-static || type -P busybox)" - inst_simple "$busybox" "$(dirname $busybox)/busybox" + inst_simple "$busybox" "$(dirname "$busybox")/busybox" if selinuxenabled >/dev/null; then image_install selinuxenabled diff --git a/test/TEST-57-ONSUCCESS-UPHOLD/test.sh b/test/TEST-57-ONSUCCESS-UPHOLD/test.sh index 145c88fcd8..34513f2ba2 100755 --- a/test/TEST-57-ONSUCCESS-UPHOLD/test.sh +++ b/test/TEST-57-ONSUCCESS-UPHOLD/test.sh @@ -2,6 +2,7 @@ set -e TEST_DESCRIPTION="test OnSuccess= + Uphold= + PropagatesStopTo= + BindsTo=" -. $TEST_BASE_DIR/test-functions +# shellcheck source=test/test-functions +. "$TEST_BASE_DIR/test-functions" do_test "$@" 57 diff --git a/test/TEST-58-REPART/test.sh b/test/TEST-58-REPART/test.sh index 3a3c33f141..df5ad3c0c6 100755 --- a/test/TEST-58-REPART/test.sh +++ b/test/TEST-58-REPART/test.sh @@ -1,7 +1,10 @@ #!/usr/bin/env bash set -e + TEST_DESCRIPTION="test systemd-repart" TEST_NO_NSPAWN=1 -. $TEST_BASE_DIR/test-functions + +# shellcheck source=test/test-functions +. "$TEST_BASE_DIR/test-functions" do_test "$@" diff --git a/test/TEST-59-RELOADING-RESTART/test.sh b/test/TEST-59-RELOADING-RESTART/test.sh index 9232d7816a..343848e33a 100755 --- a/test/TEST-59-RELOADING-RESTART/test.sh +++ b/test/TEST-59-RELOADING-RESTART/test.sh @@ -1,9 +1,10 @@ #!/usr/bin/env bash set -e -TEST_DESCRIPTION="Test auto restart of exited services which are stuck in reloading state" +TEST_DESCRIPTION="Test auto restart of exited services which are stuck in reloading state" TEST_NO_QEMU=1 -. $TEST_BASE_DIR/test-functions +# shellcheck source=test/test-functions +. "$TEST_BASE_DIR/test-functions" do_test "$@" diff --git a/test/TEST-60-MOUNT-RATELIMIT/test.sh b/test/TEST-60-MOUNT-RATELIMIT/test.sh index f9eb11ccb4..e14bc83e09 100755 --- a/test/TEST-60-MOUNT-RATELIMIT/test.sh +++ b/test/TEST-60-MOUNT-RATELIMIT/test.sh @@ -1,7 +1,9 @@ #!/usr/bin/env bash set -e + TEST_DESCRIPTION="Test that mount/unmount storms can enter/exit rate limit state and will not leak units" -. $TEST_BASE_DIR/test-functions +# shellcheck source=test/test-functions +. "$TEST_BASE_DIR/test-functions" do_test "$@" diff --git a/test/TEST-62-RESTRICT-IFACES/test.sh b/test/TEST-62-RESTRICT-IFACES/test.sh index b2829d2a1f..85d5a53473 100755 --- a/test/TEST-62-RESTRICT-IFACES/test.sh +++ b/test/TEST-62-RESTRICT-IFACES/test.sh @@ -1,9 +1,10 @@ #!/usr/bin/env bash +set -e +TEST_DESCRIPTION="test RestrictNetworkInterfaces=" TEST_NO_NSPAWN=1 -set -e -TEST_DESCRIPTION="test RestrictNetworkInterfaces=" -. $TEST_BASE_DIR/test-functions +# shellcheck source=test/test-functions +. "$TEST_BASE_DIR/test-functions" -do_test "$@" 62 +do_test "$@" diff --git a/test/hwdb-test.sh b/test/hwdb-test.sh index 57d98e513b..0551f26a2d 100755 --- a/test/hwdb-test.sh +++ b/test/hwdb-test.sh @@ -10,7 +10,7 @@ set -e export SYSTEMD_LOG_LEVEL=info -ROOTDIR=$(dirname $(dirname $(readlink -f $0))) +ROOTDIR="$(dirname "$(dirname "$(readlink -f "$0")")")" SYSTEMD_HWDB="${1:?missing argument}" if [ ! -x "$SYSTEMD_HWDB" ]; then @@ -18,7 +18,8 @@ if [ ! -x "$SYSTEMD_HWDB" ]; then exit 1 fi -D=$(mktemp --tmpdir --directory "hwdb-test.XXXXXXXXXX") +D="$(mktemp --tmpdir --directory "hwdb-test.XXXXXXXXXX")" +# shellcheck disable=SC2064 trap "rm -rf '$D'" EXIT INT QUIT PIPE mkdir -p "$D/etc/udev" ln -s "$ROOTDIR/hwdb.d" "$D/etc/udev/hwdb.d" diff --git a/test/run-integration-tests.sh b/test/run-integration-tests.sh index 47cf8a8912..2b48417d58 100755 --- a/test/run-integration-tests.sh +++ b/test/run-integration-tests.sh @@ -3,7 +3,7 @@ set -e if [ "$NO_BUILD" ]; then BUILD_DIR="" -elif BUILD_DIR="$($(dirname "$0")/../tools/find-build-dir.sh)"; then +elif BUILD_DIR="$("$(dirname "$0")/../tools/find-build-dir.sh")"; then ninja -C "$BUILD_DIR" else echo "No build found, please set BUILD_DIR or NO_BUILD" >&2 @@ -73,35 +73,36 @@ fi # Run actual tests (if requested) if [[ $args =~ [a-z] ]]; then for TEST in $SELECTED_TESTS; do - COUNT=$(($COUNT+1)) + COUNT=$((COUNT+1)) - pass_deny_list $TEST || continue + pass_deny_list "$TEST" || continue start=$(date +%s) echo -e "\n--x-- Running $TEST --x--" set +e + # shellcheck disable=SC2086 ( set -x ; make -C "$TEST" $args ) RESULT=$? set -e echo "--x-- Result of $TEST: $RESULT --x--" results["$TEST"]="$RESULT" - times["$TEST"]=$(( $(date +%s) - $start )) + times["$TEST"]=$(( $(date +%s) - start )) - [ "$RESULT" -ne "0" ] && FAILURES=$(($FAILURES+1)) + [ "$RESULT" -ne "0" ] && FAILURES=$((FAILURES+1)) done fi # Run clean-again, if requested, and if no tests failed -if [ $FAILURES -eq 0 -a $CLEANAGAIN = 1 ]; then - for TEST in ${!results[@]}; do +if [[ $FAILURES -eq 0 && $CLEANAGAIN -eq 1 ]]; then + for TEST in "${!results[@]}"; do ( set -x ; make -C "$TEST" clean-again ) done fi echo "" -for TEST in ${!results[@]}; do +for TEST in "${!results[@]}"; do RESULT="${results[$TEST]}" time="${times[$TEST]}" string=$([ "$RESULT" = "0" ] && echo "SUCCESS" || echo "FAIL") diff --git a/test/test-functions b/test/test-functions index 2d1d15c389..a9a01a80d0 100644 --- a/test/test-functions +++ b/test/test-functions @@ -1,5 +1,5 @@ #!/usr/bin/env bash -# shellcheck disable=SC2031 +# shellcheck disable=SC2030,SC2031 # -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- # ex: ts=8 sw=4 sts=4 et filetype=sh tw=180 # Note: the shellcheck line above disables warning for variables which were @@ -992,9 +992,11 @@ install_iscsi() { # dumps a list of files (perl modules) required by `tgt-admin` at # the runtime plus any DSOs loaded via DynaLoader. This list is then # passed to `inst_simple` which installs the necessary files into the image + # + # shellcheck disable=SC2016 while read -r file; do inst_simple "$file" - done < <(perl -- <(cat $(command -v tgt-admin) <(echo -e 'use DynaLoader; print map { "$_\n" } values %INC; print join("\n", @DynaLoader::dl_shared_objects)')) -p | awk '/^\// { print $1 }') + done < <(perl -- <(cat "$(command -v tgt-admin)" <(echo -e 'use DynaLoader; print map { "$_\n" } values %INC; print join("\n", @DynaLoader::dl_shared_objects)')) -p | awk '/^\// { print $1 }') fi } @@ -1529,7 +1531,7 @@ install_haveged() { dinfo "Install haveged files" inst /usr/sbin/haveged for u in /usr/lib/systemd/system/haveged*; do - inst $u + inst "$u" done fi } @@ -1718,6 +1720,7 @@ install_pam() { done } +# shellcheck disable=SC2120 install_keymaps() { dinfo "Install keymaps" # The first three paths may be deprecated. @@ -2579,7 +2582,7 @@ _test_cleanup() { [[ -n "$initdir" ]] && _umount_dir "$initdir" [[ -n "$IMAGE_PUBLIC" ]] && rm -vf "$IMAGE_PUBLIC" # If multiple setups/cleans are ran in parallel, this can cause a race - if [[ -n "$IMAGESTATEDIR" && $TEST_PARALLELIZE -ne 1 ]]; then + if [[ -n "$IMAGESTATEDIR" && $TEST_PARALLELIZE -ne 1 ]]; then rm -vf "${IMAGESTATEDIR}/default.img" fi [[ -n "$TESTDIR" ]] && rm -vfr "$TESTDIR" diff --git a/test/test-network-generator-conversion.sh b/test/test-network-generator-conversion.sh index 50df69f1b0..da7f985dee 100755 --- a/test/test-network-generator-conversion.sh +++ b/test/test-network-generator-conversion.sh @@ -18,11 +18,13 @@ for f in "$src"/test-*.input; do ( out=$(mktemp --tmpdir --directory "test-network-generator-conversion.XXXXXXXXXX") + # shellcheck disable=SC2064 trap "rm -rf '$out'" EXIT INT QUIT PIPE - $generator --root "$out" -- $(cat $f) + # shellcheck disable=SC2046 + $generator --root "$out" -- $(cat "$f") - if ! diff -u "$out"/run/systemd/network ${f%.input}.expected; then + if ! diff -u "$out/run/systemd/network" "${f%.input}.expected"; then echo "**** Unexpected output for $f" exit 1 fi diff --git a/test/test-path-util/script.sh b/test/test-path-util/script.sh index 57c93e7476..8ffd8d7889 100755 --- a/test/test-path-util/script.sh +++ b/test/test-path-util/script.sh @@ -1,6 +1,6 @@ #!/bin/sh -echo "$0 $@" -test "$(basename $0)" = "script.sh" || exit 1 +echo "$0 $*" +test "$(basename "$0")" = "script.sh" || exit 1 test "$1" = "--version" || exit 2 echo "Life is good" diff --git a/test/testsuite-16.units/extend-timeout.sh b/test/testsuite-16.units/extend-timeout.sh index ed1af8afeb..c7b2627945 100755 --- a/test/testsuite-16.units/extend-timeout.sh +++ b/test/testsuite-16.units/extend-timeout.sh @@ -1,62 +1,62 @@ #!/usr/bin/env bash -set -x -set -e +set -eux set -o pipefail # sleep interval (seconds) -: ${sleep_interval:=1} +sleep_interval="${sleep_interval:-1}" # extend_timeout_interval second(s) -: ${extend_timeout_interval:=1} +extend_timeout_interval="${extend_timeout_interval:-1}" # number of sleep_intervals before READY=1 -: ${start_intervals:=10} +start_intervals="${start_intervals:-10}" # number of sleep_intervals before exiting -: ${stop_intervals:=10} +stop_intervals="${stop_intervals:-10}" # run intervals, number of sleep_intervals to run -: ${run_intervals:=7} +run_intervals="${run_intervals:-7}" # We convert to usec -extend_timeout_interval=$(( $extend_timeout_interval * 1000000 )) +extend_timeout_interval=$((extend_timeout_interval * 1000000)) -trap "{ touch /${SERVICE}.terminated; exit 1; }" SIGTERM SIGABRT +# shellcheck disable=SC2064 +trap "{ touch /${SERVICE}.terminated; exit 1; }" SIGTERM SIGABRT -rm -f /${SERVICE}.* -touch /${SERVICE}.startfail +rm -f "/${SERVICE}".* +touch "/${SERVICE}.startfail" -systemd-notify EXTEND_TIMEOUT_USEC=$extend_timeout_interval -while [ $start_intervals -gt 0 ] +systemd-notify EXTEND_TIMEOUT_USEC="$extend_timeout_interval" +while [[ $start_intervals -gt 0 ]] do - sleep $sleep_interval - start_intervals=$(( $start_intervals - 1 )) - systemd-notify EXTEND_TIMEOUT_USEC=$extend_timeout_interval + sleep "$sleep_interval" + start_intervals=$((start_intervals - 1)) + systemd-notify EXTEND_TIMEOUT_USEC="$extend_timeout_interval" done systemd-notify --ready --status="Waiting for your request" -touch /${SERVICE}.runtimefail -rm /${SERVICE}.startfail +touch "/${SERVICE}.runtimefail" +rm "/${SERVICE}.startfail" -systemd-notify EXTEND_TIMEOUT_USEC=$extend_timeout_interval -while [ $run_intervals -gt 0 ] +systemd-notify EXTEND_TIMEOUT_USEC="$extend_timeout_interval" +while [[ $run_intervals -gt 0 ]] do - sleep $sleep_interval - run_intervals=$(( $run_intervals - 1 )) - systemd-notify EXTEND_TIMEOUT_USEC=$extend_timeout_interval + sleep "$sleep_interval" + run_intervals=$((run_intervals - 1)) + systemd-notify EXTEND_TIMEOUT_USEC="$extend_timeout_interval" done systemd-notify STOPPING=1 -touch /${SERVICE}.stopfail -rm /${SERVICE}.runtimefail +touch "/${SERVICE}.stopfail" +rm "/${SERVICE}.runtimefail" -systemd-notify EXTEND_TIMEOUT_USEC=$extend_timeout_interval -while [ $stop_intervals -gt 0 ] +systemd-notify EXTEND_TIMEOUT_USEC="$extend_timeout_interval" +while [[ $stop_intervals -gt 0 ]] do - sleep $sleep_interval - stop_intervals=$(( $stop_intervals - 1 )) - systemd-notify EXTEND_TIMEOUT_USEC=$extend_timeout_interval + sleep "$sleep_interval" + stop_intervals=$((stop_intervals - 1)) + systemd-notify EXTEND_TIMEOUT_USEC="$extend_timeout_interval" done -touch /${SERVICE}.success -rm /${SERVICE}.stopfail +touch "/${SERVICE}.success" +rm "/${SERVICE}.stopfail" exit 0 diff --git a/test/udev-dmi-memory-id-test.sh b/test/udev-dmi-memory-id-test.sh index e8b69245d8..f1f4c26caa 100755 --- a/test/udev-dmi-memory-id-test.sh +++ b/test/udev-dmi-memory-id-test.sh @@ -8,10 +8,11 @@ input="$2" expected="$3" output=$(mktemp --tmpdir "test-udev-dmi-memory-id.XXXXXXXXXX") +# shellcheck disable=SC2064 trap "rm '$output'" EXIT INT QUIT PIPE ( set -x - "$dmi_memory_id" -F "$input" >$output + "$dmi_memory_id" -F "$input" >"$output" diff -u "$output" "$expected" ) diff --git a/test/units/testsuite-04.sh b/test/units/testsuite-04.sh index 4f009b4c45..562f364700 100755 --- a/test/units/testsuite-04.sh +++ b/test/units/testsuite-04.sh @@ -7,7 +7,7 @@ trap "journalctl --rotate --vacuum-size=16M" EXIT # Rotation/flush test, see https://github.com/systemd/systemd/issues/19895 journalctl --relinquish-var -for i in {0..50}; do +for _ in {0..50}; do dd if=/dev/urandom bs=1M count=1 | base64 | systemd-cat done journalctl --rotate @@ -116,7 +116,7 @@ cmp /expected /output # test that LogLevelMax can also suppress logging about services, not only by services systemctl start silent-success journalctl --sync -[[ -z `journalctl -b -q -u silent-success.service` ]] +[[ -z "$(journalctl -b -q -u silent-success.service)" ]] # Add new tests before here, the journald restarts below # may make tests flappy. diff --git a/test/units/testsuite-17.06.sh b/test/units/testsuite-17.06.sh index 71769bc50a..cd98ed8217 100755 --- a/test/units/testsuite-17.06.sh +++ b/test/units/testsuite-17.06.sh @@ -8,9 +8,9 @@ function check_validity() { local f ID_OR_HANDLE for f in /run/udev/watch/*; do - ID_OR_HANDLE=$(readlink $f) - test -L /run/udev/watch/${ID_OR_HANDLE} - test $(readlink /run/udev/watch/${ID_OR_HANDLE}) = $(basename $f) + ID_OR_HANDLE="$(readlink "$f")" + test -L "/run/udev/watch/${ID_OR_HANDLE}" + test "$(readlink "/run/udev/watch/${ID_OR_HANDLE}")" = "$(basename "$f")" done } @@ -49,7 +49,7 @@ check MAJOR=$(udevadm info /dev/sda | grep -e '^E: MAJOR=' | sed -e 's/^E: MAJOR=//') MINOR=$(udevadm info /dev/sda | grep -e '^E: MINOR=' | sed -e 's/^E: MINOR=//') -test -L /run/udev/watch/b${MAJOR}:${MINOR} +test -L "/run/udev/watch/b${MAJOR}:${MINOR}" cat >/run/udev/rules.d/50-testsuite.rules < Date: Wed, 29 Sep 2021 21:28:55 +0200 Subject: [PATCH 4/5] tools: shellcheck-ify tool scripts --- configure | 25 +++++++++++++------------ tools/get-coverity.sh | 30 +++++++++++++++++------------- tools/meson-build.sh | 5 +++-- tools/oss-fuzz.sh | 32 ++++++++++++++++---------------- units/meson-add-wants.sh | 1 + 5 files changed, 50 insertions(+), 43 deletions(-) diff --git a/configure b/configure index fb9d01e1a7..e130c6cb14 100755 --- a/configure +++ b/configure @@ -2,22 +2,23 @@ # SPDX-License-Identifier: LGPL-2.1-or-later set -e -cflags=CFLAGS="$CFLAGS" -cxxflags=CXXFLAGS="$CXXFLAGS" -declare -a args -j=0 -for i in "$@"; do - case "$i" in +cflags="CFLAGS=${CFLAGS-}" +cxxflags="CXXFLAGS=${CXXFLAGS-}" +args=() + +for arg in "$@"; do + case "$arg" in CFLAGS=*) - cflags="$i";; + cflags="$arg" + ;; CXXFLAGS=*) - cxxflags="$i";; - *) - args[$j]="$i" - j=$((j+1)) + cxxflags="$arg" + ;; + *) + args+=("$arg") esac done -export "$cflags" "$cxxflags" +export "${cflags?}" "${cxxflags?}" set -x exec meson build "${args[@]}" diff --git a/tools/get-coverity.sh b/tools/get-coverity.sh index 8f84aec80e..00219bf60f 100755 --- a/tools/get-coverity.sh +++ b/tools/get-coverity.sh @@ -3,33 +3,37 @@ # Download and extract coverity tool +set -e +set -o pipefail + # Environment check -[ -z "$COVERITY_SCAN_TOKEN" ] && echo 'ERROR: COVERITY_SCAN_TOKEN must be set' && exit 1 +if [ -z "$COVERITY_SCAN_TOKEN" ]; then + echo >&2 'ERROR: COVERITY_SCAN_TOKEN must be set' + exit 1 +fi # Use default values if not set -PLATFORM=$(uname) - -TOOL_BASE=${TOOL_BASE:="/tmp/coverity-scan-analysis"} -TOOL_ARCHIVE=${TOOL_ARCHIVE:="/tmp/cov-analysis-${PLATFORM}.tgz"} - +PLATFORM="$(uname)" +TOOL_BASE="${TOOL_BASE:-/tmp/coverity-scan-analysis}" +TOOL_ARCHIVE="${TOOL_ARCHIVE:-/tmp/cov-analysis-${PLATFORM}.tgz}" TOOL_URL="https://scan.coverity.com/download/${PLATFORM}" # Make sure wget is installed sudo apt-get update && sudo apt-get -y install wget # Get coverity tool -if [ ! -d $TOOL_BASE ]; then +if [ ! -d "$TOOL_BASE" ]; then # Download Coverity Scan Analysis Tool - if [ ! -e $TOOL_ARCHIVE ]; then - echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m" - wget -nv -O $TOOL_ARCHIVE $TOOL_URL --post-data "project=$COVERITY_SCAN_PROJECT_NAME&token=$COVERITY_SCAN_TOKEN" + if [ ! -e "$TOOL_ARCHIVE" ]; then + echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m" + wget -nv -O "$TOOL_ARCHIVE" "$TOOL_URL" --post-data "project=$COVERITY_SCAN_PROJECT_NAME&token=$COVERITY_SCAN_TOKEN" fi # Extract Coverity Scan Analysis Tool echo -e "\033[33;1mExtracting Coverity Scan Analysis Tool...\033[0m" - mkdir -p $TOOL_BASE - pushd $TOOL_BASE - tar xzf $TOOL_ARCHIVE + mkdir -p "$TOOL_BASE" + pushd "$TOOL_BASE" + tar xzf "$TOOL_ARCHIVE" popd fi diff --git a/tools/meson-build.sh b/tools/meson-build.sh index 26f995dfc1..6d45e89a06 100755 --- a/tools/meson-build.sh +++ b/tools/meson-build.sh @@ -9,13 +9,14 @@ options="$4" CC="$5" CXX="$6" +# shellcheck disable=SC2086 [ -f "$dst/ninja.build" ] || CC="$CC" CXX="$CXX" meson "$src" "$dst" $options # Locate ninja binary, on CentOS 7 it is called ninja-build, so # use that name if available. -ninja=ninja +ninja="ninja" if which ninja-build >/dev/null 2>&1 ; then - ninja=ninja-build + ninja="ninja-build" fi "$ninja" -C "$dst" "$target" diff --git a/tools/oss-fuzz.sh b/tools/oss-fuzz.sh index 767da15f7c..d9cfcf8f3b 100755 --- a/tools/oss-fuzz.sh +++ b/tools/oss-fuzz.sh @@ -21,11 +21,11 @@ export LDFLAGS=${LDFLAGS:--L${clang_lib}} export WORK=${WORK:-$(pwd)} export OUT=${OUT:-$(pwd)/out} -mkdir -p $OUT +mkdir -p "$OUT" -build=$WORK/build -rm -rf $build -mkdir -p $build +build="$WORK/build" +rm -rf "$build" +mkdir -p "$build" if [ -z "$FUZZING_ENGINE" ]; then fuzzflag="llvm-fuzz=true" @@ -38,28 +38,28 @@ else fi fi -if ! meson $build -D$fuzzflag -Db_lundef=false; then - cat $build/meson-logs/meson-log.txt +if ! meson "$build" "-D$fuzzflag" -Db_lundef=false; then + cat "$build/meson-logs/meson-log.txt" exit 1 fi -ninja -v -C $build fuzzers +ninja -v -C "$build" fuzzers # The seed corpus is a separate flat archive for each fuzzer, # with a fixed name ${fuzzer}_seed_corpus.zip. for d in "$(dirname "$0")/../test/fuzz/fuzz-"*; do - zip -jqr $OUT/$(basename "$d")_seed_corpus.zip "$d" + zip -jqr "$OUT/$(basename "$d")_seed_corpus.zip" "$d" done # get fuzz-dns-packet corpus -df=$build/dns-fuzzing -git clone --depth 1 https://github.com/CZ-NIC/dns-fuzzing $df -zip -jqr $OUT/fuzz-dns-packet_seed_corpus.zip $df/packet +df="$build/dns-fuzzing" +git clone --depth 1 https://github.com/CZ-NIC/dns-fuzzing "$df" +zip -jqr "$OUT/fuzz-dns-packet_seed_corpus.zip" "$df/packet" -install -Dt $OUT/src/shared/ $build/src/shared/libsystemd-shared-*.so +install -Dt "$OUT/src/shared/" "$build"/src/shared/libsystemd-shared-*.so -wget -O $OUT/fuzz-json.dict https://raw.githubusercontent.com/rc0r/afl-fuzz/master/dictionaries/json.dict +wget -O "$OUT/fuzz-json.dict" https://raw.githubusercontent.com/rc0r/afl-fuzz/master/dictionaries/json.dict -find $build -maxdepth 1 -type f -executable -name "fuzz-*" -exec mv {} $OUT \; -find src -type f -name "fuzz-*.dict" -exec cp {} $OUT \; -cp src/fuzz/*.options $OUT +find "$build" -maxdepth 1 -type f -executable -name "fuzz-*" -exec mv {} "$OUT" \; +find src -type f -name "fuzz-*.dict" -exec cp {} "$OUT" \; +cp src/fuzz/*.options "$OUT" diff --git a/units/meson-add-wants.sh b/units/meson-add-wants.sh index f6424fe29f..6d8da57402 100755 --- a/units/meson-add-wants.sh +++ b/units/meson-add-wants.sh @@ -1,5 +1,6 @@ #!/bin/sh # SPDX-License-Identifier: LGPL-2.1-or-later +# shellcheck disable=SC2154,SC2174 set -eu i=1 From 1c46b3c24df402031a86c3586712364533763dec Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Wed, 29 Sep 2021 22:08:51 +0200 Subject: [PATCH 5/5] ci: introduce Super-Linter for shell scripts See: https://github.com/marketplace/actions/super-linter --- .github/workflows/linter.yml | 38 ++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 .github/workflows/linter.yml diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml new file mode 100644 index 0000000000..115f5c7e0e --- /dev/null +++ b/.github/workflows/linter.yml @@ -0,0 +1,38 @@ +--- +# https://github.com/marketplace/actions/super-linter + +name: Lint Code Base + +on: + pull_request: + branches: + - main + +jobs: + build: + name: Lint Code Base + runs-on: ubuntu-latest + + steps: + - name: Repo checkout + uses: actions/checkout@v2 + with: + # We need a full repo clone + fetch-depth: 0 + + - name: Lint Code Base + uses: github/super-linter@v3 + env: + DEFAULT_BRANCH: main + # Excludes: + # - man/.* - all snippets in man pages (false positives due to + # missing shebangs) + # - kernel-install/.* - false-positives for dropins (and I'm afraid + # to touch kernel-install) + # - .*\.(in|SKELETON) - all template/skeleton files + # - tools/coverity\.sh - external file (with some modifications) + FILTER_REGEX_EXCLUDE: .*/(man/.*|src/kernel-install/.*|.*\.(in|SKELETON)|tools/coverity\.sh)$ + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + MULTI_STATUS: true + VALIDATE_ALL_CODEBASE: false + VALIDATE_BASH: true