scripts: download-check-artifact.sh: fix shellcheck and improve

Fixes following shellcheck's recommendations:

 In scripts/download-check-artifact.sh line 24:
	exit $1
             ^-- SC2086 (info): Double quote to prevent globbing and word splitting.

 In scripts/download-check-artifact.sh line 53:
		local sum="$(shasum -a 256 "$image_file")";
                      ^-^ SC2155 (warning): Declare and assign separately to avoid masking return values.

 In scripts/download-check-artifact.sh line 72:
 cd "/tmp/verify.$$"
 ^-----------------^ SC2164 (warning): Use 'cd ... || exit' or 'cd ... || return' in case cd fails.

 In scripts/download-check-artifact.sh line 114:
		printf "Keyserver to use? [$keyserver_url] > "
                       ^-- SC2059 (info): Don't use variables in the printf format string. Use printf '..%s..' "$foo".

 In scripts/download-check-artifact.sh line 115:
		read url; case "${url:-$keyserver_url}" in
                ^--^ SC2162 (info): read without -r will mangle backslashes.

While at it make it clear, that it is possible to download/check any
build artifacts like even SDK or ImageBuilder.

Link: https://github.com/openwrt/openwrt/pull/16871
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This commit is contained in:
Petr Štetiar 2024-11-06 10:40:37 +00:00
parent 4c9031fda2
commit 27c2c140b1
No known key found for this signature in database
GPG Key ID: 58EE120F30CC02D3

View File

@ -12,6 +12,7 @@
# 255 - A suitable download or checksum utility is missing # 255 - A suitable download or checksum utility is missing
[ -n "$1" ] || { [ -n "$1" ] || {
echo "$0 - Download and verify build artifacts"
echo "Usage: $0 <url>" >&2 echo "Usage: $0 <url>" >&2
exit 1 exit 1
} }
@ -21,7 +22,7 @@ finish() {
echo "Cleaning up." echo "Cleaning up."
rm -r "/tmp/verify.$$" rm -r "/tmp/verify.$$"
} }
exit $1 exit "$1"
} }
trap "finish 254" INT TERM trap "finish 254" INT TERM
@ -50,7 +51,8 @@ if which sha256sum >/dev/null; then
checksum() { sha256sum -c --ignore-missing "sha256sums"; } checksum() { sha256sum -c --ignore-missing "sha256sums"; }
elif which shasum >/dev/null; then elif which shasum >/dev/null; then
checksum() { checksum() {
local sum="$(shasum -a 256 "$image_file")"; local sum
sum="$(shasum -a 256 "$image_file")";
grep -xF "${sum%% *} *$image_file" "sha256sums"; grep -xF "${sum%% *} *$image_file" "sha256sums";
} }
else else
@ -68,11 +70,14 @@ else
} }
fi fi
mkdir -p "/tmp/verify.$$" tmpdir="$(mktemp -d)"
cd "/tmp/verify.$$" cd "$tmpdir" || {
echo "Failed to create temporary directory!" >&2
finish 255
}
echo "" echo ""
echo "1) Downloading image file" echo "1) Downloading artifact file"
echo "=========================" echo "========================="
download "$image_file" "$image_url" || { download "$image_file" "$image_url" || {
echo "Failed to download image file!" >&2 echo "Failed to download image file!" >&2
@ -111,8 +116,8 @@ if [ -n "$missing_key" ]; then
echo "" >&2 echo "" >&2
while true; do while true; do
printf "Keyserver to use? [$keyserver_url] > " printf 'Keyserver to use? [%s] > ' "$keyserver_url"
read url; case "${url:-$keyserver_url}" in read -r url; case "${url:-$keyserver_url}" in
hkp://*) hkp://*)
gpg --keyserver "${url:-$keyserver_url}" --recv-keys "$missing_key" || { gpg --keyserver "${url:-$keyserver_url}" --recv-keys "$missing_key" || {
echo "Failed to download public key." >&2 echo "Failed to download public key." >&2
@ -148,7 +153,7 @@ cp "$image_file" "$destdir/$image_file" || {
echo "" echo ""
echo "Verification done!" echo "Verification done!"
echo "==================" echo "=================="
echo "Firmware image placed in '$destdir/$image_file'." echo "Downloaded artifact placed in '$destdir/$image_file'."
echo "" echo ""
finish 0 finish 0