diff --git a/devstack/designate_plugins/backend-akamai-v2 b/devstack/designate_plugins/backend-akamai-v2 index 92ff12497..0d4d7b846 100644 --- a/devstack/designate_plugins/backend-akamai-v2 +++ b/devstack/designate_plugins/backend-akamai-v2 @@ -1,3 +1,4 @@ +#!/usr/bin/env bash # Configure the Akamai v2 backend # Requirements: diff --git a/devstack/designate_plugins/backend-bind9 b/devstack/designate_plugins/backend-bind9 index a7a0ac2b2..0570349d0 100644 --- a/devstack/designate_plugins/backend-bind9 +++ b/devstack/designate_plugins/backend-bind9 @@ -1,3 +1,4 @@ +#!/usr/bin/env bash # Configure the bind9 pool backend # Enable with: diff --git a/devstack/designate_plugins/backend-designate b/devstack/designate_plugins/backend-designate index 1fe666e30..e3e3ccd4c 100644 --- a/devstack/designate_plugins/backend-designate +++ b/devstack/designate_plugins/backend-designate @@ -1,3 +1,4 @@ +#!/usr/bin/env bash # Configure the designate backend # Requirements: @@ -65,7 +66,8 @@ function configure_designate_backend { IFS=',' read -a nameservers <<< "$DESIGNATE_D2D_NAMESERVERS" for nameserver in "${nameservers[@]}"; do - local nameserver_id=`uuidgen` + local nameserver_id + nameserver_id=`uuidgen` iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $(dig +short A $nameserver | head -n 1) iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port 53 diff --git a/devstack/designate_plugins/backend-dynect b/devstack/designate_plugins/backend-dynect index 5b78333df..092f0533b 100644 --- a/devstack/designate_plugins/backend-dynect +++ b/devstack/designate_plugins/backend-dynect @@ -1,3 +1,4 @@ +#!/usr/bin/env bash # Configure the dynect backend # Requirements: diff --git a/devstack/designate_plugins/backend-fake b/devstack/designate_plugins/backend-fake index 1b4e4bac0..963a691d2 100644 --- a/devstack/designate_plugins/backend-fake +++ b/devstack/designate_plugins/backend-fake @@ -1,3 +1,4 @@ +#!/usr/bin/env bash # Configure the fake backend # Enable with: diff --git a/devstack/designate_plugins/backend-infoblox b/devstack/designate_plugins/backend-infoblox index 71fb20708..76dee0aa0 100644 --- a/devstack/designate_plugins/backend-infoblox +++ b/devstack/designate_plugins/backend-infoblox @@ -1,3 +1,4 @@ +#!/usr/bin/env bash # Configure the infoblox backend # Requirements: diff --git a/devstack/designate_plugins/backend-ns1 b/devstack/designate_plugins/backend-ns1 index 844182ea2..6713e9a68 100644 --- a/devstack/designate_plugins/backend-ns1 +++ b/devstack/designate_plugins/backend-ns1 @@ -1,3 +1,4 @@ +#!/usr/bin/env bash # Configure the NS1 backend # Requirements: diff --git a/devstack/designate_plugins/backend-pdns4 b/devstack/designate_plugins/backend-pdns4 index a6c8962d5..7f2e4d7e3 100644 --- a/devstack/designate_plugins/backend-pdns4 +++ b/devstack/designate_plugins/backend-pdns4 @@ -1,3 +1,4 @@ +#!/usr/bin/env bash # Configure the powerdns backend # Enable with: diff --git a/devstack/exercise.sh b/devstack/exercise.sh index 40a279145..ef4ff3b41 100755 --- a/devstack/exercise.sh +++ b/devstack/exercise.sh @@ -22,7 +22,7 @@ SCRIPT_DIR=$(cd $(dirname "$0") && pwd) DEVSTACK_DIR=$(cd $SCRIPT_DIR/../..; pwd)/devstack if [ -x "$HOME/devstack/stack.sh" ]; then - DEVSTACK_DIR=$HOME/devstack/ + DEVSTACK_DIR=$HOME/devstack/ fi # Import common functions @@ -109,11 +109,13 @@ function ensure_record_absent { # do an AXFR request to MDNS # if it does not match the expected value, give an error function verify_axfr_in_mdns { + local axfr_records + # Display for debugging dig $DIG_AXFR_FLAGS "$1" if dig $DIG_AXFR_FLAGS "$1"; then if [ -n "$2" ] ; then - local axfr_records=$(dig $DIG_AXFR_FLAGS "$1" | grep "$1" | wc -l) + axfr_records=$(dig $DIG_AXFR_FLAGS "$1" | grep "$1" | wc -l) if [ "$axfr_records" = "$2" ] ; then return 0 else @@ -131,7 +133,8 @@ function verify_axfr_in_mdns { function get_domain_id { local domain_name=$1 local required=$2 - local domain_id=$(designate domain-list | egrep " $domain_name " | get_field 1) + local domain_id + domain_id=$(designate domain-list | egrep " $domain_name " | get_field 1) if [ "$required" = "1" ] ; then die_if_not_set $LINENO domain_id "Failure retrieving DOMAIN_ID" fi @@ -147,7 +150,8 @@ function get_domain_name { # if the given domain does not exist, it will be created # the domain_id of the domain will be returned function get_or_create_domain_id { - local domainid=$(get_domain_id "$1") + local domainid + domainid=$(get_domain_id "$1") if [[ -z "$domainid" ]]; then designate domain-create --name $1 --email admin@devstack.org --ttl 86400 --description "domain $1" 1>&2 domainid=$(designate domain-list | grep "$1" | get_field 1) @@ -162,7 +166,8 @@ function get_record_id { local record_name=$2 local record_type=$3 local required=$4 - local record_id=$(designate record-list $domain_id | egrep " $record_name " | egrep " $record_type " | get_field 1) + local record_id + record_id=$(designate record-list $domain_id | egrep " $record_name " | egrep " $record_type " | get_field 1) if [ "$required" = "1" ] ; then die_if_not_set $LINENO record_id "Failure retrieving RECORD_ID" fi @@ -179,7 +184,7 @@ designate server-list NUMBER_OF_RECORDS=$(designate server-list -f csv | wc -l) # Add 1 extra to account for the additional SOA at the end of the AXFR -((NUMBER_OF_RECORDS+=1)) +NUMBER_OF_RECORDS=$((NUMBER_OF_RECORDS+1)) # Testing Domains # =============== @@ -209,7 +214,7 @@ A_RECORD_NAME="$(openssl rand -hex 4).${DOMAIN_NAME}" # Create an A record designate record-create $DOMAIN_ID --name $A_RECORD_NAME --type A --data 127.0.0.1 -((NUMBER_OF_RECORDS++)) +NUMBER_OF_RECORDS=$((NUMBER_OF_RECORDS+1)) A_RECORD_ID=$(get_record_id $DOMAIN_ID $A_RECORD_NAME A) # Fetch the record @@ -225,7 +230,7 @@ AAAA_RECORD_NAME="$(openssl rand -hex 4).${DOMAIN_NAME}" # Create an AAAA record designate record-create $DOMAIN_ID --name $AAAA_RECORD_NAME --type AAAA --data "2607:f0d0:1002:51::4" -((NUMBER_OF_RECORDS++)) +NUMBER_OF_RECORDS=$((NUMBER_OF_RECORDS+1)) AAAA_RECORD_ID=$(get_record_id $DOMAIN_ID $AAAA_RECORD_NAME AAAA) # Fetch the record @@ -238,7 +243,7 @@ ensure_record_present $AAAA_RECORD_NAME AAAA 2607:f0d0:1002:51::4 # Create a MX record designate record-create $DOMAIN_ID --name $DOMAIN_NAME --type MX --priority 5 --data "mail.example.com." -((NUMBER_OF_RECORDS++)) +NUMBER_OF_RECORDS=$((NUMBER_OF_RECORDS+1)) MX_RECORD_ID=$(get_record_id $DOMAIN_ID $DOMAIN_NAME MX) # Fetch the record @@ -251,7 +256,7 @@ ensure_record_present $DOMAIN_NAME MX "5 mail.example.com." # Create a SRV record designate record-create $DOMAIN_ID --name _sip._tcp.$DOMAIN_NAME --type SRV --priority 10 --data "5 5060 sip.example.com." -((NUMBER_OF_RECORDS++)) +NUMBER_OF_RECORDS=$((NUMBER_OF_RECORDS+1)) SRV_RECORD_ID=$(get_record_id $DOMAIN_ID _sip._tcp.$DOMAIN_NAME SRV) # Fetch the record @@ -267,7 +272,7 @@ CNAME_RECORD_NAME="$(openssl rand -hex 4).${DOMAIN_NAME}" # Create a CNAME record designate record-create $DOMAIN_ID --name $CNAME_RECORD_NAME --type CNAME --data $DOMAIN_NAME -((NUMBER_OF_RECORDS++)) +NUMBER_OF_RECORDS=$((NUMBER_OF_RECORDS+1)) CNAME_RECORD_ID=$(get_record_id $DOMAIN_ID $CNAME_RECORD_NAME CNAME) # Fetch the record diff --git a/devstack/lib/wsgi b/devstack/lib/wsgi index 7ef489893..e16a914eb 100644 --- a/devstack/lib/wsgi +++ b/devstack/lib/wsgi @@ -1,3 +1,5 @@ +#!/usr/bin/env bash + function designate_configure_uwsgi { write_uwsgi_config "$DESIGNATE_UWSGI_CONF" "$DESIGNATE_UWSGI" "/dns" diff --git a/devstack/plugin.sh b/devstack/plugin.sh index 7cc95fc3f..0be652afa 100755 --- a/devstack/plugin.sh +++ b/devstack/plugin.sh @@ -29,6 +29,9 @@ function cleanup_designate { # configure_designate - Set config files, create data dirs, etc function configure_designate { + local rootwrap_sudoer_cmd + local tempfile + [ ! -d $DESIGNATE_CONF_DIR ] && sudo mkdir -m 755 -p $DESIGNATE_CONF_DIR sudo chown $STACK_USER $DESIGNATE_CONF_DIR @@ -96,8 +99,8 @@ function configure_designate { iniset $DESIGNATE_CONF oslo_concurrency lock_path "$DESIGNATE_STATE_PATH" # Set up the rootwrap sudoers for designate - local rootwrap_sudoer_cmd="$DESIGNATE_BIN_DIR/designate-rootwrap $DESIGNATE_ROOTWRAP_CONF *" - local tempfile=`mktemp` + rootwrap_sudoer_cmd="$DESIGNATE_BIN_DIR/designate-rootwrap $DESIGNATE_ROOTWRAP_CONF *" + tempfile=`mktemp` echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_sudoer_cmd" >$tempfile chmod 0440 $tempfile sudo chown root:root $tempfile @@ -136,7 +139,7 @@ function configure_designatedashboard { } # Configure the needed tempest options -function configure_designate_tempest() { +function configure_designate_tempest { if is_service_enabled tempest; then # Tell tempest we're available iniset $TEMPEST_CONFIG service_available designate True @@ -179,10 +182,12 @@ function configure_designate_tempest() { # ------------------------------------------------------------------ # service designate admin # if enabled function create_designate_accounts { + local designate_api_url + if is_service_enabled designate-api; then create_service_user "designate" - local designate_api_url="$DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST/dns" + designate_api_url="$DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST/dns" get_or_create_service "designate" "dns" "Designate DNS Service" get_or_create_endpoint \ @@ -257,8 +262,8 @@ function install_designatedashboard { setup_dev_lib "designate-dashboard" for panel in _1710_project_dns_panel_group.py \ - _1721_dns_zones_panel.py \ - _1722_dns_reversedns_panel.py; do + _1721_dns_zones_panel.py \ + _1722_dns_reversedns_panel.py; do ln -fs $DESIGNATEDASHBOARD_DIR/designatedashboard/enabled/$panel $HORIZON_DIR/openstack_dashboard/local/enabled/$panel done } diff --git a/devstack/upgrade/upgrade.sh b/devstack/upgrade/upgrade.sh index 7d57bd33b..9db855949 100755 --- a/devstack/upgrade/upgrade.sh +++ b/devstack/upgrade/upgrade.sh @@ -73,7 +73,7 @@ install_designateclient # The designateclient may have changed location # (/opt/stack/new/python-designateclient) so we need to restart neutron if is_service_enabled q-svc; then - restart_service devstack@q-svc.service + restart_service devstack@q-svc.service fi # calls upgrade-designate for specific release diff --git a/test-requirements.txt b/test-requirements.txt index 6960183ec..cbc26ac52 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -17,3 +17,4 @@ pymemcache!=1.3.0,>=1.2.9 # Apache 2.0 License PyMySQL>=0.8.0 # MIT License edgegrid-python>=1.1.1 # Apache-2.0 infoblox-client>=0.6.0 # Apache-2.0 +bashate>=0.5.1 # Apache-2.0 diff --git a/tox.ini b/tox.ini index a3b0f2437..b30e21d58 100644 --- a/tox.ini +++ b/tox.ini @@ -88,10 +88,12 @@ commands = [testenv:pep8] deps = -r{toxinidir}/test-requirements.txt +allowlist_externals = bash commands = flake8 {[testenv:bandit]commands} doc8 {posargs} + {[testenv:bashate]commands} [testenv:genconfig] commands = oslo-config-generator --config-file=etc/designate/designate-config-generator.conf @@ -100,7 +102,7 @@ commands = oslo-config-generator --config-file=etc/designate/designate-config-ge commands = oslopolicy-sample-generator --config-file etc/designate/designate-policy-generator.conf [testenv:bashate] -deps = bashate +deps = -r{toxinidir}/test-requirements.txt allowlist_externals = bash commands = bash -c "find {toxinidir}/devstack \ -not \( -type d -name .?\* -prune \) \ @@ -108,13 +110,15 @@ commands = bash -c "find {toxinidir}/devstack \ -type f \ -not -name \*~ \ -not -name \*.md \ + -not -name \*.sql \ \( \ -name \*.sh -or \ -name \*rc -or \ -name functions\* -or \ - -wholename \*/lib/\* \ + -wholename \*/lib/\* -or \ + -wholename \*/designate_plugins/\* \ \) \ - -print0 | xargs -0 bashate -v" + -print0 | xargs -0 bashate -v -iE006 -eE005,E042" [testenv:pip-check-reqs] # do not install test-requirements as that will pollute the virtualenv for