From 960e678fcfe0b6a17237d97c939a3a552b99c1e6 Mon Sep 17 00:00:00 2001 From: humanoid2050 Date: Wed, 5 Apr 2023 18:31:33 -0400 Subject: [PATCH] improved quoting in shell scripts --- tools/docker/build.sh | 10 +++++----- tools/docker/deploy_images.sh | 8 ++++---- tools/docker/deploy_manifests.sh | 8 ++++---- tools/docker/lib/common | 6 +++--- tools/docker/test.sh | 8 ++++---- 5 files changed, 20 insertions(+), 20 deletions(-) diff --git a/tools/docker/build.sh b/tools/docker/build.sh index 96f9c7a5b..784f2d752 100755 --- a/tools/docker/build.sh +++ b/tools/docker/build.sh @@ -13,9 +13,9 @@ set -euxo pipefail # user may provide a comma separated list of architectures drawn from the # known architectures. Known architectures include amd64, arm32v6, and arm64v8. -source "$(realpath $(dirname ${BASH_SOURCE[0]}))/lib/common" +source "$(realpath "$(dirname "${BASH_SOURCE[0]}")")/lib/common" -ParseArgs $@ +ParseArgs "$@" #jump to root, matching popd handed by Cleanup on EXIT via trap pushd "${REPO_ROOT}" @@ -30,14 +30,14 @@ InstallMultiarchSupport BuildAndLoadByArch() { TAG_ARCH=$1 docker buildx build --target certbot --builder certbot_builder \ - --platform $(arch2platform $TAG_ARCH) \ + --platform "$(arch2platform "$TAG_ARCH")" \ -f "${WORK_DIR}/Dockerfile" \ -t "${DOCKER_HUB_ORG}/certbot:${TAG_ARCH}-${TAG_VER}" \ --load \ . for plugin in "${CERTBOT_PLUGINS[@]}"; do docker buildx build --target certbot-plugin --builder certbot_builder \ - --platform $(arch2platform $TAG_ARCH) \ + --platform "$(arch2platform "$TAG_ARCH")" \ --build-context plugin-src="${REPO_ROOT}/certbot-${plugin}" \ -f "${WORK_DIR}/Dockerfile" \ -t "${DOCKER_HUB_ORG}/${plugin}:${TAG_ARCH}-${TAG_VER}" \ @@ -52,7 +52,7 @@ BuildAndLoadByArch() { # https://github.com/certbot/certbot/issues/9587. for ARCH in "${REQUESTED_ARCH_ARRAY[@]}"; do - BuildAndLoadByArch $ARCH + BuildAndLoadByArch "$ARCH" done diff --git a/tools/docker/deploy_images.sh b/tools/docker/deploy_images.sh index 9d934f161..0abb36a30 100755 --- a/tools/docker/deploy_images.sh +++ b/tools/docker/deploy_images.sh @@ -15,9 +15,9 @@ set -euxo pipefail # user may provide a comma separated list of architectures drawn from the # known architectures. Known architectures include amd64, arm32v6, and arm64v8. -source "$(realpath $(dirname ${BASH_SOURCE[0]}))/lib/common" +source "$(realpath $(dirname "${BASH_SOURCE[0]}"))/lib/common" -ParseArgs $@ +ParseArgs "$@" #jump to root, matching popd handed by Cleanup on EXIT via trap pushd "${REPO_ROOT}" @@ -39,9 +39,9 @@ DeployImage() { for TAG_ARCH in "${REQUESTED_ARCH_ARRAY[@]}"; do - DeployImage certbot $TAG_ARCH + DeployImage certbot "$TAG_ARCH" for PLUGIN in "${CERTBOT_PLUGINS[@]}"; do - DeployImage $PLUGIN $TAG_ARCH + DeployImage "$PLUGIN" "$TAG_ARCH" done done diff --git a/tools/docker/deploy_manifests.sh b/tools/docker/deploy_manifests.sh index 2cd7ddf4c..dc3a659cc 100755 --- a/tools/docker/deploy_manifests.sh +++ b/tools/docker/deploy_manifests.sh @@ -18,7 +18,7 @@ set -euxo pipefail source "$(realpath $(dirname ${BASH_SOURCE[0]}))/lib/common" -ParseArgs $@ +ParseArgs "$@" #jump to root, matching popd handed by Cleanup on EXIT via trap pushd "${REPO_ROOT}" @@ -35,16 +35,16 @@ DeployManifest() { for TAG_ARCH in "${REQUESTED_ARCH_ARRAY[@]}"; do SRC_IMAGES+="${REGISTRY_SPEC}${IMAGE_NAME}:${TAG_ARCH}-${TAG_VER} " done - docker buildx imagetools create -t ${REGISTRY_SPEC}${IMAGE_NAME}:${TAG_VER} $SRC_IMAGES + docker buildx imagetools create -t "${REGISTRY_SPEC}${IMAGE_NAME}:${TAG_VER}" "$SRC_IMAGES" if [[ "${TAG_VER}" =~ ^v([2-9]|[1-9][0-9]+)\.[0-9]+\.[0-9]+$ ]]; then - docker buildx imagetools create -t ${REGISTRY_SPEC}${IMAGE_NAME}:latest $SRC_IMAGES + docker buildx imagetools create -t "${REGISTRY_SPEC}${IMAGE_NAME}:latest" "$SRC_IMAGES" fi } DeployManifest certbot for PLUGIN in "${CERTBOT_PLUGINS[@]}"; do - DeployManifest $PLUGIN + DeployManifest "$PLUGIN" done diff --git a/tools/docker/lib/common b/tools/docker/lib/common index d590919ac..7628b7549 100644 --- a/tools/docker/lib/common +++ b/tools/docker/lib/common @@ -9,7 +9,7 @@ export ALL_TARGET_ARCH=(amd64 arm32v6 arm64v8) # using a different account on Docker Hub, you can change this value to have # the scripts modify those Docker repositories rather than the repositories for # the official Certbot Docker images. -export DOCKER_HUB_ORG="certbot" +export DOCKER_HUB_ORG="humanoid2050" # List of Certbot plugins export CERTBOT_PLUGINS=( @@ -29,9 +29,9 @@ export CERTBOT_PLUGINS=( ) # WORK_DIR is two levels above this file -export WORK_DIR="$(realpath $(dirname ${BASH_SOURCE[0]})/..)" +export WORK_DIR="$(realpath "$(dirname "${BASH_SOURCE[0]}")/..")" # REPO_ROOT is two levels above that -export REPO_ROOT="$(realpath ${WORK_DIR}/../..)" +export REPO_ROOT="$(realpath "${WORK_DIR}/../..")" # Converts input architecture identifier to the platform specification # understood by `docker build buildx --platform `. diff --git a/tools/docker/test.sh b/tools/docker/test.sh index cf30f87fb..c9b0e8500 100755 --- a/tools/docker/test.sh +++ b/tools/docker/test.sh @@ -12,9 +12,9 @@ set -euxo pipefail # user may provide a comma separated list of architectures drawn from the # known architectures. Known architectures include amd64, arm32v6, and arm64v8. -source "$(realpath $(dirname ${BASH_SOURCE[0]}))/lib/common" +source "$(realpath $(dirname "${BASH_SOURCE[0]}"))/lib/common" -ParseArgs $@ +ParseArgs "$@" #jump to root, matching popd handed by Cleanup on EXIT via trap pushd "${REPO_ROOT}" @@ -36,8 +36,8 @@ TestImage() { for TAG_ARCH in "${REQUESTED_ARCH_ARRAY[@]}"; do - TestImage certbot $TAG_ARCH $TAG_VER + TestImage certbot "$TAG_ARCH" "$TAG_VER" for PLUGIN in "${CERTBOT_PLUGINS[@]}"; do - TestImage $PLUGIN $TAG_ARCH $TAG_VER + TestImage "$PLUGIN" "$TAG_ARCH" "$TAG_VER" done done