set -e all the things

Using set -e in all of our scripts will prevent some subtle bugs from slipping in, and will allow us to enforce use of set -e with tooling. This change also adds -u and set -o pipefail in the less complex scripts where it is unlikely to cause problems. A follow-up change will enable those options in the complex scripts so that if it breaks something it can be reverted easily. Change-Id: I0ad358ccb98da7277a0ee2e9ce8fda98438675eb
2014-03-28 22:28:22 -05:00 · 2014-03-28 22:28:22 -05:00 · f6ba2aeaf4
parent 0b367e919b
commit f6ba2aeaf4
42 changed files with 127 additions and 5 deletions
--- a/elements/base/install.d/00-ccache
+++ b/elements/base/install.d/00-ccache
@ -1,2 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install-packages ccache
--- a/elements/base/install.d/99-dkms
+++ b/elements/base/install.d/99-dkms
@ -1,2 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install-packages dkms
--- a/elements/base/install.d/99-up-to-date
+++ b/elements/base/install.d/99-up-to-date
@ -2,6 +2,7 @@
 # Fully upgrade everything on the system (if the package manager knows how to
 # do it).
-set -e
+set -eu
 set -o pipefail
 install-packages -u
--- a/elements/cloud-init-nocloud/install.d/05-inject-local-source-data
+++ b/elements/cloud-init-nocloud/install.d/05-inject-local-source-data
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # without these files, cloud-init will not perform stock operations such as
 # generating sshd hostkeys.
--- a/elements/cloud-init-nocloud/install.d/05-set-cloud-init-sources
+++ b/elements/cloud-init-nocloud/install.d/05-set-cloud-init-sources
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 cat > /etc/cloud/cloud.cfg.d/91-local-metadata-only.cfg <<EOF
 # No cloud metadata available, use only what is in the image.
 datasource_list: [ NoCloud, None ]
--- a/elements/deploy-baremetal/install.d/51-install-tgt
+++ b/elements/deploy-baremetal/install.d/51-install-tgt
@ -1,2 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install-packages tgt
--- a/elements/deploy-baremetal/install.d/52-install-busybox
+++ b/elements/deploy-baremetal/install.d/52-install-busybox
@ -1,2 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install-packages busybox
--- a/elements/deploy-ironic/install.d/51-install-tgt
+++ b/elements/deploy-ironic/install.d/51-install-tgt
@ -1,2 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install-packages tgt
--- a/elements/deploy-ironic/install.d/52-install-busybox
+++ b/elements/deploy-ironic/install.d/52-install-busybox
@ -1,2 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install-packages busybox
--- a/elements/deploy-ironic/install.d/53-install-curl
+++ b/elements/deploy-ironic/install.d/53-install-curl
@ -1,2 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install-packages curl
--- a/elements/deploy-kexec/install.d/53-install-kexec
+++ b/elements/deploy-kexec/install.d/53-install-kexec
@ -1,2 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install-packages kexec-tools
--- a/elements/dhcp-all-interfaces/install.d/50-dhcp-all-interfaces
+++ b/elements/dhcp-all-interfaces/install.d/50-dhcp-all-interfaces
@ -1,5 +1,6 @@
 #!/bin/bash
-set -x
+set -eux
 set -o pipefail
 SCRIPTDIR=$(dirname $0)
--- a/elements/dhcp-all-interfaces/install.d/60-remove-cloud-image-interfaces
+++ b/elements/dhcp-all-interfaces/install.d/60-remove-cloud-image-interfaces
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # Cloud images may hard code the eth0 interfaces so they
 # boot with DHCP.
--- a/elements/dhcp-all-interfaces/install.d/dhcp-all-interfaces.sh
+++ b/elements/dhcp-all-interfaces/install.d/dhcp-all-interfaces.sh
@ -1,5 +1,7 @@
 #!/bin/bash
 set -e
 INTERFACE=${1:-} #optional, if not specified configure all available interfaces
 ENI_FILE="/etc/network/interfaces"
--- a/elements/dib-run-parts/root.d/90-base-dib-run-parts
+++ b/elements/dib-run-parts/root.d/90-base-dib-run-parts
@ -1,5 +1,8 @@
 #!/bin/bash
 set -e
 set -o pipefail
 home=$(dirname $0)
 exec sudo install -m 0755 -o root -g root -D \
    $home/../bin/dib-run-parts \
--- a/elements/disable-selinux/post-install.d/15-disable-selinux
+++ b/elements/disable-selinux/post-install.d/15-disable-selinux
@ -1,4 +1,7 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 config=/etc/selinux/config
 [ -e $config ] && sed -i "s%^\(SELINUX=\s*\).*$%SELINUX=disabled%" $config
--- a/elements/dkms/post-install.d/99-dkms
+++ b/elements/dkms/post-install.d/99-dkms
@ -2,6 +2,9 @@
 # Trigger a run of dkms for all the modules installed
 # to ensure we have valid modules build for all.
 set -eu
 set -o pipefail
 modules=$(dkms status | tr ',:' ' ' | awk '{ print $1 "/" $2 }')
 kernels=$(ls /usr/src/linux-headers-*-*-* -d | sed -e 's|/usr/src/linux-headers-||' || echo "")
 # NOTE(bnemec): On Fedora, the versions can be found in /usr/src/kernels
--- a/elements/dpkg/pre-install.d/00-disable-apt-recommends
+++ b/elements/dpkg/pre-install.d/00-disable-apt-recommends
@ -1,6 +1,9 @@
 #!/bin/bash
 # Prevent apt from installing recommended packages
 set -eu
 set -o pipefail
 dd of=/etc/apt/apt.conf.d/95disable-recommends << _EOF_
 APT::Install-Recommends "0";
 Apt::Install-Suggests "0";
--- a/elements/dpkg/pre-install.d/01-install-bin
+++ b/elements/dpkg/pre-install.d/01-install-bin
@ -1,3 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install -m 0755 -o root -g root $(dirname $0)/../bin/* /usr/local/bin
--- a/elements/dracut-network/finalise.d/98-regenerate-initramfs
+++ b/elements/dracut-network/finalise.d/98-regenerate-initramfs
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # Prioritize PAE if present
 KERNEL=$(basename `ls -1rv /boot/vmlinuz*  | grep PAE | grep -v debug | head -1`)
 if [ ! $KERNEL ]; then
--- a/elements/dracut-network/install.d/11-patch-dracut
+++ b/elements/dracut-network/install.d/11-patch-dracut
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # If the patch doesn't apply just do nothing. This patch fixes a small
 # issue in the script that writes the network configuration files from
 # the cmdline to the disk on FC18/FC19.
--- a/elements/fedora/install.d/00-fedora-fixup-audit
+++ b/elements/fedora/install.d/00-fedora-fixup-audit
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # On a fresh Fedora 18 install you might have to update audit in order to
 # fix a conflict with a file from the glibc package.
 # https://bugzilla.redhat.com/show_bug.cgi?id=894307
--- a/elements/fedora/install.d/00-fedora-fixup-openssl
+++ b/elements/fedora/install.d/00-fedora-fixup-openssl
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # The version of openssl shipped in the fedora cloud image is no longer
 # compatible with new python environments installed by virtualenv, so we need
 # to update it first.
--- a/elements/fedora/install.d/00-fedora-fixup-pyopenssl
+++ b/elements/fedora/install.d/00-fedora-fixup-pyopenssl
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # FIXME: To avoid conflict between the pyOpenSSL installed via python-pip
 # and pyOpenSSL installed via yum, we are going to sort it out installing
 # it earlier at the beginning of the image building process. Pyhton-pip
--- a/elements/fedora/install.d/00-fedora-fixup-vim
+++ b/elements/fedora/install.d/00-fedora-fixup-vim
@ -1,6 +1,7 @@
 #!/bin/bash
 set -eux
 set -o pipefail
 # Workaround for:
 # https://bugzilla.redhat.com/show_bug.cgi?id=1066983
--- a/elements/opensuse/pre-install.d/01-install-bin
+++ b/elements/opensuse/pre-install.d/01-install-bin
@ -1,3 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install -m 0755 -o root -g root $(dirname $0)/../bin/* /usr/local/bin
--- a/elements/redhat-common/finalise.d/01-clean-old-kernels.sh
+++ b/elements/redhat-common/finalise.d/01-clean-old-kernels.sh
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install-packages yum-utils
 package-cleanup --oldkernels -y --count=1
--- a/elements/redhat-common/install.d/01-install-deps
+++ b/elements/redhat-common/install.d/01-install-deps
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # Install any packages in this file that may not be in the base cloud
 # image but could reasonably be expected
--- a/elements/redhat-common/pre-install.d/00-usr-local-bin-secure-path
+++ b/elements/redhat-common/pre-install.d/00-usr-local-bin-secure-path
@ -1,3 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 sed -i '/secure_path/ s/$/:\/usr\/local\/bin/' /etc/sudoers
--- a/elements/rhel/pre-install.d/10-yum-blacklist
+++ b/elements/rhel/pre-install.d/10-yum-blacklist
@ -1,3 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 echo "ccache dkms" > /tmp/yum-blacklist
--- a/elements/rhel7/pre-install.d/05-yum-repos
+++ b/elements/rhel7/pre-install.d/05-yum-repos
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 cat << EOF > /etc/yum.repos.d/rhel7.repo
 [rhel7]
 name=RHEL7
--- a/elements/rpm-distro/finalise.d/11-selinux-fixfiles-restore
+++ b/elements/rpm-distro/finalise.d/11-selinux-fixfiles-restore
@ -1,6 +1,7 @@
 #!/bin/bash
-set -x
+set -eux
 set -o pipefail
 CONFIGURED_SELINUX=$(grep ^SELINUX= /etc/selinux/config | awk -F = '{print $2}')
--- a/elements/rpm-distro/post-install.d/05-fstab-rootfs-label
+++ b/elements/rpm-distro/post-install.d/05-fstab-rootfs-label
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # Fedora 18 sets up for root to have a label of "_/"
 # Fedora 19 sets up for root to have a UUID
 # This regex will catch both
--- a/elements/rpm-distro/post-install.d/06-network-config-nonzeroconf
+++ b/elements/rpm-distro/post-install.d/06-network-config-nonzeroconf
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # zeroconf should not be activated or it will add a 169.254.0.0
 # route. The route will interfere with access to the nova metadata
 # server at 169.254.169.254.
--- a/elements/rpm-distro/pre-install.d/00-allow-heat-admin-sudo
+++ b/elements/rpm-distro/pre-install.d/00-allow-heat-admin-sudo
@ -1,5 +1,6 @@
 #!/bin/bash
-set -e
+set -eu
 set -o pipefail
 # heat-admin can not sudo without a tty by default
 echo 'Defaults:heat-admin !requiretty' >> /etc/sudoers.d/heat-admin-notty
--- a/elements/rpm-distro/pre-install.d/00-allow-root-sudo
+++ b/elements/rpm-distro/pre-install.d/00-allow-root-sudo
@ -1,5 +1,6 @@
 #!/bin/bash
-set -e
+set -eu
 set -o pipefail
 # root can not sudo without a tty by default.
 echo "Defaults:root !requiretty" >> /etc/sudoers.d/root-notty
--- a/elements/rpm-distro/pre-install.d/00-usr-local-bin-secure-path
+++ b/elements/rpm-distro/pre-install.d/00-usr-local-bin-secure-path
@ -1,3 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 sed -i '/secure_path/ s/$/:\/usr\/local\/bin/' /etc/sudoers
--- a/elements/rpm-distro/pre-install.d/01-install-bin
+++ b/elements/rpm-distro/pre-install.d/01-install-bin
@ -1,3 +1,6 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 install -m 0755 -o root -g root $(dirname $0)/../bin/* /usr/local/bin
--- a/elements/rpm-distro/pre-install.d/01-override-yum-arch
+++ b/elements/rpm-distro/pre-install.d/01-override-yum-arch
@ -1,5 +1,8 @@
 #!/bin/bash
 set -e
 set -o pipefail
 if [ "i386" = "$ARCH" ]; then
  basearch=i386
  arch=i686
--- a/elements/selinux-permissive/install.d/11-selinux-permissive
+++ b/elements/selinux-permissive/install.d/11-selinux-permissive
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 echo "SELINUX=permissive" > /etc/selinux/config
 echo "SELINUXTYPE=targeted" >> /etc/selinux/config
--- a/elements/stable-interface-names/install.d/02-stable-interface-names
+++ b/elements/stable-interface-names/install.d/02-stable-interface-names
@ -1,5 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # remove softlink to /dev/null which disables these rules
 NET_NAME_SLOT_FILE="/etc/udev/rules.d/80-net-name-slot.rules"
 if [ -h $NET_NAME_SLOT_FILE ]; then
--- a/elements/ubuntu/pre-install.d/00-remove-apt-xapian-index
+++ b/elements/ubuntu/pre-install.d/00-remove-apt-xapian-index
@ -1,4 +1,8 @@
 #!/bin/bash
 set -eu
 set -o pipefail
 # This package is broken and causes real issues on update:
 # https://bugs.launchpad.net/ubuntu/+source/apt-xapian-index/+bug/1227420
 apt-get --yes remove apt-xapian-index || :