feat: Add update script for custom config #2585
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| #! /usr/bin/env bash | ||
| set -euo pipefail | ||
|
|
||
| DB_FILE="db/ciso-assistant.sqlite3" | ||
| BACKUP_FILE="ciso-assistant-backup.sqlite3" | ||
|
Comment on lines
+4
to
+5
There was a problem hiding this comment. Harden backup handling: location, timestamp, and permissions. Current backup goes to CWD with default perms, which can expose sensitive data. Apply: -DB_FILE="db/ciso-assistant.sqlite3"
-BACKUP_FILE="ciso-assistant-backup.sqlite3"
+DB_FILE="db/ciso-assistant.sqlite3"
+# Timestamped backup placed alongside the DB
+BACKUP_FILE="db/ciso-assistant-backup-$(date -u +%Y%m%d%H%M%S).sqlite3"And ensure restrictive perms: - cp "$DB_FILE" "$BACKUP_FILE"
+ umask 077
+ cp "$DB_FILE" "$BACKUP_FILE"Optional: use sqlite3 online backup if you ever decide to back up while services run:
Also applies to: 12-13 🧰 Tools🪛 Shellcheck (0.11.0)[error] 4-4: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 5-5: Literal carriage return. Run script through tr -d '\r' . (SC1017) |
||
|
|
||
| # Backup the database | ||
| if [ ! -f "$DB_FILE" ]; then | ||
| echo "Error: No database found, please initialize CISO Assistant first" | ||
| exit 1 | ||
| else | ||
| cp "$DB_FILE" "$BACKUP_FILE" | ||
| echo "Backup of the database created in $BACKUP_FILE" | ||
| fi | ||
|
Comment on lines
+7
to
+14
There was a problem hiding this comment. Stop services before backing up the SQLite DB (avoid corrupted backups). Copying a live SQLite file risks corruption. Stop containers first, then back up. Apply: -# Backup the database
-if [ ! -f "$DB_FILE" ]; then
- echo "Error: No database found, please initialize CISO Assistant first"
- exit 1
-else
- cp "$DB_FILE" "$BACKUP_FILE"
- echo "Backup of the database created in $BACKUP_FILE"
-fi
-
-# Stop and clean the containers for custom config
-docker compose -f docker-compose-custom.yml rm -fs
+# Stop and clean the containers for custom config
+docker compose -f docker-compose-custom.yml rm -fs
+
+# Backup the database (after containers are stopped)
+if [ ! -f "$DB_FILE" ]; then
+ echo "Error: No database found, please initialize CISO Assistant first"
+ exit 1
+else
+ cp "$DB_FILE" "$BACKUP_FILE"
+ echo "Backup of the database created in $BACKUP_FILE"
+fiAlso applies to: 16-18 🧰 Tools🪛 Shellcheck (0.11.0)[error] 7-7: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 8-8: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 9-9: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 10-10: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 11-11: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 12-12: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 13-13: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 14-14: Literal carriage return. Run script through tr -d '\r' . (SC1017) 🤖 Prompt for AI Agents |
||
|
|
||
| # Stop and clean the containers for custom config | ||
| docker compose -f docker-compose-custom.yml rm -fs | ||
|
|
||
| # note: the rmi trick is not needed anymore since we move to always pull policy | ||
| # Start the containers for custom config | ||
| docker compose -f docker-compose-custom.yml up -d | ||
|
Comment on lines
+1
to
+21
There was a problem hiding this comment. Fix CRLF line endings (prevents The file is committed with Windows CRLF endings. On Linux/macOS this will fail to execute. Recommended remediation:
+*.sh text eol=lf
🧰 Tools🪛 Shellcheck (0.11.0)[error] 1-1: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 2-2: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 3-3: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 4-4: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 5-5: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 6-6: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 7-7: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 8-8: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 9-9: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 10-10: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 11-11: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 12-12: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 13-13: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 14-14: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 15-15: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 16-16: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 17-17: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 18-18: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 19-19: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 20-20: Literal carriage return. Run script through tr -d '\r' . (SC1017) [error] 21-21: Literal carriage return. Run script through tr -d '\r' . (SC1017) 🤖 Prompt for AI Agents |
||
| echo "CISO assistant updated successfully" | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Correct the shebang.
There must be no space after
#!.Apply:
Also ensure the script is executable: git update-index --chmod=+x config/update-ciso-assistant.sh
📝 Committable suggestion
🧰 Tools
🪛 Shellcheck (0.11.0)
[error] 1-1: Literal carriage return. Run script through tr -d '\r' .
(SC1017)
🤖 Prompt for AI Agents