From 5fc8ecbddeaf322b0e9990cc220b0470581a45b8 Mon Sep 17 00:00:00 2001 From: sobolevn Date: Mon, 3 May 2021 19:21:33 +0300 Subject: [PATCH] Adds hadolint, re-enables shellcheck --- .ci/docker/debian-gnupg1/Dockerfile | 3 +- .ci/docker/debian-gnupg2/Dockerfile | 3 +- .ci/docker/ubuntu/Dockerfile | 3 +- .github/workflows/test.yml | 4 +- CONTRIBUTING.md | 11 ---- Makefile | 30 ++++++++--- tests/test_add.bats | 17 +++--- tests/test_cat.bats | 15 ++++-- tests/test_changes.bats | 81 +++++++++++++++++++---------- tests/test_clean.bats | 19 +++---- tests/test_hide.bats | 22 ++++---- tests/test_hide_continue.bats | 8 +-- tests/test_init.bats | 2 +- tests/test_list.bats | 2 +- tests/test_make_install.bats | 10 ++-- tests/test_noname.bats | 17 ++---- tests/test_remove.bats | 50 +++++------------- tests/test_reveal.bats | 1 + tests/test_reveal_filename.bats | 3 +- tests/test_tell.bats | 5 +- tests/test_whoknows.bats | 2 +- 21 files changed, 160 insertions(+), 148 deletions(-) diff --git a/.ci/docker/debian-gnupg1/Dockerfile b/.ci/docker/debian-gnupg1/Dockerfile index 46829369..ee76be07 100644 --- a/.ci/docker/debian-gnupg1/Dockerfile +++ b/.ci/docker/debian-gnupg1/Dockerfile @@ -7,8 +7,7 @@ ENV DEBIAN_FRONTEND='noninteractive' ENV SECRETS_GPG_COMMAND='gpg1' RUN apt-get update \ - && apt-get upgrade -y \ - && apt-get install -y \ + && apt-get install --no-install-recommends -y \ # Direct dependencies: gawk \ git \ diff --git a/.ci/docker/debian-gnupg2/Dockerfile b/.ci/docker/debian-gnupg2/Dockerfile index 07f1a1dd..086996e6 100644 --- a/.ci/docker/debian-gnupg2/Dockerfile +++ b/.ci/docker/debian-gnupg2/Dockerfile @@ -6,8 +6,7 @@ LABEL vendor="git-secret team" ENV DEBIAN_FRONTEND='noninteractive' RUN apt-get update \ - && apt-get upgrade -y \ - && apt-get install -y \ + && apt-get install --no-install-recommends -y \ # Direct dependencies: gawk \ git \ diff --git a/.ci/docker/ubuntu/Dockerfile b/.ci/docker/ubuntu/Dockerfile index a77f3e4e..cb92987e 100644 --- a/.ci/docker/ubuntu/Dockerfile +++ b/.ci/docker/ubuntu/Dockerfile @@ -6,8 +6,7 @@ LABEL vendor="git-secret team" ENV DEBIAN_FRONTEND="noninteractive" RUN apt-get update \ - && apt-get upgrade -y \ - && apt-get install -y \ + && apt-get install --no-install-recommends -y \ # Direct dependencies: gawk \ git \ diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 685582d2..b27e38b1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -12,9 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - name: Install shellcheck - run: sudo apt-get update && sudo apt-get install -y shellcheck make - - name: Run lint + - name: Shellcheck and Hadolint run: make lint docker-ci: diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index ef3730fc..2acb5997 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -27,13 +27,10 @@ For development of `git-secret` you should have these tools locally: - git - bash -- bundler - gawk - gnupg (or gnupg2), see below if not packaged by your distribution/OS (i.e. MacOS) -- ruby - sha256sum (on freebsd and MacOS `shasum` is used instead) - make -- [shellcheck](https://github.com/koalaman/shellcheck) To test `git-secret` you will need: @@ -119,14 +116,6 @@ Development looks like this: By convention, you can name your branches like `issue-###-short-description`, but that's not required. The `gh-pages` branch is used for the pages at `git-secret.io`. See 'Release Process' below. -### Running local ci-tests with test-kitchen - -Ci-tests are only necessary if you want to test git-secret on multiple OS'es using docker and test-kitchen, -like we do on travis-ci. - -1. Install required gems with `bundle install`. -2. Run ci-tests with `bundle exec kitchen verify --test-base-path="$PWD/.ci/integration"` - ### Writing tests `git-secret` uses [bats-core](https://github.com/bats-core/bats-core) for testing. diff --git a/Makefile b/Makefile index 0ae51fb8..8a5db3e0 100644 --- a/Makefile +++ b/Makefile @@ -31,7 +31,7 @@ uninstall: "./utils/uninstall.sh" "${DESTDIR}${PREFIX}" # -# Testing: +# Testing and linting: # # The $(shell echo $${PWD}) construct is to access *nix paths under windows @@ -61,12 +61,30 @@ docker-ci: clean "gitsecret-$${GITSECRET_DOCKER_ENV}" \ make test +.PHONY: lint-shell +lint-shell: + docker pull koalaman/shellcheck:latest + docker run \ + --volume="$${PWD}:/code" \ + -w /code \ + -e SHELLCHECK_OPTS='-s bash -S warning -a' \ + --rm koalaman/shellcheck \ + $$(find src .ci utils tests -type f \ + -name '*.sh' -o -name '*.bash' -o -name '*.bats') + +.PHONY: lint-docker +lint-docker: + docker pull hadolint/hadolint:latest-alpine + docker run \ + --volume="$${PWD}:/code" \ + -w /code \ + --rm hadolint/hadolint \ + hadolint \ + --ignore=DL3008 --ignore=DL3018 --ignore=DL3041 \ + .ci/docker/*/Dockerfile + .PHONY: lint -lint: - find src/ .ci/ utils/ -type f \ - -name '*.sh' -print0 | xargs -0 -I {} shellcheck {} - find tests/ -type f -name '*.bats' \ - -o -name '*.bash' -print0 | xargs -0 -I {} shellcheck {} +lint: lint-shell lint-docker # # Manuals: diff --git a/tests/test_add.bats b/tests/test_add.bats index d963daf9..8e24b813 100644 --- a/tests/test_add.bats +++ b/tests/test_add.bats @@ -32,7 +32,8 @@ function teardown { local path_mappings path_mappings=$(_get_secrets_dir_paths_mapping) - local files_list=$(cat "$path_mappings") + local files_list + files_list=$(cat "$path_mappings") [ "$files_list" = "$filename" ] # Cleaning up: @@ -92,7 +93,7 @@ function teardown { # Preparations: local test_dir='test_dir' local nested_dir="$test_dir/adding" - local current_dir=$(pwd) + local current_dir="$PWD" mkdir -p "$nested_dir" cd "$nested_dir" @@ -128,7 +129,7 @@ function teardown { local node="$root/node" local sibling="$root/sibling" local test_file="$node/$TEST_DEFAULT_FILENAME" - local current_dir=$(pwd) + local current_dir="$PWD" mkdir -p "$node" mkdir -p "$sibling" @@ -147,7 +148,8 @@ function teardown { local path_mappings path_mappings=$(_get_secrets_dir_paths_mapping) - local files_list=$(cat "$path_mappings") + local files_list + files_list=$(cat "$path_mappings") [ "$files_list" = "$test_file" ] # Cleaning up: @@ -197,7 +199,8 @@ function teardown { local path_mappings path_mappings=$(_get_secrets_dir_paths_mapping) - local files_list=$(cat "$path_mappings") + local files_list + files_list=$(cat "$path_mappings") [ "$files_list" = "$filename" ] # Cleaning up: @@ -217,7 +220,6 @@ function teardown { # Testing: run git secret add "$filename1" "$filename2" - local newline=$'\n' [ "$status" -eq 0 ] [ "$output" = "git-secret: 2 item(s) added." ] @@ -260,7 +262,8 @@ function teardown { local path_mappings path_mappings=$(_get_secrets_dir_paths_mapping) - local files_list=$(cat "$path_mappings") + local files_list + files_list=$(cat "$path_mappings") [ "$files_list" = "$filename" ] # Ensuring the file is correctly git-ignored diff --git a/tests/test_cat.bats b/tests/test_cat.bats index 30baf01e..7977eb8f 100644 --- a/tests/test_cat.bats +++ b/tests/test_cat.bats @@ -27,7 +27,8 @@ function teardown { @test "run 'cat' with password argument" { - local password=$(test_user_password "$TEST_DEFAULT_USER") + local password + password=$(test_user_password "$TEST_DEFAULT_USER") run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" [ "$status" -eq 0 ] @@ -36,8 +37,10 @@ function teardown { [ "$FILE_CONTENTS" == "$output" ] } + @test "run 'cat' with password argument and SECRETS_VERBOSE=1" { - local password=$(test_user_password "$TEST_DEFAULT_USER") + local password + password=$(test_user_password "$TEST_DEFAULT_USER") SECRETS_VERBOSE=1 run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" [ "$status" -eq 0 ] @@ -47,14 +50,16 @@ function teardown { [[ "$output" == *"$FILE_CONTENTS"* ]] } + @test "run 'cat' with wrong filename" { run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" NO_SUCH_FILE [ "$status" -eq 2 ] } + + @test "run 'cat' with bad arg" { - local password=$(test_user_password "$TEST_DEFAULT_USER") + local password + password=$(test_user_password "$TEST_DEFAULT_USER") run git secret cat -Z -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" [ "$status" -ne 0 ] } - - diff --git a/tests/test_changes.bats b/tests/test_changes.bats index 8c8322bf..e36d4065 100644 --- a/tests/test_changes.bats +++ b/tests/test_changes.bats @@ -33,38 +33,45 @@ function teardown { @test "run 'changes' on one file with no file changed" { - local password=$(test_user_password "$TEST_DEFAULT_USER") - run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" + local password + password=$(test_user_password "$TEST_DEFAULT_USER") + run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" [ "$status" -eq 0 ] - local num_lines=$(echo "$output" | wc -l) + local num_lines + num_lines=$(echo "$output" | wc -l) [[ "$num_lines" -eq 1 ]] } @test "run 'changes' with one file changed" { - local password=$(test_user_password "$TEST_DEFAULT_USER") - local new_content="new content" + local new_content='new content' echo "$new_content" >> "$FILE_TO_HIDE" + local password + password=$(test_user_password "$TEST_DEFAULT_USER") + run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" [ "$status" -eq 0 ] # Testing that output has both filename and changes: - local fullpath=$(_append_root_path "$FILE_TO_HIDE") + local fullpath + fullpath=$(_append_root_path "$FILE_TO_HIDE") [[ "$output" == *"changes in $fullpath"* ]] [[ "$output" == *"hidden content юникод"* ]] [[ "$output" == *"+$new_content"* ]] - local num_lines=$(echo "$output" | wc -l) + local num_lines + num_lines=$(echo "$output" | wc -l) [[ "$num_lines" -eq 6 ]] } @test "run 'changes' with source file missing" { - local password=$(test_user_password "$TEST_DEFAULT_USER") + local password + password=$(test_user_password "$TEST_DEFAULT_USER") rm "$FILE_TO_HIDE" || _abort "error removing: $FILE_TO_HIDE" run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" @@ -73,8 +80,10 @@ function teardown { @test "run 'changes' with hidden file missing" { - local password=$(test_user_password "$TEST_DEFAULT_USER") - local encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE") + local password + local encrypted_file + password=$(test_user_password "$TEST_DEFAULT_USER") + encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE") rm "$encrypted_file" || _abort "error removing: $encrypted_file" run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" @@ -83,15 +92,17 @@ function teardown { @test "run 'changes' with one file changed (with deletions)" { - local password=$(test_user_password "$TEST_DEFAULT_USER") - local new_content="replace" + local new_content='replace' + local password + password=$(test_user_password "$TEST_DEFAULT_USER") echo "$new_content" > "$FILE_TO_HIDE" run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" [ "$status" -eq 0 ] # Testing that output has both filename and changes: - local fullpath=$(_append_root_path "$FILE_TO_HIDE") + local fullpath + fullpath=$(_append_root_path "$FILE_TO_HIDE") [[ "$output" == *"changes in $fullpath"* ]] [[ "$output" == *"-$FILE_CONTENTS"* ]] [[ "$output" == *"+$new_content"* ]] @@ -99,22 +110,25 @@ function teardown { @test "run 'changes' on two files with no file changed" { - local password=$(test_user_password "$TEST_DEFAULT_USER") + local password + password=$(test_user_password "$TEST_DEFAULT_USER") run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" [ "$status" -eq 0 ] - local num_lines=$(echo "$output" | wc -l) + local num_lines + num_lines=$(echo "$output" | wc -l) [[ "$num_lines" -eq 2 ]] } @test "run 'changes' with multiple files changed" { - local password=$(test_user_password "$TEST_DEFAULT_USER") - local new_content="new content" - local second_new_content="something different" + local new_content='new content' + local second_new_content='something different' + local password + password=$(test_user_password "$TEST_DEFAULT_USER") echo "$new_content" >> "$FILE_TO_HIDE" echo "$second_new_content" >> "$SECOND_FILE_TO_HIDE" @@ -122,45 +136,55 @@ function teardown { [ "$status" -eq 0 ] # Testing that output has both filename and changes: - local fullpath=$(_append_root_path "$FILE_TO_HIDE") + local fullpath + fullpath=$(_append_root_path "$FILE_TO_HIDE") [[ "$output" == *"changes in $fullpath"* ]] [[ "$output" == *"+$new_content"* ]] - local second_path=$(_append_root_path "$SECOND_FILE_TO_HIDE") + local second_path + second_path=$(_append_root_path "$SECOND_FILE_TO_HIDE") [[ "$output" == *"changes in $second_path"* ]] [[ "$output" == *"+$second_new_content"* ]] } @test "run 'changes' with multiple selected files changed" { - local password=$(test_user_password "$TEST_DEFAULT_USER") - local new_content="new content" - local second_new_content="something different" + local new_content='new content' + local second_new_content='something different' echo "$new_content" >> "$FILE_TO_HIDE" echo "$second_new_content" >> "$SECOND_FILE_TO_HIDE" + local password + password=$(test_user_password "$TEST_DEFAULT_USER") + run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" \ "$FILE_TO_HIDE" "$SECOND_FILE_TO_HIDE" [ "$status" -eq 0 ] # Testing that output has both filename and changes: - local fullpath=$(_append_root_path "$FILE_TO_HIDE") + local fullpath + fullpath=$(_append_root_path "$FILE_TO_HIDE") [[ "$output" == *"changes in $fullpath"* ]] [[ "$output" == *"+$new_content"* ]] - local second_path=$(_append_root_path "$SECOND_FILE_TO_HIDE") + local second_path + second_path=$(_append_root_path "$SECOND_FILE_TO_HIDE") [[ "$output" == *"changes in $second_path"* ]] [[ "$output" == *"+$second_new_content"* ]] } @test "run 'changes' on file that does not exist" { + local password + password=$(test_user_password "$TEST_DEFAULT_USER") + run git secret changes \ -d "$TEST_GPG_HOMEDIR" \ -p "$password" \ "$FILE_NON_EXISTENT" + [ "$status" -ne 0 ] } @@ -169,14 +193,17 @@ function teardown { set_state_secret_add_without_newline "$THIRD_FILE_TO_HIDE" "$FILE_CONTENTS" set_state_secret_hide - local password=$(test_user_password "$TEST_DEFAULT_USER") + local password + password=$(test_user_password "$TEST_DEFAULT_USER") + run git secret changes \ -d "$TEST_GPG_HOMEDIR" \ -p "$password" \ "$THIRD_FILE_TO_HIDE" [ "$status" -eq 0 ] - local num_lines=$(echo "$output" | wc -l) + local num_lines + num_lines=$(echo "$output" | wc -l) [[ "$num_lines" -eq 1 ]] rm -f "$THIRD_FILE_TO_HIDE" diff --git a/tests/test_clean.bats b/tests/test_clean.bats index 81398f4f..fb8e523f 100644 --- a/tests/test_clean.bats +++ b/tests/test_clean.bats @@ -29,9 +29,8 @@ function teardown { function _secret_files_exists { - local result=$(find . -type f -name "*.$SECRETS_EXTENSION" \ - -print0 2>/dev/null | grep -q .; echo "$?") - echo "$result" + echo "$(find . -type f -name "*.$SECRETS_EXTENSION" \ + -print0 2>/dev/null | grep -q .; echo "$?")" } @@ -40,15 +39,16 @@ function _secret_files_exists { [ "$status" -eq 0 ] # There must be no .secret files: - local exists=$(_secret_files_exists) - [ "$exists" -ne 0 ] + [ "$(_secret_files_exists)" -ne 0 ] } + @test "run 'clean' with extra filename" { run git secret clean extra_filename [ "$status" -ne 0 ] } + @test "run 'clean' with bad arg" { run git secret clean -Z [ "$status" -ne 0 ] @@ -60,11 +60,12 @@ function _secret_files_exists { [ "$status" -eq 0 ] # There must be no .secret files: - local exists=$(_secret_files_exists) - [ "$exists" -ne 0 ] + [ "$(_secret_files_exists)" -ne 0 ] - local first_filename=$(_get_encrypted_filename "$FIRST_FILE") - local second_filename=$(_get_encrypted_filename "$SECOND_FILE") + local first_filename + local second_filename + first_filename=$(_get_encrypted_filename "$FIRST_FILE") + second_filename=$(_get_encrypted_filename "$SECOND_FILE") # Output must be verbose: [[ "$output" == *"cleaning"* ]] diff --git a/tests/test_hide.bats b/tests/test_hide.bats index 4a5a9f14..1ade27b1 100644 --- a/tests/test_hide.bats +++ b/tests/test_hide.bats @@ -20,7 +20,7 @@ function setup { function teardown { rm "$FILE_TO_HIDE" - uninstall_fixture_key $TEST_DEFAULT_USER + uninstall_fixture_key "$TEST_DEFAULT_USER" unset_current_state } @@ -34,9 +34,8 @@ function teardown { [ "$status" -eq 0 ] [[ "$output" == *"git-secret: done. 1 of 1 files are hidden."* ]] - # New files should be created: - local encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE") - [ -f "$encrypted_file" ] + # New file must be created: + [ -f "$(_get_encrypted_filename "$FILE_TO_HIDE")" ] } @@ -74,7 +73,8 @@ function teardown { [[ "$output" == *"git-secret: done. 1 of 1 files are hidden."* ]] # New files should be created: - local encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE") + local encrypted_file + encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE") [ -f "$encrypted_file" ] ## permissions should match. @@ -159,8 +159,7 @@ function teardown { [ "${lines[0]}" = "git-secret: done. 1 of 1 files are hidden." ] # New files should be created: - local encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE") - [ -f "$encrypted_file" ] + [ -f "$(_get_encrypted_filename "$FILE_TO_HIDE")" ] } @@ -192,8 +191,7 @@ function teardown { cmp -s "${path_mappings}" "${path_mappings}.bak" # New files should be created: - local encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE") - [ -f "$encrypted_file" ] + [ -f "$(_get_encrypted_filename "$FILE_TO_HIDE")" ] } @@ -225,14 +223,14 @@ function teardown { cmp -s "${path_mappings}" "${path_mappings}.bak" # New files should be created: - local encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE") - [ -f "$encrypted_file" ] + [ -f "$(_get_encrypted_filename "$FILE_TO_HIDE")" ] } @test "run 'hide' with '-c' and '-v'" { # Preparations: - local encrypted_filename=$(_get_encrypted_filename "$FILE_TO_HIDE") + local encrypted_filename + encrypted_filename=$(_get_encrypted_filename "$FILE_TO_HIDE") set_state_secret_hide # so it would be data to clean run git secret hide -v -c diff --git a/tests/test_hide_continue.bats b/tests/test_hide_continue.bats index 6813f9f7..1a47c26a 100644 --- a/tests/test_hide_continue.bats +++ b/tests/test_hide_continue.bats @@ -32,17 +32,19 @@ function teardown { mv "$FILE_TO_HIDE" "$FILE_TO_HIDE.was" # move the first file out of the way run git secret hide -F - # echo "# output of 'git secret hide -F' is: $output" >&3 + #echo "# output of 'git secret hide -F' is: $output" >&3 # Command must execute normally: [ "$status" -eq 0 ] # secret file for missing file should not be created: - local encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE") + local encrypted_file + encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE") [ ! -f "$encrypted_file" ] # this secret file should be created: - local encrypted_file2=$(_get_encrypted_filename "$FILE_TO_HIDE2") + local encrypted_file2 + encrypted_file2=$(_get_encrypted_filename "$FILE_TO_HIDE2") [ -f "$encrypted_file2" ] # put back first file so teardown() succeeds diff --git a/tests/test_init.bats b/tests/test_init.bats index 35f7971f..aa73003c 100644 --- a/tests/test_init.bats +++ b/tests/test_init.bats @@ -59,7 +59,7 @@ function teardown { # Preparations local test_dir='test_dir' local nested_dir="$test_dir/nested/dirs" - local current_dir=$(pwd) + local current_dir="$PWD" mkdir -p "$nested_dir" cd "$nested_dir" diff --git a/tests/test_list.bats b/tests/test_list.bats index eed89df3..6f813aa1 100644 --- a/tests/test_list.bats +++ b/tests/test_list.bats @@ -20,7 +20,7 @@ function setup { function teardown { rm "$FILE_TO_HIDE" - uninstall_fixture_key $TEST_DEFAULT_USER + uninstall_fixture_key "$TEST_DEFAULT_USER" unset_current_state } diff --git a/tests/test_make_install.bats b/tests/test_make_install.bats index 69a3b52d..01d5e236 100644 --- a/tests/test_make_install.bats +++ b/tests/test_make_install.bats @@ -6,12 +6,12 @@ INSTALL_BASE="${TMPDIR}/git-secret-test-install" @test "install git-secret to DESTDIR='$INSTALL_BASE'" { - rm -f "${INSTALL_BASE}/usr/bin/git-secret" - cd $SECRET_PROJECT_ROOT + rm -f "$INSTALL_BASE/usr/bin/git-secret" + cd "$SECRET_PROJECT_ROOT" # set DESTDIR for this command and 'run' make install - DESTDIR="${INSTALL_BASE}" run make install + DESTDIR="$INSTALL_BASE" run make install - [ -x "${INSTALL_BASE}/usr/bin/git-secret" ] - rm -rf "${INSTALL_BASE}" + [ -x "$INSTALL_BASE/usr/bin/git-secret" ] + rm -rf "$INSTALL_BASE" } diff --git a/tests/test_noname.bats b/tests/test_noname.bats index 677d0c21..db8b3727 100644 --- a/tests/test_noname.bats +++ b/tests/test_noname.bats @@ -35,9 +35,7 @@ function _has_line { local path_mappings path_mappings=$(_get_secrets_dir_paths_mapping) - - local result=$(grep -q "$line" "$path_mappings"; echo $?) - echo "$result" + echo "$(grep -q "$line" "$path_mappings"; echo $?)" } @@ -50,17 +48,12 @@ function _has_line { [[ "$output" == *"ensure that files: [$SECOND_FILE] are now not ignored."* ]] # Mapping should not contain the second file: - local mapping_contains=$(_has_line "$SECOND_FILE") - [ "$mapping_contains" -eq 1 ] + [ "$(_has_line "$SECOND_FILE")" -eq 1 ] # But the first file must not change: - local other_files=$(_has_line "$FIRST_FILE") - [ "$other_files" -eq 0 ] + [ "$(_has_line "$FIRST_FILE")" -eq 0 ] # Both files should be present: - local first_encrypted_file=$(_get_encrypted_filename "$FIRST_FILE") - local second_encrypted_file=$(_get_encrypted_filename "$SECOND_FILE") - - [ -f "$first_encrypted_file" ] - [ -f "$second_encrypted_file" ] + [ -f "$(_get_encrypted_filename "$FIRST_FILE")" ] + [ -f "$(_get_encrypted_filename "$SECOND_FILE")" ] } diff --git a/tests/test_remove.bats b/tests/test_remove.bats index 2194a4f1..5f5563ce 100644 --- a/tests/test_remove.bats +++ b/tests/test_remove.bats @@ -33,8 +33,7 @@ function _has_line { local path_mappings path_mappings=$(_get_secrets_dir_paths_mapping) - local result=$(grep -q "$line" "$path_mappings"; echo $?) - echo "$result" + echo "$(grep -q "$line" "$path_mappings"; echo $?)" } @@ -47,19 +46,14 @@ function _has_line { [[ "$output" == *"ensure that files: [$SECOND_FILE] are now not ignored."* ]] # Mapping should not contain the second file: - local mapping_contains=$(_has_line "$SECOND_FILE") - [ "$mapping_contains" -eq 1 ] + [ "$(_has_line "$SECOND_FILE")" -eq 1 ] # But the first file must not change: - local other_files=$(_has_line "$FIRST_FILE") - [ "$other_files" -eq 0 ] + [ "$(_has_line "$FIRST_FILE")" -eq 0 ] # Both files should be present: - local first_encrypted_file=$(_get_encrypted_filename "$FIRST_FILE") - local second_encrypted_file=$(_get_encrypted_filename "$SECOND_FILE") - - [ -f "$first_encrypted_file" ] - [ -f "$second_encrypted_file" ] + [ -f "$(_get_encrypted_filename "$FIRST_FILE")" ] + [ -f "$(_get_encrypted_filename "$SECOND_FILE")" ] } @@ -67,18 +61,12 @@ function _has_line { run git secret remove "$FIRST_FILE" "$SECOND_FILE" [ "$status" -eq 0 ] - local first_line=$(_has_line "$FIRST_FILE") - [ "$first_line" -eq 1 ] - - local second_line=$(_has_line "$SECOND_FILE") - [ "$second_line" -eq 1 ] + [ "$(_has_line "$FIRST_FILE")" -eq 1 ] + [ "$(_has_line "$SECOND_FILE")" -eq 1 ] # Both files should be present: - local first_encrypted_file=$(_get_encrypted_filename "$FIRST_FILE") - local second_encrypted_file=$(_get_encrypted_filename "$SECOND_FILE") - - [ -f "$first_encrypted_file" ] - [ -f "$second_encrypted_file" ] + [ -f "$(_get_encrypted_filename "$FIRST_FILE")" ] + [ -f "$(_get_encrypted_filename "$SECOND_FILE")" ] } @@ -98,11 +86,8 @@ function _has_line { run git secret remove "$file_in_folder" [ "$status" -eq 0 ] - local mapping_contains=$(_has_line "$file_in_folder") - [ "$mapping_contains" -eq 1 ] - - local encrypted_file=$(_get_encrypted_filename "$file_in_folder") - [ -f "$encrypted_file" ] + [ "$(_has_line "$file_in_folder")" -eq 1 ] + [ -f "$(_get_encrypted_filename "$file_in_folder")" ] # Cleaning up: rm -rf "$folder" @@ -115,16 +100,9 @@ function _has_line { run git secret remove -c "$SECOND_FILE" [ "$status" -eq 0 ] - local mapping_contains=$(_has_line "$SECOND_FILE") - [ "$mapping_contains" -eq 1 ] - - local first_encrypted_file=$(_get_encrypted_filename "$FIRST_FILE") - local second_encrypted_file=$(_get_encrypted_filename "$SECOND_FILE") - echo "$output" - echo "$first_encrypted_file and $second_encrypted_file" - - [ -f "$first_encrypted_file" ] - [ ! -f "$second_encrypted_file" ] + [ "$(_has_line "$SECOND_FILE")" -eq 1 ] + [ -f "$(_get_encrypted_filename "$FIRST_FILE")" ] + [ ! -f "$(_get_encrypted_filename "$SECOND_FILE")" ] } diff --git a/tests/test_reveal.bats b/tests/test_reveal.bats index 1c352cb5..eaca0c0a 100644 --- a/tests/test_reveal.bats +++ b/tests/test_reveal.bats @@ -1,4 +1,5 @@ #!/usr/bin/env bats +# shellcheck disable=SC2155 load _test_base diff --git a/tests/test_reveal_filename.bats b/tests/test_reveal_filename.bats index 4d81131e..e65a7878 100644 --- a/tests/test_reveal_filename.bats +++ b/tests/test_reveal_filename.bats @@ -39,7 +39,8 @@ function teardown { cp "$FILE_TO_HIDE" "${FILE_TO_HIDE}2" rm "$FILE_TO_HIDE" - local password=$(test_user_password "$TEST_DEFAULT_USER") + local password + password=$(test_user_password "$TEST_DEFAULT_USER") run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password" [ "$status" -eq 0 ] diff --git a/tests/test_tell.bats b/tests/test_tell.bats index f2204b3d..155fb513 100644 --- a/tests/test_tell.bats +++ b/tests/test_tell.bats @@ -198,7 +198,8 @@ function teardown { @test "run 'tell' on non-email" { install_fixture_key "$TEST_NOEMAIL_COMMENT_USER" - local name=$(echo "$TEST_NOEMAIL_COMMENT_USER" | sed -e 's/@.*//') + local name + name=$(echo "$TEST_NOEMAIL_COMMENT_USER" | sed -e 's/@.*//') # echo "$name" | sed "s/^/# '$BATS_TEST_DESCRIPTION' name is: /" >&3 # Testing the command itself, should fail because you must use email @@ -225,7 +226,7 @@ function teardown { # Preparations local root_dir='test_dir' local test_dir="$root_dir/telling" - local current_dir=$(pwd) + local current_dir="$PWD" mkdir -p "$test_dir" cd "$test_dir" diff --git a/tests/test_whoknows.bats b/tests/test_whoknows.bats index 466a3a5b..2f538a9e 100644 --- a/tests/test_whoknows.bats +++ b/tests/test_whoknows.bats @@ -61,7 +61,7 @@ function teardown { fi # Preparations: - local current_dir=$(pwd) + local current_dir="$PWD" local root_dir='test_dir' local test_dir="$root_dir/subfolders/case"