scripts: download-check-artifact.sh: fix shellcheck and improve

Fixes following shellcheck's recommendations: In scripts/download-check-artifact.sh line 24: exit $1 ^-- SC2086 (info): Double quote to prevent globbing and word splitting. In scripts/download-check-artifact.sh line 53: local sum="$(shasum -a 256 "$image_file")"; ^-^ SC2155 (warning): Declare and assign separately to avoid masking return values. In scripts/download-check-artifact.sh line 72: cd "/tmp/verify.$$" ^-----------------^ SC2164 (warning): Use 'cd ... || exit' or 'cd ... || return' in case cd fails. In scripts/download-check-artifact.sh line 114: printf "Keyserver to use? [$keyserver_url] > " ^-- SC2059 (info): Don't use variables in the printf format string. Use printf '..%s..' "$foo". In scripts/download-check-artifact.sh line 115: read url; case "${url:-$keyserver_url}" in ^--^ SC2162 (info): read without -r will mangle backslashes. While at it make it clear, that it is possible to download/check any build artifacts like even SDK or ImageBuilder. Link: https://github.com/openwrt/openwrt/pull/16871 Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-11-06 10:40:37 +00:00 · 2024-11-06 10:40:37 +00:00 · 27c2c140b1
parent 4c9031fda2
commit 27c2c140b1
1 changed files with 13 additions and 8 deletions
--- a/scripts/download-check-artifact.sh
+++ b/scripts/download-check-artifact.sh
@ -12,6 +12,7 @@
 #  255 - A suitable download or checksum utility is missing

 [ -n "$1" ] || {
+	echo "$0 - Download and verify build artifacts"
 	echo "Usage: $0 <url>" >&2
 	exit 1
 }
@ -21,7 +22,7 @@ finish() {
 		echo "Cleaning up."
 		rm -r "/tmp/verify.$$"
 	}
-	exit $1
+	exit "$1"
 }

 trap "finish 254" INT TERM
@ -50,7 +51,8 @@ if which sha256sum >/dev/null; then
 	checksum() { sha256sum -c --ignore-missing "sha256sums"; }
 elif which shasum >/dev/null; then
 	checksum() {
-		local sum="$(shasum -a 256 "$image_file")";
+		local sum
+		sum="$(shasum -a 256 "$image_file")";
 		grep -xF "${sum%% *} *$image_file" "sha256sums";
 	}
 else
@ -68,11 +70,14 @@ else
 	}
 fi

-mkdir -p "/tmp/verify.$$"
-cd "/tmp/verify.$$"
+tmpdir="$(mktemp -d)"
+cd "$tmpdir" || {
+	echo "Failed to create temporary directory!" >&2
+	finish 255
+}

 echo ""
-echo "1) Downloading image file"
+echo "1) Downloading artifact file"
 echo "========================="
 download "$image_file" "$image_url" || {
 	echo "Failed to download image file!" >&2
@ -111,8 +116,8 @@ if [ -n "$missing_key" ]; then
 	echo ""                                                                  >&2

 	while true; do
-		printf "Keyserver to use? [$keyserver_url] > "
-		read url; case "${url:-$keyserver_url}" in
+		printf 'Keyserver to use? [%s] > ' "$keyserver_url"
+		read -r url; case "${url:-$keyserver_url}" in
 			hkp://*)
 				gpg --keyserver "${url:-$keyserver_url}" --recv-keys "$missing_key" || {
 					echo "Failed to download public key." >&2
@ -148,7 +153,7 @@ cp "$image_file" "$destdir/$image_file" || {
 echo ""
 echo "Verification done!"
 echo "=================="
-echo "Firmware image placed in '$destdir/$image_file'."
+echo "Downloaded artifact placed in '$destdir/$image_file'."
 echo ""

 finish 0