Ensure that Bash is always in a stricter mode.

northwood-labs · Mar 30, 2024 · 84406d2 · 84406d2
1 parent 63deac8
commit 84406d2
Show file tree

Hide file tree

Showing 19 changed files with 122 additions and 59 deletions.
diff --git a/.github/workflows/build-sops.yml b/.github/workflows/build-sops.yml
@@ -7,7 +7,8 @@
 # DO NOT EDIT THIS FILE!
 # 
 # 1. Edit the *.gotmpl.yml files instead.
-# 2. Run 'go run generate-workflow.go -p {package} -t {template}'.
+# 2. go run generate-workflow.go -t _download-and-package.gotmpl.yml -p sops \
+#       -r 'getsops/sops' -c '50 13 * * *'
 ################################################################################
 
 name: Build sops
@@ -24,12 +25,14 @@ on:
     schedule:
       - cron: '50 13 * * *'
 
-# Variables available to all jobs defined in this file
+defaults:
+  run:
+    shell: bash
+
 env:
   DOCKER_BUILDKIT: 1
   REGISTRY: ${{ vars.REGISTRY }}
 
-# Declare default permissions as read only.
 permissions: read-all
 
 jobs:

diff --git a/.github/workflows/build-syft.yml b/.github/workflows/build-syft.yml
@@ -7,7 +7,8 @@
 # DO NOT EDIT THIS FILE!
 # 
 # 1. Edit the *.gotmpl.yml files instead.
-# 2. Run 'go run generate-workflow.go -p {package} -t {template}'.
+# 2. go run generate-workflow.go -t _download-and-package.gotmpl.yml -p syft \
+#       -r 'anchore/syft' -c '00 14 * * *'
 ################################################################################
 
 name: Build syft
@@ -24,12 +25,14 @@ on:
     schedule:
       - cron: '00 14 * * *'
 
-# Variables available to all jobs defined in this file
+defaults:
+  run:
+    shell: bash
+
 env:
   DOCKER_BUILDKIT: 1
   REGISTRY: ${{ vars.REGISTRY }}
 
-# Declare default permissions as read only.
 permissions: read-all
 
 jobs:

diff --git a/.github/workflows/build-tenv.yml b/.github/workflows/build-tenv.yml
@@ -3,6 +3,14 @@
 # by a third-party and are governed by separate terms of service, privacy
 # policy, and support documentation.
 
+################################################################################
+# DO NOT EDIT THIS FILE!
+#
+# 1. Edit the *.gotmpl.yml files instead.
+# 2. go run generate-workflow.go -t _download-and-package.gotmpl.yml -p tenv \
+#       -r 'tofuutils/tenv' -c '20 14 * * *'
+################################################################################
+
 name: Build tenv
 on:
   workflow_dispatch:
@@ -17,16 +25,14 @@ on:
     schedule:
       - cron: "20 14 * * *"
 
-# concurrency:
-#   group: ${{ github.workflow }}-${{ github.ref }}
-#   cancel-in-progress: true
+defaults:
+  run:
+    shell: bash
 
-# Variables available to all jobs defined in this file
 env:
   DOCKER_BUILDKIT: 1
   REGISTRY: ${{ vars.REGISTRY }}
 
-# Declare default permissions as read only.
 permissions: read-all
 
 jobs:
@@ -55,14 +61,14 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          echo "package_version=$(download-asset latest-tag -r tofuutils/tenv -s)" >> $GITHUB_OUTPUT
+          echo "package_version=$(download-asset latest-tag -r 'tofuutils/tenv' -s)" >> $GITHUB_OUTPUT
 
       - name: Check to see if we've already built this version
         uses: actions/cache/restore@v4
         id: check
         with:
           key: "tenv-${{ steps.lookup_version.outputs.package_version }}"
-          path: packages/tenv/dist
+          path: "packages/tenv/dist"
           lookup-only: true
 
   build:
@@ -72,7 +78,7 @@ jobs:
     uses: northwood-labs/package-building/.github/workflows/build-and-cache.yml@main
     secrets: inherit
     with:
-      package-name: tenv
+      package-name: "tenv"
       package-version: ${{ needs.lookup.outputs.package_version }}
 
   upload:
@@ -82,7 +88,7 @@ jobs:
     uses: northwood-labs/package-building/.github/workflows/upload-to-s3.yml@main
     secrets: inherit
     with:
-      package-name: tenv
+      package-name: "tenv"
       package-version: ${{ needs.lookup.outputs.package_version }}
 
   metadata:

diff --git a/.github/workflows/build-terraform-docs.yml b/.github/workflows/build-terraform-docs.yml
@@ -5,9 +5,10 @@
 
 ################################################################################
 # DO NOT EDIT THIS FILE!
-#
+# 
 # 1. Edit the *.gotmpl.yml files instead.
-# 2. Run 'go run generate-workflow.go -p {package} -t {template}'.
+# 2. go run generate-workflow.go -t _download-and-package.gotmpl.yml -p terraform-docs \
+#       -r 'terraform-docs/terraform-docs' -c '30 14 * * *'
 ################################################################################
 
 name: Build terraform-docs
@@ -22,14 +23,16 @@ on:
     paths:
       - ".github/workflows/build-terraform-docs.yml"
     schedule:
-      - cron: "30 14 * * *"
+      - cron: '30 14 * * *'
+
+defaults:
+  run:
+    shell: bash
 
-# Variables available to all jobs defined in this file
 env:
   DOCKER_BUILDKIT: 1
   REGISTRY: ${{ vars.REGISTRY }}
 
-# Declare default permissions as read only.
 permissions: read-all
 
 jobs:

diff --git a/.github/workflows/build-tflint.yml b/.github/workflows/build-tflint.yml
@@ -7,7 +7,8 @@
 # DO NOT EDIT THIS FILE!
 #
 # 1. Edit the *.gotmpl.yml files instead.
-# 2. Run 'go run generate-workflow.go -p {package} -t {template}'.
+# 2. go run generate-workflow.go -t _download-and-package.gotmpl.yml -p tflint \
+#       -r 'terraform-linters/tflint' -c '40 15 * * *'
 ################################################################################
 
 name: Build tflint
@@ -24,12 +25,14 @@ on:
     schedule:
       - cron: "40 15 * * *"
 
-# Variables available to all jobs defined in this file
+defaults:
+  run:
+    shell: bash
+
 env:
   DOCKER_BUILDKIT: 1
   REGISTRY: ${{ vars.REGISTRY }}
 
-# Declare default permissions as read only.
 permissions: read-all
 
 jobs:

diff --git a/.github/workflows/build-tfschema.yml b/.github/workflows/build-tfschema.yml
@@ -7,7 +7,8 @@
 # DO NOT EDIT THIS FILE!
 # 
 # 1. Edit the *.gotmpl.yml files instead.
-# 2. Run 'go run generate-workflow.go -p {package} -t {template}'.
+# 2. go run generate-workflow.go -t _download-and-package.gotmpl.yml -p tfschema \
+#       -r 'minamijoyo/tfschema' -c '50 15 * * *'
 ################################################################################
 
 name: Build tfschema
@@ -24,12 +25,14 @@ on:
     schedule:
       - cron: '50 15 * * *'
 
-# Variables available to all jobs defined in this file
+defaults:
+  run:
+    shell: bash
+
 env:
   DOCKER_BUILDKIT: 1
   REGISTRY: ${{ vars.REGISTRY }}
 
-# Declare default permissions as read only.
 permissions: read-all
 
 jobs:

diff --git a/.github/workflows/build-tomljson.yml b/.github/workflows/build-tomljson.yml
@@ -5,9 +5,10 @@
 
 ################################################################################
 # DO NOT EDIT THIS FILE!
-# 
+#
 # 1. Edit the *.gotmpl.yml files instead.
-# 2. Run 'go run generate-workflow.go -p {package} -t {template}'.
+# 2. go run generate-workflow.go -t _download-and-package.gotmpl.yml -p tomljson \
+#       -r 'pelletier/go-toml' -c '00 16 * * *'
 ################################################################################
 
 name: Build tomljson
@@ -22,14 +23,16 @@ on:
     paths:
       - ".github/workflows/build-tomljson.yml"
     schedule:
-      - cron: '00 16 * * *'
+      - cron: "00 16 * * *"
+
+defaults:
+  run:
+    shell: bash
 
-# Variables available to all jobs defined in this file
 env:
   DOCKER_BUILDKIT: 1
   REGISTRY: ${{ vars.REGISTRY }}
 
-# Declare default permissions as read only.
 permissions: read-all
 
 jobs:

diff --git a/.github/workflows/build-trivy.yml b/.github/workflows/build-trivy.yml
@@ -7,7 +7,8 @@
 # DO NOT EDIT THIS FILE!
 # 
 # 1. Edit the *.gotmpl.yml files instead.
-# 2. Run 'go run generate-workflow.go -p {package} -t {template}'.
+# 2. go run generate-workflow.go -t _download-and-package.gotmpl.yml -p trivy \
+#       -r 'aquasecurity/trivy' -c '10 16 * * *'
 ################################################################################
 
 name: Build trivy
@@ -24,12 +25,14 @@ on:
     schedule:
       - cron: '10 16 * * *'
 
-# Variables available to all jobs defined in this file
+defaults:
+  run:
+    shell: bash
+
 env:
   DOCKER_BUILDKIT: 1
   REGISTRY: ${{ vars.REGISTRY }}
 
-# Declare default permissions as read only.
 permissions: read-all
 
 jobs:

diff --git a/.github/workflows/build-trufflehog.yml b/.github/workflows/build-trufflehog.yml
@@ -5,9 +5,10 @@
 
 ################################################################################
 # DO NOT EDIT THIS FILE!
-# 
+#
 # 1. Edit the *.gotmpl.yml files instead.
-# 2. Run 'go run generate-workflow.go -p {package} -t {template}'.
+# 2. go run generate-workflow.go -t _download-and-package.gotmpl.yml -p trufflehog \
+#       -r 'trufflesecurity/trufflehog' -c '20 16 * * *'
 ################################################################################
 
 name: Build trufflehog
@@ -22,14 +23,16 @@ on:
     paths:
       - ".github/workflows/build-trufflehog.yml"
     schedule:
-      - cron: '20 16 * * *'
+      - cron: "20 16 * * *"
+
+defaults:
+  run:
+    shell: bash
 
-# Variables available to all jobs defined in this file
 env:
   DOCKER_BUILDKIT: 1
   REGISTRY: ${{ vars.REGISTRY }}
 
-# Declare default permissions as read only.
 permissions: read-all
 
 jobs:

diff --git a/.github/workflows/build-woke.yml b/.github/workflows/build-woke.yml
@@ -5,9 +5,10 @@
 
 ################################################################################
 # DO NOT EDIT THIS FILE!
-# 
+#
 # 1. Edit the *.gotmpl.yml files instead.
-# 2. Run 'go run generate-workflow.go -p {package} -t {template}'.
+# 2. go run generate-workflow.go -t _download-and-package.gotmpl.yml -p woke \
+#       -r 'get-woke/woke' -c '10 17 * * *'
 ################################################################################
 
 name: Build woke
@@ -22,14 +23,16 @@ on:
     paths:
       - ".github/workflows/build-woke.yml"
     schedule:
-      - cron: '10 17 * * *'
+      - cron: "10 17 * * *"
+
+defaults:
+  run:
+    shell: bash
 
-# Variables available to all jobs defined in this file
 env:
   DOCKER_BUILDKIT: 1
   REGISTRY: ${{ vars.REGISTRY }}
 
-# Declare default permissions as read only.
 permissions: read-all
 
 jobs:

diff --git a/.github/workflows/build-yamlfmt.yml b/.github/workflows/build-yamlfmt.yml
@@ -5,9 +5,10 @@
 
 ################################################################################
 # DO NOT EDIT THIS FILE!
-# 
+#
 # 1. Edit the *.gotmpl.yml files instead.
-# 2. Run 'go run generate-workflow.go -p {package} -t {template}'.
+# 2. go run generate-workflow.go -t _download-and-package.gotmpl.yml -p yamlfmt \
+#       -r 'google/yamlfmt' -c '20 17 * * *'
 ################################################################################
 
 name: Build yamlfmt
@@ -22,14 +23,16 @@ on:
     paths:
       - ".github/workflows/build-yamlfmt.yml"
     schedule:
-      - cron: '20 17 * * *'
+      - cron: "20 17 * * *"
+
+defaults:
+  run:
+    shell: bash
 
-# Variables available to all jobs defined in this file
 env:
   DOCKER_BUILDKIT: 1
   REGISTRY: ${{ vars.REGISTRY }}
 
-# Declare default permissions as read only.
 permissions: read-all
 
 jobs:

diff --git a/.github/workflows/generate-apk-meta.yml b/.github/workflows/generate-apk-meta.yml
@@ -8,6 +8,10 @@ on:
   workflow_call:
     # We will pass secrets to the reusable workflow.
 
+defaults:
+  run:
+    shell: bash
+
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true

diff --git a/.github/workflows/generate-deb-meta.yml b/.github/workflows/generate-deb-meta.yml
@@ -8,6 +8,10 @@ on:
   workflow_call:
     # We will pass secrets to the reusable workflow.
 
+defaults:
+  run:
+    shell: bash
+
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true