From 50734fd3646b89c98d0a724e0b84bed8b9ccebc3 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sun, 27 Feb 2022 08:30:27 -0500 Subject: [PATCH] cleanups and renames (#784) * rename _append_* functions to _prepend_* * improve code flow * be more standard with shellcheck disables --- src/_utils/_git_secret_tools.sh | 37 +++++++++++++------------ src/_utils/_git_secret_tools_freebsd.sh | 2 +- src/_utils/_git_secret_tools_linux.sh | 2 +- src/_utils/_git_secret_tools_osx.sh | 2 +- src/commands/git_secret_add.sh | 2 +- src/commands/git_secret_cat.sh | 2 +- src/commands/git_secret_changes.sh | 4 +-- src/commands/git_secret_clean.sh | 2 +- src/commands/git_secret_hide.sh | 6 ++-- src/commands/git_secret_init.sh | 4 +-- src/commands/git_secret_remove.sh | 2 +- src/commands/git_secret_reveal.sh | 2 +- src/commands/git_secret_tell.sh | 4 +-- src/version.sh | 2 +- tests/test_changes.bats | 12 ++++---- 15 files changed, 43 insertions(+), 42 deletions(-) diff --git a/src/_utils/_git_secret_tools.sh b/src/_utils/_git_secret_tools.sh index 86675890..1d5d3639 100644 --- a/src/_utils/_git_secret_tools.sh +++ b/src/_utils/_git_secret_tools.sh @@ -33,7 +33,7 @@ fi : "${TMPDIR:=/tmp}" # AWK scripts: -# shellcheck disable=2016 +# shellcheck disable=SC2016 AWK_FSDB_HAS_RECORD=' BEGIN { FS=":"; OFS=":"; cnt=0; } { @@ -45,7 +45,7 @@ BEGIN { FS=":"; OFS=":"; cnt=0; } END { if ( cnt > 0 ) print "0"; else print "1"; } ' -# shellcheck disable=2016 +# shellcheck disable=SC2016 AWK_FSDB_RM_RECORD=' BEGIN { FS=":"; OFS=":"; } { @@ -56,7 +56,7 @@ BEGIN { FS=":"; OFS=":"; } } ' -# shellcheck disable=2016 +# shellcheck disable=SC2016 AWK_FSDB_CLEAR_HASHES=' BEGIN { FS=":"; OFS=":"; } { @@ -64,7 +64,7 @@ BEGIN { FS=":"; OFS=":"; } } ' -# shellcheck disable=2016 +# shellcheck disable=SC2016 AWK_GPG_VER_CHECK=' /^gpg/{ version=$3 @@ -103,6 +103,7 @@ GPG_VER_MIN_21="$($SECRETS_GPG_COMMAND --version | gawk "$AWK_GPG_VER_CHECK")" # Bash: +# echos 0 if function exists, otherwise non-zero function _function_exists { local function_name="$1" # required @@ -306,7 +307,7 @@ function _maybe_create_gitignore { # This function creates '.gitignore' if it was missing. local full_path - full_path=$(_append_root_path '.gitignore') + full_path=$(_prepend_root_path '.gitignore') if [[ ! -f "$full_path" ]]; then touch "$full_path" @@ -323,7 +324,7 @@ function _add_ignored_file { _maybe_create_gitignore local full_path - full_path=$(_append_root_path '.gitignore') + full_path=$(_prepend_root_path '.gitignore') printf '%q\n' "$filename" >> "$full_path" } @@ -366,7 +367,7 @@ function _get_git_root_path { # Relative paths: -function _append_root_path { +function _prepend_root_path { # This function adds root path to any other path. local path="$1" # required @@ -380,11 +381,11 @@ function _append_root_path { # if passed a name like 'filename.txt', returns a full path in the repo # For #710: if we are in a subdir, fixup the path with the subdir -function _append_relative_root_path { +function _prepend_relative_root_path { local path="$1" # required local full_path - full_path=$(_append_root_path "$path") + full_path=$(_prepend_root_path "$path") local subdir subdir=$(git rev-parse --show-prefix) # get the subdir of repo, like "subdir/" @@ -396,27 +397,27 @@ function _append_relative_root_path { } function _get_secrets_dir { - _append_root_path "${_SECRETS_DIR}" + _prepend_root_path "${_SECRETS_DIR}" } function _get_secrets_dir_keys { - _append_root_path "${_SECRETS_DIR_KEYS}" + _prepend_root_path "${_SECRETS_DIR_KEYS}" } function _get_secrets_dir_path { - _append_root_path "${_SECRETS_DIR_PATHS}" + _prepend_root_path "${_SECRETS_DIR_PATHS}" } function _get_secrets_dir_keys_trustdb { - _append_root_path "${_SECRETS_DIR_KEYS_TRUSTDB}" + _prepend_root_path "${_SECRETS_DIR_KEYS_TRUSTDB}" } function _get_secrets_dir_paths_mapping { - _append_root_path "${_SECRETS_DIR_PATHS_MAPPING}" + _prepend_root_path "${_SECRETS_DIR_PATHS_MAPPING}" } @@ -475,7 +476,7 @@ function _find_and_clean { local root root=$(_get_git_root_path) - # shellcheck disable=2086 + # shellcheck disable=SC2086 find "$root" -path "$pattern" -type f -print0 | xargs -0 rm -f$verbose_opt } @@ -710,15 +711,15 @@ function _get_users_in_gpg_keyring { result=$($SECRETS_GPG_COMMAND "${args[@]}" --no-permission-warning --list-public-keys --with-colon --fixed-list-mode | \ gawk -F: '$1=="uid"' ) + local emails + emails=$(_extract_emails_from_gpg_output "$result") + # For #508 / #552: warn user if gpg indicates keys are one of: # i=invalid, d=disabled, r=revoked, e=expired, n=not valid # See https://github.com/gpg/gnupg/blob/master/doc/DETAILS#field-2---validity # for more on gpg 'validity codes'. local invalid_lines invalid_lines=$(echo "$result" | gawk -F: '$2=="i" || $2=="d" || $2=="r" || $2=="e" || $2=="n"') - local emails - emails=$(_extract_emails_from_gpg_output "$result") - local emails_with_invalid_keys emails_with_invalid_keys=$(_extract_emails_from_gpg_output "$invalid_lines") diff --git a/src/_utils/_git_secret_tools_freebsd.sh b/src/_utils/_git_secret_tools_freebsd.sh index 7e66a11a..7e88655f 100644 --- a/src/_utils/_git_secret_tools_freebsd.sh +++ b/src/_utils/_git_secret_tools_freebsd.sh @@ -3,7 +3,7 @@ # support for freebsd. Mostly the same as MacOS. -# shellcheck disable=1117 +# shellcheck disable=SC1117 function __replace_in_file_freebsd { sed -i.bak "s/^\($1[[:space:]]*=[[:space:]]*\).*\$/\1$2/" "$3" } diff --git a/src/_utils/_git_secret_tools_linux.sh b/src/_utils/_git_secret_tools_linux.sh index 0c977316..1bf32a45 100644 --- a/src/_utils/_git_secret_tools_linux.sh +++ b/src/_utils/_git_secret_tools_linux.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash -# shellcheck disable=1117 +# shellcheck disable=SC1117 function __replace_in_file_linux { sed -i.bak "s/^\($1\s*=\s*\).*\$/\1$2/" "$3" } diff --git a/src/_utils/_git_secret_tools_osx.sh b/src/_utils/_git_secret_tools_osx.sh index ac20d960..7fc33ce1 100644 --- a/src/_utils/_git_secret_tools_osx.sh +++ b/src/_utils/_git_secret_tools_osx.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash -# shellcheck disable=1117 +# shellcheck disable=SC1117 function __replace_in_file_osx { sed -i.bak "s/^\($1[[:space:]]*=[[:space:]]*\).*\$/\1$2/" "$3" } diff --git a/src/commands/git_secret_add.sh b/src/commands/git_secret_add.sh index ac5a7a4d..389d1534 100644 --- a/src/commands/git_secret_add.sh +++ b/src/commands/git_secret_add.sh @@ -32,7 +32,7 @@ function add { local path # absolute path local normalized_path # relative to the .git dir normalized_path=$(_git_normalize_filename "$item") - path=$(_append_root_path "$normalized_path") + path=$(_prepend_root_path "$normalized_path") # check that the file is not tracked local in_git diff --git a/src/commands/git_secret_cat.sh b/src/commands/git_secret_cat.sh index ef2b63bb..df8a2316 100644 --- a/src/commands/git_secret_cat.sh +++ b/src/commands/git_secret_cat.sh @@ -32,7 +32,7 @@ function cat { local path filename=$(_get_record_filename "$line") - path=$(_append_relative_root_path "$filename") # this uses the _relative version because of #710 + path=$(_prepend_relative_root_path "$filename") # this uses the _relative version because of #710 # The parameters are: filename, write-to-file, force, homedir, passphrase _decrypt "$path" "0" "0" "$homedir" "$passphrase" diff --git a/src/commands/git_secret_changes.sh b/src/commands/git_secret_changes.sh index 273c1c99..4da3ac38 100644 --- a/src/commands/git_secret_changes.sh +++ b/src/commands/git_secret_changes.sh @@ -42,10 +42,10 @@ function changes { _abort "cannot find encrypted version of file: $filename" fi if [[ -n "$normalized_path" ]]; then - path=$(_append_root_path "$normalized_path") + path=$(_prepend_root_path "$normalized_path") else # Path was already normalized - path=$(_append_root_path "$filename") + path=$(_prepend_root_path "$filename") fi if [[ ! -f "$path" ]]; then diff --git a/src/commands/git_secret_clean.sh b/src/commands/git_secret_clean.sh index 0e3dbb3c..82233e93 100644 --- a/src/commands/git_secret_clean.sh +++ b/src/commands/git_secret_clean.sh @@ -4,7 +4,7 @@ function clean { OPTIND=1 - # shellcheck disable=2034 + # shellcheck disable=SC2034 while getopts 'vh' opt; do case "$opt" in v) _SECRETS_VERBOSE=1;; diff --git a/src/commands/git_secret_hide.sh b/src/commands/git_secret_hide.sh index 918c922e..74e6fbda 100644 --- a/src/commands/git_secret_hide.sh +++ b/src/commands/git_secret_hide.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# shellcheck disable=2016 +# shellcheck disable=SC2016 AWK_FSDB_UPDATE_HASH=' BEGIN { FS=":"; OFS=":"; } { @@ -149,8 +149,8 @@ function hide { local input_path local output_path - input_path=$(_append_root_path "$filename") - output_path=$(_append_root_path "$encrypted_filename") + input_path=$(_prepend_root_path "$filename") + output_path=$(_prepend_root_path "$encrypted_filename") # Checking that file is valid: if [[ ! -f "$input_path" ]]; then diff --git a/src/commands/git_secret_init.sh b/src/commands/git_secret_init.sh index 0480055e..3b15de60 100644 --- a/src/commands/git_secret_init.sh +++ b/src/commands/git_secret_init.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# shellcheck disable=2016 +# shellcheck disable=SC2016 AWK_ADD_TO_GITIGNORE=' BEGIN { cnt=0 @@ -33,7 +33,7 @@ function gitignore_add_pattern { local gitignore_file_path pattern="$1" - gitignore_file_path=$(_append_root_path '.gitignore') + gitignore_file_path=$(_prepend_root_path '.gitignore') _maybe_create_gitignore _gawk_inplace -v pattern="$pattern" "'$AWK_ADD_TO_GITIGNORE'" "$gitignore_file_path" diff --git a/src/commands/git_secret_remove.sh b/src/commands/git_secret_remove.sh index 6fb5febd..9eeff190 100644 --- a/src/commands/git_secret_remove.sh +++ b/src/commands/git_secret_remove.sh @@ -31,7 +31,7 @@ function remove { local path # absolute path local normalized_path # relative to .git folder normalized_path=$(_git_normalize_filename "$item") - path=$(_append_root_path "$normalized_path") + path=$(_prepend_root_path "$normalized_path") # Checking if file exists: if [[ ! -f "$path" ]]; then diff --git a/src/commands/git_secret_reveal.sh b/src/commands/git_secret_reveal.sh index a3a48142..bd56b4bc 100644 --- a/src/commands/git_secret_reveal.sh +++ b/src/commands/git_secret_reveal.sh @@ -55,7 +55,7 @@ function reveal { local filename local path filename=$(_get_record_filename "$line") - path=$(_append_relative_root_path "$filename") # this uses the _relative version because of #710 + path=$(_prepend_relative_root_path "$filename") # this uses the _relative version because of #710 if [[ "$filename" == *"$SECRETS_EXTENSION" ]]; then _abort "cannot decrypt to secret version of file: $filename" diff --git a/src/commands/git_secret_tell.sh b/src/commands/git_secret_tell.sh index 1ab7e9fd..94ae1fe6 100644 --- a/src/commands/git_secret_tell.sh +++ b/src/commands/git_secret_tell.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# shellcheck disable=2016 +# shellcheck disable=SC2016 AWK_GPG_KEY_CNT=' BEGIN { cnt=0; OFS=":"; FS=":"; } flag=0; $1 == "pub" { cnt++ } @@ -77,7 +77,7 @@ function tell { start_key_cnt=$(get_gpg_key_count) for email in "${emails[@]}"; do _temporary_file # note that `_temporary_file` will export `temporary_filename` var. - # shellcheck disable=2154 + # shellcheck disable=SC2154 local keyfile="$temporary_filename" # 3>&- closes fd 3 for bats, see https://github.com/bats-core/bats-core#file-descriptor-3-read-this-if-bats-hangs diff --git a/src/version.sh b/src/version.sh index a3d93181..e0d2c12a 100644 --- a/src/version.sh +++ b/src/version.sh @@ -1,4 +1,4 @@ #!/usr/bin/env bash -# shellcheck disable=2034 +# shellcheck disable=SC2034 GITSECRET_VERSION='0.5.0-alpha1' diff --git a/tests/test_changes.bats b/tests/test_changes.bats index e36d4065..9d799232 100644 --- a/tests/test_changes.bats +++ b/tests/test_changes.bats @@ -57,7 +57,7 @@ function teardown { # Testing that output has both filename and changes: local fullpath - fullpath=$(_append_root_path "$FILE_TO_HIDE") + fullpath=$(_prepend_root_path "$FILE_TO_HIDE") [[ "$output" == *"changes in $fullpath"* ]] [[ "$output" == *"hidden content юникод"* ]] [[ "$output" == *"+$new_content"* ]] @@ -102,7 +102,7 @@ function teardown { # Testing that output has both filename and changes: local fullpath - fullpath=$(_append_root_path "$FILE_TO_HIDE") + fullpath=$(_prepend_root_path "$FILE_TO_HIDE") [[ "$output" == *"changes in $fullpath"* ]] [[ "$output" == *"-$FILE_CONTENTS"* ]] [[ "$output" == *"+$new_content"* ]] @@ -137,13 +137,13 @@ function teardown { # Testing that output has both filename and changes: local fullpath - fullpath=$(_append_root_path "$FILE_TO_HIDE") + fullpath=$(_prepend_root_path "$FILE_TO_HIDE") [[ "$output" == *"changes in $fullpath"* ]] [[ "$output" == *"+$new_content"* ]] local second_path - second_path=$(_append_root_path "$SECOND_FILE_TO_HIDE") + second_path=$(_prepend_root_path "$SECOND_FILE_TO_HIDE") [[ "$output" == *"changes in $second_path"* ]] [[ "$output" == *"+$second_new_content"* ]] } @@ -165,12 +165,12 @@ function teardown { # Testing that output has both filename and changes: local fullpath - fullpath=$(_append_root_path "$FILE_TO_HIDE") + fullpath=$(_prepend_root_path "$FILE_TO_HIDE") [[ "$output" == *"changes in $fullpath"* ]] [[ "$output" == *"+$new_content"* ]] local second_path - second_path=$(_append_root_path "$SECOND_FILE_TO_HIDE") + second_path=$(_prepend_root_path "$SECOND_FILE_TO_HIDE") [[ "$output" == *"changes in $second_path"* ]] [[ "$output" == *"+$second_new_content"* ]] }