Bug 1432768 Linting compliance for image builder scripts r=callek
MozReview-Commit-ID: 3TmtiB47Z5W
--- a/taskcluster/docker/centos6-build/system-setup.sh
+++ b/taskcluster/docker/centos6-build/system-setup.sh
@@ -1,13 +1,13 @@
#!/usr/bin/env bash
set -ve
-test `whoami` == 'root'
+test "$(whoami)" == 'root'
# lots of goodies in EPEL
yum install -y epel-release
# this sometimes fails, so we repeat it
yum makecache || yum makecache
yum shell -y <<'EOF'
@@ -327,17 +327,17 @@ tar -xjf valgrind-$valgrind_version.tar.
cd valgrind-$valgrind_version
# This patch by Julian Seward allows us to write a suppression for
# a leak in a library that gets unloaded before shutdown.
# ref: https://bugs.kde.org/show_bug.cgi?id=79362
patch -p0 < /tmp/valgrind-epochs.patch
./configure --prefix=/usr
-make -j$(grep -c ^processor /proc/cpuinfo) install
+make -j"$(grep -c ^processor /proc/cpuinfo)" install
# Git
cd $BUILD
# NOTE: rc builds are in https://www.kernel.org/pub/software/scm/git/testing/
tooltool_fetch <<'EOF'
[
{
"size": 3938976,
@@ -475,9 +475,9 @@ remove gettext-devel
remove sqlite-devel
remove perl-devel
EOF
# clean up caches from all that downloading and building
cd /
rm -rf $BUILD ~/.ccache ~/.cache ~/.npm
yum clean all
-rm $0
+rm "$0"
--- a/taskcluster/docker/decision/system-setup.sh
+++ b/taskcluster/docker/decision/system-setup.sh
@@ -1,29 +1,30 @@
#!/usr/bin/env bash
set -v -e
-test `whoami` == 'root'
+test "$(whoami)" == 'root'
apt-get update
apt-get install -y --force-yes --no-install-recommends \
ca-certificates \
python \
sudo
BUILD=/root/build
-mkdir $BUILD
+mkdir "$BUILD"
tooltool_fetch() {
cat >manifest.tt
python2.7 /tmp/tooltool.py fetch
rm manifest.tt
}
cd $BUILD
+# shellcheck disable=SC1091
. /tmp/install-mercurial.sh
cd /
rm -rf $BUILD
apt-get clean
apt-get autoclean
-rm $0
+rm "$0"
--- a/taskcluster/docker/image_builder/build-image.sh
+++ b/taskcluster/docker/image_builder/build-image.sh
@@ -41,28 +41,30 @@ curl -s --fail \
-X POST \
--header 'Content-Type: application/tar' \
--data-binary "@$CONTEXT_FILE" \
--unix-socket /var/run/docker.sock "http:/build?t=$IMAGE_NAME:$HASH" \
| tee /tmp/docker-build.log \
| jq -jr '(.status + .progress, .error | select(. != null) + "\n"), .stream | select(. != null)'
# Exit non-zero if there is error entries in the log
-if cat /tmp/docker-build.log | jq -se 'add | .error' > /dev/null; then
- raise_error "Image build failed: `cat /tmp/docker-build.log | jq -rse 'add | .error'`";
+if result=$(jq -se 'add | .error' /tmp/docker-build.log); then
+ raise_error "Image build failed: ${result}";
fi
# Sanity check that image was built successfully
-if ! cat /tmp/docker-build.log | tail -n 1 | jq -r '.stream' | grep '^Successfully built' > /dev/null; then
+if ! tail -n 1 /tmp/docker-build.log | jq -r '.stream' | grep '^Successfully built' > /dev/null; then
echo 'docker-build.log for debugging:';
- cat /tmp/docker-build.log | tail -n 50;
+ tail -n 50 /tmp/docker-build.log;
raise_error "Image build log didn't with 'Successfully built'";
fi
# Get image from docker daemon (try up to 10 times)
# This interacts directly with the docker remote API, see:
# https://docs.docker.com/engine/reference/api/docker_remote_api_v1.18/
#
# The script will retry up to 10 times.
+# Disable quoting error until fixing the / escaping
+# shellcheck disable=SC2086
/usr/local/bin/download-and-compress \
http+unix://%2Fvar%2Frun%2Fdocker.sock/images/${IMAGE_NAME}:${HASH}/get \
/builds/worker/workspace/image.tar.zst.tmp \
/builds/worker/workspace/artifacts/image.tar.zst
--- a/taskcluster/docker/image_builder/setup.sh
+++ b/taskcluster/docker/image_builder/setup.sh
@@ -15,41 +15,44 @@ apt-get install -y --no-install-recommen
python-requests \
python-requests-unixsocket
# Extra dependencies only needed for image building. Will be removed at
# end of script.
apt-get install -y python-pip
# Install mercurial
+# shellcheck disable=SC1091
. /setup/common.sh
+# shellcheck disable=SC1091
. /setup/install-mercurial.sh
# Install build-image.sh script
chmod +x /usr/local/bin/build-image.sh
chmod +x /usr/local/bin/run-task
chmod +x /usr/local/bin/download-and-compress
# Create workspace
mkdir -p /builds/worker/workspace
# Install python-zstandard.
+(
cd /setup
tooltool_fetch <<EOF
[
{
"size": 463794,
"visibility": "public",
"digest": "c6ba906403e5c18b374faf9f676b10f0988b9f4067bd6c52c548d7dee58fac79974babfd5c438aef8da0a5260158116db69b11f2a52a775772d9904b9d86fdbc",
"algorithm": "sha512",
"filename": "zstandard-0.8.0.tar.gz"
}
]
EOF
-cd -
+)
/usr/bin/pip -v install /setup/zstandard-0.8.0.tar.gz
# python-pip only needed to install python-zstandard. Removing it removes
# several hundred MB of dependencies from the image.
apt-get purge -y python-pip
# Purge apt-get caches to minimize image size