Skip to content
Snippets Groups Projects
Commit 2dd1134b authored by nimrod's avatar nimrod
Browse files

- Updated pre-commit hooks. 

- Added shellcheck pre-commit hook.
- Fixed issues found by shellcheck.
parent 0598d9fc
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
.pre-commit-config.yaml
+ 5
3
View file @ 2dd1134b
- repo: git://github.com/pre-commit/pre-commit-hooks - repo: git://github.com/pre-commit/pre-commit-hooks
sha: 97b88d9610bcc03982ddac33caba98bb2b751f5f sha: v0.9.1
hooks: hooks:
- id: check-added-large-files - id: check-added-large-files
- id: check-yaml - id: check-yaml
- id: check-merge-conflict - id: check-merge-conflict
- repo: https://www.shore.co.il/git/shell-pre-commit/ - repo: https://www.shore.co.il/git/shell-pre-commit/
sha: v0.1.0 sha: v0.5.4
hooks: hooks:
- id: shell-lint - id: shell-lint
files: ssl-ca files: &shellscripts ssl-ca
- id: shellcheck
files: *shellscripts
- repo: local - repo: local
hooks: hooks:
- id: test - id: test
......
ssl-ca
+ 15
10
View file @ 2dd1134b
#!/bin/sh -e #!/bin/sh
set -eu
test $(which openssl) || ( echo "Can't find openssl."; exit 1) which openssl >/dev/null || ( echo "Can't find openssl."; exit 1)
seed="$(hexdump -n10 -e '10/1 "%02o" "\n"' /dev/urandom)" #seed="$(hexdump -n10 -e '10/1 "%02o" "\n"' /dev/urandom)"
config=\ config=\
"[ ca ] "[ ca ]
default_ca = CA_default default_ca = CA_default
...@@ -51,12 +52,14 @@ usage () { ...@@ -51,12 +52,14 @@ usage () {
} }
init () { init () {
# shellcheck disable=SC2039
local cn local cn
export cn="$(basename $PWD)" cn="$(basename "$PWD")"
export cd
mkdir -p certs keys mkdir -p certs keys
if [ -e openssl.cnf ] if [ -e openssl.cnf ]
then then
echo openssl.cnf already exists, skipping generation. echo openssl.cnf already exists, skipping generation. >&2
else else
echo "$config" > "openssl.cnf" echo "$config" > "openssl.cnf"
fi fi
...@@ -99,6 +102,7 @@ init () { ...@@ -99,6 +102,7 @@ init () {
} }
sign_key () { sign_key () {
# shellcheck disable=SC2039
local csr cn local csr cn
if [ $# -lt 1 ] || [ "$1" = "" ] if [ $# -lt 1 ] || [ "$1" = "" ]
then then
...@@ -117,9 +121,10 @@ sign_key () { ...@@ -117,9 +121,10 @@ sign_key () {
exit 1 exit 1
fi fi
csr="$(mktemp -t ssl-ca-XXXXXXXXX)" csr="$(mktemp -t ssl-ca-XXXXXXXXX)"
export cn="$1.$(basename $PWD)" cn="$1.$(basename "$PWD")"
export cn
openssl req \ openssl req \
-key keys/$1 \ -key "keys/$1" \
-new \ -new \
-reqexts v3_req \ -reqexts v3_req \
-config openssl.cnf \ -config openssl.cnf \
...@@ -173,16 +178,16 @@ case "$1" in ...@@ -173,16 +178,16 @@ case "$1" in
sign) sign)
for key in keys/* for key in keys/*
do do
if [ ! -f "certs/$(basename $key)" ] if [ ! -f "certs/$(basename "$key")" ]
then then
sign_key "$(basename $key)" sign_key "$(basename "$key")"
fi fi
done done
;; ;;
resign) resign)
for key in keys/* for key in keys/*
do do
sign_key "$(basename $key)" sign_key "$(basename "$key")"
done done
;; ;;
*) *)
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment