mirror of
https://github.com/community-scripts/ProxmoxVE.git
synced 2026-06-21 23:11:18 +02:00
MickLesk
c9c456f340
Arm create_backup with an ERR trap, add clear_update_backup, and ship a CI checker for update scripts that mutate config without backups. Co-authored-by: Cursor <cursoragent@cursor.com>
51 lines
1.3 KiB
Bash
Executable File
51 lines
1.3 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# Copyright (c) 2021-2026 community-scripts ORG
|
|
# License: MIT
|
|
#
|
|
# Flags ct/*.sh update_script blocks that mutate config/data destructively
|
|
# without calling create_backup. Used in CI / local review before merge.
|
|
|
|
set -euo pipefail
|
|
|
|
ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
|
|
CT_DIR="${ROOT}/ct"
|
|
FAIL=0
|
|
CHECKED=0
|
|
FLAGGED=0
|
|
|
|
check_file() {
|
|
local file="$1"
|
|
local base content block
|
|
base="$(basename "$file")"
|
|
content="$(<"$file")"
|
|
[[ "$content" == *"function update_script"* ]] || return 0
|
|
CHECKED=$((CHECKED + 1))
|
|
|
|
block="$(python3 - "$file" <<'PY'
|
|
import re, sys
|
|
text = open(sys.argv[1]).read()
|
|
m = re.search(r'function update_script\(\).*?(?=^function |\Z)', text, re.S | re.M)
|
|
print(m.group() if m else "")
|
|
PY
|
|
)"
|
|
|
|
[[ -n "$block" ]] || return 0
|
|
[[ "$block" == *"create_backup"* ]] && return 0
|
|
|
|
if echo "$block" | grep -qE 'sed -i|\.env|settings\.(py|json)|config\.(json|yml|yaml)|/etc/[^ ]+\.(conf|env)'; then
|
|
if echo "$block" | grep -qE 'rm -rf|find .* -delete|mv .*\.(bak|old)'; then
|
|
echo "MISSING create_backup: ct/${base}"
|
|
FLAGGED=$((FLAGGED + 1))
|
|
FAIL=1
|
|
fi
|
|
fi
|
|
}
|
|
|
|
for f in "$CT_DIR"/*.sh; do
|
|
[[ -f "$f" ]] || continue
|
|
check_file "$f"
|
|
done
|
|
|
|
echo "Checked ${CHECKED} update scripts, flagged ${FLAGGED} without create_backup"
|
|
exit "$FAIL"
|