diff --git a/image/tools/entrypoint.sh b/image/tools/entrypoint.sh index d585d87..0bd1422 100755 --- a/image/tools/entrypoint.sh +++ b/image/tools/entrypoint.sh @@ -1,4 +1,5 @@ #!/usr/bin/env sh +set -euo pipefail DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" component='' @@ -46,13 +47,22 @@ mkdir -p $DEST $ARCHIVES_DEST export HOME=$DEST component_dump_data $DEST +if [ "$?" -ne "0" ]; then + echo "==> Component data dump failed" + exit 1 +fi echo '==> Component data dump completed' if [[ "$encryption_engine" ]]; then check_encryption_enabled - if [[ $? -eq 0 ]]; then + if [ "$?" -eq "0" ]; then encrypt_prepare ${DEST} encrypted_files="$(encrypt_archive $ARCHIVES_DEST)" + if [ "$?" -ne "0" ]; then + echo "==> Encryption failed" + exit 1 + fi + echo '==> Data encryption completed' else echo "==> encryption secret not found. Skipping" @@ -61,7 +71,12 @@ if [[ "$encryption_engine" ]]; then else encrypted_files="$ARCHIVES_DEST/*" fi + upload_archive "${encrypted_files}" $DATESTAMP backups/$PRODUCT_NAME/$component +if [ "$?" -ne "0" ]; then + echo "==> Archive upload failed" + exit 1 +fi echo "[$DATESTAMP] Backup completed" diff --git a/image/tools/lib/backend/s3.sh b/image/tools/lib/backend/s3.sh index 2d2bb47..d58c838 100644 --- a/image/tools/lib/backend/s3.sh +++ b/image/tools/lib/backend/s3.sh @@ -21,7 +21,7 @@ function get_s3_access_key { function upload_archive { check_backup_enabled - if [[ $? -eq 1 ]]; then + if [ "$?" -eq "1" ]; then echo "==> backend secret not found. Skipping" return 0 fi @@ -38,10 +38,10 @@ function upload_archive { ls ${fname} # ls will exit with 1 if the glob does not expand to any files - if [[ $? -eq 0 ]]; then + if [ "$?" -eq "0" ]; then s3cmd put --access_key ${AWS_ACCESS_KEY_ID} --secret_key ${AWS_SECRET_ACCESS_KEY} --progress ${fname} "s3://$AWS_S3_BUCKET_NAME/$bucket_folder/$datestamp/$(basename ${fname})" rc=$? - if [[ ${rc} -ne 0 ]]; then + if [ "${rc}" -ne "0" ]; then echo "==> Upload $fname: FAILED" exit 1 fi diff --git a/image/tools/lib/component/codeready_pv.sh b/image/tools/lib/component/codeready_pv.sh index 88110f9..0a737db 100755 --- a/image/tools/lib/component/codeready_pv.sh +++ b/image/tools/lib/component/codeready_pv.sh @@ -10,8 +10,7 @@ function dump_pod_data { function component_dump_data { workspace_pods=$(oc get pods -n ${PRODUCT_NAMESPACE_PREFIX}codeready | grep workspace | awk '{print $1}') - if [ ${#workspace_pods} = 0 ] - then + if [ "${#workspace_pods}" -eq "0" ]; then echo "No workspaces found to backup" else archive_path="$1/archives" diff --git a/image/tools/lib/component/enmasse_pv.sh b/image/tools/lib/component/enmasse_pv.sh index b7d0b0b..3e78542 100644 --- a/image/tools/lib/component/enmasse_pv.sh +++ b/image/tools/lib/component/enmasse_pv.sh @@ -27,7 +27,7 @@ function component_dump_data { done ls ${dump_dest}/* - if [[ $? -eq 0 ]]; then + if [ "$?" -eq "0" ]; then local ts=$(date '+%H_%M_%S') tar -zcvf "$archive_path/enmasse-pv-data-${ts}.tar.gz" -C $dump_dest . rm -rf $dump_dest diff --git a/image/tools/lib/component/mysql.sh b/image/tools/lib/component/mysql.sh index c3eb769..240afe5 100644 --- a/image/tools/lib/component/mysql.sh +++ b/image/tools/lib/component/mysql.sh @@ -38,7 +38,7 @@ function component_dump_data { local ts=$(date '+%H_%M_%S') mysqldump --single-transaction -h${MYSQL_HOST} -u${MYSQL_USER} -p${MYSQL_PASSWORD} -R ${database} | gzip > ${dest}/archives/${database}-${ts}.dump.gz local rc=$? - if [[ ${rc} -ne 0 ]]; then + if [ "${rc}" -ne "0" ]; then echo "==> Dump $database: FAILED" exit 1 fi diff --git a/image/tools/lib/component/postgres.sh b/image/tools/lib/component/postgres.sh index d03f888..0ec3941 100644 --- a/image/tools/lib/component/postgres.sh +++ b/image/tools/lib/component/postgres.sh @@ -35,10 +35,10 @@ function component_dump_data { namespace=${POSTGRES_HOST#*.} namespace=${namespace%.*} - if [ ${POSTGRES_SUPERUSER} == "true" ]; then + if [ "${POSTGRES_SUPERUSER}" == "true" ]; then pg_dumpall --clean --if-exists --oids -U ${POSTGRES_USERNAME} -h ${POSTGRES_HOST} | gzip > ${dest}/archives/${namespace}.${ts}.pg_dumpall.gz rc=$? - if [ ${rc} -ne 0 ]; then + if [ "${rc}" -ne "0" ]; then echo "backup of postgresql: FAILED" exit 1 fi @@ -47,7 +47,7 @@ function component_dump_data { echo "dumping ${db}" pg_dump --clean --if-exists --oids -U ${POSTGRES_USERNAME} -h ${POSTGRES_HOST} ${db} | gzip > ${dest}/archives/${namespace}.${db}-${ts}.pg_dump.gz rc=$? - if [ ${rc} -ne 0 ]; then + if [ "${rc}" -ne "0" ]; then echo "==> Dump $db: FAILED" exit 1 fi diff --git a/image/tools/lib/component/resources.sh b/image/tools/lib/component/resources.sh index 9fafb0a..0e68f9d 100644 --- a/image/tools/lib/component/resources.sh +++ b/image/tools/lib/component/resources.sh @@ -13,7 +13,7 @@ function check_resource { # was returned but no actual results. That would be at # least two lines: one for the header and one for each # resource found - if [[ "$result" == "1" ]]; then + if [ "$result" -eq "1" ]; then echo "==> No $type in $ns to back up" return 1 else @@ -28,7 +28,7 @@ function backup_resource { local dest=$3 local loop=$4 check_resource ${type} ${ns} - if [[ $? -eq 0 ]]; then + if [ "$?" -eq "0" ]; then echo "==> backing up $type in $ns" if [[ "$loop" ]]; then echo '---' > /tmp/${type}.yaml diff --git a/image/tools/lib/encryption/gpg.sh b/image/tools/lib/encryption/gpg.sh index a913c29..c196d49 100644 --- a/image/tools/lib/encryption/gpg.sh +++ b/image/tools/lib/encryption/gpg.sh @@ -1,6 +1,6 @@ function check_encryption_enabled { local result=$(oc get secret -n ${ENCRYPTION_SECRET_NAMESPACE} ${ENCRYPTION_SECRET_NAME} -o template --template='{{.metadata.name}}') - if [[ "$result" == "${ENCRYPTION_SECRET_NAME}" ]]; then + if [ "$result" -eq "${ENCRYPTION_SECRET_NAME}" ]; then return 0 else return 1