From c5ff513e0bec5df537d5e924dc1719815a63d76f Mon Sep 17 00:00:00 2001
From: stevenhorsman <steven@uk.ibm.com>
Date: Fri, 28 Feb 2025 11:25:14 +0000
Subject: [PATCH] shellcheck: Fix shellcheck SC2068
> Double quote array expansions to avoid re-splitting elements
Signed-off-by: stevenhorsman <steven@uk.ibm.com>
---
ci/openshift-ci/cluster/install_kata.sh | 4 ++--
.../protocols/hack/update-generated-proto.sh | 4 ++--
.../kata-deploy/run-kata-deploy-tests.sh | 2 +-
tests/functional/vfio-ap/run.sh | 6 +++---
tests/functional/vfio/gha-run.sh | 4 ++--
tests/functional/vfio/run.sh | 2 +-
.../functional/vfio/vfio_fedora_vm_wrapper.sh | 2 +-
.../integration/kubernetes/filter_k8s_test.sh | 2 +-
.../kubernetes/run_kubernetes_tests.sh | 2 +-
tests/integration/kubernetes/tests_common.sh | 2 +-
tests/metrics/lib/common.bash | 4 ++--
tools/packaging/artifact-list.sh | 2 +-
.../kata-deploy-binaries-in-docker.sh | 2 +-
.../local-build/kata-deploy-binaries.sh | 6 +++---
.../kata-deploy/scripts/kata-deploy.sh | 18 +++++++++---------
tools/packaging/kernel/build-kernel.sh | 2 +-
tools/packaging/release/release.sh | 4 ++--
tools/packaging/scripts/apply_patches.sh | 2 +-
.../packaging/scripts/configure-hypervisor.sh | 2 +-
tools/packaging/scripts/gen_versions_txt.sh | 2 +-
.../build-static-coco-guest-components.sh | 2 +-
.../static-build/scripts/qemu-build-post.sh | 2 +-
tools/testing/kata-webhook/webhook-check.sh | 2 +-
23 files changed, 40 insertions(+), 40 deletions(-)
diff --git a/ci/openshift-ci/cluster/install_kata.sh b/ci/openshift-ci/cluster/install_kata.sh
index 7279fe8e84..0c7e636dfe 100755
--- a/ci/openshift-ci/cluster/install_kata.sh
+++ b/ci/openshift-ci/cluster/install_kata.sh
@@ -67,7 +67,7 @@ wait_for_reboot() {
local workers=($(oc get nodes | \
awk '{if ($3 == "worker") { print $1 } }'))
# Get the boot ID to compared it changed over time.
- for node in ${workers[@]}; do
+ for node in "${workers[@]}"; do
BOOTIDS[$node]=$(oc get -o jsonpath='{.status.nodeInfo.bootID}'\
node/$node)
echo "Wait $node reboot"
@@ -83,7 +83,7 @@ wait_for_reboot() {
return 1
fi
echo "Checking after $(($now - $timer_start)) seconds"
- for i in ${!workers[@]}; do
+ for i in "${!workers[@]}"; do
current_id=$(oc get \
-o jsonpath='{.status.nodeInfo.bootID}' \
node/${workers[i]})
diff --git a/src/libs/protocols/hack/update-generated-proto.sh b/src/libs/protocols/hack/update-generated-proto.sh
index 5ad38d8a78..d82b1c66ff 100755
--- a/src/libs/protocols/hack/update-generated-proto.sh
+++ b/src/libs/protocols/hack/update-generated-proto.sh
@@ -94,14 +94,14 @@ target=$1
# compile all proto files
if [ "$target" = "all" ]; then
# compile all proto files
- for f in ${proto_files_list[@]}; do
+ for f in "${proto_files_list[@]}"; do
echo -e "\n [golang] compiling ${f} ..."
generate_go_sources $f
echo -e " [golang] ${f} compiled\n"
done
else
# compile individual proto file
- for f in ${proto_files_list[@]}; do
+ for f in "${proto_files_list[@]}"; do
if [ "$target" = "$f" ]; then
echo -e "\n [golang] compiling ${target} ..."
generate_go_sources $target
diff --git a/tests/functional/kata-deploy/run-kata-deploy-tests.sh b/tests/functional/kata-deploy/run-kata-deploy-tests.sh
index a071e204a4..39bfdfa08a 100644
--- a/tests/functional/kata-deploy/run-kata-deploy-tests.sh
+++ b/tests/functional/kata-deploy/run-kata-deploy-tests.sh
@@ -19,7 +19,7 @@ else
fi
info "Run tests"
-for KATA_DEPLOY_TEST_ENTRY in ${KATA_DEPLOY_TEST_UNION[@]}
+for KATA_DEPLOY_TEST_ENTRY in "${KATA_DEPLOY_TEST_UNION[@]}"
do
bats --show-output-of-passing-tests "${KATA_DEPLOY_TEST_ENTRY}"
done
diff --git a/tests/functional/vfio-ap/run.sh b/tests/functional/vfio-ap/run.sh
index 0154d97a77..c200a7a2f0 100755
--- a/tests/functional/vfio-ap/run.sh
+++ b/tests/functional/vfio-ap/run.sh
@@ -80,7 +80,7 @@ cleanup() {
# Destroy mediated devices
IFS=$'\n' read -r -d '' -a arr_dev < <( ls -1 /sys/bus/mdev/devices && printf '\0' )
- for item in ${arr_dev[@]}; do
+ for item in "${arr_dev[@]}"; do
if [[ ${item//-/} =~ ^[[:xdigit:]]{32}$ ]]; then
echo 1 | sudo tee /sys/bus/mdev/devices/${item}/remove > /dev/null
fi
@@ -100,7 +100,7 @@ validate_env() {
exit 1
fi
necessary_commands=( "${container_engine}" "ctr" "crictl" "lszcrypt" )
- for cmd in ${necessary_commands[@]}; do
+ for cmd in "${necessary_commands[@]}"; do
if ! which ${cmd} > /dev/null 2>&1; then
echo "${cmd} not found" >&2
exit 1
@@ -244,4 +244,4 @@ main() {
run_tests
}
-main $@
+main "$@"
diff --git a/tests/functional/vfio/gha-run.sh b/tests/functional/vfio/gha-run.sh
index 97c72f80b7..4e5107a494 100755
--- a/tests/functional/vfio/gha-run.sh
+++ b/tests/functional/vfio/gha-run.sh
@@ -23,13 +23,13 @@ function install_dependencies() {
deps=(xorriso curl qemu-utils openssh-client)
sudo apt-get update
- sudo apt-get install -y ${deps[@]} qemu-system-x86
+ sudo apt-get install -y "${deps[@]}" qemu-system-x86
;;
fedora)
# cloud image dependencies
deps=(xorriso curl qemu-img openssh)
- sudo dnf install -y ${deps[@]} qemu-system-x86-core
+ sudo dnf install -y "${deps[@]}" qemu-system-x86-core
;;
"*")
diff --git a/tests/functional/vfio/run.sh b/tests/functional/vfio/run.sh
index 4f36709a88..93927b3505 100755
--- a/tests/functional/vfio/run.sh
+++ b/tests/functional/vfio/run.sh
@@ -347,4 +347,4 @@ main() {
check_vfio "${vfio_cid}"
}
-main $@
+main "$@"
diff --git a/tests/functional/vfio/vfio_fedora_vm_wrapper.sh b/tests/functional/vfio/vfio_fedora_vm_wrapper.sh
index 285683716e..eea7f8fb65 100755
--- a/tests/functional/vfio/vfio_fedora_vm_wrapper.sh
+++ b/tests/functional/vfio/vfio_fedora_vm_wrapper.sh
@@ -326,4 +326,4 @@ main() {
ssh_vm "/home/${USER}/run.sh"
}
-main $@
+main "$@"
diff --git a/tests/integration/kubernetes/filter_k8s_test.sh b/tests/integration/kubernetes/filter_k8s_test.sh
index 1ac8785805..801fde924b 100755
--- a/tests/integration/kubernetes/filter_k8s_test.sh
+++ b/tests/integration/kubernetes/filter_k8s_test.sh
@@ -52,7 +52,7 @@ main()
done
[ "$flag" == "false" ] && result+=("$TEST_ENTRY")
done
- echo ${result[@]}
+ echo "${result[@]}"
}
main "$@"
diff --git a/tests/integration/kubernetes/run_kubernetes_tests.sh b/tests/integration/kubernetes/run_kubernetes_tests.sh
index a297f670cc..0d39d12c5e 100755
--- a/tests/integration/kubernetes/run_kubernetes_tests.sh
+++ b/tests/integration/kubernetes/run_kubernetes_tests.sh
@@ -132,7 +132,7 @@ ensure_yq
info "Running tests with bats version: $(bats --version)"
tests_fail=()
-for K8S_TEST_ENTRY in ${K8S_TEST_UNION[@]}
+for K8S_TEST_ENTRY in "${K8S_TEST_UNION[@]}"
do
info "$(kubectl get pods --all-namespaces 2>&1)"
info "Executing ${K8S_TEST_ENTRY}"
diff --git a/tests/integration/kubernetes/tests_common.sh b/tests/integration/kubernetes/tests_common.sh
index b3889baead..0a9bf82923 100644
--- a/tests/integration/kubernetes/tests_common.sh
+++ b/tests/integration/kubernetes/tests_common.sh
@@ -238,7 +238,7 @@ add_requests_to_policy_settings() {
auto_generate_policy_enabled || return 0
- for request in ${requests[@]}
+ for request in "${requests[@]}"
do
info "${settings_dir}/genpolicy-settings.json: allowing ${request}"
jq ".request_defaults.${request} |= true" \
diff --git a/tests/metrics/lib/common.bash b/tests/metrics/lib/common.bash
index b5c58e9588..f94a1978a5 100755
--- a/tests/metrics/lib/common.bash
+++ b/tests/metrics/lib/common.bash
@@ -96,7 +96,7 @@ function generate_build_dockerfile()
local text_to_replace="$4"
local regs=(${registries["${map_key}"]})
- for r in ${regs[@]}; do
+ for r in "${regs[@]}"; do
sed 's|'${text_to_replace}'|'${r}'|g' \
"${dockerfile}.in" > "${dockerfile}"
if sudo -E "${DOCKER_EXE}" build \
@@ -513,7 +513,7 @@ function get_current_kata_config_file() {
current_config_file="${KATA_CONFIG_FNAME}"
}
-# This function checks if the current session is runnin as root,
+# This function checks if the current session is runnin as root,
# if that is not the case, the function exits with an error message.
function check_if_root() {
[ "$EUID" -ne 0 ] && die "Please run as root or use sudo."
diff --git a/tools/packaging/artifact-list.sh b/tools/packaging/artifact-list.sh
index 798407fe02..dab187f46c 100755
--- a/tools/packaging/artifact-list.sh
+++ b/tools/packaging/artifact-list.sh
@@ -19,4 +19,4 @@ supported_artifacts=(
"install_qemu"
)
-for c in ${supported_artifacts[@]}; do echo $c; done
+for c in "${supported_artifacts[@]}"; do echo $c; done
diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh
index 6f0b114c1d..64c46f72d9 100755
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh
@@ -145,7 +145,7 @@ docker run \
--env ARCH="${ARCH}" \
--rm \
-w ${script_dir} \
- build-kata-deploy "${kata_deploy_create}" $@
+ build-kata-deploy "${kata_deploy_create}" "$@"
if [ $remove_dot_docker_dir == true ]; then
rm -rf "$HOME/.docker"
diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
index e58b71f323..7cf817e404 100755
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
@@ -193,7 +193,7 @@ cleanup_and_fail() {
if [ -n "${extra_tarballs}" ]; then
local mapping
IFS=' ' read -a mapping <<< "${extra_tarballs}"
- for m in ${mapping[@]}; do
+ for m in "${mapping[@]}"; do
local extra_tarball_name=${m%:*}
rm -f "${extra_tarball_name}"
done
@@ -273,7 +273,7 @@ install_cached_tarball_component() {
local mapping
IFS=' ' read -a mapping <<< "${extra_tarballs}"
- for m in ${mapping[@]}; do
+ for m in "${mapping[@]}"; do
local extra_tarball_name=${m%:*}
local extra_tarball_path=${m#*:}
@@ -1470,5 +1470,5 @@ main() {
}
if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
- main $@
+ main "$@"
fi
diff --git a/tools/packaging/kata-deploy/scripts/kata-deploy.sh b/tools/packaging/kata-deploy/scripts/kata-deploy.sh
index 730beeac14..a3aa4db04b 100755
--- a/tools/packaging/kata-deploy/scripts/kata-deploy.sh
+++ b/tools/packaging/kata-deploy/scripts/kata-deploy.sh
@@ -169,8 +169,8 @@ function get_container_runtime() {
else
echo "k3s"
fi
- # Note: we assumed you used a conventional k0s setup and k0s will generate a systemd entry k0scontroller.service and k0sworker.service respectively
- # and it is impossible to run this script without a kubelet, so this k0s controller must also have worker mode enabled
+ # Note: we assumed you used a conventional k0s setup and k0s will generate a systemd entry k0scontroller.service and k0sworker.service respectively
+ # and it is impossible to run this script without a kubelet, so this k0s controller must also have worker mode enabled
elif host_systemctl is-active --quiet k0scontroller; then
echo "k0s-controller"
elif host_systemctl is-active --quiet k0sworker; then
@@ -339,7 +339,7 @@ function adjust_qemu_cmdline() {
# Both qemu and qemu-coco-dev use exactly the same QEMU, so we can adjust
# the shim on the qemu-coco-dev case to qemu
[[ "${shim}" =~ ^(qemu|qemu-coco-dev)$ ]] && qemu_share="qemu"
-
+
qemu_binary=$(tomlq '.hypervisor.qemu.path' ${config_path} | tr -d \")
qemu_binary_script="${qemu_binary}-installation-prefix"
qemu_binary_script_host_path="/host/${qemu_binary_script}"
@@ -430,7 +430,7 @@ function install_artifacts() {
*)
tdx_not_supported ${ID} ${VERSION_ID}
;;
- esac
+ esac
fi
if [ "${dest_dir}" != "${default_dest_dir}" ]; then
@@ -606,19 +606,19 @@ function configure_containerd_runtime() {
local runtime_type=\"io.containerd."${runtime}".v2\"
local runtime_config_path=\"$(get_kata_containers_config_path "${shim}")/${configuration}.toml\"
local runtime_path=\"$(get_kata_containers_runtime_path "${shim}")\"
-
+
tomlq -i -t $(printf '%s.runtime_type=%s' ${runtime_table} ${runtime_type}) ${configuration_file}
tomlq -i -t $(printf '%s.runtime_path=%s' ${runtime_table} ${runtime_path}) ${configuration_file}
tomlq -i -t $(printf '%s.privileged_without_host_devices=true' ${runtime_table}) ${configuration_file}
tomlq -i -t $(printf '%s.pod_annotations=["io.katacontainers.*"]' ${runtime_table}) ${configuration_file}
tomlq -i -t $(printf '%s.ConfigPath=%s' ${runtime_options_table} ${runtime_config_path}) ${configuration_file}
-
+
if [ "${DEBUG}" == "true" ]; then
tomlq -i -t '.debug.level = "debug"' ${configuration_file}
fi
if [ -n "${SNAPSHOTTER_HANDLER_MAPPING}" ]; then
- for m in ${snapshotters[@]}; do
+ for m in "${snapshotters[@]}"; do
key="${m%$snapshotters_delimiter*}"
if [ "${key}" != "${shim}" ]; then
@@ -746,7 +746,7 @@ function snapshotter_handler_mapping_validation_check() {
return
fi
- for m in ${snapshotters[@]}; do
+ for m in "${snapshotters[@]}"; do
shim="${m%$snapshotters_delimiter*}"
snapshotter="${m#*$snapshotters_delimiter}"
@@ -813,7 +813,7 @@ function main() {
containerd_conf_tmpl_file="${containerd_conf_file}.tmpl"
containerd_conf_file_backup="${containerd_conf_tmpl_file}.bak"
elif [[ "$runtime" =~ ^(k0s-worker|k0s-controller)$ ]]; then
- # From 1.27.1 onwards k0s enables dynamic configuration on containerd CRI runtimes.
+ # From 1.27.1 onwards k0s enables dynamic configuration on containerd CRI runtimes.
# This works by k0s creating a special directory in /etc/k0s/containerd.d/ where user can drop-in partial containerd configuration snippets.
# k0s will automatically pick up these files and adds these in containerd configuration imports list.
containerd_conf_file="/etc/containerd/containerd.d/kata-containers.toml"
diff --git a/tools/packaging/kernel/build-kernel.sh b/tools/packaging/kernel/build-kernel.sh
index 44e0ddff9f..a2943648b1 100755
--- a/tools/packaging/kernel/build-kernel.sh
+++ b/tools/packaging/kernel/build-kernel.sh
@@ -718,4 +718,4 @@ main() {
esac
}
-main $@
+main "$@"
diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh
index 00ec2b76a6..212749ff35 100755
--- a/tools/packaging/release/release.sh
+++ b/tools/packaging/release/release.sh
@@ -143,8 +143,8 @@ function _publish_multiarch_manifest()
_check_required_env_var "KATA_DEPLOY_IMAGE_TAGS"
_check_required_env_var "KATA_DEPLOY_REGISTRIES"
- for registry in ${REGISTRIES[@]}; do
- for tag in ${IMAGE_TAGS[@]}; do
+ for registry in "${REGISTRIES[@]}"; do
+ for tag in "${IMAGE_TAGS[@]}"; do
docker manifest create ${registry}:${tag} \
--amend ${registry}:${tag}-amd64 \
--amend ${registry}:${tag}-arm64 \
diff --git a/tools/packaging/scripts/apply_patches.sh b/tools/packaging/scripts/apply_patches.sh
index c5b8c748d7..552d2e3c88 100755
--- a/tools/packaging/scripts/apply_patches.sh
+++ b/tools/packaging/scripts/apply_patches.sh
@@ -38,7 +38,7 @@ echo "INFO: Apply patches from $patches_dir"
if [ -d "$patches_dir" ]; then
patches=($(find "$patches_dir" -maxdepth 1 -name '*.patch'|sort -t- -k1,1n))
echo "INFO: Found ${#patches[@]} patches"
- for patch in ${patches[@]}; do
+ for patch in "${patches[@]}"; do
echo "INFO: Apply $patch"
patch -p1 < "$patch" || \
{ echo >&2 "ERROR: Not applied. Exiting..."; exit 1; }
diff --git a/tools/packaging/scripts/configure-hypervisor.sh b/tools/packaging/scripts/configure-hypervisor.sh
index 73f51817b2..c6d762906d 100755
--- a/tools/packaging/scripts/configure-hypervisor.sh
+++ b/tools/packaging/scripts/configure-hypervisor.sh
@@ -595,4 +595,4 @@ main() {
exit 0
}
-main $@
+main "$@"
diff --git a/tools/packaging/scripts/gen_versions_txt.sh b/tools/packaging/scripts/gen_versions_txt.sh
index ef2cba37a3..99aea6e454 100755
--- a/tools/packaging/scripts/gen_versions_txt.sh
+++ b/tools/packaging/scripts/gen_versions_txt.sh
@@ -185,4 +185,4 @@ main() {
gen_version_file "${branch}" "${kata_version}"
}
-main $@
+main "$@"
diff --git a/tools/packaging/static-build/coco-guest-components/build-static-coco-guest-components.sh b/tools/packaging/static-build/coco-guest-components/build-static-coco-guest-components.sh
index d2daedebd5..669773a5b9 100755
--- a/tools/packaging/static-build/coco-guest-components/build-static-coco-guest-components.sh
+++ b/tools/packaging/static-build/coco-guest-components/build-static-coco-guest-components.sh
@@ -38,4 +38,4 @@ build_coco_guest_components_from_source() {
popd
}
-build_coco_guest_components_from_source $@
+build_coco_guest_components_from_source "$@"
diff --git a/tools/packaging/static-build/scripts/qemu-build-post.sh b/tools/packaging/static-build/scripts/qemu-build-post.sh
index 4ce4e046c5..39b90b1ba3 100755
--- a/tools/packaging/static-build/scripts/qemu-build-post.sh
+++ b/tools/packaging/static-build/scripts/qemu-build-post.sh
@@ -19,7 +19,7 @@ fi
pushd "${QEMU_DESTDIR}"
# Remove files to reduce the surface.
echo "INFO: remove uneeded files"
-for pattern in ${qemu_black_list[@]}; do
+for pattern in "${qemu_black_list[@]}"; do
find . -path "$pattern" | xargs rm -rfv
done
diff --git a/tools/testing/kata-webhook/webhook-check.sh b/tools/testing/kata-webhook/webhook-check.sh
index 081e72f556..c44dc63200 100755
--- a/tools/testing/kata-webhook/webhook-check.sh
+++ b/tools/testing/kata-webhook/webhook-check.sh
@@ -83,4 +83,4 @@ main() {
info "kata-webhook is up and working"
}
-main $@
+main "$@"