During the container update check, a failing 'docker pull' (local-only images, registry or permission errors) aborted the whole script under errexit. Ignore pull failures and skip containers whose digest could not be resolved.
SECRET_KEY_BASE_DUMMY forced Rails to write tmp/local_secret.txt, which failed with EACCES during update and aborted db:migrate. Drop the dummy flag so the real SECRET_KEY_BASE from .env is used, and ensure tmp exists.
* fix(degoog): restore bun symlinks after curl-impersonate update
The curl-impersonate CLEAN_INSTALL wipes /usr/local/bin, which removed the bun/bunx symlinks during update. Re-create them after the release deploy.
* clean install curl-impersonate
* sorting
- Trim whitespace, skip empty tokens and reject non-numeric input so a
malformed selection no longer feeds garbage into `sed -n "<index>p"`.
- Reject reversed ranges (start greater than end) with a clear message.
- Replace `grep | wc -l` with `grep -c` (ShellCheck SC2126).
- Replace the array-style exclude check (`${excluded_containers[@]}` on a
plain string) with an explicit per-VMID loop, resolving the ShellCheck
SC2199/SC2076 errors and avoiding accidental substring matches.
- Abort cleanly when the checklist dialog is cancelled instead of relying
on an unreachable `$?` test under `set -eEuo pipefail`.
- Exit gracefully on a declined confirmation prompt.
- Use `pct exec ... -- hostname` for consistent argument handling.
- AMD: download directly to "$microcode" instead of a convoluted, unquoted
basename of the full URL (fixes ShellCheck SC2046) and pin to https.
- Quote dpkg install and cleanup paths (SC2086) and use rm -f.
- Normalize the Debian pool URLs (drop the stray double/triple slashes).
- Define color variables directly instead of via $(echo ...) (SC2116/SC2028).
* Reduce IP-Tag resource usage and clean up ShellCheck findings
Performance / resource fixes in the generated service:
- VM IP detection only queries the QEMU guest agent when it is actually
enabled in the VM config. Previously every VM without an agent stalled
the loop for the full `qm guest cmd` timeout on each cycle; the timeout
is also lowered from 8s to 5s.
- Skip the ARP/ping fallback for VMs entirely when the guest agent already
returned addresses, avoiding needless ping probes every run.
- Snapshot `ip neighbor show` once per host instead of invoking it per MAC
in the VM and LXC lookups.
- Lower ping verification to a 1s timeout (`-W 1`).
ShellCheck cleanup in the installer:
- Define color variables directly instead of via $(echo ...) (SC2116/SC2028).
- Use `read -rp` everywhere (SC2162).
- Replace Unicode quotes with ASCII in a status message (SC1111).
* Cut IP-Tag CPU usage by avoiding per-guest pct/qm status calls
The periodic check spawned one `pct status` per container and one
`qm status` per VM each cycle. Both are heavy Perl tools (~hundreds of ms
CPU per invocation), so on hosts with many guests the 5-minute run caused
a noticeable CPU spike.
- Derive LXC status from the single `pct list` call that is already made
for enumeration.
- Add one `qm list` call to collect all VM statuses at once.
- Store both in a per-cycle STATUS_CACHE and read from it instead of
calling `pct status` / `qm status` per guest (with a fallback for direct
calls outside the cycle).
community-scripts-pr-app[bot]