From 27c2c140b16cb490f20c1c2259b3decf50ae5762 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= Date: Wed, 6 Nov 2024 10:40:37 +0000 Subject: [PATCH] scripts: download-check-artifact.sh: fix shellcheck and improve MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes following shellcheck's recommendations: In scripts/download-check-artifact.sh line 24: exit $1 ^-- SC2086 (info): Double quote to prevent globbing and word splitting. In scripts/download-check-artifact.sh line 53: local sum="$(shasum -a 256 "$image_file")"; ^-^ SC2155 (warning): Declare and assign separately to avoid masking return values. In scripts/download-check-artifact.sh line 72: cd "/tmp/verify.$$" ^-----------------^ SC2164 (warning): Use 'cd ... || exit' or 'cd ... || return' in case cd fails. In scripts/download-check-artifact.sh line 114: printf "Keyserver to use? [$keyserver_url] > " ^-- SC2059 (info): Don't use variables in the printf format string. Use printf '..%s..' "$foo". In scripts/download-check-artifact.sh line 115: read url; case "${url:-$keyserver_url}" in ^--^ SC2162 (info): read without -r will mangle backslashes. While at it make it clear, that it is possible to download/check any build artifacts like even SDK or ImageBuilder. Link: https://github.com/openwrt/openwrt/pull/16871 Signed-off-by: Petr Štetiar --- scripts/download-check-artifact.sh | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/scripts/download-check-artifact.sh b/scripts/download-check-artifact.sh index 31868da5cd..bc0918b214 100755 --- a/scripts/download-check-artifact.sh +++ b/scripts/download-check-artifact.sh @@ -12,6 +12,7 @@ # 255 - A suitable download or checksum utility is missing [ -n "$1" ] || { + echo "$0 - Download and verify build artifacts" echo "Usage: $0 " >&2 exit 1 } @@ -21,7 +22,7 @@ finish() { echo "Cleaning up." rm -r "/tmp/verify.$$" } - exit $1 + exit "$1" } trap "finish 254" INT TERM @@ -50,7 +51,8 @@ if which sha256sum >/dev/null; then checksum() { sha256sum -c --ignore-missing "sha256sums"; } elif which shasum >/dev/null; then checksum() { - local sum="$(shasum -a 256 "$image_file")"; + local sum + sum="$(shasum -a 256 "$image_file")"; grep -xF "${sum%% *} *$image_file" "sha256sums"; } else @@ -68,11 +70,14 @@ else } fi -mkdir -p "/tmp/verify.$$" -cd "/tmp/verify.$$" +tmpdir="$(mktemp -d)" +cd "$tmpdir" || { + echo "Failed to create temporary directory!" >&2 + finish 255 +} echo "" -echo "1) Downloading image file" +echo "1) Downloading artifact file" echo "=========================" download "$image_file" "$image_url" || { echo "Failed to download image file!" >&2 @@ -111,8 +116,8 @@ if [ -n "$missing_key" ]; then echo "" >&2 while true; do - printf "Keyserver to use? [$keyserver_url] > " - read url; case "${url:-$keyserver_url}" in + printf 'Keyserver to use? [%s] > ' "$keyserver_url" + read -r url; case "${url:-$keyserver_url}" in hkp://*) gpg --keyserver "${url:-$keyserver_url}" --recv-keys "$missing_key" || { echo "Failed to download public key." >&2 @@ -148,7 +153,7 @@ cp "$image_file" "$destdir/$image_file" || { echo "" echo "Verification done!" echo "==================" -echo "Firmware image placed in '$destdir/$image_file'." +echo "Downloaded artifact placed in '$destdir/$image_file'." echo "" finish 0