Removemigrateshellck (#755)

Author: gsmith-sas

logging/bin/apiaccess-include.sh

@@ -1,3 +1,5 @@
+#! /bin/bash
+
 # Copyright © 2020, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
 # SPDX-License-Identifier: Apache-2.0
 
@@ -8,21 +10,23 @@ if [ "$SAS_LOGGING_COMMON_SOURCED" = "" ]; then
     source bin/common.sh
 
     if [ -f "$USER_DIR/logging/user.env" ]; then
-        userEnv=$(grep -v '^[[:blank:]]*$' $USER_DIR/logging/user.env | grep -v '^#' | xargs)
+        userEnv=$(grep -v '^[[:blank:]]*$' "$USER_DIR/logging/user.env" | grep -v '^#' | xargs)
+
         log_verbose "Loading user environment file: $USER_DIR/logging/user.env"
         if [ "$userEnv" ]; then
-          export $userEnv
+            # shellcheck disable=SC2086,SC2163
+            export $userEnv
         fi
     fi
 
     #Check for obsolete env var
-    if [  -n "$LOG_SEARCH_BACKEND" ]; then
+    if [ -n "$LOG_SEARCH_BACKEND" ]; then
         log_error "Support for the LOG_SEARCH_BACKEND environment variable has been removed."
         log_error "This script is only appropriate for use with OpenSearch as the search back-end."
         log_error "The LOG_SEARCH_BACKEND environment variable is currently set to [$LOG_SEARCH_BACKEND]"
         exit 1
     fi
-    
+
     export LOG_NS="${LOG_NS:-logging}"
 
     #if TLS (w/in cluster; for all monitoring components) is requested, require TLS into OSD pod, too
@@ -47,7 +51,7 @@ if [ "$SAS_LOGGING_COMMON_SOURCED" = "" ]; then
     export V4M_NS=$LOG_NS
 
     if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then
-       source bin/airgap-include.sh
+        source bin/airgap-include.sh
     fi
 
     source bin/version-include.sh
@@ -56,4 +60,3 @@ if [ "$SAS_LOGGING_COMMON_SOURCED" = "" ]; then
 
 fi
 echo ""
-

logging/bin/change_internal_password.sh

@@ -3,10 +3,10 @@
 # Copyright © 2021, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
 # SPDX-License-Identifier: Apache-2.0
 
-cd "$(dirname $BASH_SOURCE)/../.."
+cd "$(dirname "$BASH_SOURCE")/../.." || exit 1
 source logging/bin/common.sh
 
-this_script=`basename "$0"`
+this_script=$(basename "$0")
 
 log_debug "Script [$this_script] has started [$(date)]"
 
@@ -15,131 +15,98 @@ log_debug "Script [$this_script] has started [$(date)]"
 ##################################
 
 if [ "$OPENSHIFT_CLUSTER" != "true" ]; then
-  if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then
-    log_error "This script should only be run on OpenShift clusters"
-    exit 1
-  fi
+    if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then
+        log_error "This script should only be run on OpenShift clusters"
+        exit 1
+    fi
 fi
 
 app=${1}
-app=$(echo "$app"| tr '[:lower:]' '[:upper:]')
+app=$(echo "$app" | tr '[:lower:]' '[:upper:]')
 
 case "$app" in
-   "KIBANA"|"KB")
-      namespace="$LOG_NS"
-      service_name="v4m-es-kibana-svc"
-      port="kibana-svc"
-      tls_enable="true"
-      tls_secret="kibana-tls-secret"
-      ingress_tls_secret="kibana-ingress-tls-secret"
-      route_name="$service_name"
-      if [ "$OPENSHIFT_PATH_ROUTES" == "true" ]; then
-        route_host=${OPENSHIFT_ROUTE_HOST_KIBANA:-v4m-$namespace.$OPENSHIFT_ROUTE_DOMAIN}
-        route_path="/kibana"
-      else
-        route_host=${OPENSHIFT_ROUTE_HOST_KIBANA:-$service_name-$namespace.$OPENSHIFT_ROUTE_DOMAIN}
-        route_path="/"
-      fi
-      ;;
-   "ELASTICSEARCH"|"ES")
-      namespace="$LOG_NS"
-      service_name="v4m-es-client-service"
-      port="http"
-      tls_enable="true"
-      tls_secret="es-rest-tls-secret"
-      ingress_tls_secret="elasticsearch-ingress-tls-secret"
-      route_name="$service_name"
-      if [ "$OPENSHIFT_PATH_ROUTES" == "true" ]; then
-        route_host=${OPENSHIFT_ROUTE_HOST_ELASTICSEARCH:-v4m-$namespace.$OPENSHIFT_ROUTE_DOMAIN}
-        route_path="/elasticsearch"
-      else
-        route_host=${OPENSHIFT_ROUTE_HOST_ELASTICSEARCH:-$service_name-$namespace.$OPENSHIFT_ROUTE_DOMAIN}
-        route_path="/"
-      fi
-      ;;
-   "OPENSEARCH"|"OS")
-      namespace="$LOG_NS"
-      service_name="v4m-search"
-      port="http"
-      tls_enable="true"
-      tls_secret="es-rest-tls-secret"
-      ingress_tls_secret="elasticsearch-ingress-tls-secret"
-      route_name="$service_name"
-      if [ "$OPENSHIFT_PATH_ROUTES" == "true" ]; then
+"OPENSEARCH" | "OS")
+    namespace="$LOG_NS"
+    service_name="v4m-search"
+    port="http"
+    tls_enable="true"
+    tls_secret="es-rest-tls-secret"
+    ingress_tls_secret="elasticsearch-ingress-tls-secret"
+    route_name="$service_name"
+    if [ "$OPENSHIFT_PATH_ROUTES" == "true" ]; then
         route_host=${OPENSHIFT_ROUTE_HOST_ELASTICSEARCH:-v4m-$namespace.$OPENSHIFT_ROUTE_DOMAIN}
         route_path="/opensearch"
-      else
+    else
         route_host=${OPENSHIFT_ROUTE_HOST_ELASTICSEARCH:-$service_name-$namespace.$OPENSHIFT_ROUTE_DOMAIN}
         route_path="/"
-      fi
-      ;;
-   "OSD"|"OPENSEARCHDASHBOARD"|"OPENSEARCHDASHBOARDS")
-      namespace="$LOG_NS"
-      service_name="v4m-osd"
-      port="http"
-      tls_enable="true"
-      tls_secret="kibana-tls-secret"
-      ingress_tls_secret="kibana-ingress-tls-secret"
-      route_name="$service_name"
-      if [ "$OPENSHIFT_PATH_ROUTES" == "true" ]; then
+    fi
+    ;;
+"OSD" | "OPENSEARCHDASHBOARD" | "OPENSEARCHDASHBOARDS")
+    namespace="$LOG_NS"
+    service_name="v4m-osd"
+    port="http"
+    tls_enable="true"
+    tls_secret="kibana-tls-secret"
+    ingress_tls_secret="kibana-ingress-tls-secret"
+    route_name="$service_name"
+    if [ "$OPENSHIFT_PATH_ROUTES" == "true" ]; then
         route_host=${OPENSHIFT_ROUTE_HOST_KIBANA:-v4m-$namespace.$OPENSHIFT_ROUTE_DOMAIN}
         route_path="/dashboards"
-      else
+    else
         route_host=${OPENSHIFT_ROUTE_HOST_KIBANA:-$service_name-$namespace.$OPENSHIFT_ROUTE_DOMAIN}
         route_path="/"
-      fi
-      ;;
-  ""|*)
-      log_error "Application name is invalid or missing."
-      log_error "The APPLICATION NAME is required; valid values are: OpenSearch or OpenSearchDashboards"
-      exit 1
-      ;;
+    fi
+    ;;
+"" | *)
+    log_error "Application name is invalid or missing."
+    log_error "The APPLICATION NAME is required; valid values are: OpenSearch or OpenSearchDashboards"
+    exit 1
+    ;;
 esac
 
-if oc -n $namespace get route $route_name 2>/dev/null 1>&2; then
-   log_info "Skipping route creation; the requested route [$route_name] already exists in the namespace [$namespace]."
-   exit 0
+if oc -n "$namespace" get route $route_name > /dev/null 2>&1; then
+    log_info "Skipping route creation; the requested route [$route_name] already exists in the namespace [$namespace]."
+    exit 0
 fi
 
 if [ "$tls_enable" != "true" ]; then
-   tls_mode="edge"
+    tls_mode="edge"
 else
-   if oc -n $namespace get secret $tls_secret 2>/dev/null 1>&2; then
-      tls_mode="reencrypt"
-   else
-      log_error "The specified secret [$tls_secret] does NOT exists in the namespace [$namespace]."
-      exit 1
-   fi
+    if oc -n "$namespace" get secret $tls_secret > /dev/null 2>&1; then
+        tls_mode="reencrypt"
+    else
+        log_error "The specified secret [$tls_secret] does NOT exists in the namespace [$namespace]."
+        exit 1
+    fi
 fi
 
-oc -n $namespace create route $tls_mode $route_name \
+oc -n "$namespace" create route $tls_mode $route_name \
     --service $service_name \
     --port=$port \
     --insecure-policy=Redirect \
-    --hostname $route_host \
+    --hostname "$route_host" \
     --path $route_path
 rc=$?
 
 if [ "$OPENSHIFT_PATH_ROUTES" == "true" ]; then
-    oc -n $namespace annotate route $route_name "haproxy.router.openshift.io/rewrite-target=/"
+    oc -n "$namespace" annotate route $route_name "haproxy.router.openshift.io/rewrite-target=/"
 fi
 
 if [ "$rc" != "0" ]; then
-   log_error "There was a problem creating the route for [$route_name]. [$rc]"
-   exit 1
+    log_error "There was a problem creating the route for [$route_name]. [$rc]"
+    exit 1
 fi
 
 if [ "$tls_enable" == "true" ]; then
-   # identify secret containing destination CA
-   oc -n $namespace annotate route $route_name cert-utils-operator.redhat-cop.io/destinationCA-from-secret=$tls_secret
+    # identify secret containing destination CA
+    oc -n "$namespace" annotate route $route_name cert-utils-operator.redhat-cop.io/destinationCA-from-secret=$tls_secret
 fi
 
-
-if oc -n $namespace get secret $ingress_tls_secret 2>/dev/null 1>&2; then
-   # Add annotation to identify secret containing TLS certs
-   oc -n $namespace annotate route $route_name cert-utils-operator.redhat-cop.io/certs-from-secret=$ingress_tls_secret
+if oc -n "$namespace" get secret $ingress_tls_secret > /dev/null 2>&1; then
+    # Add annotation to identify secret containing TLS certs
+    oc -n "$namespace" annotate route $route_name cert-utils-operator.redhat-cop.io/certs-from-secret=$ingress_tls_secret
 else
-   log_debug "The ingress secret [$ingress_tls_secret] does NOT exists, omitting annotation [certs-from-secret]."
+    log_debug "The ingress secret [$ingress_tls_secret] does NOT exists, omitting annotation [certs-from-secret]."
 fi
 
 log_info "OpenShift Route [$route_name] has been created."