-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Conversation
apeschel
commented
Apr 1, 2021
- Set pipefail
- Explicitly define all external variables used in this script
- Remove extraneous whitespace
- Correct shellcheck issues
- Consistently use shell builtins for logic
- Lower case for local variable names
- Better variable name for failed downloads
Some cleanup I did while debugging this script for keycloak/keycloak-operator#340 On a side note, it appears da4b38c#diff-51b1ab20d6e750a4464ec80bb5021a47be580d89ccc4cd25427ee812c5893347L33-R44 |
@apeschel Thank you for your contribution. Could you please create a JIRA and squash your commits? See the contribution guide. |
As this is (among other changes) fixes a critical issue, created a JIRA for it: https://issues.redhat.com/browse/KEYCLOAK-18143 |
@iankko @drichtarik Could you please review? |
|
||
EXTENSIONS_VOLUME="${EXTENSIONS_VOLUME:-/opt/extensions}" | ||
shopt -so errexit pipefail |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In which way the meaning of the previous shopt
commad differs from set -xeuo pipefail
? Did shellcheck
suggest this form for you?
Or if the display of expanded PS4
value isn't desired, could set -euo pipefail
form be used? The latter form looks a more commonly used one for me, but that's just a nuance.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@iankko shopt
is a personal preference/style thing - I just find shopt has a cleaner interface than set.
I'll switch it to set
since that appears to be the local preference.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@iankko I'm curious where the set -xeuo pipefail
comes from though -- there was just a -e
on the shebang line previously.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@iankko I'm curious where the
set -xeuo pipefail
comes from though -- there was just a-e
on the shebang line previously.
From other scripts in this repo, e.g. here:
https://github.com/keycloak/keycloak-containers/blob/master/server/tools/docker-entrypoint.sh#L2
The -x
there is just to print the expanded form of the statements to be executed. Can be removed if not desired.
else | ||
echo -e "Can not download the extension: $EXTENSION_URL\nError code: $STATUS_CODE" | ||
((STATUS+=1)) | ||
echo -e "Can not download the extension: $extension_url\nError code: $status_code" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
... $extension_url\nError code:
...
Would the above better to be enclosed in curly brackets, IOW ... ${extension_url}\nError code:
... (unsure if \n
character is enough Bash not to try to expand the $extension_url\nError
variable instead. Maybe it is).
echo -e "Can not download the extension: $EXTENSION_URL\nError code: $STATUS_CODE" | ||
((STATUS+=1)) | ||
echo -e "Can not download the extension: $extension_url\nError code: $status_code" | ||
((FAILED_DOWNLOADS+=1)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since changing variable names to lowercase, should this one be lowercased too?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's being used as a global variable, which I typically leave uppercase -- would you prefer it to be lowercase?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok to keep it uppercase then.
} | ||
|
||
mkdir -p "$EXTENSIONS_VOLUME" | ||
if ! cd "$EXTENSIONS_VOLUME"; then | ||
echo "Cannot cd to $EXTENSIONS_VOLUME" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/"Cannot cd to $EXTENSIONS_VOLUME"/"Failed to change directory to $EXTENSIONS_VOLUME"/g
?
(error message shouldn't contain additional script commands / statements, but rather explain the reason in human language. But maybe again just issue of taste / nuance).
STATUS=0 | ||
for EXT in ${KEYCLOAK_EXTENSION[@]} ; do | ||
download_extension "$EXT" | ||
FAILED_DOWNLOADS=0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If going to lowercase this one, should be lowercased here too.
download_extension "$EXT" | ||
FAILED_DOWNLOADS=0 | ||
|
||
for EXT in ${KEYCLOAK_EXTENSIONS[*]}; do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is where set -u
above would help to catch this kind of variable names typo.
echo | ||
echo -e "Extensions.sh script failed at downloading all required extensions, number of failed downloads: $STATUS \n" | ||
echo -e "Extensions.sh script failed at downloading all required extensions, number of failed downloads: $FAILED_DOWNLOADS \n" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/...failed at downloading all.../...failed to download all.../g
?
Again, if FAILED_DOWNLOADS
is going to be lowercased, it should be lowercased two times here (lines #58
and #60
).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/LGTM Thanks, @apeschel. Just couple of comments / nuances to clarify yet.
@iankko Thanks for the review! I've been pretty busy so it took a while to get to following up. I made all your suggested changes, with the exception of the |
Thank you for the changes! Ok to keep The change LGTM. But could you squash the three commits into one final one, yet? Thank you. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM (once the commits are squashed).
* Set pipefail * Explicitly define all external variables used in this script * Remove extraneous whitespace * Correct shellcheck issues * Consistently use shell builtins for logic * Lower case for local variable names * Better variable name for failed downloads
@iankko sqauashed |
@apeschel Brilliant, TYVM! One kind request yet though. The That means, once you rebase this PR against the current Thanks! |
@iankko I already rebased on master when I squashed, there no merge conflict with master :) |
FILENAME="$F" | ||
if ! grep -q -i '^< content-disposition:.*filename=' /tmp/headers; then | ||
local F | ||
F="$(od -N8 -tx1 -An -v /dev/urandom | tr -d "").jar" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This produces a filename with whitespaces included. See #390.
F="$(od -N8 -tx1 -An -v /dev/urandom | tr -d "").jar" | |
F="$(od -N8 -tx1 -An -v /dev/urandom | tr -d " ").jar" |
F="$(od -N8 -tx1 -An -v /dev/urandom | tr -d "").jar" | |
F="$(head -c8 /dev/urandom | xxd -p).jar" |
With Keycloak 20 the WildFly based distribution is no longer supported. For the newer Quarkus distribution of Keycloak, check out the new documentation, or the updated container sources. |