Merge pull request #276 from github/krayon-shellcheck-p1

ghe-backup and ghe-restore shellcheck fixes

Author: krayon

bin/ghe-backup

@@ -78,7 +78,7 @@ if ! output=$(rsync -a src/ dest1 2>&1 && rsync -av src/ --link-dest=../dest1 de
   exit 1
 fi
 
-if [ "$(ls -il dest1/testfile | awk '{ print $1 }')" != "$(ls -il dest2/testfile | awk '{ print $1 }')" ]; then
+if [ "$(stat -c %i dest1/testfile)" != "$(stat -c %i dest2/testfile)" ]; then
   log_error "Error: the filesystem containing $GHE_DATA_DIR does not support hard links.\n Backup Utilities use hard links to store backup data efficiently." 1>&2
   exit 1
 fi
@@ -98,13 +98,13 @@ cleanup () {
     progress=$(cat ../in-progress)
     snapshot=$(echo "$progress" | cut -d ' ' -f 1)
     pid=$(echo "$progress" | cut -d ' ' -f 2)
-    if [ "$snapshot" = "$GHE_SNAPSHOT_TIMESTAMP" ] && [ "$$" = $pid ]; then
+    if [ "$snapshot" = "$GHE_SNAPSHOT_TIMESTAMP" ] && [ "$$" = "$pid" ]; then
       unlink ../in-progress
     fi
   fi
 
   rm -rf "$failures_file"
-  rm -f ${GHE_DATA_DIR}/in-progress-backup
+  rm -f "${GHE_DATA_DIR}/in-progress-backup"
 
   # Cleanup SSH multiplexing
   ghe-ssh --clean
@@ -140,11 +140,11 @@ if [ -f ../in-progress ]; then
 fi
 
 echo "$GHE_SNAPSHOT_TIMESTAMP $$" > ../in-progress
-echo "$GHE_SNAPSHOT_TIMESTAMP $$" > ${GHE_DATA_DIR}/in-progress-backup
+echo "$GHE_SNAPSHOT_TIMESTAMP $$" > "${GHE_DATA_DIR}/in-progress-backup"
 
+START_TIME=$(date +%s)
 log_info "Starting backup of $GHE_HOSTNAME with backup-utils v$BACKUP_UTILS_VERSION in snapshot $GHE_SNAPSHOT_TIMESTAMP"
 
-
 # Perform a host connection check and establish the remote appliance version.
 # The version is available in the GHE_REMOTE_VERSION variable and also written
 # to a version file in the snapshot directory itself.
@@ -166,9 +166,6 @@ echo "$GHE_BACKUP_STRATEGY" > strategy
 # Create benchmark file
 bm_init > /dev/null
 
-START_TIME=$(date +%s)
-log_info "Starting backup of $GHE_HOSTNAME with backup-utils v$BACKUP_UTILS_VERSION"
-
 ghe-backup-store-version  ||
 log_warn "Warning: storing backup-utils version remotely failed."
 
@@ -240,7 +237,7 @@ if [ "$GHE_BACKUP_STRATEGY" = "rsync" ]; then
 fi
 
 if [ "$GHE_PARALLEL_ENABLED" = "yes" ]; then
-  $GHE_PARALLEL_COMMAND $GHE_PARALLEL_COMMAND_OPTIONS -- "${commands[@]}"
+  "$GHE_PARALLEL_COMMAND" "${GHE_PARALLEL_COMMAND_OPTIONS[@]}" -- "${commands[@]}"
 else
   for c in "${commands[@]}"; do
     eval "$c"
@@ -254,7 +251,7 @@ fi
 # git fsck repositories after the backup
 if [ "$GHE_BACKUP_FSCK" = "yes" ]; then
   log_info "Running git fsck on repositories ..."
-  ghe-backup-fsck $GHE_SNAPSHOT_DIR || failures="$failures fsck"
+  ghe-backup-fsck "$GHE_SNAPSHOT_DIR" || failures="$failures fsck"
 fi
 
 # If everything was successful, mark the snapshot as complete, update the
@@ -269,13 +266,15 @@ if [ -z "$failures" ]; then
   ghe-prune-snapshots
 fi
 
+END_TIME=$(date +%s)
+log_info "Runtime: $((END_TIME - START_TIME)) seconds"
 log_info "Completed backup of $GHE_HOSTNAME in snapshot $GHE_SNAPSHOT_TIMESTAMP at $(date +"%H:%M:%S")"
 
 # Exit non-zero and list the steps that failed.
 if [ -z "$failures" ]; then
   ghe_remote_logger "Completed backup from $(hostname) / snapshot $GHE_SNAPSHOT_TIMESTAMP successfully."
 else
-  steps="$(echo $failures | sed 's/ /, /g')"
+  steps="${failures// /, }"
   ghe_remote_logger "Completed backup from $(hostname) / snapshot $GHE_SNAPSHOT_TIMESTAMP with failures: ${steps}."
   log_error "Error: Snapshot incomplete. Some steps failed: ${steps}. "
   exit 1
@@ -285,11 +284,7 @@ fi
 log_info "Checking for leaked ssh keys ..."
 ghe-detect-leaked-ssh-keys -s "$GHE_SNAPSHOT_DIR" || true
 
-END_TIME=$(date +%s)
-log_info "Runtime: $((${END_TIME} - ${START_TIME})) seconds"
-log_info "Backup of $GHE_HOSTNAME finished."
-# Make sure we exit zero after the conditional
-true
+log_info "Restore of $GHE_HOSTNAME finished."
 
 # Remove in-progress file
 ghe_backup_finished

bin/ghe-restore

@@ -32,13 +32,13 @@
 set -e
 
 # Parse arguments
-: ${RESTORE_SETTINGS:=false}
+: "${RESTORE_SETTINGS:=false}"
 export RESTORE_SETTINGS
 
-: ${FORCE:=false}
+: "${FORCE:=false}"
 export FORCE
 
-: ${SKIP_MYSQL:=false}
+: "${SKIP_MYSQL:=false}"
 export SKIP_MYSQL
 
 while true; do
@@ -87,30 +87,30 @@ while true; do
 done
 
 start_cron () {
-  log_info  "Starting cron ..." 
+  log_info "Starting cron ..."
   if $CLUSTER; then
-    if ! ghe-ssh "$GHE_HOSTNAME" -- "ghe-cluster-each -- sudo timeout 120s service cron start" ; then
-      log_warn  "Failed to start cron on one or more nodes"
+    if ! ghe-ssh "$GHE_HOSTNAME" -- "ghe-cluster-each -- sudo timeout 120s service cron start"; then
+      log_warn "Failed to start cron on one or more nodes"
     fi
   else
-    if ! ghe-ssh "$GHE_HOSTNAME" -- "sudo timeout 120s service cron start" ; then
-      log_warn  "Failed to start cron"
+    if ! ghe-ssh "$GHE_HOSTNAME" -- "sudo timeout 120s service cron start"; then
+      log_warn "Failed to start cron"
     fi
   fi
 }
 
 cleanup () {
-  log_info " Exiting, cleaning up ..." 
+  log_info " Exiting, cleaning up ..."
   if [ -n "$1" ]; then
     update_restore_status "$1"
   fi
 
   if $ACTIONS_STOPPED && ghe-ssh "$GHE_HOSTNAME" -- 'ghe-config --true app.actions.enabled'; then
-    log_info  "Restarting Actions after restore ..."
+    log_info "Restarting Actions after restore ..."
     # In GHES 3.3+, ghe-actions-start no longer has a -f (force) flag. In GHES 3.2 and below, we must provide the
     # force flag to make sure it can start in maintenance mode. Use it conditionally based on whether it exists
     # in the --help output
-    if ghe-ssh "$GHE_HOSTNAME" -- 'ghe-actions-start --help' | grep -q force ; then
+    if ghe-ssh "$GHE_HOSTNAME" -- 'ghe-actions-start --help' | grep -q force; then
       ghe-ssh "$GHE_HOSTNAME" -- 'ghe-actions-start -f' 1>&3
     else
       ghe-ssh "$GHE_HOSTNAME" -- 'ghe-actions-start' 1>&3
@@ -122,15 +122,15 @@ cleanup () {
   fi
 
   # Cleanup SSH multiplexing
-  log_info  "Cleaning up SSH multiplexing ..." 
-  if ! ghe-ssh --clean ; then
-    log_info  "Failed to clean up SSH multiplexing"
+  log_info "Cleaning up SSH multiplexing ..."
+  if ! ghe-ssh --clean; then
+    log_info "Failed to clean up SSH multiplexing"
   fi
-  # Remove in-progress file
-  log_info  "Removing in-progress file ..." 1>&3
 
-  if ! rm -f ${GHE_DATA_DIR}/in-progress-restore ; then
-    log_error  "Failed to remove in-progress file" 1>&3
+  # Remove in-progress file
+  log_info "Removing in-progress file ..." 1>&3
+  if ! rm -f "${GHE_DATA_DIR}/in-progress-restore"; then
+    log_error "Failed to remove in-progress file" 1>&3
   fi
 }
 
@@ -139,23 +139,24 @@ cleanup () {
 cleanup_cluster_nodes() {
   uuid="$1"
   if [ -z "$uuid" ]; then
-    log_error  "Node UUID required."
+    log_error "Node UUID required."
     exit 2
   fi
-  log_info  "Cleaning up spokes" 1>&3
-  ghe-spokes server evacuate git-server-$uuid 'Removing replica'
-  ghe-spokes server destroy git-server-$uuid
 
-  log_info  "Cleaning up storage" 1>&3
-  ghe-storage destroy-host storage-server-$uuid --force
+  log_info "Cleaning up spokes" 1>&3
+  ghe-spokes server evacuate "git-server-$uuid" 'Removing replica'
+  ghe-spokes server destroy "git-server-$uuid"
+
+  log_info "Cleaning up storage" 1>&3
+  ghe-storage destroy-host "storage-server-$uuid" --force
 
-  log_info  "Cleaning up dpages" 1>&3
-  ghe-dpages offline pages-server-$uuid
-  ghe-dpages remove pages-server-$uuid
+  log_info "Cleaning up dpages" 1>&3
+  ghe-dpages offline "pages-server-$uuid"
+  ghe-dpages remove "pages-server-$uuid"
 
-  log_info  "Cleaning up redis" 1>&3
-  ghe-redis-cli del resque:queue:maint_git-server-$uuid
-  ghe-redis-cli srem resque:queues maint_git-server-$uuid
+  log_info "Cleaning up redis" 1>&3
+  ghe-redis-cli del "resque:queue:maint_git-server-$uuid"
+  ghe-redis-cli srem resque:queues "maint_git-server-$uuid"
 }
 
 # Bring in the backup configuration
@@ -190,7 +191,7 @@ export GHE_RESTORE_SNAPSHOT
 ghe_backup_check
 
 # Detect if the backup we are restoring has a leaked ssh key
-echo  "Checking for leaked keys in the backup snapshot that is being restored ..."
+echo "Checking for leaked keys in the backup snapshot that is being restored ..."
 ghe-detect-leaked-ssh-keys -s "$GHE_RESTORE_SNAPSHOT_PATH" || true
 
 # Figure out whether to use the tarball or rsync restore strategy based on the
@@ -218,7 +219,7 @@ export CLUSTER
 
 # Restoring a cluster backup to a standalone appliance is not supported
 if ! $CLUSTER && [ "$GHE_BACKUP_STRATEGY" = "cluster" ]; then
-  log_error  "Error: Snapshot from a GitHub Enterprise cluster cannot be restored to a standalone appliance. Aborting." >&2
+  log_error "Error: Snapshot from a GitHub Enterprise cluster cannot be restored to a standalone appliance. Aborting." >&2
   exit 1
 fi
 
@@ -230,7 +231,7 @@ fi
 # Figure out if this appliance is in a replication pair
 if ghe-ssh "$GHE_HOSTNAME" -- \
   "[ -f '$GHE_REMOTE_ROOT_DIR/etc/github/repl-state' ]"; then
-  log_error  "Error: Restoring to an appliance with replication enabled is not supported. Please teardown replication before restoring." >&2
+  log_error "Error: Restoring to an appliance with replication enabled is not supported. Please teardown replication before restoring." >&2
   exit 1
 fi
 
@@ -267,9 +268,10 @@ fi
 # Log restore start message locally and in /var/log/syslog on remote instance
 START_TIME=$(date +%s)
 log_info "Starting restore of $GHE_HOSTNAME with backup-utils v$BACKUP_UTILS_VERSION from snapshot $GHE_RESTORE_SNAPSHOT"
+
 ghe_remote_logger "Starting restore from $(hostname) with backup-utils v$BACKUP_UTILS_VERSION / snapshot $GHE_RESTORE_SNAPSHOT ..."
 # Create an in-progress-restore file to prevent simultaneous backup or restore runs
-echo "${START_TIME} $$" > ${GHE_DATA_DIR}/in-progress-restore
+echo "${START_TIME} $$" > "${GHE_DATA_DIR}/in-progress-restore"
 
 # Keep other processes on the VM or cluster in the loop about the restore status.
 #
@@ -295,7 +297,7 @@ update_restore_status "restoring"
 # Make sure the GitHub appliance is in maintenance mode.
 if $instance_configured; then
   if ! ghe-maintenance-mode-status "$GHE_HOSTNAME"; then
-    log_error  "Error: $GHE_HOSTNAME must be put in maintenance mode before restoring. Aborting." 1>&2
+    log_error "Error: $GHE_HOSTNAME must be put in maintenance mode before restoring. Aborting." 1>&2
     exit 1
   fi
 fi
@@ -305,9 +307,9 @@ RELEASE_VERSION=$(ghe-ssh "$GHE_HOSTNAME" -- 'ghe-config --get core.package-vers
 
 # If the backup being restored is from an appliance with Actions disabled, restoring it onto an appliance with Actions enabled will cause
 # mismatches in the secrets needed for Actions which ultimately results in Actions not working properly. Note: xargs is to remove whitespace
-ACTIONS_ENABLED_IN_BACKUP=$(git config -f $GHE_RESTORE_SNAPSHOT_PATH/settings.json --bool app.actions.enabled | xargs)
+ACTIONS_ENABLED_IN_BACKUP=$(git config -f "$GHE_RESTORE_SNAPSHOT_PATH/settings.json" --bool app.actions.enabled | xargs)
 if [[ $ACTIONS_ENABLED_IN_BACKUP != true ]] && ghe-ssh "$GHE_HOSTNAME" -- 'ghe-config --true app.actions.enabled'; then
-    log_error  "Restoring a backup with Actions disabled onto an appliance with Actions enabled is not supported." >&2
+    log_error "Restoring a backup with Actions disabled onto an appliance with Actions enabled is not supported." >&2
     exit 1
 fi
 
@@ -391,11 +393,10 @@ fi
 # Restore UUID if present and not restoring to cluster.
 if [ -s "$GHE_RESTORE_SNAPSHOT_PATH/uuid" ] && ! $CLUSTER; then
   log_info "Restoring UUID ..."
-  cat "$GHE_RESTORE_SNAPSHOT_PATH/uuid" |
-  ghe-ssh "$GHE_HOSTNAME" -- "sudo sponge '$GHE_REMOTE_DATA_USER_DIR/common/uuid' 2>/dev/null"
+  ghe-ssh "$GHE_HOSTNAME" -- "sudo sponge '$GHE_REMOTE_DATA_USER_DIR/common/uuid' 2>/dev/null" <"$GHE_RESTORE_SNAPSHOT_PATH/uuid"
   ghe-ssh "$GHE_HOSTNAME" -- "sudo systemctl stop consul" || true
   ghe-ssh "$GHE_HOSTNAME" -- "sudo rm -rf /data/user/consul/raft"
-  fi
+fi
 
 if is_external_database_snapshot; then
    appliance_strategy="external"
@@ -428,12 +429,13 @@ if ghe-ssh "$GHE_HOSTNAME" -- 'ghe-config --true app.actions.enabled'; then
   ACTIONS_STOPPED=true
   ghe-ssh "$GHE_HOSTNAME" -- 'ghe-actions-stop' 1>&3
 
-  log_info  "Restoring MSSQL databases ..."
+  log_info "Restoring MSSQL databases ..."
   ghe-restore-mssql "$GHE_HOSTNAME" 1>&3
 
   log_info "Restoring Actions data ..."
   ghe-restore-actions "$GHE_HOSTNAME" 1>&3
-  echo  "* WARNING: Every self-hosted Actions runner that communicates with the restored GHES server must be restarted or reconfigured in order to continue functioning. \n See https://docs.github.com/en/actions/hosting-your-own-runners/adding-self-hosted-runners for more details on how to reconfigure self-hosted Actions runners."
+  echo "* WARNING: Every self-hosted Actions runner that communicates with the restored GHES server must be restarted or reconfigured in order to continue functioning."
+  echo "See https://docs.github.com/en/actions/hosting-your-own-runners/adding-self-hosted-runners for more details on how to reconfigure self-hosted Actions runners."
 fi
 
 if ghe-ssh "$GHE_HOSTNAME" -- 'ghe-config --true app.minio.enabled'; then
@@ -485,16 +487,16 @@ if ! $CLUSTER && [ -d "$GHE_RESTORE_SNAPSHOT_PATH/elasticsearch" ]; then
 fi
 
 # Restore the audit log migration sentinel file, if it exists in the snapshot
-if test -f "$GHE_RESTORE_SNAPSHOT_PATH"/es-scan-complete; then
+if test -f "$GHE_RESTORE_SNAPSHOT_PATH/es-scan-complete"; then
   log_info "Restoring Elasticsearch audit log migration sentinel file ..." 1>&3
-  if ! ghe-ssh "$GHE_HOSTNAME" -- "sudo touch $GHE_REMOTE_DATA_USER_DIR/common/es-scan-complete" ; then
+  if ! ghe-ssh "$GHE_HOSTNAME" -- "sudo touch $GHE_REMOTE_DATA_USER_DIR/common/es-scan-complete"; then
     log_info "Failed to restore Elasticsearch audit log migration sentinel file." 1>&3
   fi
 fi
 
 # Restore exported audit logs to 2.12.9 and newer single nodes and
 # all releases of cluster
-if $CLUSTER || [ "$(version $GHE_REMOTE_VERSION)" -ge "$(version 2.12.9)" ]; then
+if $CLUSTER || [ "$(version "$GHE_REMOTE_VERSION")" -ge "$(version 2.12.9)" ]; then
   if [[ "$GHE_RESTORE_SKIP_AUDIT_LOGS" = "yes" ]]; then
     log_info "Skipping restore of audit logs."
   else
@@ -508,16 +510,16 @@ fi
 
 if [ "$GHE_PARALLEL_ENABLED" = "yes" ]; then
   log_info "Restoring data in parallel ..."
-  $GHE_PARALLEL_COMMAND $GHE_PARALLEL_COMMAND_OPTIONS -- "${commands[@]}"
+  "$GHE_PARALLEL_COMMAND" "${GHE_PARALLEL_COMMAND_OPTIONS[@]}" -- "${commands[@]}"
 else
   log_info "Restoring data serially ..." 1>&3
   for c in "${commands[@]}"; do
-   eval "$c"
+    eval "$c"
   done
 fi
 
 # Restart an already running memcached to reset the cache after restore
-log_info  "Restarting memcached ..." 1>&3
+log_info "Restarting memcached ..." 1>&3
 echo "sudo restart -q memcached 2>/dev/null || true" |
   ghe-ssh "$GHE_HOSTNAME" -- /bin/sh
 
@@ -564,7 +566,7 @@ CRON_RUNNING=true
 # Clean up all stale replicas on configured instances.
 if ! $CLUSTER && $instance_configured; then
   log_info "Cleaning up replicas..." 1>&3
-  restored_uuid=$(cat $GHE_RESTORE_SNAPSHOT_PATH/uuid)
+  restored_uuid=$(cat "$GHE_RESTORE_SNAPSHOT_PATH/uuid")
   other_nodes=$(echo "
     set -o pipefail; \
     ghe-spokes server show --json \
@@ -604,11 +606,12 @@ else
 fi
 
 END_TIME=$(date +%s)
-log_info "Runtime: $((${END_TIME} - ${START_TIME})) seconds"
-log_info "Restore of $GHE_HOSTNAME from snapshot $GHE_RESTORE_SNAPSHOT finished."
+log_info "Runtime: $((END_TIME - START_TIME)) seconds"
+log_info "Completed restore of $GHE_HOSTNAME from snapshot $GHE_RESTORE_SNAPSHOT at $(date +"%H:%M:%S")"
 
+log_info "Restore of $GHE_HOSTNAME finished."
 
 if ! $instance_configured; then
-  echo  "To complete the restore process, please visit https://$hostname/setup/settings to review and save the appliance configuration."
+  echo "To complete the restore process, please visit https://$hostname/setup/settings to review and save the appliance configuration."
 fi