Fix shellcheck failures in cluster/gce/gci/configure.sh

Signed-off-by: Joakim Roubert <joakimr@axis.com>
This commit is contained in:
Joakim Roubert 2020-04-24 11:15:56 +02:00 committed by Joakim Roubert
parent 0f3aada51e
commit 3dd3211c81
2 changed files with 39 additions and 34 deletions

View File

@ -24,13 +24,13 @@ set -o nounset
set -o pipefail set -o pipefail
### Hardcoded constants ### Hardcoded constants
DEFAULT_CNI_VERSION="v0.8.7" DEFAULT_CNI_VERSION='v0.8.7'
DEFAULT_CNI_HASH="8f2cbee3b5f94d59f919054dccfe99a8e3db5473b553d91da8af4763e811138533e05df4dbeab16b3f774852b4184a7994968f5e036a3f531ad1ac4620d10ede" DEFAULT_CNI_HASH='8f2cbee3b5f94d59f919054dccfe99a8e3db5473b553d91da8af4763e811138533e05df4dbeab16b3f774852b4184a7994968f5e036a3f531ad1ac4620d10ede'
DEFAULT_NPD_VERSION="v0.8.5" DEFAULT_NPD_VERSION='v0.8.5'
DEFAULT_NPD_HASH="3fbf97a38c06d8fcc8c46f956a6e90aa1b47cb42d50ddcfd1a644a7e624e42ee523db2f81e08fbfb21b80142d4bafdbedce16e8b62d2274a5b2b703a56d9c015" DEFAULT_NPD_HASH='3fbf97a38c06d8fcc8c46f956a6e90aa1b47cb42d50ddcfd1a644a7e624e42ee523db2f81e08fbfb21b80142d4bafdbedce16e8b62d2274a5b2b703a56d9c015'
DEFAULT_CRICTL_VERSION="v1.20.0" DEFAULT_CRICTL_VERSION='v1.20.0'
DEFAULT_CRICTL_HASH="bf6e07c0834ead3cb17342fdd684723acd66d71dbad9a93a2c2001db0af647db124be732d9eaa58e3d0f36d7ab1026ab1380e1331e084810f1403e3656d1205d" DEFAULT_CRICTL_HASH='bf6e07c0834ead3cb17342fdd684723acd66d71dbad9a93a2c2001db0af647db124be732d9eaa58e3d0f36d7ab1026ab1380e1331e084810f1403e3656d1205d'
DEFAULT_MOUNTER_TAR_SHA="7956fd42523de6b3107ddc3ce0e75233d2fcb78436ff07a1389b6eaac91fb2b1b72a08f7a219eaf96ba1ca4da8d45271002e0d60e0644e796c665f99bb356516" DEFAULT_MOUNTER_TAR_SHA='7956fd42523de6b3107ddc3ce0e75233d2fcb78436ff07a1389b6eaac91fb2b1b72a08f7a219eaf96ba1ca4da8d45271002e0d60e0644e796c665f99bb356516'
### ###
# Use --retry-connrefused opt only if it's supported by curl. # Use --retry-connrefused opt only if it's supported by curl.
@ -64,7 +64,7 @@ function download-kube-env {
-o "${tmp_kube_env}" \ -o "${tmp_kube_env}" \
http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-env http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-env
# Convert the yaml format file into a shell-style file. # Convert the yaml format file into a shell-style file.
eval $(${PYTHON} -c ''' eval "$(${PYTHON} -c '''
import pipes,sys,yaml import pipes,sys,yaml
# check version of python and call methods appropriate for that version # check version of python and call methods appropriate for that version
if sys.version_info[0] < 3: if sys.version_info[0] < 3:
@ -73,7 +73,7 @@ else:
items = yaml.load(sys.stdin, Loader=yaml.BaseLoader).items() items = yaml.load(sys.stdin, Loader=yaml.BaseLoader).items()
for k, v in items: for k, v in items:
print("readonly {var}={value}".format(var=k, value=pipes.quote(str(v)))) print("readonly {var}={value}".format(var=k, value=pipes.quote(str(v))))
''' < "${tmp_kube_env}" > "${KUBE_HOME}/kube-env") ''' < "${tmp_kube_env}" > "${KUBE_HOME}/kube-env")"
rm -f "${tmp_kube_env}" rm -f "${tmp_kube_env}"
) )
} }
@ -108,7 +108,7 @@ function download-kube-master-certs {
-o "${tmp_kube_master_certs}" \ -o "${tmp_kube_master_certs}" \
http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-master-certs http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-master-certs
# Convert the yaml format file into a shell-style file. # Convert the yaml format file into a shell-style file.
eval $(${PYTHON} -c ''' eval "$(${PYTHON} -c '''
import pipes,sys,yaml import pipes,sys,yaml
# check version of python and call methods appropriate for that version # check version of python and call methods appropriate for that version
if sys.version_info[0] < 3: if sys.version_info[0] < 3:
@ -117,7 +117,7 @@ else:
items = yaml.load(sys.stdin, Loader=yaml.BaseLoader).items() items = yaml.load(sys.stdin, Loader=yaml.BaseLoader).items()
for k, v in items: for k, v in items:
print("readonly {var}={value}".format(var=k, value=pipes.quote(str(v)))) print("readonly {var}={value}".format(var=k, value=pipes.quote(str(v))))
''' < "${tmp_kube_master_certs}" > "${KUBE_HOME}/kube-master-certs") ''' < "${tmp_kube_master_certs}" > "${KUBE_HOME}/kube-master-certs")"
rm -f "${tmp_kube_master_certs}" rm -f "${tmp_kube_master_certs}"
) )
} }
@ -153,9 +153,8 @@ function download-or-bust {
local -r hash="$1" local -r hash="$1"
shift 1 shift 1
local -r urls=( $* )
while true; do while true; do
for url in "${urls[@]}"; do for url in "$@"; do
local file="${url##*/}" local file="${url##*/}"
rm -f "${file}" rm -f "${file}"
# if the url belongs to GCS API we should use oauth2_token in the headers # if the url belongs to GCS API we should use oauth2_token in the headers
@ -186,14 +185,14 @@ function is-preloaded {
} }
function split-commas { function split-commas {
echo $1 | tr "," "\n" echo -e "${1//,/'\n'}"
} }
function remount-flexvolume-directory { function remount-flexvolume-directory {
local -r flexvolume_plugin_dir=$1 local -r flexvolume_plugin_dir=$1
mkdir -p $flexvolume_plugin_dir mkdir -p "$flexvolume_plugin_dir"
mount --bind $flexvolume_plugin_dir $flexvolume_plugin_dir mount --bind "$flexvolume_plugin_dir" "$flexvolume_plugin_dir"
mount -o remount,exec $flexvolume_plugin_dir mount -o remount,exec "$flexvolume_plugin_dir"
} }
function install-gci-mounter-tools { function install-gci-mounter-tools {
@ -246,11 +245,10 @@ function install-node-problem-detector {
} }
function install-cni-binaries { function install-cni-binaries {
local -r cni_version=${CNI_VERSION:-$DEFAULT_CNI_VERSION}
if [[ -n "${CNI_VERSION:-}" ]]; then if [[ -n "${CNI_VERSION:-}" ]]; then
local -r cni_version="${CNI_VERSION}" local -r cni_hash="${CNI_HASH:-}"
local -r cni_hash="${CNI_HASH}"
else else
local -r cni_version="${DEFAULT_CNI_VERSION}"
local -r cni_hash="${DEFAULT_CNI_HASH}" local -r cni_hash="${DEFAULT_CNI_HASH}"
fi fi
@ -330,7 +328,10 @@ function install-kube-manifests {
# Put kube-system pods manifests in ${KUBE_HOME}/kube-manifests/. # Put kube-system pods manifests in ${KUBE_HOME}/kube-manifests/.
local dst_dir="${KUBE_HOME}/kube-manifests" local dst_dir="${KUBE_HOME}/kube-manifests"
mkdir -p "${dst_dir}" mkdir -p "${dst_dir}"
local -r manifests_tar_urls=( $(split-commas "${KUBE_MANIFESTS_TAR_URL}") ) local manifests_tar_urls
while IFS= read -r url; do
manifests_tar_urls+=("$url")
done < <(split-commas "${KUBE_MANIFESTS_TAR_URL}")
local -r manifests_tar="${manifests_tar_urls[0]##*/}" local -r manifests_tar="${manifests_tar_urls[0]##*/}"
if [ -n "${KUBE_MANIFESTS_TAR_HASH:-}" ]; then if [ -n "${KUBE_MANIFESTS_TAR_HASH:-}" ]; then
local -r manifests_tar_hash="${KUBE_MANIFESTS_TAR_HASH}" local -r manifests_tar_hash="${KUBE_MANIFESTS_TAR_HASH}"
@ -350,10 +351,10 @@ function install-kube-manifests {
tar xzf "${KUBE_HOME}/${manifests_tar}" -C "${dst_dir}" --overwrite tar xzf "${KUBE_HOME}/${manifests_tar}" -C "${dst_dir}" --overwrite
local -r kube_addon_registry="${KUBE_ADDON_REGISTRY:-k8s.gcr.io}" local -r kube_addon_registry="${KUBE_ADDON_REGISTRY:-k8s.gcr.io}"
if [[ "${kube_addon_registry}" != "k8s.gcr.io" ]]; then if [[ "${kube_addon_registry}" != "k8s.gcr.io" ]]; then
find "${dst_dir}" -name \*.yaml -or -name \*.yaml.in | \ find "${dst_dir}" \(-name '*.yaml' -or -name '*.yaml.in'\) -print0 | \
xargs sed -ri "s@(image:\s.*)k8s.gcr.io@\1${kube_addon_registry}@" xargs -0 sed -ri "s@(image:\s.*)k8s.gcr.io@\1${kube_addon_registry}@"
find "${dst_dir}" -name \*.manifest -or -name \*.json | \ find "${dst_dir}" \(-name '*.manifest' -or -name '*.json'\) -print0 | \
xargs sed -ri "s@(image\":\s+\")k8s.gcr.io@\1${kube_addon_registry}@" xargs -0 sed -ri "s@(image\":\s+\")k8s.gcr.io@\1${kube_addon_registry}@"
fi fi
cp "${dst_dir}/kubernetes/gci-trusty/gci-configure-helper.sh" "${KUBE_BIN}/configure-helper.sh" cp "${dst_dir}/kubernetes/gci-trusty/gci-configure-helper.sh" "${KUBE_BIN}/configure-helper.sh"
cp "${dst_dir}/kubernetes/gci-trusty/configure-kubeapiserver.sh" "${KUBE_BIN}/configure-kubeapiserver.sh" cp "${dst_dir}/kubernetes/gci-trusty/configure-kubeapiserver.sh" "${KUBE_BIN}/configure-kubeapiserver.sh"
@ -386,6 +387,8 @@ function try-load-docker-image {
load_image_command="${LOAD_IMAGE_COMMAND:-}" load_image_command="${LOAD_IMAGE_COMMAND:-}"
fi fi
# Deliberately word split load_image_command
# shellcheck disable=SC2086
until timeout 30 ${load_image_command} "${img}"; do until timeout 30 ${load_image_command} "${img}"; do
if [[ "${attempt_num}" == "${max_attempts}" ]]; then if [[ "${attempt_num}" == "${max_attempts}" ]]; then
echo "Fail to load docker image file ${img} using ${load_image_command} after ${max_attempts} retries. Exit!!" echo "Fail to load docker image file ${img} using ${load_image_command} after ${max_attempts} retries. Exit!!"
@ -436,7 +439,7 @@ function install-docker {
release=$(lsb_release -cs) release=$(lsb_release -cs)
# Add the Docker apt-repository # Add the Docker apt-repository
curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg \ curl -fsSL "https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg" \
| apt-key add - | apt-key add -
add-apt-repository \ add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \ "deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \
@ -444,7 +447,7 @@ function install-docker {
# Install Docker # Install Docker
apt-get update && \ apt-get update && \
apt-get install -y --no-install-recommends ${GCI_DOCKER_VERSION:-"docker-ce=5:19.03.*"} apt-get install -y --no-install-recommends "${GCI_DOCKER_VERSION:-"docker-ce=5:19.03.*"}"
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*
} }
@ -477,7 +480,7 @@ function install-containerd-ubuntu {
release=$(lsb_release -cs) release=$(lsb_release -cs)
# Add the Docker apt-repository (as we install containerd from there) # Add the Docker apt-repository (as we install containerd from there)
curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg \ curl -fsSL "https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg" \
| apt-key add - | apt-key add -
add-apt-repository \ add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \ "deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \
@ -490,13 +493,13 @@ function install-containerd-ubuntu {
# Override to latest versions of containerd and runc # Override to latest versions of containerd and runc
systemctl stop containerd systemctl stop containerd
if [[ ! -z "${UBUNTU_INSTALL_CONTAINERD_VERSION:-}" ]]; then if [[ -n "${UBUNTU_INSTALL_CONTAINERD_VERSION:-}" ]]; then
# containerd versions have slightly different url(s), so try both # containerd versions have slightly different url(s), so try both
( curl -fsSL "https://github.com/containerd/containerd/releases/download/${UBUNTU_INSTALL_CONTAINERD_VERSION}/containerd-${UBUNTU_INSTALL_CONTAINERD_VERSION:1}-linux-amd64.tar.gz" || \ ( curl -fsSL "https://github.com/containerd/containerd/releases/download/${UBUNTU_INSTALL_CONTAINERD_VERSION}/containerd-${UBUNTU_INSTALL_CONTAINERD_VERSION:1}-linux-amd64.tar.gz" || \
curl -fsSL "https://github.com/containerd/containerd/releases/download/${UBUNTU_INSTALL_CONTAINERD_VERSION}/containerd-${UBUNTU_INSTALL_CONTAINERD_VERSION:1}.linux-amd64.tar.gz" ) \ curl -fsSL "https://github.com/containerd/containerd/releases/download/${UBUNTU_INSTALL_CONTAINERD_VERSION}/containerd-${UBUNTU_INSTALL_CONTAINERD_VERSION:1}.linux-amd64.tar.gz" ) \
| tar --overwrite -xzv -C /usr/ | tar --overwrite -xzv -C /usr/
fi fi
if [[ ! -z "${UBUNTU_INSTALL_RUNC_VERSION:-}" ]]; then if [[ -n "${UBUNTU_INSTALL_RUNC_VERSION:-}" ]]; then
curl -fsSL "https://github.com/opencontainers/runc/releases/download/${UBUNTU_INSTALL_RUNC_VERSION}/runc.amd64" --output /usr/sbin/runc && chmod 755 /usr/sbin/runc curl -fsSL "https://github.com/opencontainers/runc/releases/download/${UBUNTU_INSTALL_RUNC_VERSION}/runc.amd64" --output /usr/sbin/runc && chmod 755 /usr/sbin/runc
fi fi
sudo systemctl start containerd sudo systemctl start containerd
@ -515,7 +518,7 @@ function ensure-container-runtime {
docker version docker version
elif [[ "${container_runtime}" == "containerd" ]]; then elif [[ "${container_runtime}" == "containerd" ]]; then
# Install containerd/runc if requested # Install containerd/runc if requested
if [[ ! -z "${UBUNTU_INSTALL_CONTAINERD_VERSION:-}" || ! -z "${UBUNTU_INSTALL_RUNC_VERSION:-}" ]]; then if [[ -n "${UBUNTU_INSTALL_CONTAINERD_VERSION:-}" || -n "${UBUNTU_INSTALL_RUNC_VERSION:-}" ]]; then
install-containerd-ubuntu install-containerd-ubuntu
fi fi
# Verify presence and print versions of ctr, containerd, runc # Verify presence and print versions of ctr, containerd, runc
@ -543,7 +546,10 @@ function ensure-container-runtime {
# and places them into suitable directories. Files are placed in /home/kubernetes. # and places them into suitable directories. Files are placed in /home/kubernetes.
function install-kube-binary-config { function install-kube-binary-config {
cd "${KUBE_HOME}" cd "${KUBE_HOME}"
local -r server_binary_tar_urls=( $(split-commas "${SERVER_BINARY_TAR_URL}") ) local server_binary_tar_urls
while IFS= read -r url; do
server_binary_tar_urls+=("$url")
done < <(split-commas "${SERVER_BINARY_TAR_URL}")
local -r server_binary_tar="${server_binary_tar_urls[0]##*/}" local -r server_binary_tar="${server_binary_tar_urls[0]##*/}"
if [[ -n "${SERVER_BINARY_TAR_HASH:-}" ]]; then if [[ -n "${SERVER_BINARY_TAR_HASH:-}" ]]; then
local -r server_binary_tar_hash="${SERVER_BINARY_TAR_HASH}" local -r server_binary_tar_hash="${SERVER_BINARY_TAR_HASH}"
@ -640,7 +646,7 @@ else
exit 2 exit 2
fi fi
fi fi
echo "Version : " $(${PYTHON} -V 2>&1) echo "Version : $(${PYTHON} -V 2>&1)"
# download and source kube-env # download and source kube-env
download-kube-env download-kube-env

View File

@ -1 +0,0 @@
./cluster/gce/gci/configure.sh