Fix shellcheck warnings

.pre-commit-config.yaml

@@ -23,6 +23,11 @@ repos:
     hooks:
       - id: bashate
         args: ["--ignore=E006"]
+  - repo: https://github.com/shellcheck-py/shellcheck-py
+    rev: v0.7.2.1
+    hooks:
+      - id: shellcheck
+        args: ["-x"]
   - repo: https://gitlab.com/pycqa/flake8
     rev: 3.9.1
     hooks:

base-notebook/fix-permissions

@@ -20,10 +20,10 @@ set -e
 for d in "$@"; do
     find "$d" \
         ! \( \
-            -group $NB_GID \
+            -group "${NB_GID}" \
             -a -perm -g+rwX  \
         \) \
-        -exec chgrp $NB_GID {} \; \
+        -exec chgrp "${NB_GID}" {} \; \
         -exec chmod g+rwX {} \;
     # setuid, setgid *on directories only*
     find "$d" \

base-notebook/start-notebook.sh

@@ -9,10 +9,10 @@ if [[ "${RESTARTABLE}" == "yes" ]]; then
     wrapper="run-one-constantly"
 fi
 
-if [[ ! -z "${JUPYTERHUB_API_TOKEN}" ]]; then
+if [[ -n "${JUPYTERHUB_API_TOKEN}" ]]; then
     # launched by JupyterHub, use single-user entrypoint
     exec /usr/local/bin/start-singleuser.sh "$@"
-elif [[ ! -z "${JUPYTER_ENABLE_LAB}" ]]; then
+elif [[ -n "${JUPYTER_ENABLE_LAB}" ]]; then
     . /usr/local/bin/start.sh $wrapper jupyter lab "$@"
 else
     echo "WARN: Jupyter Notebook deprecation notice https://github.com/jupyter/docker-stacks#jupyter-notebook-deprecation-notice."

base-notebook/start-singleuser.sh

@@ -13,27 +13,27 @@ fi
 # from DockerSpawner < 0.8.
 # These won't be passed from DockerSpawner 0.9,
 # so avoid specifying --arg=empty-string
-if [ ! -z "$NOTEBOOK_DIR" ]; then
+if [ -n "$NOTEBOOK_DIR" ]; then
     NOTEBOOK_ARGS="--notebook-dir='$NOTEBOOK_DIR' $NOTEBOOK_ARGS"
 fi
-if [ ! -z "$JPY_PORT" ]; then
+if [ -n "$JPY_PORT" ]; then
     NOTEBOOK_ARGS="--port=$JPY_PORT $NOTEBOOK_ARGS"
 fi
-if [ ! -z "$JPY_USER" ]; then
+if [ -n "$JPY_USER" ]; then
     NOTEBOOK_ARGS="--user=$JPY_USER $NOTEBOOK_ARGS"
 fi
-if [ ! -z "$JPY_COOKIE_NAME" ]; then
+if [ -n "$JPY_COOKIE_NAME" ]; then
     NOTEBOOK_ARGS="--cookie-name=$JPY_COOKIE_NAME $NOTEBOOK_ARGS"
 fi
-if [ ! -z "$JPY_BASE_URL" ]; then
+if [ -n "$JPY_BASE_URL" ]; then
     NOTEBOOK_ARGS="--base-url=$JPY_BASE_URL $NOTEBOOK_ARGS"
 fi
-if [ ! -z "$JPY_HUB_PREFIX" ]; then
+if [ -n "$JPY_HUB_PREFIX" ]; then
     NOTEBOOK_ARGS="--hub-prefix=$JPY_HUB_PREFIX $NOTEBOOK_ARGS"
 fi
-if [ ! -z "$JPY_HUB_API_URL" ]; then
+if [ -n "$JPY_HUB_API_URL" ]; then
     NOTEBOOK_ARGS="--hub-api-url=$JPY_HUB_API_URL $NOTEBOOK_ARGS"
 fi
 NOTEBOOK_BIN="jupyterhub-singleuser"
 
-. /usr/local/bin/start.sh $NOTEBOOK_BIN $NOTEBOOK_ARGS "$@"
+. /usr/local/bin/start.sh "$NOTEBOOK_BIN" $NOTEBOOK_ARGS "$@"

base-notebook/start.sh

@@ -39,12 +39,12 @@ run-hooks () {
 run-hooks /usr/local/bin/start-notebook.d
 
 # Handle special flags if we're root
-if [ $(id -u) == 0 ] ; then
+if [ "$(id -u)" == 0 ] ; then
 
     # Only attempt to change the jovyan username if it exists
     if id jovyan &> /dev/null ; then
         echo "Set username to: $NB_USER"
-        usermod -d /home/$NB_USER -l $NB_USER jovyan
+        usermod -d "/home/$NB_USER" -l "$NB_USER" jovyan
     fi
 
     # handle home and working directory if the username changed
@@ -67,23 +67,23 @@ if [ $(id -u) == 0 ] ; then
     # Ex: default NFS/EFS (no auto-uid/gid)
     if [[ "$CHOWN_HOME" == "1" || "$CHOWN_HOME" == 'yes' ]]; then
         echo "Changing ownership of /home/$NB_USER to $NB_UID:$NB_GID with options '${CHOWN_HOME_OPTS}'"
-        chown $CHOWN_HOME_OPTS $NB_UID:$NB_GID /home/$NB_USER
+        chown "$CHOWN_HOME_OPTS" "$NB_UID:$NB_GID" "/home/$NB_USER"
     fi
-    if [ ! -z "$CHOWN_EXTRA" ]; then
+    if [ -n "$CHOWN_EXTRA" ]; then
-        for extra_dir in $(echo $CHOWN_EXTRA | tr ',' ' '); do
+        for extra_dir in $(echo "$CHOWN_EXTRA" | tr ',' ' '); do
             echo "Changing ownership of ${extra_dir} to $NB_UID:$NB_GID with options '${CHOWN_EXTRA_OPTS}'"
-            chown $CHOWN_EXTRA_OPTS $NB_UID:$NB_GID $extra_dir
+            chown "$CHOWN_EXTRA_OPTS" "$NB_UID:$NB_GID" "$extra_dir"
         done
     fi
 
     # Change UID:GID of NB_USER to NB_UID:NB_GID if it does not match
-    if [ "$NB_UID" != $(id -u $NB_USER) ] || [ "$NB_GID" != $(id -g $NB_USER) ]; then
+    if [ "$NB_UID" != "$(id -u "$NB_USER")" ] || [ "$NB_GID" != "$(id -g "$NB_USER")" ]; then
         echo "Set user $NB_USER UID:GID to: $NB_UID:$NB_GID"
-        if [ "$NB_GID" != $(id -g $NB_USER) ]; then
+        if [ "$NB_GID" != "$(id -g "$NB_USER")" ]; then
-            groupadd -f -g $NB_GID -o ${NB_GROUP:-${NB_USER}}
+            groupadd -f -g "$NB_GID" -o "${NB_GROUP:-${NB_USER}}"
         fi
-        userdel $NB_USER
+        userdel "$NB_USER"
-        useradd --home /home/$NB_USER -u $NB_UID -g $NB_GID -G 100 -l $NB_USER
+        useradd --home "/home/$NB_USER" -u "$NB_UID" -g "$NB_GID" -G 100 -l "$NB_USER"
     fi
 
     # Enable sudo if requested
@@ -99,7 +99,7 @@ if [ $(id -u) == 0 ] ; then
     # the environment preserved
     run-hooks /usr/local/bin/before-notebook.d
     echo "Executing the command: ${cmd[@]}"
-    exec sudo -E -H -u $NB_USER PATH=$PATH XDG_CACHE_HOME=/home/$NB_USER/.cache PYTHONPATH=${PYTHONPATH:-} "${cmd[@]}"
+    exec sudo -E -H -u "$NB_USER" PATH="$PATH" XDG_CACHE_HOME="/home/$NB_USER/.cache" PYTHONPATH="${PYTHONPATH:-}" "${cmd[@]}"
 else
     if [[ "$NB_UID" == "$(id -u jovyan 2>/dev/null)" && "$NB_GID" == "$(id -g jovyan 2>/dev/null)" ]]; then
         # User is not attempting to override user/group via environment
@@ -126,10 +126,10 @@ else
     else
         # Warn if looks like user want to override uid/gid but hasn't
         # run the container as root.
-        if [[ ! -z "$NB_UID" && "$NB_UID" != "$(id -u)" ]]; then
+        if [[ -n "$NB_UID" && "$NB_UID" != "$(id -u)" ]]; then
             echo 'Container must be run as root to set $NB_UID'
         fi
-        if [[ ! -z "$NB_GID" && "$NB_GID" != "$(id -g)" ]]; then
+        if [[ -n "$NB_GID" && "$NB_GID" != "$(id -g)" ]]; then
             echo 'Container must be run as root to set $NB_GID'
         fi
     fi

examples/docker-compose/bin/sl-dns.sh

@@ -7,7 +7,7 @@ set -e
 # User must have slcli installed
 which slcli > /dev/null || (echo "SoftLayer cli not found (pip install softlayer)"; exit 1)
 
-USAGE="Usage: `basename $0` machine_name [domain]"
+USAGE="Usage: $(basename "$0") machine_name [domain]"
 E_BADARGS=85
 
 # Machine name is first command line arg
@@ -20,4 +20,4 @@ DOMAIN="${2:-$SOFTLAYER_DOMAIN}" && [ -z "$DOMAIN" ] && \
 
 IP=$(docker-machine ip "$MACHINE_NAME")
 
-slcli dns record-add $DOMAIN $MACHINE_NAME A $IP
+slcli dns record-add "$DOMAIN" "$MACHINE_NAME" A "$IP"

examples/docker-compose/bin/softlayer.sh

@@ -3,13 +3,13 @@
 # Distributed under the terms of the Modified BSD License.
 
 # Set default SoftLayer VM settings
-: ${SOFTLAYER_CPU:=4}
+: "${SOFTLAYER_CPU:=4}"
 export SOFTLAYER_CPU
-: ${SOFTLAYER_DISK_SIZE:=100}
+: "${SOFTLAYER_DISK_SIZE:=100}"
 export SOFTLAYER_DISK_SIZE
-: ${SOFTLAYER_MEMORY:=4096}
+: "${SOFTLAYER_MEMORY:=4096}"
 export SOFTLAYER_MEMORY
-: ${SOFTLAYER_REGION:=wdc01}
+: "${SOFTLAYER_REGION:=wdc01}"
 export SOFTLAYER_REGION
 
 docker-machine create --driver softlayer "$@"

examples/docker-compose/notebook/up.sh

@@ -6,12 +6,12 @@ set -e
 
 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 
-USAGE="Usage: `basename $0` [--secure | --letsencrypt] [--password PASSWORD] [--secrets SECRETS_VOLUME]"
+USAGE="Usage: $(basename "$0") [--secure | --letsencrypt] [--password PASSWORD] [--secrets SECRETS_VOLUME]"
 
 # Parse args to determine security settings
 SECURE=${SECURE:=no}
 LETSENCRYPT=${LETSENCRYPT:=no}
-while [[ $# > 0 ]]; do
+while [[ $# -gt 0 ]]; do
 key="$1"
 case $key in
     --secure)
@@ -67,5 +67,5 @@ docker volume create --name "$WORK_VOLUME"
 echo "Bringing up notebook '$NAME'"
 docker-compose -f "$DIR/$CONFIG" -p "$NAME" up -d
 
-IP=$(docker-machine ip $(docker-machine active))
+IP=$(docker-machine ip "$(docker-machine active)")
 echo "Notebook $NAME listening on $IP:$PORT"

examples/source-to-image/assemble

@@ -11,12 +11,12 @@ set -eo pipefail
 # Python packages, with the new image then subsequently being used as a
 # S2I builder base image.
 
-rm -f /home/$NB_USER/environment.yml
+rm -f "/home/${NB_USER}/environment.yml"
-rm -f /home/$NB_USER/requirements.txt
+rm -f "/home/${NB_USER}/requirements.txt"
 
 # Copy injected files to target directory.
 
-cp -Rf /tmp/src/. /home/$NB_USER
+cp -Rf /tmp/src/. "/home/${NB_USER}"
 
 rm -rf /tmp/src
 
@@ -24,17 +24,17 @@ rm -rf /tmp/src
 # assume we should use 'conda' to install packages. If 'requirements.txt'
 # use 'pip' instead.
 
-if [ -f /home/$NB_USER/environment.yml ]; then
+if [ -f "/home/${NB_USER}/environment.yml" ]; then
-    conda env update --name root --file /home/$NB_USER/environment.yml
+    conda env update --name root --file "/home/${NB_USER}/environment.yml"
     conda clean --all -f -y
 else
-    if [ -f /home/$NB_USER/requirements.txt ]; then
+    if [ -f "/home/${NB_USER}/requirements.txt" ]; then
-        pip --no-cache-dir install -r /home/$NB_USER/requirements.txt
+        pip --no-cache-dir install -r "/home/${NB_USER}/requirements.txt"
     fi
 fi
 
 # Fix up permissions on home directory and Python installation so that
 # everything is still writable by 'users' group.
 
-fix-permissions $CONDA_DIR
+fix-permissions "${CONDA_DIR}"
-fix-permissions /home/$NB_USER
+fix-permissions "/home/${NB_USER}"