ci.ocp: shellcheck various fixes

various manual fixes. Related to: #10951 Signed-off-by: Lukáš Doktor <ldoktor@redhat.com>
2025-04-28 03:42:09 +00:00 · 2025-03-19 11:37:36 +01:00 · 2025-03-19 11:37:36 +01:00 · d708866b2a
commit d708866b2a
parent 7e11489daf
7 changed files with 40 additions and 24 deletions
--- a/ci/openshift-ci/bisect-range.sh
+++ b/ci/openshift-ci/bisect-range.sh
@ -14,13 +14,16 @@ ARCH=amd64
 REPO="quay.io/kata-containers/kata-deploy-ci"

 TAGS=$(skopeo list-tags "docker://${REPO}")
+# For testing
+#echo "$TAGS" > tags
+#TAGS=$(cat tags)
 # Only amd64
 TAGS=$(echo "${TAGS}" | jq '.Tags' | jq "map(select(endswith(\"${ARCH}\")))" | jq -r '.[]')
 # Sort by git
 SORTED=""
 [[ -n "${BAD}" ]] && LOG_ARGS="${GOOD}~1..${BAD}" || LOG_ARGS="${GOOD}~1.."
 for TAG in $(git log --merges --pretty=format:%H --reverse "${LOG_ARGS}"); do
-	[[ "${TAGS}" =~ "${TAG}" ]] && SORTED+="
+	[[ "${TAGS}" =~ ${TAG} ]] && SORTED+="
 kata-containers-${TAG}-${ARCH}"
 done
 # Comma separated tags with repo
--- a/ci/openshift-ci/cleanup.sh
+++ b/ci/openshift-ci/cleanup.sh
@ -9,10 +9,13 @@

 scripts_dir=$(dirname "$0")
 deployments_dir=${scripts_dir}/cluster/deployments
-configs_dir=${scripts_dir}/configs

+# shellcheck disable=SC1091 # import based on variable
 source "${scripts_dir}/lib.sh"

+# Set your katacontainers repo dir location
+[[ -z "${katacontainers_repo_dir}" ]] && echo "Please set katacontainers_repo_dir variable to your kata repo"
+
 # Set to 'yes' if you want to configure SELinux to permissive on the cluster
 # workers.
 #
@ -43,12 +46,12 @@ fi
 [[ ${SELINUX_PERMISSIVE} == "yes" ]] && oc delete -f "${deployments_dir}/machineconfig_selinux.yaml.in"

 # Delete kata-containers
-pushd "${katacontainers_repo_dir}/tools/packaging/kata-deploy"
+pushd "${katacontainers_repo_dir}/tools/packaging/kata-deploy" || { echo "Failed to push to ${katacontainers_repo_dir}/tools/packaging/kata-deploy"; exit 125; }
 oc delete -f kata-deploy/base/kata-deploy.yaml
 oc -n kube-system wait --timeout=10m --for=delete -l name=kata-deploy pod
 oc apply -f kata-cleanup/base/kata-cleanup.yaml
 echo "Wait for all related pods to be gone"
-( repeats=1; for i in $(seq 1 600); do
+( repeats=1; for _ in $(seq 1 600); do
  oc get pods -l name="kubelet-kata-cleanup" --no-headers=true -n kube-system 2>&1 | grep "No resources found" -q && ((repeats++)) || repeats=1
  [[ "${repeats}" -gt 5 ]] && echo kata-cleanup finished && break
  sleep 1
--- a/ci/openshift-ci/cluster/deploy_webhook.sh
+++ b/ci/openshift-ci/cluster/deploy_webhook.sh
@ -13,8 +13,9 @@ set -e
 set -o nounset
 set -o pipefail

-script_dir="$(realpath $(dirname "$0"))"
+script_dir="$(realpath "$(dirname "$0")")"
 webhook_dir="${script_dir}/../../../tools/testing/kata-webhook"
+# shellcheck disable=SC1091 # import based on variable
 source "${script_dir}/../lib.sh"
 KATA_RUNTIME=${KATA_RUNTIME:-kata-ci}

--- a/ci/openshift-ci/cluster/install_kata.sh
+++ b/ci/openshift-ci/cluster/install_kata.sh
@ -11,8 +11,12 @@ scripts_dir=$(dirname "$0")
 deployments_dir=${scripts_dir}/deployments
 configs_dir=${scripts_dir}/configs

+# shellcheck disable=SC1091 # import based on variable
 source "${scripts_dir}/../lib.sh"

+# Set your katacontainers repo dir location
+[[ -z "${katacontainers_repo_dir}" ]] && echo "Please set katacontainers_repo_dir variable to your kata repo"
+
 # Set to 'yes' if you want to configure SELinux to permissive on the cluster
 # workers.
 #
@ -40,7 +44,7 @@ WORKAROUND_9206_CRIO=${WORKAROUND_9206_CRIO:-no}
 #
 apply_kata_deploy() {
 	local deploy_file="tools/packaging/kata-deploy/kata-deploy/base/kata-deploy.yaml"
-	pushd "${katacontainers_repo_dir}"
+	pushd "${katacontainers_repo_dir}" || die
 	sed -ri "s#(\s+image:) .*#\1 ${KATA_DEPLOY_IMAGE}#" "${deploy_file}"

 	info "Applying kata-deploy"
@ -51,7 +55,7 @@ apply_kata_deploy() {

 	info "Adding the kata runtime classes"
 	oc apply -f tools/packaging/kata-deploy/runtimeclasses/kata-runtimeClasses.yaml
-	popd
+	popd || die
 }


@ -64,8 +68,8 @@ wait_for_reboot() {
 	local delta="${1:-900}"
 	local sleep_time=60
 	declare -A BOOTIDS
-	local workers=($(oc get nodes | \
-		awk '{if ($3 == "worker") { print $1 } }'))
+	local workers
+	mapfile -t workers < <(oc get nodes | awk '{if ($3 == "worker") { print $1 } }')
 	# Get the boot ID to compared it changed over time.
 	for node in "${workers[@]}"; do
 		BOOTIDS[${node}]=$(oc get -o jsonpath='{.status.nodeInfo.bootID}'\
@ -78,18 +82,18 @@ wait_for_reboot() {
 	while [[ ${#workers[@]} -gt 0 ]]; do
 		sleep "${sleep_time}"
 		now=$(date +%s)
-		if [[ $((${timer_start} + ${delta})) -lt ${now} ]]; then
+		if [[ $((timer_start + delta)) -lt ${now} ]]; then
 			echo "Timeout: not all workers rebooted"
 			return 1
 		fi
-		echo "Checking after $((${now} - ${timer_start})) seconds"
+		echo "Checking after $((now - timer_start)) seconds"
 		for i in "${!workers[@]}"; do
 			current_id=$(oc get \
 				-o jsonpath='{.status.nodeInfo.bootID}' \
 				"node/${workers[i]}")
-			if [[ "${current_id}" != ${BOOTIDS[${workers[i]}]} ]]; then
+			if [[ "${current_id}" != "${BOOTIDS[${workers[i]}]}" ]]; then
 				echo "${workers[i]} rebooted"
-				unset workers[i]
+				unset "workers[i]"
 			fi
 		done
 	done
@ -102,7 +106,8 @@ wait_mcp_update() {
 	# and none are degraded.
 	local ready_count=0
 	local degraded_count=0
-	local machine_count=$(oc get mcp worker -o jsonpath='{.status.machineCount}')
+	local machine_count
+	machine_count=$(oc get mcp worker -o jsonpath='{.status.machineCount}')

 	if [[ -z "${machine_count}" && "${machine_count}" -lt 1 ]]; then
 		warn "Unabled to obtain the machine count"
@ -110,12 +115,13 @@ wait_mcp_update() {
 	fi

 	echo "Set timeout to ${delta} seconds"
-	local deadline=$(($(date +%s) + ${delta}))
+	local deadline=$(($(date +%s) + delta))
+	local now
 	# The ready count might not have changed yet, so wait a little.
 	while [[ "${ready_count}" != "${machine_count}" && \
 		"${degraded_count}" == 0 ]]; do
 		# Let's check it hit the timeout (or not).
-		local now=$(date +%s)
+		now=$(date +%s)
 		if [[ ${deadline} -lt ${now} ]]; then
 			echo "Timeout: not all workers updated" >&2
 			return 1
@ -138,7 +144,7 @@ enable_sandboxedcontainers_extension() {
 	oc apply -f "${deployment_file}"
 	oc get -f "${deployment_file}" || \
 		die "Sandboxed Containers extension machineconfig not found"
-	wait_mcp_update || die "Failed to update the machineconfigpool"
+	wait_mcp_update 3600 || die "Failed to update the machineconfigpool"
 }

 # Print useful information for debugging.
@ -174,16 +180,17 @@ wait_for_app_pods_message() {
 	local i
 	SECONDS=0
 	while :; do
-		pods=($(oc get pods -l app="${app}" --no-headers=true "${namespace}" | awk '{print $1}'))
+		mapfile -t pods < <(oc get pods -l app="${app}" --no-headers=true "${namespace}" | awk '{print $1}')
 		[[ "${#pods}" -ge "${pod_count}" ]] && break
 		if [[ "${SECONDS}" -gt "${timeout}" ]]; then
 			printf "Unable to find ${pod_count} pods for '-l app=\"${app}\"' in ${SECONDS}s (%s)" "${pods[@]}"
 			return 1
 		fi
 	done
+	local log
 	for pod in "${pods[@]}"; do
 		while :; do
-			local log=$(oc logs "${namespace}" "${pod}")
+			log=$(oc logs "${namespace}" "${pod}")
 			echo "${log}" | grep "${message}" -q && echo "Found $(echo "${log}" | grep "${message}") in ${pod}'s log (${SECONDS})" && break;
 			if [[ "${SECONDS}" -gt "${timeout}" ]]; then
 				echo -n "Message '${message}' not present in '${pod}' pod of the '-l app=\"${app}\"' "
@ -220,16 +227,15 @@ apply_kata_deploy
 if [[ ${SELINUX_PERMISSIVE} == "yes" ]]; then
 	info "Configuring SELinux"
 	if [[ -z "${SELINUX_CONF_BASE64}" ]]; then
-		export SELINUX_CONF_BASE64=$(echo \
-			$(cat "${configs_dir}/selinux.conf"|base64) | \
-			sed -e 's/\s//g')
+		SELINUX_CONF_BASE64=$(base64 -w0 < "${configs_dir}/selinux.conf")
+		export SELINUX_CONF_BASE64
 	fi
 	envsubst < "${deployments_dir}"/machineconfig_selinux.yaml.in | \
 		oc apply -f -
 	oc get machineconfig/51-kata-selinux || \
 		die "SELinux machineconfig not found"
 	# The new SELinux configuration will trigger another reboot.
-	wait_for_reboot
+	wait_for_reboot 900
 fi

 if [[ "${WORKAROUND_9206_CRIO}" == "yes" ]]; then
--- a/ci/openshift-ci/lib.sh
+++ b/ci/openshift-ci/lib.sh
@ -14,6 +14,7 @@ else
 fi

 lib_dir=$(dirname "${BASH_SOURCE[0]}")
+# shellcheck disable=SC1091 # import based on variable
 source "${lib_dir}/../../tests/common.bash"

 export katacontainers_repo=${katacontainers_repo:="github.com/kata-containers/kata-containers"}
--- a/ci/openshift-ci/run_smoke_test.sh
+++ b/ci/openshift-ci/run_smoke_test.sh
@ -8,6 +8,7 @@
 #

 script_dir=$(dirname "$0")
+# shellcheck disable=SC1091 # import based on variable
 source "${script_dir}/lib.sh"

 pod='http-server'
@ -45,7 +46,7 @@ info "Creating the service and route"
 if oc apply -f "${script_dir}/smoke/service.yaml"; then
    # Likely on OCP, use service
    is_ocp=1
-    host=$(oc get route/http-server-route -o jsonpath={.spec.host})
+    host=$(oc get route/http-server-route -o jsonpath="{.spec.host}")
    port=80
 else
    # Likely on plain kubernetes, test using another container
--- a/ci/openshift-ci/test.sh
+++ b/ci/openshift-ci/test.sh
@ -9,6 +9,7 @@
 export KATA_RUNTIME=${KATA_RUNTIME:-kata-qemu}

 script_dir=$(dirname "$0")
+# shellcheck disable=SC1091 # import based on variable
 source "${script_dir}/lib.sh"

 suite=$1