shellcheck: fix lint of package helper bash scripts

2022-08-16 21:00:00 +02:00 · 2022-08-16 21:00:00 +02:00 · a59c3b4b8a
parent 9a92d29111
commit a59c3b4b8a
8 changed files with 55 additions and 53 deletions
--- a/pkgs/clightning-plugins/get-sha256.sh
+++ b/pkgs/clightning-plugins/get-sha256.sh
@ -11,4 +11,4 @@ archive_hash () {
 echo "Fetching latest lightningd/plugins release"
 latest=$(git ls-remote https://github.com/lightningd/plugins master | cut -f 1)
 echo "rev = \"${latest}\";"
-echo "sha256 = \"$(archive_hash lightningd/plugins $latest)\";"
+echo "sha256 = \"$(archive_hash lightningd/plugins "$latest")\";"
--- a/pkgs/clightning-rest/generate.sh
+++ b/pkgs/clightning-rest/generate.sh
@ -8,18 +8,18 @@ repo=https://github.com/Ride-The-Lightning/c-lightning-REST
 scriptDir=$(cd "${BASH_SOURCE[0]%/*}" && pwd)

 updateSrc() {
-    TMPDIR="$(mktemp -d /tmp/clightning-rest.XXX)"
-    trap "rm -rf $TMPDIR" EXIT
+    TMPDIR=$(mktemp -d /tmp/clightning-rest.XXX)
+    trap 'rm -rf $TMPDIR' EXIT

    # Fetch and verify source tarball
    export GNUPGHOME=$TMPDIR
    # Fetch saubyk's key
    gpg --keyserver hkps://keyserver.ubuntu.com --recv-key 3E9BD4436C288039CA827A9200C9E2BC2E45666F
    file=v${version}.tar.gz
-    wget -P $TMPDIR $repo/archive/refs/tags/$file
-    wget -P $TMPDIR $repo/releases/download/v${version}/$file.asc
-    gpg --verify $TMPDIR/$file.asc $TMPDIR/$file
-    hash=$(nix hash file $TMPDIR/$file)
+    wget -P "$TMPDIR" "${repo}/archive/refs/tags/${file}"
+    wget -P "$TMPDIR" "${repo}/releases/download/v${version}/${file}.asc"
+    gpg --verify "${TMPDIR}/${file}.asc" "${TMPDIR}/${file}"
+    hash=$(nix hash file "${TMPDIR}/${file}")

    sed -i "
      s|\bversion = .*;|version = \"$version\";|
@ -28,7 +28,7 @@ updateSrc() {
 }

 updateNodeModulesHash() {
-    $scriptDir/../../helper/update-fixed-output-derivation.sh ./default.nix clightning-rest.nodeModules nodeModules
+    "$scriptDir/../../helper/update-fixed-output-derivation.sh" ./default.nix clightning-rest.nodeModules nodeModules
 }

 if [[ $# == 0 ]]; then
@ -36,5 +36,5 @@ if [[ $# == 0 ]]; then
    updateSrc
    updateNodeModulesHash
 else
-    eval "$@"
+    "$@"
 fi
--- a/pkgs/joinmarket/get-sha256.sh
+++ b/pkgs/joinmarket/get-sha256.sh
@ -3,23 +3,23 @@
 set -euo pipefail

 TMPDIR="$(mktemp -d -p /tmp)"
-trap "rm -rf $TMPDIR" EXIT
-cd $TMPDIR
+trap 'rm -rf $TMPDIR' EXIT
+cd "$TMPDIR"

 echo "Fetching latest release"
 git clone https://github.com/joinmarket-org/joinmarket-clientserver 2> /dev/null
 cd joinmarket-clientserver
-latest=$(git describe --tags `git rev-list --tags --max-count=1`)
-echo "Latest release is ${latest}"
+latest=$(git describe --tags "$(git rev-list --tags --max-count=1)")
+echo "Latest release is $latest"

 # GPG verification
 export GNUPGHOME=$TMPDIR
 echo "Fetching Adam Gibson's key"
 gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 2B6FC204D9BF332D062B461A141001A1AF77F20B 2> /dev/null
 echo "Verifying latest release"
-git verify-tag ${latest}
+git verify-tag "$latest"

-echo "tag: ${latest}"
+echo "tag: $latest"
 # The prefix option is necessary because GitHub prefixes the archive contents in this format
 echo "sha256: $(nix-hash --type sha256 --flat --base32 \
-                <(git archive --format tar.gz --prefix=joinmarket-clientserver-"${latest//v}"/ ${latest}))"
+                <(git archive --format tar.gz --prefix=joinmarket-clientserver-"${latest//v}"/ "$latest"))"
--- a/pkgs/krops/fetch-release.sh
+++ b/pkgs/krops/fetch-release.sh
@ -14,4 +14,4 @@ version=$(
    | sed -E 's|refs/tags/||g; s|((v)?(.*))|\1 \3|g' | sort -k 2 -V | tail -1 | cut -f 1 -d' '
 )
 echo "rev: ${version}"
-echo "sha256: $(archive_hash krebs/krops $version)"
+echo "sha256: $(archive_hash krebs/krops "$version")"
--- a/pkgs/lndinit/get-sha256.sh
+++ b/pkgs/lndinit/get-sha256.sh
@ -2,15 +2,15 @@
 #! nix-shell -i bash -p git gnupg curl jq
 set -euo pipefail

-TMPDIR="$(mktemp -d -p /tmp)"
-trap "rm -rf $TMPDIR" EXIT
-cd $TMPDIR
+TMPDIR=$(mktemp -d -p /tmp)
+trap 'rm -rf $TMPDIR' EXIT
+cd "$TMPDIR"

 echo "Fetching latest release"
 repo=lightninglabs/lndinit
-latest=$(curl -fsS https://api.github.com/repos/$repo/releases/latest | jq -r .tag_name)
+latest=$(curl -fsS "https://api.github.com/repos/$repo/releases/latest" | jq -r .tag_name)
 echo "Latest release is $latest"
-git clone --depth 1 --branch $latest https://github.com/lightninglabs/lndinit 2>/dev/null
+git clone --depth 1 --branch "$latest" https://github.com/lightninglabs/lndinit 2>/dev/null
 cd lndinit

 # GPG verification
@ -18,9 +18,9 @@ export GNUPGHOME=$TMPDIR
 echo "Fetching Oliver Gugger's key"
 gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys F4FC70F07310028424EFC20A8E4256593F177720 2> /dev/null
 echo "Verifying latest release"
-git verify-tag $latest
+git verify-tag "$latest"

 echo "tag: $latest"
-git checkout -q tags/$latest
+git checkout -q "tags/$latest"
 rm -rf .git
 nix hash path .
--- a/pkgs/python-packages/python-bitcointx/get-sha256.sh
+++ b/pkgs/python-packages/python-bitcointx/get-sha256.sh
@ -2,9 +2,9 @@
 #! nix-shell -i bash -p git gnupg
 set -euo pipefail

-TMPDIR="$(mktemp -d -p /tmp)"
-trap "rm -rf $TMPDIR" EXIT
-cd $TMPDIR
+TMPDIR=$(mktemp -d -p /tmp)
+trap 'rm -rf $TMPDIR' EXIT
+cd "$TMPDIR"

 echo "Fetching latest release"
 git clone https://github.com/simplexum/python-bitcointx 2> /dev/null
@ -17,8 +17,8 @@ export GNUPGHOME=$TMPDIR
 echo "Fetching Dimitry Pethukov's Key"
 gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys B17A35BBA187395784E2A6B32301D26BDC15160D 2> /dev/null
 echo "Verifying latest release"
-git verify-commit ${latest}
+git verify-commit "$latest"

-echo "tag: ${latest}"
+echo "tag: $latest"
 # The prefix option is necessary because GitHub prefixes the archive contents in this format
-echo "sha256: $(git archive --format tar.gz --prefix=python-bitcointx-"${latest}"/ ${latest} | sha256sum | cut -d\  -f1)"
+echo "sha256: $(git archive --format tar.gz --prefix=python-bitcointx-"$latest"/ "$latest" | sha256sum | cut -d\  -f1)"
--- a/pkgs/rtl/generate.sh
+++ b/pkgs/rtl/generate.sh
@ -8,18 +8,19 @@ repo=https://github.com/Ride-The-Lightning/RTL
 scriptDir=$(cd "${BASH_SOURCE[0]%/*}" && pwd)

 updateSrc() {
-    TMPDIR="$(mktemp -d /tmp/rtl.XXX)"
-    trap "rm -rf $TMPDIR" EXIT
+    TMPDIR=$(mktemp -d /tmp/rtl.XXX)
+    trap 'rm -rf $TMPDIR' EXIT

    # Fetch and verify source tarball
    export GNUPGHOME=$TMPDIR
+
    # Fetch saubyk's key
    gpg --keyserver hkps://keyserver.ubuntu.com --recv-key 3E9BD4436C288039CA827A9200C9E2BC2E45666F
-    file=v${version}.tar.gz
-    wget -P $TMPDIR $repo/archive/refs/tags/$file
-    wget -P $TMPDIR $repo/releases/download/v${version}/$file.asc
-    gpg --verify $TMPDIR/$file.asc $TMPDIR/$file
-    hash=$(nix hash file $TMPDIR/$file)
+    file=v$version.tar.gz
+    wget -P "$TMPDIR" "$repo/archive/refs/tags/$file"
+    wget -P "$TMPDIR" "$repo/releases/download/v$version/$file.asc"
+    gpg --verify "$TMPDIR/$file.asc" "$TMPDIR/$file"
+    hash=$(nix hash file "$TMPDIR/$file")

    sed -i "
      s|\bversion = .*;|version = \"$version\";|
@ -28,7 +29,7 @@ updateSrc() {
 }

 updateNodeModulesHash() {
-    $scriptDir/../../helper/update-fixed-output-derivation.sh ./default.nix rtl.nodeModules nodeModules
+    "$scriptDir/../../helper/update-fixed-output-derivation.sh" ./default.nix rtl.nodeModules nodeModules
 }

 if [[ $# == 0 ]]; then
@ -36,5 +37,5 @@ if [[ $# == 0 ]]; then
    updateSrc
    updateNodeModulesHash
 else
-    eval "$@"
+    "$@"
 fi
--- a/pkgs/spark-wallet/generate.sh
+++ b/pkgs/spark-wallet/generate.sh
@ -2,44 +2,45 @@
 #! nix-shell -i bash -p nodePackages.node2nix gnupg wget jq moreutils gnused
 set -euo pipefail

-TMPDIR="$(mktemp -d -p /tmp)"
-trap "rm -rf $TMPDIR" EXIT
+TMPDIR=$(mktemp -d -p /tmp)
+trap 'rm -rf $TMPDIR' EXIT

 version="0.3.1"
 repo=https://github.com/shesek/spark-wallet

 # Fetch and verify source tarball
 file=spark-wallet-${version}-npm.tgz
-url=$repo/releases/download/v$version/$file
+url=$repo/releases/download/v${version}/$file
 export GNUPGHOME=$TMPDIR
 gpg --keyserver hkps://keyserver.ubuntu.com --recv-key FCF19B67866562F08A43AAD681F6104CD0F150FC
-wget -P $TMPDIR $url
-wget -P $TMPDIR $repo/releases/download/v$version/SHA256SUMS.asc
-gpg --verify $TMPDIR/SHA256SUMS.asc
-(cd $TMPDIR; sha256sum --check --ignore-missing SHA256SUMS.asc)
-hash=$(nix hash file $TMPDIR/$file)
+wget -P "$TMPDIR" "$url"
+wget -P "$TMPDIR" "$repo/releases/download/v${version}/SHA256SUMS.asc"
+gpg --verify "$TMPDIR/SHA256SUMS.asc"
+(cd "$TMPDIR"; sha256sum --check --ignore-missing SHA256SUMS.asc)
+hash=$(nix hash file "$TMPDIR/$file")

 # Extract source
 src=$TMPDIR/src
-mkdir $src
-tar xvf $TMPDIR/$file -C $src --strip-components 1 >/dev/null
+mkdir "$src"
+tar xvf "$TMPDIR/$file" -C "$src" --strip-components 1 >/dev/null

 # Make qrcode-terminal a strict dependency so that node2nix includes it in the package derivation.
-jq '.dependencies["qrcode-terminal"] = .optionalDependencies["qrcode-terminal"]' $src/package.json | sponge $src/package.json
+jq '.dependencies["qrcode-terminal"] = .optionalDependencies["qrcode-terminal"]' "$src/package.json" | sponge "$src/package.json"

 node2nix \
  --nodejs-14 \
-  --input $src/package.json \
-  --lock $src/npm-shrinkwrap.json \
+  --input "$src/package.json" \
+  --lock "$src/npm-shrinkwrap.json" \
  --composition composition.nix \
  --no-copy-node-env

 # Use node-env.nix from nixpkgs
+# shellcheck disable=SC2016
 nodeEnvImport='import "${toString pkgs.path}/pkgs/development/node-packages/node-env.nix"'
 sed -i "s|import ./node-env.nix|$nodeEnvImport|" composition.nix

 # Use the verified package src
-read -d '' fetchurl <<EOF || :
+read -rd '' fetchurl <<EOF || :
 fetchurl {
      url = "$url";
      hash = "$hash";