Optimized bash scripts

djkormo · Feb 5, 2025 · 2b32865 · 2b32865
1 parent 0e43b69
commit 2b32865
Show file tree

Hide file tree

Showing 2 changed files with 67 additions and 70 deletions.
diff --git a/scripts/common_utils.sh b/scripts/common_utils.sh
@@ -14,52 +14,35 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
+# modified by Adam Krawczyk - jamallorock
 
 ###############################  utilities  #################################
 
-function check_running() {
-
-	check_pod=$1
-	prometheus_ns="monitoring"
-	kubectl_cmd="kubectl -n ${prometheus_ns}"
+set -e  # Exit immediately on error
 
-	echo "Info: Waiting for ${check_pod} to come up..."
-	err_wait=0
-	while true;
-	do
-		sleep 2
-		${kubectl_cmd} get pods | grep ${check_pod}
-		pod_stat=$(${kubectl_cmd} get pods | grep ${check_pod} | awk '{ print $3 }')
-		case "${pod_stat}" in
-			"Running")
-				echo "Info: ${check_pod} deploy succeeded: ${pod_stat}"
-				err=0
-				break;
-				;;
-			"Error")
-				# On Error, wait for 10 seconds before exiting.
-				err_wait=$(( err_wait + 1 ))
-				if [ ${err_wait} -gt 5 ]; then
-					echo "Error: ${check_pod} deploy failed: ${pod_stat}"
-					err=-1
-					break;
-				fi
-				;;
-			*)
-				sleep 2
-				;;
-		esac
-	done
+check_running() {
+    local check_pod=$1
+    local prometheus_ns="monitoring"
+    local kubectl_cmd="kubectl -n ${prometheus_ns}"
 
-	${kubectl_cmd} get pods | grep ${check_pod}
-	echo
+    echo "Info: Waiting for ${check_pod} to become ready..."
+
+    # Use `kubectl wait` for more efficient waiting instead of polling
+    if ! ${kubectl_cmd} wait --for=condition=Ready pod -l app=${check_pod} --timeout=60s; then
+        echo "Error: ${check_pod} failed to become ready within timeout."
+        return 1
+    fi
+
+    echo "Info: ${check_pod} is now running."
+    ${kubectl_cmd} get pods | grep "${check_pod}"
+    echo
 }
 
-# Check error code from last command, exit on error
+# Check error code from the last command, exit on failure
 check_err() {
-	err=$?
-	if [ ${err} -ne 0 ]; then
-		echo "$*"
-		exit -1
-	fi
-}
+    local err=$?
+    if [ ${err} -ne 0 ]; then
+        echo "Error: $*"
+        exit 1  # Use standard Unix exit code
+    fi
+}
diff --git a/scripts/generate-certs.sh b/scripts/generate-certs.sh
@@ -1,40 +1,52 @@
 #!/usr/bin/env bash
 
-set -e
-set -o pipefail
+set -euo pipefail  # Improved: added 'u' to catch errors from undeclared variables
 
+# 📍 Setting directories
 SCRIPT_DIR="$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
 OUTPUT_DIR="${SCRIPT_DIR}/../issuers/testdata"
+CA_DIR="${OUTPUT_DIR}/ca"
 
-if [ -f "${OUTPUT_DIR}/pkcs7.pem" ] && [ -f "${OUTPUT_DIR}/x509.pem" ]; then
-    printf 'Certificates already exist, skipping generation...\n'
+# 📍 Checking if certificates already exist
+if [[ -f "${OUTPUT_DIR}/pkcs7.pem" && -f "${OUTPUT_DIR}/x509.pem" ]]; then
+    echo "✅ Certificates already exist. Skipping generation..."
     exit 0
 fi
 
-set -x
+# 📍 Setting default values for CA certificate
+COUNTRY="US"
+STATE="YourState"
+CITY="YourCity"
+ORG="YourOrganization"
+ORG_UNIT="YourOrganizationalUnit"
+COMMON_NAME="adcs-issuer Test CA"
+KEY_SIZE=4096
+DAYS_VALID=3650  # 10 years
 
-mkdir -pv "${OUTPUT_DIR}/ca"
+echo "🔧 Creating directories..."
+mkdir -pv "${CA_DIR}"
 
-# Create the CA key
-openssl genrsa -out "${OUTPUT_DIR}/ca/ca.key" 2048
-# Create a configuration file for the Root CA
+# 📍 Generating CA private key
+echo "🔑 Generating CA private key (${KEY_SIZE} bits)..."
+openssl genrsa -out "${CA_DIR}/ca.key" ${KEY_SIZE}
 
-# Create CA config
-cat > "${OUTPUT_DIR}/ca/ca.cnf" << EOF
+# 📍 Creating CA configuration
+echo "📜 Creating CA configuration..."
+cat > "${CA_DIR}/ca.cnf" << EOF
 [req]
-default_bits = 4096
+default_bits = ${KEY_SIZE}
 prompt = no
 default_md = sha256
 distinguished_name = dn
 x509_extensions = v3_ca
 
 [dn]
-C = US
-ST = YourState
-L = YourCity
-O = YourOrganization
-OU = YourOrganizationalUnit
-CN = adcs-issuer Test CA
+C = ${COUNTRY}
+ST = ${STATE}
+L = ${CITY}
+O = ${ORG}
+OU = ${ORG_UNIT}
+CN = ${COMMON_NAME}
 
 [v3_ca]
 subjectKeyIdentifier = hash
@@ -43,16 +55,18 @@ basicConstraints = critical, CA:TRUE
 keyUsage = critical, digitalSignature, keyCertSign
 EOF
 
-# Generate the CA cert
+# 📍 Generating CA certificate
+echo "📜 Generating CA certificate (valid for ${DAYS_VALID} days)..."
 openssl req -x509 -new -nodes \
-    -key "${OUTPUT_DIR}/ca/ca.key" \
+    -key "${CA_DIR}/ca.key" \
     -sha256 \
-    -days 3650 \
-    -out "${OUTPUT_DIR}/ca/ca.pem" \
-    -config "${OUTPUT_DIR}/ca/ca.cnf"
-
-# This is probably wrong, but it seems the test
-# just compares equality of the parsed pkcs7.pem to the raw x509.pem...
-# TODO: review
-cp -v "${OUTPUT_DIR}/ca/ca.pem" "${OUTPUT_DIR}/pkcs7.pem"
-cp -v "${OUTPUT_DIR}/ca/ca.pem" "${OUTPUT_DIR}/x509.pem"
+    -days ${DAYS_VALID} \
+    -out "${CA_DIR}/ca.pem" \
+    -config "${CA_DIR}/ca.cnf"
+
+# 📍 Copying certificates to test files
+echo "📂 Copying certificates..."
+cp -v "${CA_DIR}/ca.pem" "${OUTPUT_DIR}/pkcs7.pem"
+cp -v "${CA_DIR}/ca.pem" "${OUTPUT_DIR}/x509.pem"
+
+echo "✅ Certificates successfully generated!"