From 47897c76a2d51164946ccd0aac3fc4cc4c9167c3 Mon Sep 17 00:00:00 2001 From: Anders Kaseorg Date: Tue, 13 Jul 2021 12:00:50 -0700 Subject: [PATCH] scripts: Use curl -f (--fail). This makes curl exit with nonzero status on HTTP 4xx/5xx errors. Signed-off-by: Anders Kaseorg --- .github/workflows/cancel-previous-runs.yml | 2 +- docs/development/remote.md | 2 +- docs/production/install-existing-server.md | 2 +- docs/production/install.md | 2 +- docs/production/upgrade-or-modify.md | 2 +- docs/tutorials/shell-tips.md | 2 +- scripts/lib/build-pgroonga | 2 +- scripts/lib/install-node | 2 +- scripts/lib/install-yarn | 2 +- scripts/setup/apt-repos/zulip/custom.sh | 4 ++-- scripts/setup/sha256-tarball-to | 2 +- templates/zerver/help/desktop-app-install-guide.md | 2 +- tools/ci/Dockerfile.prod | 2 +- tools/ci/send-failure-message | 2 +- tools/push-to-pull-request | 2 +- tools/setup/bootstrap-aws-installer | 2 +- tools/setup/bootstrap-awscli.sh | 2 +- tools/setup/dev-vagrant-docker/Dockerfile | 4 ++-- tools/setup/install-shellcheck | 2 +- tools/setup/install-shfmt | 2 +- 20 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/cancel-previous-runs.yml b/.github/workflows/cancel-previous-runs.yml index bc967b4b1e..83a864afad 100644 --- a/.github/workflows/cancel-previous-runs.yml +++ b/.github/workflows/cancel-previous-runs.yml @@ -28,7 +28,7 @@ jobs: REPOSITORY: ${{ github.repository }} run: | workflow_api_url=https://api.github.com/repos/$REPOSITORY/actions/workflows - curl $workflow_api_url -o workflows.json + curl -fL $workflow_api_url -o workflows.json script="const {workflows} = require('./workflows'); \ const ids = workflows.map(workflow => workflow.id); \ diff --git a/docs/development/remote.md b/docs/development/remote.md index c392e389d0..523e64a218 100644 --- a/docs/development/remote.md +++ b/docs/development/remote.md @@ -204,7 +204,7 @@ developing locally. 2. On your remote machine, run: ``` $ mkdir -p ~/bin - $ curl -Lo ~/bin/rmate https://raw.githubusercontent.com/textmate/rmate/master/bin/rmate + $ curl -fL -o ~/bin/rmate https://raw.githubusercontent.com/textmate/rmate/master/bin/rmate $ chmod a+x ~/bin/rmate ``` 3. Make sure the remote server is running in VS Code (you can diff --git a/docs/production/install-existing-server.md b/docs/production/install-existing-server.md index ea2a46c64f..fdd3b80d82 100644 --- a/docs/production/install-existing-server.md +++ b/docs/production/install-existing-server.md @@ -28,7 +28,7 @@ one created by Zulip into it: ```shell sudo cp /etc/nginx/nginx.conf /etc/nginx.conf.before-zulip-install -sudo curl -Lo /etc/nginx/nginx.conf.zulip \ +sudo curl -fL -o /etc/nginx/nginx.conf.zulip \ https://raw.githubusercontent.com/zulip/zulip/master/puppet/zulip/templates/nginx.conf.template.erb sudo meld /etc/nginx/nginx.conf /etc/nginx/nginx.conf.zulip # be sure to merge to the right ``` diff --git a/docs/production/install.md b/docs/production/install.md index bc27675d27..43b7f66238 100644 --- a/docs/production/install.md +++ b/docs/production/install.md @@ -20,7 +20,7 @@ with the following commands: ``` cd $(mktemp -d) -curl -LO https://www.zulip.org/dist/releases/zulip-server-latest.tar.gz +curl -fLO https://www.zulip.org/dist/releases/zulip-server-latest.tar.gz tar -xf zulip-server-latest.tar.gz ``` diff --git a/docs/production/upgrade-or-modify.md b/docs/production/upgrade-or-modify.md index dff6925c89..be1cec4861 100644 --- a/docs/production/upgrade-or-modify.md +++ b/docs/production/upgrade-or-modify.md @@ -28,7 +28,7 @@ to a new Zulip release: release with: ``` - curl -LO https://www.zulip.org/dist/releases/zulip-server-latest.tar.gz + curl -fLO https://www.zulip.org/dist/releases/zulip-server-latest.tar.gz ``` You also have the option of upgrading Zulip [to a version in a Git diff --git a/docs/tutorials/shell-tips.md b/docs/tutorials/shell-tips.md index 08de9f5c2f..f012c3d0b5 100644 --- a/docs/tutorials/shell-tips.md +++ b/docs/tutorials/shell-tips.md @@ -178,7 +178,7 @@ environment: ``` sudo apt-get -y purge vagrant && \ -curl -LO https://releases.hashicorp.com/vagrant/2.0.2/vagrant_2.0.2_x86_64.deb && \ +curl -fLO https://releases.hashicorp.com/vagrant/2.0.2/vagrant_2.0.2_x86_64.deb && \ sudo dpkg -i vagrant*.deb && \ sudo apt-get -y install build-essential git ruby lxc lxc-templates cgroup-lite redir && \ vagrant plugin install vagrant-lxc && \ diff --git a/scripts/lib/build-pgroonga b/scripts/lib/build-pgroonga index aac59f0a65..122880a058 100755 --- a/scripts/lib/build-pgroonga +++ b/scripts/lib/build-pgroonga @@ -6,7 +6,7 @@ PGROONGA_VERSION="2.2.8" cd "$(mktemp -d)" -curl -LO https://packages.groonga.org/source/pgroonga/pgroonga-"$PGROONGA_VERSION".tar.gz +curl -fLO https://packages.groonga.org/source/pgroonga/pgroonga-"$PGROONGA_VERSION".tar.gz tar xf pgroonga-"$PGROONGA_VERSION".tar.gz cd pgroonga-"$PGROONGA_VERSION" diff --git a/scripts/lib/install-node b/scripts/lib/install-node index a8cd6cefee..fb1ad4a07a 100755 --- a/scripts/lib/install-node +++ b/scripts/lib/install-node @@ -27,7 +27,7 @@ if [ "$current_node_version" != "v$node_version" ] || ! [ -L "$node_wrapper_path [ "$(nvm --version)" != "$nvm_version" ] }; then mkdir -p "$NVM_DIR" - curl_opts=(-L) + curl_opts=(-fL) if [ -n "${CUSTOM_CA_CERTIFICATES:-}" ]; then curl_opts+=(--cacert "${CUSTOM_CA_CERTIFICATES}") fi diff --git a/scripts/lib/install-yarn b/scripts/lib/install-yarn index 048d2cffb8..b5469925e9 100755 --- a/scripts/lib/install-yarn +++ b/scripts/lib/install-yarn @@ -18,7 +18,7 @@ if ! check_version; then tmpdir="$(mktemp -d)" trap 'rm -r "$tmpdir"' EXIT cd "$tmpdir" - curl -LO "https://registry.npmjs.org/yarn/-/$tarball" + curl -fLO "https://registry.npmjs.org/yarn/-/$tarball" sha256sum -c <<<"$sha256 $tarball" rm -rf /srv/zulip-yarn mkdir /srv/zulip-yarn diff --git a/scripts/setup/apt-repos/zulip/custom.sh b/scripts/setup/apt-repos/zulip/custom.sh index fa0f561491..c6dc9abd1b 100755 --- a/scripts/setup/apt-repos/zulip/custom.sh +++ b/scripts/setup/apt-repos/zulip/custom.sh @@ -23,8 +23,8 @@ if [[ ! -e /usr/share/doc/groonga-apt-source/copyright ]]; then distribution=$(lsb_release -si | tr '[:upper:]' '[:lower:]') groonga_apt_source_deb="groonga-apt-source-latest-$release.deb" groonga_apt_source_deb_sign="$groonga_apt_source_deb.asc.$pgroonga_apt_sign_key_fingerprint" - curl -LO "https://packages.groonga.org/$distribution/$groonga_apt_source_deb" - curl -LO "https://packages.groonga.org/$distribution/$groonga_apt_source_deb_sign" + curl -fLO "https://packages.groonga.org/$distribution/$groonga_apt_source_deb" + curl -fLO "https://packages.groonga.org/$distribution/$groonga_apt_source_deb_sign" gpg \ --homedir="$tmp_gpg_home" \ --verify \ diff --git a/scripts/setup/sha256-tarball-to b/scripts/setup/sha256-tarball-to index 033fa5f84c..d32eaddb74 100755 --- a/scripts/setup/sha256-tarball-to +++ b/scripts/setup/sha256-tarball-to @@ -25,7 +25,7 @@ cd "$tmpdir" # Fetch to a predictable name, not whatever curl guesses from the URL LOCALFILE="archive.tar.gz" -curl -Lo "$LOCALFILE" "$URL" +curl -fL -o "$LOCALFILE" "$URL" # Check the hash against what was passed in echo "$SHA256 $LOCALFILE" >"$LOCALFILE.sha256" diff --git a/templates/zerver/help/desktop-app-install-guide.md b/templates/zerver/help/desktop-app-install-guide.md index d28b75706b..d614b00a2b 100644 --- a/templates/zerver/help/desktop-app-install-guide.md +++ b/templates/zerver/help/desktop-app-install-guide.md @@ -55,7 +55,7 @@ to future versions. 1. Enter the following commands into a terminal: - sudo curl -Lo /etc/apt/trusted.gpg.d/zulip-desktop.asc \ + sudo curl -fL -o /etc/apt/trusted.gpg.d/zulip-desktop.asc \ https://download.zulip.com/desktop/apt/zulip-desktop.asc echo "deb https://download.zulip.com/desktop/apt stable main" | \ sudo tee /etc/apt/sources.list.d/zulip-desktop.list diff --git a/tools/ci/Dockerfile.prod b/tools/ci/Dockerfile.prod index dfaca7061a..142af5e458 100644 --- a/tools/ci/Dockerfile.prod +++ b/tools/ci/Dockerfile.prod @@ -17,7 +17,7 @@ RUN if (. /etc/os-release && [ "$ID $VERSION_ID" = 'ubuntu 18.04' ]); then \ # Download the release tarball, start rabbitmq server and install the server ARG VERSION RUN cd $(mktemp -d) \ - && curl -LO "https://www.zulip.org/dist/releases/zulip-server-$VERSION.tar.gz" \ + && curl -fLO "https://www.zulip.org/dist/releases/zulip-server-$VERSION.tar.gz" \ && tar -xf "zulip-server-$VERSION.tar.gz" \ && sudo service rabbitmq-server start \ && sudo service rabbitmq-server status \ diff --git a/tools/ci/send-failure-message b/tools/ci/send-failure-message index c62832c0b9..5aa2274b43 100755 --- a/tools/ci/send-failure-message +++ b/tools/ci/send-failure-message @@ -6,7 +6,7 @@ set -x if [[ "$ZULIP_BOT_KEY" != "" && "$GITHUB_REPOSITORY" == "zulip/zulip" ]]; then BRANCH="$(python3 -c 'import sys; print(sys.argv[1].split("/")[-1])' "$GITHUB_REF")" URI_ESCAPED_TOPIC="$(python3 -c 'import sys; import urllib.parse; print(urllib.parse.quote(sys.argv[1]))' "$BRANCH failing")" - curl -H "Content-Type: application/json" \ + curl -fL -H "Content-Type: application/json" \ -X POST -i 'https://chat.zulip.org/api/v1/external/circleci?api_key='"$ZULIP_BOT_KEY"'&stream=automated%20testing&topic='"$URI_ESCAPED_TOPIC" \ -d '{"payload": { "branch": "'"$BRANCH"'", "reponame": "'"$GITHUB_REPOSITORY"'", "status": "failed", "build_url": "'"$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"'", "username": "'"$GITHUB_ACTOR"'"}}' fi diff --git a/tools/push-to-pull-request b/tools/push-to-pull-request index 8fabc819af..46cb8970ab 100755 --- a/tools/push-to-pull-request +++ b/tools/push-to-pull-request @@ -91,7 +91,7 @@ fi # seems to require authentication even for simple lookups of public data, # and that'd be a pain for a simple script like this. pr_url=https://api.github.com/repos/"${repo_fq}"/pulls/"${pr_id}" -pr_details="$(curl -s "$pr_url")" +pr_details="$(curl -fLsS "$pr_url")" pr_jq() { echo "$pr_details" | jq "$@" diff --git a/tools/setup/bootstrap-aws-installer b/tools/setup/bootstrap-aws-installer index bc86e6fb9f..8c1fedfcbc 100644 --- a/tools/setup/bootstrap-aws-installer +++ b/tools/setup/bootstrap-aws-installer @@ -8,7 +8,7 @@ #BRANCH= #SSH_SECRET_ID= -if ! curl -s -m 5 http://169.254.169.254/latest/dynamic/instance-identity/document | grep instanceId; then +if ! curl -fLs -m 5 http://169.254.169.254/latest/dynamic/instance-identity/document | grep instanceId; then echo "This should be run on AWS instances, not locally." exit 1 fi diff --git a/tools/setup/bootstrap-awscli.sh b/tools/setup/bootstrap-awscli.sh index c77d121869..56a7161c90 100644 --- a/tools/setup/bootstrap-awscli.sh +++ b/tools/setup/bootstrap-awscli.sh @@ -7,7 +7,7 @@ if [ ! -d "/srv/zulip-aws-tools/v2/$AWS_CLI_VERSION" ]; then mkdir -p /srv/zulip-aws-tools cd /srv/zulip-aws-tools || exit 1 rm -rf awscli.zip awscli.zip.sha256 aws/ - curl -L "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-$AWS_CLI_VERSION.zip" -o awscli.zip + curl -fL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-$AWS_CLI_VERSION.zip" -o awscli.zip echo "$AWS_CLI_SHA awscli.zip" >awscli.zip.sha256 sha256sum -c awscli.zip.sha256 unzip -q awscli.zip diff --git a/tools/setup/dev-vagrant-docker/Dockerfile b/tools/setup/dev-vagrant-docker/Dockerfile index 0f5776b2fd..494ff666fd 100644 --- a/tools/setup/dev-vagrant-docker/Dockerfile +++ b/tools/setup/dev-vagrant-docker/Dockerfile @@ -32,7 +32,7 @@ RUN \ # managed by systemd start within Docker, which breaks normal # operation of systemd. dpkg-divert --add --rename /bin/systemctl \ - && curl -so /bin/systemctl 'https://raw.githubusercontent.com/gdraheim/docker-systemctl-replacement/73b5aff2ba6abfd254d236f1df22ff4971d44660/files/docker/systemctl3.py' \ + && curl -fLsS -o /bin/systemctl 'https://raw.githubusercontent.com/gdraheim/docker-systemctl-replacement/73b5aff2ba6abfd254d236f1df22ff4971d44660/files/docker/systemctl3.py' \ && chmod +x /bin/systemctl \ && ln -nsf /bin/true /usr/sbin/policy-rc.d \ && mkdir -p /run/sshd \ @@ -48,7 +48,7 @@ RUN \ # Set up the vagrant user and its SSH key (globally public) && useradd -ms /bin/bash -u "$VAGRANT_UID" vagrant \ && mkdir -m 700 ~vagrant/.ssh \ - && curl -so ~vagrant/.ssh/authorized_keys 'https://raw.githubusercontent.com/hashicorp/vagrant/be7876d83644aa6bdf7f951592fdc681506bcbe6/keys/vagrant.pub' \ + && curl -fLsS -o ~vagrant/.ssh/authorized_keys 'https://raw.githubusercontent.com/hashicorp/vagrant/be7876d83644aa6bdf7f951592fdc681506bcbe6/keys/vagrant.pub' \ && chown -R vagrant: ~vagrant/.ssh \ && echo 'vagrant ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/vagrant diff --git a/tools/setup/install-shellcheck b/tools/setup/install-shellcheck index 296cd155e9..632f0e44a0 100755 --- a/tools/setup/install-shellcheck +++ b/tools/setup/install-shellcheck @@ -19,7 +19,7 @@ if ! check_version; then tmpdir="$(mktemp -d)" trap 'rm -r "$tmpdir"' EXIT cd "$tmpdir" - curl -LO "https://github.com/koalaman/shellcheck/releases/download/v$version/$tarball" + curl -fLO "https://github.com/koalaman/shellcheck/releases/download/v$version/$tarball" sha256sum -c <<<"${sha256[$arch]} $tarball" tar -xJf "$tarball" --no-same-owner --strip-components=1 -C /usr/local/bin "shellcheck-v$version/shellcheck" check_version diff --git a/tools/setup/install-shfmt b/tools/setup/install-shfmt index 91ec2593df..a034746e80 100755 --- a/tools/setup/install-shfmt +++ b/tools/setup/install-shfmt @@ -24,7 +24,7 @@ if ! check_version; then tmpdir="$(mktemp -d)" trap 'rm -r "$tmpdir"' EXIT cd "$tmpdir" - curl -LO "https://github.com/mvdan/sh/releases/download/v$version/$binary" + curl -fLO "https://github.com/mvdan/sh/releases/download/v$version/$binary" sha256sum -c <<<"$sha256 $binary" chmod +x "$binary" mv "$binary" /usr/local/bin/shfmt