From 6fe261a0b3d4506fa7f3cd2929d14aef4597a02a Mon Sep 17 00:00:00 2001 From: xtqqczze <45661989+xtqqczze@users.noreply.github.com> Date: Fri, 10 Oct 2025 02:07:24 +0100 Subject: [PATCH 1/4] Fix SC3010: In POSIX sh, [[ ]] is undefined. --- entrypoint.sh | 4 ++-- github-sync.sh | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 0b7b7e84a..c760f2c44 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -2,12 +2,12 @@ set -e -if [[ -z "$GITHUB_TOKEN" ]]; then +if [ -z "$GITHUB_TOKEN" ]; then echo "Set the GITHUB_TOKEN environment variable." exit 1 fi -if [[ ! -z "$SSH_PRIVATE_KEY" ]]; then +if [ ! -z "$SSH_PRIVATE_KEY" ]; then echo "Saving SSH_PRIVATE_KEY" mkdir --parents /root/.ssh diff --git a/github-sync.sh b/github-sync.sh index 845013dcf..00d42ca91 100755 --- a/github-sync.sh +++ b/github-sync.sh @@ -5,12 +5,12 @@ set -e UPSTREAM_REPO=$1 BRANCH_MAPPING=$2 -if [[ -z "$UPSTREAM_REPO" ]]; then +if [ -z "$UPSTREAM_REPO" ]; then echo "Missing \$UPSTREAM_REPO" exit 1 fi -if [[ -z "$BRANCH_MAPPING" ]]; then +if [ -z "$BRANCH_MAPPING" ]; then echo "Missing \$SOURCE_BRANCH:\$DESTINATION_BRANCH" exit 1 fi @@ -41,12 +41,12 @@ git remote --verbose echo "Pushing changings from tmp_upstream to origin" git push origin "refs/remotes/tmp_upstream/${BRANCH_MAPPING%%:*}:refs/heads/${BRANCH_MAPPING#*:}" --force -if [[ "$SYNC_TAGS" = true ]]; then +if [ "$SYNC_TAGS" = true ]; then echo "Force syncing all tags" git tag -d $(git tag -l) > /dev/null git fetch tmp_upstream --tags --quiet git push origin --tags --force -elif [[ -n "$SYNC_TAGS" ]]; then +elif [ -n "$SYNC_TAGS" ]; then echo "Force syncing tags matching pattern: $SYNC_TAGS" git tag -d $(git tag -l) > /dev/null git fetch tmp_upstream --tags --quiet From cfa088e38e885e7668e841062e946d1aa15c4941 Mon Sep 17 00:00:00 2001 From: xtqqczze <45661989+xtqqczze@users.noreply.github.com> Date: Fri, 10 Oct 2025 02:10:47 +0100 Subject: [PATCH 2/4] Fix SC2046: Quote this to prevent word splitting. --- github-sync.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/github-sync.sh b/github-sync.sh index 00d42ca91..518364212 100755 --- a/github-sync.sh +++ b/github-sync.sh @@ -43,12 +43,12 @@ git push origin "refs/remotes/tmp_upstream/${BRANCH_MAPPING%%:*}:refs/heads/${BR if [ "$SYNC_TAGS" = true ]; then echo "Force syncing all tags" - git tag -d $(git tag -l) > /dev/null + git tag -d "$(git tag -l)" > /dev/null git fetch tmp_upstream --tags --quiet git push origin --tags --force elif [ -n "$SYNC_TAGS" ]; then echo "Force syncing tags matching pattern: $SYNC_TAGS" - git tag -d $(git tag -l) > /dev/null + git tag -d "$(git tag -l)" > /dev/null git fetch tmp_upstream --tags --quiet git tag | grep "$SYNC_TAGS" | xargs --no-run-if-empty git push origin --force fi From 43d02a959dc3c8a4f4896232172f089b3528766f Mon Sep 17 00:00:00 2001 From: xtqqczze <45661989+xtqqczze@users.noreply.github.com> Date: Fri, 10 Oct 2025 02:11:28 +0100 Subject: [PATCH 3/4] Fix SC2086: Double quote to prevent globbing and word splitting. --- github-sync.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github-sync.sh b/github-sync.sh index 518364212..54b19f5aa 100755 --- a/github-sync.sh +++ b/github-sync.sh @@ -15,7 +15,7 @@ if [ -z "$BRANCH_MAPPING" ]; then exit 1 fi -if ! echo $UPSTREAM_REPO | grep -Eq ':|@|\.git\/?$' +if ! echo "$UPSTREAM_REPO" | grep -Eq ':|@|\.git\/?$' then echo "UPSTREAM_REPO does not seem to be a valid git URI, assuming it's a GitHub repo" echo "Originally: $UPSTREAM_REPO" From e14dcabfcb690c31cf847e559deb836197f25433 Mon Sep 17 00:00:00 2001 From: xtqqczze <45661989+xtqqczze@users.noreply.github.com> Date: Fri, 10 Oct 2025 02:37:00 +0100 Subject: [PATCH 4/4] Use POSIX options for mkdir Long options are not portable https://pubs.opengroup.org/onlinepubs/9799919799/ --- entrypoint.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index c760f2c44..efd7062f8 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -10,13 +10,13 @@ fi if [ ! -z "$SSH_PRIVATE_KEY" ]; then echo "Saving SSH_PRIVATE_KEY" - mkdir --parents /root/.ssh + mkdir -p /root/.ssh echo "$SSH_PRIVATE_KEY" > /root/.ssh/id_rsa chmod 600 /root/.ssh/id_rsa # Github action changes $HOME to /github at runtime # therefore we always copy the SSH key to $HOME (aka. ~) - mkdir --parents ~/.ssh + mkdir -p ~/.ssh cp /root/.ssh/* ~/.ssh/ 2> /dev/null || true fi