scripts: download-check-artifact.sh: fix shellcheck and improve
authorPetr Štetiar <ynezz@true.cz>
Wed, 6 Nov 2024 10:40:37 +0000 (10:40 +0000)
committerPetr Štetiar <ynezz@true.cz>
Thu, 28 Nov 2024 18:47:07 +0000 (18:47 +0000)
Fixes following shellcheck's recommendations:

 In scripts/download-check-artifact.sh line 24:
exit $1
             ^-- SC2086 (info): Double quote to prevent globbing and word splitting.

 In scripts/download-check-artifact.sh line 53:
local sum="$(shasum -a 256 "$image_file")";
                      ^-^ SC2155 (warning): Declare and assign separately to avoid masking return values.

 In scripts/download-check-artifact.sh line 72:
 cd "/tmp/verify.$$"
 ^-----------------^ SC2164 (warning): Use 'cd ... || exit' or 'cd ... || return' in case cd fails.

 In scripts/download-check-artifact.sh line 114:
printf "Keyserver to use? [$keyserver_url] > "
                       ^-- SC2059 (info): Don't use variables in the printf format string. Use printf '..%s..' "$foo".

 In scripts/download-check-artifact.sh line 115:
read url; case "${url:-$keyserver_url}" in
                ^--^ SC2162 (info): read without -r will mangle backslashes.

While at it make it clear, that it is possible to download/check any
build artifacts like even SDK or ImageBuilder.

Link: https://github.com/openwrt/openwrt/pull/16871
(cherry picked from commit 27c2c140b16cb490f20c1c2259b3decf50ae5762)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
scripts/download-check-artifact.sh

index 31868da5cd408eb542aef1d814ca8cda8d729b2a..bc0918b21463886d0be6c894f7ed24916035a228 100755 (executable)
@@ -12,6 +12,7 @@
 #  255 - A suitable download or checksum utility is missing
 
 [ -n "$1" ] || {
+       echo "$0 - Download and verify build artifacts"
        echo "Usage: $0 <url>" >&2
        exit 1
 }
@@ -21,7 +22,7 @@ finish() {
                echo "Cleaning up."
                rm -r "/tmp/verify.$$"
        }
-       exit $1
+       exit "$1"
 }
 
 trap "finish 254" INT TERM
@@ -50,7 +51,8 @@ if which sha256sum >/dev/null; then
        checksum() { sha256sum -c --ignore-missing "sha256sums"; }
 elif which shasum >/dev/null; then
        checksum() {
-               local sum="$(shasum -a 256 "$image_file")";
+               local sum
+               sum="$(shasum -a 256 "$image_file")";
                grep -xF "${sum%% *} *$image_file" "sha256sums";
        }
 else
@@ -68,11 +70,14 @@ else
        }
 fi
 
-mkdir -p "/tmp/verify.$$"
-cd "/tmp/verify.$$"
+tmpdir="$(mktemp -d)"
+cd "$tmpdir" || {
+       echo "Failed to create temporary directory!" >&2
+       finish 255
+}
 
 echo ""
-echo "1) Downloading image file"
+echo "1) Downloading artifact file"
 echo "========================="
 download "$image_file" "$image_url" || {
        echo "Failed to download image file!" >&2
@@ -111,8 +116,8 @@ if [ -n "$missing_key" ]; then
        echo ""                                                                  >&2
 
        while true; do
-               printf "Keyserver to use? [$keyserver_url] > "
-               read url; case "${url:-$keyserver_url}" in
+               printf 'Keyserver to use? [%s] > ' "$keyserver_url"
+               read -r url; case "${url:-$keyserver_url}" in
                        hkp://*)
                                gpg --keyserver "${url:-$keyserver_url}" --recv-keys "$missing_key" || {
                                        echo "Failed to download public key." >&2
@@ -148,7 +153,7 @@ cp "$image_file" "$destdir/$image_file" || {
 echo ""
 echo "Verification done!"
 echo "=================="
-echo "Firmware image placed in '$destdir/$image_file'."
+echo "Downloaded artifact placed in '$destdir/$image_file'."
 echo ""
 
 finish 0