Run shellcheck

mendess · mendess · commit 0494136466dc · 2025-12-02T14:46:42.000Z
diff --git a/crates/ct_worker/scripts/create-log.sh b/crates/ct_worker/scripts/create-log.sh
@@ -16,7 +16,7 @@ while true; do
     if [ "${LOCATION}" ]; then
         L=", LOCATION=${LOCATION}"
     fi
-    read -p "Do you want to proceed with ENV=${ENV}, LOG_NAME=${LOG_NAME}${L}, CLOUDFLARE_ACCOUNT_ID=${CLOUDFLARE_ACCOUNT_ID}? (y/N) " yn
+    read -rp "Do you want to proceed with ENV=${ENV}, LOG_NAME=${LOG_NAME}${L}, CLOUDFLARE_ACCOUNT_ID=${CLOUDFLARE_ACCOUNT_ID}? (y/N) " yn
     case $yn in
         [yY] ) echo "Proceeding..."; break;;
         [nN] ) echo "Exiting..."; exit;;
@@ -34,39 +34,45 @@ npx wrangler \
     -e="${ENV}" \
     -c "${WRANGLER_CONF}" \
     r2 bucket create \
-    static-ct-public-${LOG_NAME} \
+    "static-ct-public-${LOG_NAME}" \
     --update-config \
-    --binding public_${LOG_NAME} "${location[@]}"
+    --binding "public_${LOG_NAME}" "${location[@]}"
 
 # Create KV namespace if it does not already exist
 npx wrangler \
     -e="${ENV}" \
     -c "${WRANGLER_CONF}" \
     kv namespace create \
-    static-ct-cache-${LOG_NAME} \
+    "static-ct-cache-${LOG_NAME}" \
     --update-config \
-    --binding cache_${LOG_NAME}
+    --binding "cache_${LOG_NAME}"
 
 # Create witness and log signing keys if they do not already exist
-if npx wrangler -e=${ENV} -c "${WRANGLER_CONF}" secret list | grep -q WITNESS_KEY_${LOG_NAME}; then
+if npx wrangler -e="${ENV}" -c "${WRANGLER_CONF}" secret list | grep -q "WITNESS_KEY_${LOG_NAME}"; then
 	echo "WITNESS_KEY_${LOG_NAME} already exists"
 else
 	openssl genpkey -algorithm ed25519 |
-        npx wrangler -c "${WRANGLER_CONF}" -e=${ENV} secret put WITNESS_KEY_${LOG_NAME}
+        npx wrangler -e="${ENV}" -c "${WRANGLER_CONF}" secret put "WITNESS_KEY_${LOG_NAME}"
 fi
-if npx wrangler -e=${ENV} -c "${WRANGLER_CONF}" secret list | grep -q SIGNING_KEY_${LOG_NAME}; then
+if npx wrangler -e="${ENV}" -c "${WRANGLER_CONF}" secret list | grep -q "SIGNING_KEY_${LOG_NAME}"; then
 	echo "SIGNING_KEY_${LOG_NAME} already exists"
 else
 	openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 |
-        npx wrangler -e=${ENV} -c "${WRANGLER_CONF}" secret put SIGNING_KEY_${LOG_NAME}
+        npx wrangler -e="${ENV}" -c "${WRANGLER_CONF}" secret put "SIGNING_KEY_${LOG_NAME}"
 fi
 
 echo "DONE"
 echo "NOTE: If you intend to run wrangler dev with this log, you must add the appropriate signing keys to .dev.vars"
 echo "~~~~~~"
+# shellcheck disable=2028
 echo "echo -n \"SIGNING_KEY_${LOG_NAME}=\\\\\"\" >> .dev.vars"
+# shellcheck disable=2028
 echo "openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 | sed 's/$/\\\\\\\\\\\\\\\\n/g' | tr -d \\\\n >> .dev.vars"
+# shellcheck disable=2028
 echo "echo '\"' >> .dev.vars"
+# shellcheck disable=2028
 echo "echo -n \"WITNESS_KEY_${LOG_NAME}=\\\\\"\" >> .dev.vars"
+# shellcheck disable=2028
 echo "openssl genpkey -algorithm ed25519 | sed 's/$/\\\\\\\\\\\\\\\\n/g' | tr -d \\\\n >> .dev.vars"
+# shellcheck disable=2028
 echo "echo '\"' >> .dev.vars"
diff --git a/crates/ct_worker/scripts/create-root-kv.sh b/crates/ct_worker/scripts/create-root-kv.sh
@@ -5,15 +5,15 @@ cd "$(dirname "$0")/.." || exit # this script assumes it's runnnig inside the ct
 
 # Helper script to create resources for a log shard.
 
-if [ -z $ENV ] || [ -z $CLOUDFLARE_ACCOUNT_ID ]; then
-	echo "ENV, LOG_NAME, LOCATION, and CLOUDFLARE_ACCOUNT_ID must all be set"
+if [ -z "${ENV}" ] || [ -z "${CLOUDFLARE_ACCOUNT_ID}" ]; then
+	echo "ENV and CLOUDFLARE_ACCOUNT_ID must all be set"
 	exit 1
 fi
 
 WRANGLER_CONF=${WRANGLER_CONF:-wrangler.jsonc}
 
 while true; do
-    read -p "Do you want to proceed with ENV=${ENV}, CLOUDFLARE_ACCOUNT_ID=${CLOUDFLARE_ACCOUNT_ID}? (y/N) " yn
+    read -rp "Do you want to proceed with ENV=${ENV}, CLOUDFLARE_ACCOUNT_ID=${CLOUDFLARE_ACCOUNT_ID}? (y/N) " yn
     case $yn in
         [yY] ) echo "Proceeding..."; break;;
         [nN] ) echo "Exiting..."; exit;;
