shellcheck: fix lint of package helper bash scripts

This commit is contained in:
Otto Sabart 2022-08-16 21:00:00 +02:00 committed by Erik Arvstedt
parent 9a92d29111
commit a59c3b4b8a
No known key found for this signature in database
GPG Key ID: 33312B944DD97846
8 changed files with 55 additions and 53 deletions

View File

@ -11,4 +11,4 @@ archive_hash () {
echo "Fetching latest lightningd/plugins release"
latest=$(git ls-remote https://github.com/lightningd/plugins master | cut -f 1)
echo "rev = \"${latest}\";"
echo "sha256 = \"$(archive_hash lightningd/plugins $latest)\";"
echo "sha256 = \"$(archive_hash lightningd/plugins "$latest")\";"

View File

@ -8,18 +8,18 @@ repo=https://github.com/Ride-The-Lightning/c-lightning-REST
scriptDir=$(cd "${BASH_SOURCE[0]%/*}" && pwd)
updateSrc() {
TMPDIR="$(mktemp -d /tmp/clightning-rest.XXX)"
trap "rm -rf $TMPDIR" EXIT
TMPDIR=$(mktemp -d /tmp/clightning-rest.XXX)
trap 'rm -rf $TMPDIR' EXIT
# Fetch and verify source tarball
export GNUPGHOME=$TMPDIR
# Fetch saubyk's key
gpg --keyserver hkps://keyserver.ubuntu.com --recv-key 3E9BD4436C288039CA827A9200C9E2BC2E45666F
file=v${version}.tar.gz
wget -P $TMPDIR $repo/archive/refs/tags/$file
wget -P $TMPDIR $repo/releases/download/v${version}/$file.asc
gpg --verify $TMPDIR/$file.asc $TMPDIR/$file
hash=$(nix hash file $TMPDIR/$file)
wget -P "$TMPDIR" "${repo}/archive/refs/tags/${file}"
wget -P "$TMPDIR" "${repo}/releases/download/v${version}/${file}.asc"
gpg --verify "${TMPDIR}/${file}.asc" "${TMPDIR}/${file}"
hash=$(nix hash file "${TMPDIR}/${file}")
sed -i "
s|\bversion = .*;|version = \"$version\";|
@ -28,7 +28,7 @@ updateSrc() {
}
updateNodeModulesHash() {
$scriptDir/../../helper/update-fixed-output-derivation.sh ./default.nix clightning-rest.nodeModules nodeModules
"$scriptDir/../../helper/update-fixed-output-derivation.sh" ./default.nix clightning-rest.nodeModules nodeModules
}
if [[ $# == 0 ]]; then
@ -36,5 +36,5 @@ if [[ $# == 0 ]]; then
updateSrc
updateNodeModulesHash
else
eval "$@"
"$@"
fi

View File

@ -3,23 +3,23 @@
set -euo pipefail
TMPDIR="$(mktemp -d -p /tmp)"
trap "rm -rf $TMPDIR" EXIT
cd $TMPDIR
trap 'rm -rf $TMPDIR' EXIT
cd "$TMPDIR"
echo "Fetching latest release"
git clone https://github.com/joinmarket-org/joinmarket-clientserver 2> /dev/null
cd joinmarket-clientserver
latest=$(git describe --tags `git rev-list --tags --max-count=1`)
echo "Latest release is ${latest}"
latest=$(git describe --tags "$(git rev-list --tags --max-count=1)")
echo "Latest release is $latest"
# GPG verification
export GNUPGHOME=$TMPDIR
echo "Fetching Adam Gibson's key"
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 2B6FC204D9BF332D062B461A141001A1AF77F20B 2> /dev/null
echo "Verifying latest release"
git verify-tag ${latest}
git verify-tag "$latest"
echo "tag: ${latest}"
echo "tag: $latest"
# The prefix option is necessary because GitHub prefixes the archive contents in this format
echo "sha256: $(nix-hash --type sha256 --flat --base32 \
<(git archive --format tar.gz --prefix=joinmarket-clientserver-"${latest//v}"/ ${latest}))"
<(git archive --format tar.gz --prefix=joinmarket-clientserver-"${latest//v}"/ "$latest"))"

View File

@ -14,4 +14,4 @@ version=$(
| sed -E 's|refs/tags/||g; s|((v)?(.*))|\1 \3|g' | sort -k 2 -V | tail -1 | cut -f 1 -d' '
)
echo "rev: ${version}"
echo "sha256: $(archive_hash krebs/krops $version)"
echo "sha256: $(archive_hash krebs/krops "$version")"

View File

@ -2,15 +2,15 @@
#! nix-shell -i bash -p git gnupg curl jq
set -euo pipefail
TMPDIR="$(mktemp -d -p /tmp)"
trap "rm -rf $TMPDIR" EXIT
cd $TMPDIR
TMPDIR=$(mktemp -d -p /tmp)
trap 'rm -rf $TMPDIR' EXIT
cd "$TMPDIR"
echo "Fetching latest release"
repo=lightninglabs/lndinit
latest=$(curl -fsS https://api.github.com/repos/$repo/releases/latest | jq -r .tag_name)
latest=$(curl -fsS "https://api.github.com/repos/$repo/releases/latest" | jq -r .tag_name)
echo "Latest release is $latest"
git clone --depth 1 --branch $latest https://github.com/lightninglabs/lndinit 2>/dev/null
git clone --depth 1 --branch "$latest" https://github.com/lightninglabs/lndinit 2>/dev/null
cd lndinit
# GPG verification
@ -18,9 +18,9 @@ export GNUPGHOME=$TMPDIR
echo "Fetching Oliver Gugger's key"
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys F4FC70F07310028424EFC20A8E4256593F177720 2> /dev/null
echo "Verifying latest release"
git verify-tag $latest
git verify-tag "$latest"
echo "tag: $latest"
git checkout -q tags/$latest
git checkout -q "tags/$latest"
rm -rf .git
nix hash path .

View File

@ -2,9 +2,9 @@
#! nix-shell -i bash -p git gnupg
set -euo pipefail
TMPDIR="$(mktemp -d -p /tmp)"
trap "rm -rf $TMPDIR" EXIT
cd $TMPDIR
TMPDIR=$(mktemp -d -p /tmp)
trap 'rm -rf $TMPDIR' EXIT
cd "$TMPDIR"
echo "Fetching latest release"
git clone https://github.com/simplexum/python-bitcointx 2> /dev/null
@ -17,8 +17,8 @@ export GNUPGHOME=$TMPDIR
echo "Fetching Dimitry Pethukov's Key"
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys B17A35BBA187395784E2A6B32301D26BDC15160D 2> /dev/null
echo "Verifying latest release"
git verify-commit ${latest}
git verify-commit "$latest"
echo "tag: ${latest}"
echo "tag: $latest"
# The prefix option is necessary because GitHub prefixes the archive contents in this format
echo "sha256: $(git archive --format tar.gz --prefix=python-bitcointx-"${latest}"/ ${latest} | sha256sum | cut -d\ -f1)"
echo "sha256: $(git archive --format tar.gz --prefix=python-bitcointx-"$latest"/ "$latest" | sha256sum | cut -d\ -f1)"

View File

@ -8,18 +8,19 @@ repo=https://github.com/Ride-The-Lightning/RTL
scriptDir=$(cd "${BASH_SOURCE[0]%/*}" && pwd)
updateSrc() {
TMPDIR="$(mktemp -d /tmp/rtl.XXX)"
trap "rm -rf $TMPDIR" EXIT
TMPDIR=$(mktemp -d /tmp/rtl.XXX)
trap 'rm -rf $TMPDIR' EXIT
# Fetch and verify source tarball
export GNUPGHOME=$TMPDIR
# Fetch saubyk's key
gpg --keyserver hkps://keyserver.ubuntu.com --recv-key 3E9BD4436C288039CA827A9200C9E2BC2E45666F
file=v${version}.tar.gz
wget -P $TMPDIR $repo/archive/refs/tags/$file
wget -P $TMPDIR $repo/releases/download/v${version}/$file.asc
gpg --verify $TMPDIR/$file.asc $TMPDIR/$file
hash=$(nix hash file $TMPDIR/$file)
file=v$version.tar.gz
wget -P "$TMPDIR" "$repo/archive/refs/tags/$file"
wget -P "$TMPDIR" "$repo/releases/download/v$version/$file.asc"
gpg --verify "$TMPDIR/$file.asc" "$TMPDIR/$file"
hash=$(nix hash file "$TMPDIR/$file")
sed -i "
s|\bversion = .*;|version = \"$version\";|
@ -28,7 +29,7 @@ updateSrc() {
}
updateNodeModulesHash() {
$scriptDir/../../helper/update-fixed-output-derivation.sh ./default.nix rtl.nodeModules nodeModules
"$scriptDir/../../helper/update-fixed-output-derivation.sh" ./default.nix rtl.nodeModules nodeModules
}
if [[ $# == 0 ]]; then
@ -36,5 +37,5 @@ if [[ $# == 0 ]]; then
updateSrc
updateNodeModulesHash
else
eval "$@"
"$@"
fi

View File

@ -2,44 +2,45 @@
#! nix-shell -i bash -p nodePackages.node2nix gnupg wget jq moreutils gnused
set -euo pipefail
TMPDIR="$(mktemp -d -p /tmp)"
trap "rm -rf $TMPDIR" EXIT
TMPDIR=$(mktemp -d -p /tmp)
trap 'rm -rf $TMPDIR' EXIT
version="0.3.1"
repo=https://github.com/shesek/spark-wallet
# Fetch and verify source tarball
file=spark-wallet-${version}-npm.tgz
url=$repo/releases/download/v$version/$file
url=$repo/releases/download/v${version}/$file
export GNUPGHOME=$TMPDIR
gpg --keyserver hkps://keyserver.ubuntu.com --recv-key FCF19B67866562F08A43AAD681F6104CD0F150FC
wget -P $TMPDIR $url
wget -P $TMPDIR $repo/releases/download/v$version/SHA256SUMS.asc
gpg --verify $TMPDIR/SHA256SUMS.asc
(cd $TMPDIR; sha256sum --check --ignore-missing SHA256SUMS.asc)
hash=$(nix hash file $TMPDIR/$file)
wget -P "$TMPDIR" "$url"
wget -P "$TMPDIR" "$repo/releases/download/v${version}/SHA256SUMS.asc"
gpg --verify "$TMPDIR/SHA256SUMS.asc"
(cd "$TMPDIR"; sha256sum --check --ignore-missing SHA256SUMS.asc)
hash=$(nix hash file "$TMPDIR/$file")
# Extract source
src=$TMPDIR/src
mkdir $src
tar xvf $TMPDIR/$file -C $src --strip-components 1 >/dev/null
mkdir "$src"
tar xvf "$TMPDIR/$file" -C "$src" --strip-components 1 >/dev/null
# Make qrcode-terminal a strict dependency so that node2nix includes it in the package derivation.
jq '.dependencies["qrcode-terminal"] = .optionalDependencies["qrcode-terminal"]' $src/package.json | sponge $src/package.json
jq '.dependencies["qrcode-terminal"] = .optionalDependencies["qrcode-terminal"]' "$src/package.json" | sponge "$src/package.json"
node2nix \
--nodejs-14 \
--input $src/package.json \
--lock $src/npm-shrinkwrap.json \
--input "$src/package.json" \
--lock "$src/npm-shrinkwrap.json" \
--composition composition.nix \
--no-copy-node-env
# Use node-env.nix from nixpkgs
# shellcheck disable=SC2016
nodeEnvImport='import "${toString pkgs.path}/pkgs/development/node-packages/node-env.nix"'
sed -i "s|import ./node-env.nix|$nodeEnvImport|" composition.nix
# Use the verified package src
read -d '' fetchurl <<EOF || :
read -rd '' fetchurl <<EOF || :
fetchurl {
url = "$url";
hash = "$hash";