diff --git a/script/setup/config-selinux b/script/setup/config-selinux index 16faf0662..67a0d174f 100755 --- a/script/setup/config-selinux +++ b/script/setup/config-selinux @@ -45,4 +45,4 @@ case "${SELINUX}" in ;; esac -echo SELinux is $(getenforce) +echo SELinux is "$(getenforce)" diff --git a/script/setup/install-cni b/script/setup/install-cni index 34461958d..b70c31764 100755 --- a/script/setup/install-cni +++ b/script/setup/install-cni @@ -28,7 +28,7 @@ CNI_CONFIG_DIR=${DESTDIR}/etc/cni/net.d TMPROOT=$(mktemp -d) git clone https://github.com/containernetworking/plugins.git "${TMPROOT}"/plugins pushd "${TMPROOT}"/plugins -git checkout $CNI_COMMIT +git checkout "$CNI_COMMIT" ./build_linux.sh mkdir -p $CNI_DIR cp -r ./bin $CNI_DIR diff --git a/script/setup/install-cni-windows b/script/setup/install-cni-windows index cd9aee255..19c4aa7e9 100755 --- a/script/setup/install-cni-windows +++ b/script/setup/install-cni-windows @@ -37,7 +37,7 @@ split_ip() { local -r varname="$1" local -r ip="$2" for i in {0..3}; do - eval "$varname"[$i]=$( echo "$ip" | cut -d '.' -f $((i + 1)) ) + eval "$varname"[$i]="$( echo "$ip" | cut -d '.' -f $((i + 1)) )" done } diff --git a/script/setup/install-critools b/script/setup/install-critools index aa03029dd..126ac7b9b 100755 --- a/script/setup/install-critools +++ b/script/setup/install-critools @@ -26,16 +26,17 @@ cd "$GOPATH" go get -u github.com/onsi/ginkgo/ginkgo : "${CRITEST_COMMIT:=$(cat "${script_dir}/critools-version")}" +: "${DESTDIR:=""}" TMPROOT=$(mktemp -d) -git clone https://github.com/kubernetes-sigs/cri-tools.git "${TMPROOT}"/cri-tools +git clone https://github.com/kubernetes-sigs/cri-tools.git "${TMPROOT}/cri-tools" pushd "${TMPROOT}"/cri-tools git checkout "$CRITEST_COMMIT" make -make install -e DESTDIR=${DESTDIR:=''} BINDIR=/usr/local/bin +make install -e DESTDIR="${DESTDIR}" BINDIR=/usr/local/bin -mkdir -p ${DESTDIR:=''}/etc/ -cat << EOF | tee ${DESTDIR:=''}/etc/crictl.yaml +mkdir -p "${DESTDIR}/etc/" +cat << EOF | tee "${DESTDIR}/etc/crictl.yaml" runtime-endpoint: unix:///run/containerd/containerd.sock EOF diff --git a/script/setup/install-protobuf b/script/setup/install-protobuf index 402e0207f..ffb00fba6 100755 --- a/script/setup/install-protobuf +++ b/script/setup/install-protobuf @@ -28,27 +28,27 @@ PROTOBUF_DIR=$(mktemp -d) case $GOARCH in arm64) - wget -O $PROTOBUF_DIR/protobuf "https://github.com/protocolbuffers/protobuf/releases/download/v$PROTOBUF_VERSION/protoc-$PROTOBUF_VERSION-linux-aarch64.zip" - unzip $PROTOBUF_DIR/protobuf -d /usr/local + wget -O "$PROTOBUF_DIR/protobuf" "https://github.com/protocolbuffers/protobuf/releases/download/v$PROTOBUF_VERSION/protoc-$PROTOBUF_VERSION-linux-aarch64.zip" + unzip "$PROTOBUF_DIR/protobuf" -d /usr/local ;; amd64|386) if [ "$GOOS" = windows ]; then - wget -O $PROTOBUF_DIR/protobuf "https://github.com/protocolbuffers/protobuf/releases/download/v$PROTOBUF_VERSION/protoc-$PROTOBUF_VERSION-win32.zip" + wget -O "$PROTOBUF_DIR/protobuf" "https://github.com/protocolbuffers/protobuf/releases/download/v$PROTOBUF_VERSION/protoc-$PROTOBUF_VERSION-win32.zip" elif [ "$GOOS" = linux ]; then - wget -O $PROTOBUF_DIR/protobuf "https://github.com/protocolbuffers/protobuf/releases/download/v$PROTOBUF_VERSION/protoc-$PROTOBUF_VERSION-linux-x86_64.zip" + wget -O "$PROTOBUF_DIR/protobuf" "https://github.com/protocolbuffers/protobuf/releases/download/v$PROTOBUF_VERSION/protoc-$PROTOBUF_VERSION-linux-x86_64.zip" fi - unzip $PROTOBUF_DIR/protobuf -d /usr/local + unzip "$PROTOBUF_DIR/protobuf" -d /usr/local ;; ppc64le) - wget -O $PROTOBUF_DIR/protobuf "https://github.com/protocolbuffers/protobuf/releases/download/v$PROTOBUF_VERSION/protoc-$PROTOBUF_VERSION-linux-ppcle_64.zip" - unzip $PROTOBUF_DIR/protobuf -d /usr/local + wget -O "$PROTOBUF_DIR/protobuf" "https://github.com/protocolbuffers/protobuf/releases/download/v$PROTOBUF_VERSION/protoc-$PROTOBUF_VERSION-linux-ppcle_64.zip" + unzip "$PROTOBUF_DIR/protobuf" -d /usr/local ;; *) - wget -O $PROTOBUF_DIR/protobuf "https://github.com/protocolbuffers/protobuf/releases/download/v$PROTOBUF_VERSION/protobuf-cpp-$PROTOBUF_VERSION.zip" - unzip $PROTOBUF_DIR/protobuf -d /usr/src/protobuf - cd /usr/src/protobuf/protobuf-$PROTOBUF_VERSION + wget -O "$PROTOBUF_DIR/protobuf" "https://github.com/protocolbuffers/protobuf/releases/download/v$PROTOBUF_VERSION/protobuf-cpp-$PROTOBUF_VERSION.zip" + unzip "$PROTOBUF_DIR/protobuf" -d /usr/src/protobuf + cd "/usr/src/protobuf/protobuf-$PROTOBUF_VERSION" ./autogen.sh ./configure --disable-shared make @@ -57,4 +57,4 @@ ppc64le) ldconfig ;; esac -rm -rf $PROTOBUF_DIR +rm -rf "$PROTOBUF_DIR" diff --git a/script/setup/install-seccomp b/script/setup/install-seccomp index 5122d846d..a9681562b 100755 --- a/script/setup/install-seccomp +++ b/script/setup/install-seccomp @@ -23,7 +23,8 @@ set -eu -o pipefail set -x export SECCOMP_VERSION=2.5.1 -export SECCOMP_PATH=$(mktemp -d) +SECCOMP_PATH=$(mktemp -d) +export SECCOMP_PATH curl -fsSL "https://github.com/seccomp/libseccomp/releases/download/v${SECCOMP_VERSION}/libseccomp-${SECCOMP_VERSION}.tar.gz" | tar -xzC "$SECCOMP_PATH" --strip-components=1 ( cd "$SECCOMP_PATH" diff --git a/script/test/cri-integration.sh b/script/test/cri-integration.sh index 1aaac0153..9bad27be7 100755 --- a/script/test/cri-integration.sh +++ b/script/test/cri-integration.sh @@ -17,8 +17,8 @@ set -o nounset set -o pipefail -source $(dirname "${BASH_SOURCE[0]}")/utils.sh -cd ${ROOT} +source "$(dirname "${BASH_SOURCE[0]}")/utils.sh" +cd "${ROOT}" # FOCUS focuses the test to run. FOCUS=${FOCUS:-""} @@ -29,15 +29,15 @@ RUNTIME=${RUNTIME:-""} CRI_ROOT="${CONTAINERD_ROOT}/io.containerd.grpc.v1.cri" -mkdir -p ${REPORT_DIR} -test_setup ${REPORT_DIR} +mkdir -p "${REPORT_DIR}" +test_setup "${REPORT_DIR}" # Run integration test. ${sudo} bin/cri-integration.test --test.run="${FOCUS}" --test.v \ - --cri-endpoint=${CONTAINERD_SOCK} \ - --cri-root=${CRI_ROOT} \ - --runtime-handler=${RUNTIME} \ - --containerd-bin=${CONTAINERD_BIN} \ + --cri-endpoint="${CONTAINERD_SOCK}" \ + --cri-root="${CRI_ROOT}" \ + --runtime-handler="${RUNTIME}" \ + --containerd-bin="${CONTAINERD_BIN}" \ --image-list="${TEST_IMAGE_LIST:-}" test_exit_code=$? diff --git a/script/test/utils.sh b/script/test/utils.sh index c72e34362..6b84bbc02 100755 --- a/script/test/utils.sh +++ b/script/test/utils.sh @@ -83,7 +83,7 @@ pid= # NOTE: We don't have the sudo command on Windows. sudo="" -if [ $(id -u) -ne 0 ] && command -v sudo &> /dev/null; then +if [ "$(id -u)" -ne 0 ] && command -v sudo &> /dev/null; then sudo="sudo PATH=${PATH}" fi @@ -99,7 +99,7 @@ test_setup() { # Create containerd in a different process group # so that we can easily clean them up. keepalive "${sudo} bin/containerd ${CONTAINERD_FLAGS}" \ - ${RESTART_WAIT_PERIOD} &> ${report_dir}/containerd.log & + "${RESTART_WAIT_PERIOD}" &> "${report_dir}/containerd.log" & pid=$! set +m @@ -122,7 +122,7 @@ test_teardown() { # so we can kill both of them by matching the PGID. ${sudo} ps | awk "{if (\$3 == ${pid}) print \$1}" | xargs kill else - ${sudo} pkill -g $(ps -o pgid= -p ${pid}) + ${sudo} pkill -g $(ps -o pgid= -p "${pid}") fi fi } @@ -131,11 +131,11 @@ test_teardown() { # keepalive process is eventually killed in test_teardown. keepalive() { local command=$1 - echo ${command} + echo "${command}" local wait_period=$2 while true; do ${command} - sleep ${wait_period} + sleep "${wait_period}" done } diff --git a/test/build-test-images.sh b/test/build-test-images.sh index 1323296d3..8365027b3 100755 --- a/test/build-test-images.sh +++ b/test/build-test-images.sh @@ -22,10 +22,13 @@ set -o errexit set -o nounset set -o pipefail -source $(dirname "${BASH_SOURCE[0]}")/build-utils.sh -source $(dirname "${BASH_SOURCE[0]}")/init-buildx.sh +: "${PROJECT:=k8s-cri-containerd}" + +basedir="$(dirname "${BASH_SOURCE[0]}")" +source "${basedir}/build-utils.sh" +source "${basedir}/init-buildx.sh" cd "${ROOT}" # ignore errors if the image already exists -make -C integration/images/volume-copy-up push PROJ="gcr.io/${PROJECT:-k8s-cri-containerd}" || true -make -C integration/images/volume-ownership push PROJ="gcr.io/${PROJECT:-k8s-cri-containerd}" || true +make -C integration/images/volume-copy-up push PROJ="gcr.io/${PROJECT}" || true +make -C integration/images/volume-ownership push PROJ="gcr.io/${PROJECT}" || true diff --git a/test/build-utils.sh b/test/build-utils.sh index 783b6c08c..0bbc356c5 100755 --- a/test/build-utils.sh +++ b/test/build-utils.sh @@ -20,7 +20,7 @@ ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"/.. PROJECT=${PROJECT:-"k8s-cri-containerd"} # GOOGLE_APPLICATION_CREDENTIALS is the path of service account file. -if [ -z ${GOOGLE_APPLICATION_CREDENTIALS:-""} ]; then +if [ -z "${GOOGLE_APPLICATION_CREDENTIALS:-""}" ]; then echo "GOOGLE_APPLICATION_CREDENTIALS is not set" exit 1 fi @@ -33,6 +33,6 @@ apt-get update apt-get install -y libseccomp2 libseccomp-dev # PULL_REFS is from prow. -if [ ! -z "${PULL_REFS:-""}" ]; then +if [ -n "${PULL_REFS:-""}" ]; then DEPLOY_DIR=$(echo "${PULL_REFS}" | sha1sum | awk '{print $1}') fi diff --git a/test/build.sh b/test/build.sh index ff6dd34bb..6ae4bce1f 100755 --- a/test/build.sh +++ b/test/build.sh @@ -22,7 +22,7 @@ set -o errexit set -o nounset set -o pipefail -source $(dirname "${BASH_SOURCE[0]}")/build-utils.sh +source "$(dirname "${BASH_SOURCE[0]}")/build-utils.sh" cd "${ROOT}" # Make sure output directory is clean. @@ -35,16 +35,16 @@ BUILDDIR=$(mktemp -d) cleanup() { if [[ ${BUILDDIR} == /tmp/* ]]; then echo "[-] REMOVING ${BUILDDIR}" - rm -rf ${BUILDDIR} + rm -rf "${BUILDDIR}" fi } trap cleanup EXIT set -x latest=$(readlink ./releases/cri-cni-containerd.tar.gz) -tarball=$(echo ${latest} | sed -e 's/cri-containerd-cni/containerd-cni/g' | sed -e 's/-linux-amd64/.linux-amd64/g') -cp releases/${latest} ${BUILDDIR}/${tarball} -cp releases/${latest}.sha256sum ${BUILDDIR}/${tarball}.sha256 +tarball=$(echo "${latest}" | sed -e 's/cri-containerd-cni/containerd-cni/g' | sed -e 's/-linux-amd64/.linux-amd64/g') +cp "releases/${latest}" "${BUILDDIR}/${tarball}" +cp "releases/${latest}.sha256sum" "${BUILDDIR}/${tarball}.sha256" # Push test tarball to Google cloud storage. VERSION=$(git describe --match 'v[0-9]*' --dirty='.m' --always) @@ -55,4 +55,4 @@ else DEPLOY_DIR="containerd/${DEPLOY_DIR}" fi -PUSH_VERSION=true DEPLOY_DIR=${DEPLOY_DIR} TARBALL=${tarball} VERSION=${VERSION#v} BUILD_DIR=${BUILDDIR} ${ROOT}/test/push.sh +PUSH_VERSION=true DEPLOY_DIR=${DEPLOY_DIR} TARBALL=${tarball} VERSION=${VERSION#v} BUILD_DIR=${BUILDDIR} "${ROOT}/test/push.sh" diff --git a/test/init-buildx.sh b/test/init-buildx.sh index 99b5654d7..ee0a05abd 100755 --- a/test/init-buildx.sh +++ b/test/init-buildx.sh @@ -74,7 +74,7 @@ fi # Ensure qemu is in binfmt_misc # NOTE: Please always pin this to a digest for predictability/auditability # Last updated: 08/21/2020 -if [ "$(uname)" == 'Linux' ]; then +if [ "$(uname)" = 'Linux' ]; then docker run --rm --privileged multiarch/qemu-user-static@sha256:c772ee1965aa0be9915ee1b018a0dd92ea361b4fa1bcab5bbc033517749b2af4 --reset -p yes fi diff --git a/test/push.sh b/test/push.sh index 94711f1b5..270d8ed2b 100755 --- a/test/push.sh +++ b/test/push.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -source $(dirname "${BASH_SOURCE[0]}")/utils.sh +source "$(dirname "${BASH_SOURCE[0]}")/utils.sh" # DEPLOY_BUCKET is the gcs bucket where the tarball should be stored in. DEPLOY_BUCKET=${DEPLOY_BUCKET:-"cri-containerd-staging"} @@ -41,7 +41,7 @@ if [[ ! -e ${release_tar} || ! -e ${release_tar_checksum} ]]; then fi if ! gsutil ls "gs://${DEPLOY_BUCKET}" > /dev/null; then - create_ttl_bucket ${DEPLOY_BUCKET} + create_ttl_bucket "${DEPLOY_BUCKET}" fi if [ -z "${DEPLOY_DIR}" ]; then @@ -50,8 +50,8 @@ else DEPLOY_PATH="${DEPLOY_BUCKET}/${DEPLOY_DIR}" fi -gsutil cp ${release_tar} "gs://${DEPLOY_PATH}/" -gsutil cp ${release_tar_checksum} "gs://${DEPLOY_PATH}/" +gsutil cp "${release_tar}" "gs://${DEPLOY_PATH}/" +gsutil cp "${release_tar_checksum}" "gs://${DEPLOY_PATH}/" echo "Release tarball is uploaded to: https://storage.googleapis.com/${DEPLOY_PATH}/${TARBALL}" @@ -60,7 +60,7 @@ if ${PUSH_VERSION}; then echo "VERSION is not set" exit 1 fi - echo ${VERSION} | gsutil cp - "gs://${DEPLOY_PATH}/${LATEST}" + echo "${VERSION}" | gsutil cp - "gs://${DEPLOY_PATH}/${LATEST}" echo "Latest version is uploaded to: https://storage.googleapis.com/${DEPLOY_PATH}/${LATEST}" fi diff --git a/test/utils.sh b/test/utils.sh index 79e97f6f3..a031501b6 100755 --- a/test/utils.sh +++ b/test/utils.sh @@ -26,11 +26,11 @@ upload_logs_to_gcs() { local -r dir=$2 local -r result=$3 if ! gsutil ls "gs://${bucket}" > /dev/null; then - create_ttl_bucket ${bucket} + create_ttl_bucket "${bucket}" fi local -r upload_log_path=${bucket}/${dir} gsutil cp -r "${result}" "gs://${upload_log_path}" - echo "Test logs are uploaed to: + echo "Test logs are uploaded to: http://gcsweb.k8s.io/gcs/${upload_log_path}/" } @@ -43,7 +43,7 @@ create_ttl_bucket() { gsutil mb "gs://${bucket}" local -r bucket_rule=$(mktemp) # Set 30 day TTL for logs inside the bucket. - echo '{"rule": [{"action": {"type": "Delete"},"condition": {"age": 30}}]}' > ${bucket_rule} + echo '{"rule": [{"action": {"type": "Delete"},"condition": {"age": 30}}]}' > "${bucket_rule}" gsutil lifecycle set "${bucket_rule}" "gs://${bucket}" rm "${bucket_rule}"