From 765e655aba5fad6e00ab2eb6ce43f4ac14627def Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kro=CC=88ner?= Date: Wed, 4 Dec 2024 16:32:04 +0100 Subject: [PATCH] Resolve all SC2086 warnings This should also resolve all issues related to spaces in file names See https://github.com/koalaman/shellcheck/wiki/SC2086 --- forgejo-release.sh | 56 +++++++++++++++++++++++----------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/forgejo-release.sh b/forgejo-release.sh index 03e8964..fa101c6 100755 --- a/forgejo-release.sh +++ b/forgejo-release.sh @@ -22,23 +22,23 @@ if ${VERBOSE:-false}; then set -x; fi export GNUPGHOME setup_tea() { - if ! test -f $BIN_DIR/tea ; then + if ! test -f "$BIN_DIR"/tea ; then ARCH=$(dpkg --print-architecture) - curl -sL https://dl.gitea.io/tea/$TEA_VERSION/tea-$TEA_VERSION-linux-$ARCH > $BIN_DIR/tea - chmod +x $BIN_DIR/tea + curl -sL https://dl.gitea.io/tea/$TEA_VERSION/tea-$TEA_VERSION-linux-"$ARCH" > "$BIN_DIR"/tea + chmod +x "$BIN_DIR"/tea fi } ensure_tag() { - if api GET repos/$REPO/tags/$TAG > $TMP_DIR/tag.json ; then - local sha=$(jq --raw-output .commit.sha < $TMP_DIR/tag.json) + if api GET repos/$REPO/tags/"$TAG" > "$TMP_DIR"/tag.json ; then + local sha=$(jq --raw-output .commit.sha < "$TMP_DIR"/tag.json) if test "$sha" != "$SHA" ; then - cat $TMP_DIR/tag.json + cat "$TMP_DIR"/tag.json echo "the tag SHA in the $REPO repository does not match the tag SHA that triggered the build: $SHA" false fi else - api POST repos/$REPO/tags --data-raw '{"tag_name": "'$TAG'", "target": "'$SHA'"}' + api POST repos/$REPO/tags --data-raw '{"tag_name": "'"$TAG"'", "target": "'"$SHA"'"}' fi } @@ -51,14 +51,14 @@ upload_release() { echo "Uploading as Stable" fi ensure_tag - anchor=$(echo $TAG | sed -e 's/^v//' -e 's/[^a-zA-Z0-9]/-/g') - if ! $BIN_DIR/tea release create $assets --repo $REPO --note "$RELEASENOTES" --tag $TAG --title "$TITLE" --draft ${releasetype} >& $TMP_DIR/tea.log ; then - if grep --quiet 'Unknown API Error: 500' $TMP_DIR/tea.log && grep --quiet services/release/release.go:194 $TMP_DIR/tea.log ; then + anchor=$(echo "$TAG" | sed -e 's/^v//' -e 's/[^a-zA-Z0-9]/-/g') + if ! "$BIN_DIR"/tea release create "$assets" --repo $REPO --note "$RELEASENOTES" --tag $TAG --title "$TITLE" --draft ${releasetype} >& "$TMP_DIR"/tea.log ; then + if grep --quiet 'Unknown API Error: 500' "$TMP_DIR"/tea.log && grep --quiet services/release/release.go:194 "$TMP_DIR"/tea.log ; then echo "workaround v1.20 race condition https://codeberg.org/forgejo/forgejo/issues/1370" sleep 10 - $BIN_DIR/tea release create $assets --repo $REPO --note "$RELEASENOTES" --tag $TAG --title "$TITLE" --draft ${releasetype} + "$BIN_DIR"/tea release create "$assets" --repo $REPO --note "$RELEASENOTES" --tag "$TAG" --title "$TITLE" --draft ${releasetype} else - cat $TMP_DIR/tea.log + cat "$TMP_DIR"/tea.log return 1 fi fi @@ -69,16 +69,16 @@ upload_release() { release_draft() { local state="$1" - local id=$(api GET repos/$REPO/releases/tags/$TAG | jq --raw-output .id) + local id=$(api GET repos/$REPO/releases/tags/"$TAG" | jq --raw-output .id) - api PATCH repos/$REPO/releases/$id --data-raw '{"draft": '$state', "hide_archive_links": '$HIDE_ARCHIVE_LINK'}' + api PATCH repos/$REPO/releases/"$id" --data-raw '{"draft": '"$state"', "hide_archive_links": '$HIDE_ARCHIVE_LINK'}' } maybe_use_release_note_assistant() { if "$RELEASE_NOTES_ASSISTANT"; then curl --fail -s -S -o rna https://code.forgejo.org/forgejo/release-notes-assistant/releases/download/v1.2.3/release-notes-assistant chmod +x ./rna - ./rna --storage release --storage-location $TAG --forgejo-url $SCHEME://placeholder:$TOKEN@$HOST --repository $REPO --token $TOKEN release $TAG + ./rna --storage release --storage-location "$TAG" --forgejo-url "$SCHEME"://placeholder:"$TOKEN"@"$HOST" --repository $REPO --token "$TOKEN" release "$TAG" fi } @@ -87,12 +87,12 @@ sign_release() { if test -s "$GPG_PASSPHRASE"; then passphrase="--passphrase-file $GPG_PASSPHRASE" fi - gpg --import --no-tty --pinentry-mode loopback $passphrase "$GPG_PRIVATE_KEY" - for asset in $RELEASE_DIR/* ; do + gpg --import --no-tty --pinentry-mode loopback "$passphrase" "$GPG_PRIVATE_KEY" + for asset in "$RELEASE_DIR"/* ; do if [[ $asset =~ .sha256$ ]] ; then continue fi - gpg --armor --detach-sign --no-tty --pinentry-mode loopback $passphrase < $asset > $asset.asc + gpg --armor --detach-sign --no-tty --pinentry-mode loopback "$passphrase" < "$asset" > "$asset".asc done } @@ -106,15 +106,15 @@ maybe_override() { if test "$OVERRIDE" = "false"; then return fi - api DELETE repos/$REPO/releases/tags/$TAG >& /dev/null || true - api DELETE repos/$REPO/tags/$TAG >& /dev/null || true + api DELETE repos/$REPO/releases/tags/"$TAG" >& /dev/null || true + api DELETE repos/$REPO/tags/"$TAG" >& /dev/null || true } upload() { setup_api setup_tea rm -f ~/.config/tea/config.yml - GITEA_SERVER_TOKEN=$TOKEN $BIN_DIR/tea login add --url $FORGEJO + GITEA_SERVER_TOKEN=$TOKEN "$BIN_DIR"/tea login add --url $FORGEJO maybe_sign_release maybe_override upload_release @@ -133,14 +133,14 @@ api() { path=$1 shift - curl --fail -X $method -sS -H "Content-Type: application/json" -H "Authorization: token $TOKEN" "$@" $FORGEJO/api/v1/$path + curl --fail -X "$method" -sS -H "Content-Type: application/json" -H "Authorization: token $TOKEN" "$@" $FORGEJO/api/v1/"$path" } wait_release() { local ready=false for i in $(seq $RETRY); do - if api GET repos/$REPO/releases/tags/$TAG | jq --raw-output .draft > $TMP_DIR/draft; then - if test "$(cat $TMP_DIR/draft)" = "false"; then + if api GET repos/$REPO/releases/tags/"$TAG" | jq --raw-output .draft > "$TMP_DIR"/draft; then + if test "$(cat "$TMP_DIR"/draft)" = "false"; then ready=true break fi @@ -164,14 +164,14 @@ download() { cd $RELEASE_DIR if [[ ${DOWNLOAD_LATEST} == "true" ]] ; then echo "Downloading the latest release" - api GET repos/$REPO/releases/latest > $TMP_DIR/assets.json + api GET repos/$REPO/releases/latest > "$TMP_DIR"/assets.json elif [[ ${DOWNLOAD_LATEST} == "false" ]] ; then wait_release echo "Downloading tagged release ${TAG}" - api GET repos/$REPO/releases/tags/$TAG > $TMP_DIR/assets.json + api GET repos/$REPO/releases/tags/"$TAG" > "$TMP_DIR"/assets.json fi - jq --raw-output '.assets[] | "\(.name) \(.browser_download_url)"' < $TMP_DIR/assets.json | while read name url ; do - curl --fail -H "Authorization: token $TOKEN" -o $name -L $url + jq --raw-output '.assets[] | "\(.name) \(.browser_download_url)"' < "$TMP_DIR"/assets.json | while read name url ; do + curl --fail -H "Authorization: token $TOKEN" -o "$name" -L "$url" done ) }