From c2b8f99d1f900e049594eb86fa2cd0803be310c8 Mon Sep 17 00:00:00 2001
From: Tobias Powalowski <tpowa@archlinux.org>
Date: Sun, 20 Feb 2022 10:15:57 +0100
Subject: [PATCH] shellcheck code cleanup, enable parallel building for both
 architectures

---
 usr/bin/archboot-aarch64-create-repository.sh |  2 +-
 .../archboot-aarch64-pacman-chroot-tarball.sh | 56 ++++++++-----------
 usr/bin/archboot-binary-check.sh              |  7 ++-
 usr/bin/archboot-mkkeys.sh                    | 10 ++--
 usr/bin/archboot-update-installer.sh          |  2 +-
 usr/bin/archboot-x86_64-create-repository.sh  |  2 +-
 usr/bin/archboot-x86_64-server-release.sh     |  2 +-
 usr/lib/archboot/bootloader_functions         |  2 +-
 usr/lib/archboot/container_functions          | 15 ++---
 usr/lib/archboot/repository_functions         |  1 +
 usr/lib/archboot/server_functions             | 14 +++--
 .../archboot_base_common_update_installer     |  8 +--
 .../install/archboot_net_update_installer     |  2 +-
 13 files changed, 61 insertions(+), 62 deletions(-)

diff --git a/usr/bin/archboot-aarch64-create-repository.sh b/usr/bin/archboot-aarch64-create-repository.sh
index ac4e89466..b0884c66c 100755
--- a/usr/bin/archboot-aarch64-create-repository.sh
+++ b/usr/bin/archboot-aarch64-create-repository.sh
@@ -5,7 +5,7 @@ source /usr/lib/archboot/container_functions
 source /usr/lib/archboot/repository_functions
 _ARCHBOOT="archboot-arm"
 [[ -d "${1}" ]] || (echo "Create directory ${1} ..."; mkdir "${1}")
-_REPODIR="$(mktemp -d ${1}/repository.XXX)"
+_REPODIR="$(mktemp -d "${1}"/repository.XXX)"
 _CACHEDIR="${_REPODIR}/var/cache/pacman/pkg"
 [[ -z "${1}" ]] && _usage
 _root_check
diff --git a/usr/bin/archboot-aarch64-pacman-chroot-tarball.sh b/usr/bin/archboot-aarch64-pacman-chroot-tarball.sh
index c605cf4c6..9d83b4a85 100755
--- a/usr/bin/archboot-aarch64-pacman-chroot-tarball.sh
+++ b/usr/bin/archboot-aarch64-pacman-chroot-tarball.sh
@@ -1,7 +1,6 @@
 #!/usr/bin/env bash
 # created by Tobias Powalowski <tpowa@archlinux.org>
 source /usr/lib/archboot/functions
-_DIR=""
 _LATEST_ARM64="http://os.archlinuxarm.org/os/ArchLinuxARM-aarch64-latest.tar.gz"
 _PACMAN_CHROOT="pacman-aarch64-chroot"
 _KEYRING="archlinuxarm"
@@ -10,61 +9,52 @@ _usage () {
     echo "CREATE AARCH64 PACMAN CHROOT"
     echo "-----------------------------"
     echo "This will create an aarch64 pacman chroot tarball on x86_64"
-    echo "Usage: ${_BASENAME} <directory> <options>"
+    echo "Usage: ${_BASENAME} <directory>"
     exit 0
 }
 
 [[ -z "${1}" ]] && _usage
 
-_DIR="$1"
-
-while [ $# -gt 0 ]; do
-    case ${1} in
-        -cc|--cc) _SAVE_RAM="1" ;;
-    esac
-    shift
-done
-
 _root_check
 _x86_64_check
 
 echo "Starting container creation ..."
-echo "Create directory ${_DIR} ..."
-mkdir -p "${_DIR}"/"${_PACMAN_CHROOT}"
+echo "Create directory ${1} ..."
+mkdir -p "${1}"/"${_PACMAN_CHROOT}"
 echo "Downloading archlinuxarm aarch64..."
 ! [[ -f ArchLinuxARM-aarch64-latest.tar.gz ]] && wget "${_LATEST_ARM64}" >/dev/null 2>&1
-bsdtar -xf ArchLinuxARM-aarch64-latest.tar.gz -C "${_DIR}"
+bsdtar -xf ArchLinuxARM-aarch64-latest.tar.gz -C "${1}"
 echo "Removing installation tarball ..."
 rm ArchLinuxARM-aarch64-latest.tar.gz
-_generate_locales
-_generate_keyring
+_generate_locales "${1}"
+_generate_keyring "${1}"
 # enable parallel downloads
-sed -i -e 's:^#ParallelDownloads:ParallelDownloads:g' "${_DIR}"/etc/pacman.conf
+sed -i -e 's:^#ParallelDownloads:ParallelDownloads:g' "${1}"/etc/pacman.conf
 # fix network in container
-rm "${_DIR}/etc/resolv.conf"
-echo "nameserver 8.8.8.8" > "${_DIR}/etc/resolv.conf"
+rm "${1}/etc/resolv.conf"
+echo "nameserver 8.8.8.8" > "${1}/etc/resolv.conf"
 # update container to latest packages
 echo "Installing pacman to container ..."
-mkdir -p "${_DIR}/${_PACMAN_CHROOT}/var/lib/pacman"
+mkdir -p "${1}/${_PACMAN_CHROOT}/var/lib/pacman"
 sleep 1
-systemd-nspawn -D "${_DIR}" pacman --root "/${_PACMAN_CHROOT}" -Sy awk pacman --ignore systemd-resolvconf --noconfirm >/dev/null 2>&1
+systemd-nspawn -D "${1}" pacman --root "/${_PACMAN_CHROOT}" -Sy awk pacman --ignore systemd-resolvconf --noconfirm >/dev/null 2>&1
 # generate pacman keyring
 echo "Generate pacman keyring in container ..."
-systemd-nspawn -D "${_DIR}/${_PACMAN_CHROOT}" pacman-key --init >/dev/null 2>&1
-systemd-nspawn -D "${_DIR}/${_PACMAN_CHROOT}" pacman-key --populate archlinuxarm >/dev/null 2>&1
-sed -i -e 's:^#ParallelDownloads:ParallelDownloads:g' "${_DIR}/${_PACMAN_CHROOT}"/etc/pacman.conf
+systemd-nspawn -D "${1}/${_PACMAN_CHROOT}" pacman-key --init >/dev/null 2>&1
+systemd-nspawn -D "${1}/${_PACMAN_CHROOT}" pacman-key --populate archlinuxarm >/dev/null 2>&1
+sed -i -e 's:^#ParallelDownloads:ParallelDownloads:g' "${1}/${_PACMAN_CHROOT}"/etc/pacman.conf
 # copy locale
 echo "Copying locales to container ..."
-cp "${_DIR}/usr/lib/locale/locale-archive" "${_DIR}/${_PACMAN_CHROOT}/usr/lib/locale/locale-archive"
+cp "${1}/usr/lib/locale/locale-archive" "${1}/${_PACMAN_CHROOT}/usr/lib/locale/locale-archive"
 # fix network in container
-rm "${_DIR}/${_PACMAN_CHROOT}/etc/resolv.conf"
-echo "nameserver 8.8.8.8" > "${_DIR}/${_PACMAN_CHROOT}/etc/resolv.conf"
-echo "Clean container, delete not needed files from ${_DIR}/${_PACMAN_CHROOT} ..."
-rm -r "${_DIR}/${_PACMAN_CHROOT}"/usr/include
-rm -r "${_DIR}/${_PACMAN_CHROOT}"/usr/share/{man,doc,info}
+rm "${1}/${_PACMAN_CHROOT}/etc/resolv.conf"
+echo "nameserver 8.8.8.8" > "${1}/${_PACMAN_CHROOT}/etc/resolv.conf"
+echo "Clean container, delete not needed files from ${1}/${_PACMAN_CHROOT} ..."
+rm -r "${1}/${_PACMAN_CHROOT}"/usr/include
+rm -r "${1}/${_PACMAN_CHROOT}"/usr/share/{man,doc,info}
 echo "Generating tarball ..."
-tar -acf ${_PACMAN_CHROOT}-latest.tar.zst -C "${_DIR}"/"${_PACMAN_CHROOT}" .
-echo " Removing ${_DIR} ..."
-rm -r "${_DIR}"
+tar -acf ${_PACMAN_CHROOT}-latest.tar.zst -C "${1}"/"${_PACMAN_CHROOT}" .
+echo " Removing ${1} ..."
+rm -r "${1}"
 echo "Finished container tarball."
 
diff --git a/usr/bin/archboot-binary-check.sh b/usr/bin/archboot-binary-check.sh
index f002e61bb..a02226a7f 100755
--- a/usr/bin/archboot-binary-check.sh
+++ b/usr/bin/archboot-binary-check.sh
@@ -21,7 +21,8 @@ if [[ ! "$(cat /etc/hostname)" == "archboot" ]]; then
     exit 1
 fi
 
-echo $1 >binary.txt
-for i in $(pacman -Ql $1 | grep "/usr/bin/..*"$ | cut -d' ' -f2);do
-	which $i >/dev/null || echo $i>>binary.txt 
+echo "${1}" >binary.txt
+#shellcheck disable=SC2086
+for i in $(pacman -Ql ${1} | grep "/usr/bin/..*"$ | cut -d' ' -f2);do
+	which "${i}" >/dev/null || echo "${i}">>binary.txt 
 done
diff --git a/usr/bin/archboot-mkkeys.sh b/usr/bin/archboot-mkkeys.sh
index 3c71e993d..b84f6af87 100755
--- a/usr/bin/archboot-mkkeys.sh
+++ b/usr/bin/archboot-mkkeys.sh
@@ -4,7 +4,7 @@
 # replaced GUID with uuidgen 
 
 echo -n "Enter a Common Name to embed in the keys: "
-read NAME
+read -r NAME
 
 openssl req -new -x509 -newkey rsa:2048 -subj "/CN=$NAME PK/" -keyout PK.key \
         -out PK.crt -days 3650 -nodes -sha256
@@ -18,9 +18,9 @@ openssl x509 -in DB.crt -out DB.cer -outform DER
 
 uuidgen > myGUID.txt
 
-cert-to-efi-sig-list -g $GUID PK.crt PK.esl
-cert-to-efi-sig-list -g $GUID KEK.crt KEK.esl
-cert-to-efi-sig-list -g $GUID DB.crt DB.esl
+cert-to-efi-sig-list -g "$GUID" PK.crt PK.esl
+cert-to-efi-sig-list -g "$GUID" KEK.crt KEK.esl
+cert-to-efi-sig-list -g "$GUID" DB.crt DB.esl
 rm -f noPK.esl
 touch noPK.esl
 
@@ -33,7 +33,7 @@ sign-efi-sig-list -t "$(date --date='1 second' +'%Y-%m-%d %H:%M:%S')" \
 sign-efi-sig-list -t "$(date --date='1 second' +'%Y-%m-%d %H:%M:%S')" \
                   -k KEK.key -c KEK.crt db DB.esl DB.auth
 
-chmod 0600 *.key
+chmod 0600 ./*.key
 
 echo ""
 echo ""
diff --git a/usr/bin/archboot-update-installer.sh b/usr/bin/archboot-update-installer.sh
index 46f9c6b60..0ef46d3c5 100755
--- a/usr/bin/archboot-update-installer.sh
+++ b/usr/bin/archboot-update-installer.sh
@@ -90,7 +90,7 @@ if [[ "${_L_COMPLETE}" == "1" || "${_L_INSTALL_COMPLETE}" == "1" ]]; then
     [[ -d "/usr/lib/modules" ]] && rm -r "/usr/lib/modules"
     _SHARE_DIRS="efitools file grub hwdata kbd licenses makepkg nmap openvpn pacman refind tc usb_modeswitch vim zoneinfo zsh"
     for i in ${_SHARE_DIRS}; do
-        #sheclcheck disable=SC2115
+        #shellcheck disable=SC2115
         [[ -d "/usr/share/${i}" ]] && rm -r "/usr/share/${i}"
     done
     echo "Step 2/8: Generating archboot container in ${_W_DIR} ..."
diff --git a/usr/bin/archboot-x86_64-create-repository.sh b/usr/bin/archboot-x86_64-create-repository.sh
index 04dea848d..40452423b 100755
--- a/usr/bin/archboot-x86_64-create-repository.sh
+++ b/usr/bin/archboot-x86_64-create-repository.sh
@@ -5,7 +5,7 @@ source /usr/lib/archboot/container_functions
 source /usr/lib/archboot/repository_functions
 _ARCHBOOT="archboot"
 [[ -d "${1}" ]] || (echo "Create directory ${1} ..."; mkdir "${1}")
-_REPODIR="$(mktemp -d ${1}/repository.XXX)"
+_REPODIR="$(mktemp -d "${1}"/repository.XXX)"
 _CACHEDIR="${_REPODIR}/var/cache/pacman/pkg"
 [[ -z "${1}" ]] && _usage
 _root_check
diff --git a/usr/bin/archboot-x86_64-server-release.sh b/usr/bin/archboot-x86_64-server-release.sh
index 43e2b87c7..33e554e2b 100755
--- a/usr/bin/archboot-x86_64-server-release.sh
+++ b/usr/bin/archboot-x86_64-server-release.sh
@@ -4,7 +4,7 @@ source /usr/lib/archboot/functions
 source /usr/lib/archboot/server_functions
 _root_check
 _buildserver_check
-_x86_64_pacman_use_default || exit 1
 _update_source
+_x86_64_pacman_use_default || exit 1
 _server_release || exit 1
 _x86_64_pacman_restore || exit 1
diff --git a/usr/lib/archboot/bootloader_functions b/usr/lib/archboot/bootloader_functions
index 6da99bdf2..10607ed42 100644
--- a/usr/lib/archboot/bootloader_functions
+++ b/usr/lib/archboot/bootloader_functions
@@ -75,6 +75,6 @@ _upload_efi_files() {
 
 _cleanup() {
 echo "Remove ${1} directory."
-rm -r ${1}
+rm -r "${1}"
 echo "Finished ${1}."
 }
diff --git a/usr/lib/archboot/container_functions b/usr/lib/archboot/container_functions
index 883ab1ce3..7beec5201 100644
--- a/usr/lib/archboot/container_functions
+++ b/usr/lib/archboot/container_functions
@@ -102,7 +102,8 @@ _create_pacman_conf() {
         _PACMAN_CONF="/etc/pacman.conf"
     else
         echo "Use custom pacman.conf ..."
-        _PACMAN_CONF="$(mktemp ${1}/pacman.conf.XXX)"
+        _PACMAN_CONF="$(mktemp "${1}"/pacman.conf.XXX)"
+        #shellcheck disable=SC2129
         echo "[options]" >> "${_PACMAN_CONF}"
         echo "Architecture = auto" >> "${_PACMAN_CONF}"
         echo "SigLevel    = Required DatabaseOptional" >> "${_PACMAN_CONF}"
@@ -140,18 +141,18 @@ _install_archboot() {
 
 _aarch64_install_base_packages() {
     echo "Installing packages base linux and ${_LINUX_FIRMWARE} to ${1} ..."
-    if [[ -e "$(basename ${_PACMAN_CONF})" ]]; then 
-        _PACMAN_CONF=$(basename ${_PACMAN_CONF})
+    if [[ -e "$(basename "${_PACMAN_CONF}")" ]]; then 
+        _PACMAN_CONF=$(basename "${_PACMAN_CONF}")
     fi
-    systemd-nspawn -q -D "${1}" /bin/bash -c "pacman -Sy base linux ${_LINUX_FIRMWARE} --config "${_PACMAN_CONF}" --ignore systemd-resolvconf --noconfirm" >/dev/null 2>&1
+    systemd-nspawn -q -D "${1}" /bin/bash -c "pacman -Sy base linux ${_LINUX_FIRMWARE} --config ${_PACMAN_CONF} --ignore systemd-resolvconf --noconfirm" >/dev/null 2>&1
 }
 
 _aarch64_install_archboot() {
-    if [[ -e "$(basename ${_PACMAN_CONF})" ]]; then 
-        _PACMAN_CONF=$(basename ${_PACMAN_CONF})
+    if [[ -e "$(basename "${_PACMAN_CONF}")" ]]; then 
+        _PACMAN_CONF=$(basename "${_PACMAN_CONF}")
     fi
     echo "Installing ${_ARCHBOOT} to ${1} ..."
-    systemd-nspawn -q -D "${1}" /bin/bash -c "pacman -Sy ${_ARCHBOOT} --config "${_PACMAN_CONF}" --ignore systemd-resolvconf --noconfirm" >/dev/null 2>&1
+    systemd-nspawn -q -D "${1}" /bin/bash -c "pacman -Sy ${_ARCHBOOT} --config ${_PACMAN_CONF} --ignore systemd-resolvconf --noconfirm" >/dev/null 2>&1
 }
 
 _copy_mirrorlist_and_pacman_conf() {
diff --git a/usr/lib/archboot/repository_functions b/usr/lib/archboot/repository_functions
index e261982cf..14e123e74 100644
--- a/usr/lib/archboot/repository_functions
+++ b/usr/lib/archboot/repository_functions
@@ -38,5 +38,6 @@ _cleanup_repodir() {
 
 _create_archboot_db() {
     echo "Creating archboot repository db ..."
+    #shellcheck disable=SC2046
     LANG=C repo-add -q "${1}"/archboot.db.tar.gz $(find "${1}"/ -type f ! -name '*.sig')
 }
diff --git a/usr/lib/archboot/server_functions b/usr/lib/archboot/server_functions
index 247ec1d30..2db6f1c14 100644
--- a/usr/lib/archboot/server_functions
+++ b/usr/lib/archboot/server_functions
@@ -68,11 +68,14 @@ _update_source() {
     echo "Creating ${_ARCH} archboot repository ..."
     "archboot-${_ARCH}-create-repository.sh" "${_ISO_HOME_SOURCE}" || exit 1
     echo "Uploading files to ${_SERVER}:${_SERVER_HOME} ..."
-    sudo -u "${_USER}" scp -q -r "${_ISO_HOME_SOURCE}" "${_SERVER}":"${_SERVER_HOME}"/ || exit 1
+    #shellcheck disable=SC2086
+    sudo -u "${_USER}" ssh "${_SERVER}" "[[ -d "${_SERVER_HOME}/${_ARCH}" ]] || mkdir -p ${_SERVER_HOME}/${_ARCH}"
+    sudo -u "${_USER}" scp -q -r "${_ISO_HOME_SOURCE}" "${_SERVER}":"${_SERVER_HOME}/${_ARCH}" || exit 1
     sudo -u "${_USER}" ssh "${_SERVER}" <<EOF
+rm -r "${_SERVER_HOME}/${_ARCH}"
 rm -r "${_SERVER_SOURCE_DIR}/${_ARCH}/${_DIR}"
 rm -r "${_SERVER_SOURCE_DIR}/${_ARCH}/$(date -d "$(date +) - 3 month" +%Y.%m)"
-mv "${_DIR}" "${_SERVER_SOURCE_DIR}/${_ARCH}"
+mv "${_ARCH}/${_DIR}" "${_SERVER_SOURCE_DIR}/${_ARCH}"
 cd "${_SERVER_SOURCE_DIR}/${_ARCH}"
 rm latest
 ln -s "${_DIR}" latest
@@ -110,12 +113,15 @@ _server_release() {
     mv "${_ISO_BUILD_DIR}" "${_DIR}"
     # copy files to server
     echo "Uploading files to ${_SERVER}:${_SERVER_HOME} ..."
-    sudo -u "${_USER}" scp -q -r "${_DIR}" "${_SERVER}":"${_SERVER_HOME}/" || exit 1
+    #shellcheck disable=SC2086
+    sudo -u "${_USER}" ssh "${_SERVER}" "[[ -d "${_SERVER_HOME}/${_ARCH}" ]] || mkdir -p ${_SERVER_HOME}/${_ARCH}"
+    sudo -u "${_USER}" scp -q -r "${_DIR}" "${_SERVER}":"${_SERVER_HOME}/${_ARCH}" || exit 1
     # move files on server, create symlink and remove 3 month old release
     sudo -u "${_USER}" ssh "${_SERVER}" <<EOF
+rm -r "${_SERVER_HOME}/${_ARCH}"
 rm -r "${_SERVER_IMAGE_DIR}"/"${_ARCH}"/"${_DIR}"
 rm -r "${_SERVER_IMAGE_DIR}"/"${_ARCH}"/"$(date -d "$(date +) - 3 month" +%Y.%m)"
-mv "${_DIR}" "${_SERVER_IMAGE_DIR}"/"${_ARCH}"
+mv "${_ARCH}/${_DIR}" "${_SERVER_IMAGE_DIR}"/"${_ARCH}"
 cd "${_SERVER_IMAGE_DIR}"/"${_ARCH}"
 rm latest
 ln -s "${_DIR}" latest
diff --git a/usr/lib/initcpio/install/archboot_base_common_update_installer b/usr/lib/initcpio/install/archboot_base_common_update_installer
index c674d2740..45d4d7b35 100644
--- a/usr/lib/initcpio/install/archboot_base_common_update_installer
+++ b/usr/lib/initcpio/install/archboot_base_common_update_installer
@@ -72,7 +72,7 @@ build ()
     apps="login nologin"
     for i in $apps; do
         add_binary "$i"
-        rm /usr/bin/$i
+        rm /usr/bin/"$i"
     done
     add_file "/etc/login.defs"
     
@@ -82,7 +82,7 @@ build ()
     apps="mount.nfs4 umount.nfs umount.nfs4 mount.nfs setfont loadkeys"
     for i in $apps; do
         add_binary "$i"
-        rm /usr/bin/$i
+        rm /usr/bin/"$i"
     done
     
     #dbus files
@@ -90,7 +90,7 @@ build ()
           dbus-update-activation-environment dbus-uuidgen"
     for i in $apps; do
         add_binary "$i"
-        rm /usr/bin/$i
+        rm /usr/bin/"$i"
     done
     add_binary "/usr/lib/dbus-1.0/dbus-daemon-launch-helper"
     add_dir "/var/lib/dbus"
@@ -107,7 +107,7 @@ build ()
           systemd-cryptenroll systemd-dissect systemd-id128 systemd-sysext"
     for i in $apps; do
         add_binary "$i"
-        rm /usr/bin/$i
+        rm /usr/bin/"$i"
     done
     add_dir "/etc/tmpfiles.d"
     add_dir "/etc/modules-load.d"
diff --git a/usr/lib/initcpio/install/archboot_net_update_installer b/usr/lib/initcpio/install/archboot_net_update_installer
index f0a6b831a..3ddb6df9c 100644
--- a/usr/lib/initcpio/install/archboot_net_update_installer
+++ b/usr/lib/initcpio/install/archboot_net_update_installer
@@ -11,7 +11,7 @@ build ()
 	  routel brctl dhclient-script"
     for i in $apps; do
         add_binary "$i"
-        rm /usr/bin/$i
+        rm /usr/bin/"$i"
     done
     # add iproute 2
     add_full_dir "/usr/lib/tc"