feat: using braces to delimiting variable names (#292)

4383 · astansler · commit da523d19622a · 2018-07-02T16:53:30.000+03:00
Enforce variable security by using braces on all variables
of the do.sh script.
diff --git a/do.sh b/do.sh
@@ -28,61 +28,61 @@ GRADLE_VERSION=4.2.0
 
 # run only inside build container
 build_jar_inside() {
-  if [ "$NAMESPACE" == "sandbox" ]; then
+  if [ "${NAMESPACE}" == "sandbox" ]; then
     API="https://sandbox.sourcerer/api/commit"
     LOG="debug"
-  elif [ "$NAMESPACE" == "staging" ]; then
+  elif [ "${NAMESPACE}" == "staging" ]; then
     API="https://staging.sourcerer/api/commit"
     LOG="info"
-  elif [ "$NAMESPACE" == "local" ]; then
+  elif [ "${NAMESPACE}" == "local" ]; then
     API="http://localhost:3181"
     LOG="debug"
   else
     API="https://sourcerer.io/api/commit"
     LOG="info"
   fi
-  gradle -Penv=$NAMESPACE -Plog=$LOG -Papi=$API build
+  gradle -Penv=${NAMESPACE} -Plog=${LOG} -Papi=${API} build
 }
 
 build_jar() {
-  docker run -i -v $VOLUME:/home/gradle/app --workdir=/home/gradle/app \
-    -e LOG=$LOG -e NAMESPACE=$NAMESPACE \
-    gradle:$GRADLE_VERSION \
+  docker run -i -v ${VOLUME}:/home/gradle/app --workdir=/home/gradle/app \
+    -e LOG=${LOG} -e NAMESPACE=${NAMESPACE} \
+    gradle:${GRADLE_VERSION} \
     ./do.sh build_jar_inside
 }
 
 build_prod_inside() {
-  docker build -t $REPO_NAME .
+  docker build -t ${REPO_NAME} .
 }
 
 deploy() {
   source ./deploy/${NAMESPACE}_env.sh
   envsubst < ./deploy/sourcerer-app.yaml > /tmp/deploy.yaml
-  kubectl --namespace=$NAMESPACE apply -f /tmp/deploy.yaml
+  kubectl --namespace=${NAMESPACE} apply -f /tmp/deploy.yaml
 }
 
 ######################
 
 run_jar() {
-  docker run -i -v $VOLUME:/app --workdir=/app gradle:$GRADLE_VERSION \
+  docker run -i -v ${VOLUME}:/app --workdir=/app gradle:${GRADLE_VERSION} \
     java -jar build/libs/app.jar
 }
 
 run_prod() {
-  docker run -i -p $PORT:80 $REPO_NAME
+  docker run -i -p ${PORT}:80 ${REPO_NAME}
 }
 
 push() {
-  gcloud docker -- push $REPO_NAME
+  gcloud docker -- push ${REPO_NAME}
 }
 
 #---------------------#
 #----- Execution -----#
 #---------------------#
 
-fn_exists $COMMAND
+fn_exists ${COMMAND}
 if [ $? -eq 0 ]; then
-  $COMMAND $ARGUMENTS
+  ${COMMAND} ${ARGUMENTS}
 else
   echo "Command not found"
 fi
