diff --git a/maintainers/flake-module.nix b/maintainers/flake-module.nix index 368ea8cf2..505eca55a 100644 --- a/maintainers/flake-module.nix +++ b/maintainers/flake-module.nix @@ -106,18 +106,11 @@ enable = true; excludes = [ # We haven't linted these files yet - ''^scripts/install-multi-user\.sh$'' - ''^tests/functional/completions\.sh$'' ''^tests/functional/compute-levels\.sh$'' - ''^tests/functional/config\.sh$'' ''^tests/functional/db-migration\.sh$'' - ''^tests/functional/debugger\.sh$'' ''^tests/functional/dependencies\.builder0\.sh$'' - ''^tests/functional/dependencies\.sh$'' ''^tests/functional/dump-db\.sh$'' ''^tests/functional/dyn-drv/build-built-drv\.sh$'' - ''^tests/functional/dyn-drv/common\.sh$'' - ''^tests/functional/dyn-drv/dep-built-drv\.sh$'' ''^tests/functional/dyn-drv/eval-outputOf\.sh$'' ''^tests/functional/dyn-drv/old-daemon-error-hack\.sh$'' ''^tests/functional/dyn-drv/recursive-mod-json\.sh$'' diff --git a/scripts/install-multi-user.sh b/scripts/install-multi-user.sh index 450a773e9..b013190f9 100644 --- a/scripts/install-multi-user.sh +++ b/scripts/install-multi-user.sh @@ -55,18 +55,22 @@ readonly NIX_INSTALLED_NIX="@nix@" readonly NIX_INSTALLED_CACERT="@cacert@" #readonly NIX_INSTALLED_NIX="/nix/store/j8dbv5w6jl34caywh2ygdy88knx1mdf7-nix-2.3.6" #readonly NIX_INSTALLED_CACERT="/nix/store/7dxhzymvy330i28ii676fl1pqwcahv2f-nss-cacert-3.49.2" -readonly EXTRACTED_NIX_PATH="$(dirname "$0")" +EXTRACTED_NIX_PATH="$(dirname "$0")" +readonly EXTRACTED_NIX_PATH # allow to override identity change command -readonly NIX_BECOME=${NIX_BECOME:-sudo} +NIX_BECOME=${NIX_BECOME:-sudo} +readonly NIX_BECOME -readonly ROOT_HOME=~root +ROOT_HOME=~root +readonly ROOT_HOME if [ -t 0 ] && [ -z "${NIX_INSTALLER_YES:-}" ]; then - readonly IS_HEADLESS='no' + IS_HEADLESS='no' else - readonly IS_HEADLESS='yes' + IS_HEADLESS='yes' fi +readonly IS_HEADLESS headless() { if [ "$IS_HEADLESS" = "yes" ]; then @@ -156,6 +160,7 @@ EOF } nix_user_for_core() { + # shellcheck disable=SC2059 printf "$NIX_BUILD_USER_NAME_TEMPLATE" "$1" } @@ -381,10 +386,12 @@ _sudo() { # Ensure that $TMPDIR exists if defined. if [[ -n "${TMPDIR:-}" ]] && [[ ! -d "${TMPDIR:-}" ]]; then + # shellcheck disable=SC2174 mkdir -m 0700 -p "${TMPDIR:-}" fi -readonly SCRATCH=$(mktemp -d) +SCRATCH=$(mktemp -d) +readonly SCRATCH finish_cleanup() { rm -rf "$SCRATCH" } @@ -677,7 +684,8 @@ create_directories() { # hiding behind || true, and the general state # should be one the user can repair once they # figure out where chown is... - local get_chr_own="$(PATH="$(getconf PATH 2>/dev/null)" command -vp chown)" + local get_chr_own + get_chr_own="$(PATH="$(getconf PATH 2>/dev/null)" command -vp chown)" if [[ -z "$get_chr_own" ]]; then get_chr_own="$(command -v chown)" fi @@ -1015,6 +1023,7 @@ main() { # Set profile targets after OS-specific scripts are loaded if command -v poly_configure_default_profile_targets > /dev/null 2>&1; then + # shellcheck disable=SC2207 PROFILE_TARGETS=($(poly_configure_default_profile_targets)) else PROFILE_TARGETS=("/etc/bashrc" "/etc/profile.d/nix.sh" "/etc/zshrc" "/etc/bash.bashrc" "/etc/zsh/zshrc") diff --git a/tests/functional/completions.sh b/tests/functional/completions.sh index 9164c5013..b521d35fb 100755 --- a/tests/functional/completions.sh +++ b/tests/functional/completions.sh @@ -53,7 +53,9 @@ cd .. ## With multiple input flakes [[ "$(NIX_GET_COMPLETIONS=5 nix build ./foo ./bar --override-input '')" == $'normal\na\t\nb\t' ]] ## With tilde expansion +# shellcheck disable=SC2088 [[ "$(HOME=$PWD NIX_GET_COMPLETIONS=4 nix build '~/foo' --override-input '')" == $'normal\na\t' ]] +# shellcheck disable=SC2088 [[ "$(HOME=$PWD NIX_GET_COMPLETIONS=5 nix flake update --flake '~/foo' '')" == $'normal\na\t' ]] ## Out of order [[ "$(NIX_GET_COMPLETIONS=3 nix build --override-input '' '' ./foo)" == $'normal\na\t' ]] diff --git a/tests/functional/config.sh b/tests/functional/config.sh index 50858eaa4..c1d47454e 100755 --- a/tests/functional/config.sh +++ b/tests/functional/config.sh @@ -62,7 +62,7 @@ prev=$(nix config show | grep '^cores' | cut -d '=' -f 2 | xargs) export NIX_CONFIG="cores = 4242"$'\n'"experimental-features = nix-command flakes" exp_cores=$(nix config show | grep '^cores' | cut -d '=' -f 2 | xargs) exp_features=$(nix config show | grep '^experimental-features' | cut -d '=' -f 2 | xargs) -[[ $prev != $exp_cores ]] +[[ $prev != "$exp_cores" ]] [[ $exp_cores == "4242" ]] # flakes implies fetch-tree [[ $exp_features == "fetch-tree flakes nix-command" ]] @@ -70,7 +70,7 @@ exp_features=$(nix config show | grep '^experimental-features' | cut -d '=' -f 2 # Test that it's possible to retrieve a single setting's value val=$(nix config show | grep '^warn-dirty' | cut -d '=' -f 2 | xargs) val2=$(nix config show warn-dirty) -[[ $val == $val2 ]] +[[ $val == "$val2" ]] # Test unit prefixes. [[ $(nix config show --min-free 64K min-free) = 65536 ]] diff --git a/tests/functional/dependencies.sh b/tests/functional/dependencies.sh index 972bc5a9b..68c0d3f2e 100755 --- a/tests/functional/dependencies.sh +++ b/tests/functional/dependencies.sh @@ -11,22 +11,22 @@ echo "derivation is $drvPath" nix-store -q --tree "$drvPath" | grep '───.*builder-dependencies-input-1.sh' # Test Graphviz graph generation. -nix-store -q --graph "$drvPath" > $TEST_ROOT/graph +nix-store -q --graph "$drvPath" > "$TEST_ROOT"/graph if test -n "$dot"; then # Does it parse? - $dot < $TEST_ROOT/graph + $dot < "$TEST_ROOT"/graph fi # Test GraphML graph generation -nix-store -q --graphml "$drvPath" > $TEST_ROOT/graphml +nix-store -q --graphml "$drvPath" > "$TEST_ROOT"/graphml outPath=$(nix-store -rvv "$drvPath") || fail "build failed" # Test Graphviz graph generation. -nix-store -q --graph "$outPath" > $TEST_ROOT/graph +nix-store -q --graph "$outPath" > "$TEST_ROOT"/graph if test -n "$dot"; then # Does it parse? - $dot < $TEST_ROOT/graph + $dot < "$TEST_ROOT"/graph fi nix-store -q --tree "$outPath" | grep '───.*dependencies-input-2' @@ -53,7 +53,7 @@ input2OutPath=$(echo "$deps" | grep "dependencies-input-2") nix-store -q --referrers-closure "$input2OutPath" | grep "$outPath" # Check that the derivers are set properly. -test $(nix-store -q --deriver "$outPath") = "$drvPath" +test "$(nix-store -q --deriver "$outPath")" = "$drvPath" nix-store -q --deriver "$input2OutPath" | grepQuiet -- "-input-2.drv" # --valid-derivers returns the currently single valid .drv file diff --git a/tests/functional/dyn-drv/common.sh b/tests/functional/dyn-drv/common.sh index 0d95881b6..ca24498d0 100644 --- a/tests/functional/dyn-drv/common.sh +++ b/tests/functional/dyn-drv/common.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash source ../common.sh # Need backend to support text-hashing too diff --git a/tests/functional/dyn-drv/dep-built-drv.sh b/tests/functional/dyn-drv/dep-built-drv.sh index e9a8b6b83..f5be23645 100644 --- a/tests/functional/dyn-drv/dep-built-drv.sh +++ b/tests/functional/dyn-drv/dep-built-drv.sh @@ -11,4 +11,4 @@ clearStore out2=$(nix-build ./text-hashed-output.nix -A wrapper --no-out-link) -diff -r $out1 $out2 +diff -r "$out1" "$out2"