Add pre-commit config (#1738)

.github/ISSUE_TEMPLATE/problem-report.yml

@@ -23,7 +23,7 @@ body:
     id: docker_version
     attributes:
       label: Docker Version
-      placeholder: 20.10.16 ← should look like this 
+      placeholder: 20.10.16 ← should look like this
       description: |
         What version of docker are you using to run self-hosted?
         e.g: (docker --version)
@@ -76,7 +76,7 @@ body:
       label: Event ID
       description: |
         If you opted into sending errors to our error monitoring and the error has an event ID, enter it here!
-      placeholder: c2d85058-d3b0-4d85-a509-e2ba965845d7 
+      placeholder: c2d85058-d3b0-4d85-a509-e2ba965845d7
   - type: markdown
     attributes:
       value: |-

.github/workflows/issue-status-helper.yml

@@ -13,4 +13,4 @@ jobs:
           GH_REPO: ${{ github.repository }}
         run: |
           labels_to_remove=$(gh api --paginate "/repos/$GH_REPO/labels" -q '[.[].name | select(startswith("Status: ") and . != "${{ github.event.label.name }}")] | join(",")')
-          gh issue edit ${{ github.event.issue.number }} --remove-label "$labels_to_remove" --add-label "${{ github.event.label.name }}"
+          gh issue edit ${{ github.event.issue.number }} --remove-label "$labels_to_remove" --add-label "${{ github.event.label.name }}"

.github/workflows/pre-commit.yml

@@ -0,0 +1,14 @@
+name: pre-commit
+
+on:
+  pull_request:
+  push:
+    branches: [master]
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions/setup-python@v3
+    - uses: pre-commit/action@v3.0.0

.pre-commit-config.yaml

@@ -0,0 +1,24 @@
+- repo: local
+  hooks:
+    # Based on https://github.com/scop/pre-commit-shfmt/blob/main/.pre-commit-hooks.yaml
+    # Customized to also work on ARM, and give diff for CI on failure.
+    - id: shfmt
+      name: shfmt
+      description: Format shell source code
+      language: docker_image
+      entry: --net none mvdan/shfmt:v3.5.1
+      args: [-w, -d]
+      files: .*\.sh
+      stages: [commit, merge-commit, push, manual]
+
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v4.3.0
+  hooks:
+  - id: check-case-conflict
+  - id: check-executables-have-shebangs
+    exclude: ^(install/|_unit-test/_test_setup.sh)
+  - id: check-merge-conflict
+  - id: check-symlinks
+  - id: end-of-file-fixer
+  - id: trailing-whitespace
+  - id: check-yaml

README.md

@@ -79,4 +79,3 @@ We'd love to catch errors in self-hosted so you don't run into them, and so we c
 Thirty (30) day retention. No marketing. Privacy policy at sentry.io/privacy.
 
 Starting with the 22.10.0 release in October, we will require those running the Sentry installer to choose to opt in or out. If you are running the installer under automation, you may want to set `REPORT_SELF_HOSTED_ISSUES` or pass `--(no-)report-self-hosted-issues` to the installer accordingly.
-

_integration-test/custom-ca-roots/setup.sh

@@ -9,10 +9,10 @@ CUSTOM_CERTS_PATH="../certificates"
 # generate tightly constrained CA
 # NB: `-addext` requires LibreSSL 3.1.0+, or OpenSSL (brew install openssl)
 openssl req -x509 -new -nodes -newkey rsa:2048 -keyout $TEST_NGINX_CONF_PATH/ca.key \
--sha256 -days 1 -out $TEST_NGINX_CONF_PATH/ca.crt -batch \
--subj "/CN=TEST CA *DO NOT TRUST*" \
--addext "keyUsage = critical, keyCertSign, cRLSign" \
--addext "nameConstraints = critical, permitted;DNS:self.test"
+  -sha256 -days 1 -out $TEST_NGINX_CONF_PATH/ca.crt -batch \
+  -subj "/CN=TEST CA *DO NOT TRUST*" \
+  -addext "keyUsage = critical, keyCertSign, cRLSign" \
+  -addext "nameConstraints = critical, permitted;DNS:self.test"
 
 ## Lines like the following are debug helpers ...
 # openssl x509 -in nginx/ca.crt -text -noout
@@ -22,14 +22,14 @@ cp $TEST_NGINX_CONF_PATH/ca.crt $CUSTOM_CERTS_PATH/test-custom-ca-roots.crt
 
 # generate server certificate
 openssl req -new -nodes -newkey rsa:2048 -keyout $TEST_NGINX_CONF_PATH/self.test.key \
--addext "subjectAltName=DNS:self.test" \
--out $TEST_NGINX_CONF_PATH/self.test.req -batch -subj "/CN=Self Signed with CA Test Server"
+  -addext "subjectAltName=DNS:self.test" \
+  -out $TEST_NGINX_CONF_PATH/self.test.req -batch -subj "/CN=Self Signed with CA Test Server"
 
 # openssl req -in nginx/self.test.req -text -noout
 
 openssl x509 -req -in $TEST_NGINX_CONF_PATH/self.test.req -CA $TEST_NGINX_CONF_PATH/ca.crt -CAkey $TEST_NGINX_CONF_PATH/ca.key \
--extfile <(printf "subjectAltName=DNS:self.test") \
--CAcreateserial -out $TEST_NGINX_CONF_PATH/self.test.crt -days 1 -sha256
+  -extfile <(printf "subjectAltName=DNS:self.test") \
+  -CAcreateserial -out $TEST_NGINX_CONF_PATH/self.test.crt -days 1 -sha256
 
 # openssl x509 -in nginx/self.test.crt -text -noout
 
@@ -38,7 +38,7 @@ openssl verify -CAfile $TEST_NGINX_CONF_PATH/ca.crt $TEST_NGINX_CONF_PATH/self.t
 
 # self signed certificate, for sanity check of not just accepting all certs
 openssl req -x509 -newkey rsa:2048 -nodes -days 1 -keyout $TEST_NGINX_CONF_PATH/fake.test.key \
--out $TEST_NGINX_CONF_PATH/fake.test.crt -addext "subjectAltName=DNS:fake.test" -subj "/CN=Self Signed Test Server"
+  -out $TEST_NGINX_CONF_PATH/fake.test.crt -addext "subjectAltName=DNS:fake.test" -subj "/CN=Self Signed Test Server"
 
 # openssl x509 -in nginx/fake.test.crt -text -noout
 

_integration-test/run.sh

@@ -13,8 +13,9 @@ COOKIE_FILE=$(mktemp)
 
 # Courtesy of https://stackoverflow.com/a/2183063/90297
 trap_with_arg() {
-  func="$1" ; shift
-  for sig ; do
+  func="$1"
+  shift
+  for sig; do
     trap "$func $sig "'$LINENO' "$sig"
   done
 }
@@ -23,12 +24,12 @@ DID_TEAR_DOWN=0
 # the teardown function will be the exit point
 teardown() {
   if [ "$DID_TEAR_DOWN" -eq 1 ]; then
-    return 0;
+    return 0
   fi
   DID_TEAR_DOWN=1
 
   if [ "$1" != "EXIT" ]; then
-    echo "An error occurred, caught SIG$1 on line $2";
+    echo "An error occurred, caught SIG$1 on line $2"
   fi
 
   echo "Tearing down ..."
@@ -40,18 +41,19 @@ echo "${_endgroup}"
 
 echo "${_group}Starting Sentry for tests ..."
 # Disable beacon for e2e tests
-echo 'SENTRY_BEACON=False' >> $SENTRY_CONFIG_PY
+echo 'SENTRY_BEACON=False' >>$SENTRY_CONFIG_PY
 echo y | $dcr web createuser --force-update --superuser --email $TEST_USER --password $TEST_PASS
 $dc up -d
-printf "Waiting for Sentry to be up"; timeout 90 bash -c 'until $(curl -Isf -o /dev/null $SENTRY_TEST_HOST); do printf '.'; sleep 0.5; done'
+printf "Waiting for Sentry to be up"
+timeout 90 bash -c 'until $(curl -Isf -o /dev/null $SENTRY_TEST_HOST); do printf '.'; sleep 0.5; done'
 echo ""
 echo "${_endgroup}"
 
 echo "${_group}Running tests ..."
-get_csrf_token () { awk '$6 == "sc" { print $7 }' $COOKIE_FILE; }
-sentry_api_request () { curl -s -H 'Accept: application/json; charset=utf-8' -H "Referer: $SENTRY_TEST_HOST" -H 'Content-Type: application/json' -H "X-CSRFToken: $(get_csrf_token)" -b "$COOKIE_FILE" -c "$COOKIE_FILE" "$SENTRY_TEST_HOST/api/0/$1" ${@:2}; }
+get_csrf_token() { awk '$6 == "sc" { print $7 }' $COOKIE_FILE; }
+sentry_api_request() { curl -s -H 'Accept: application/json; charset=utf-8' -H "Referer: $SENTRY_TEST_HOST" -H 'Content-Type: application/json' -H "X-CSRFToken: $(get_csrf_token)" -b "$COOKIE_FILE" -c "$COOKIE_FILE" "$SENTRY_TEST_HOST/api/0/$1" ${@:2}; }
 
-login () {
+login() {
   INITIAL_AUTH_REDIRECT=$(curl -sL -o /dev/null $SENTRY_TEST_HOST -w %{url_effective})
   if [ "$INITIAL_AUTH_REDIRECT" != "$SENTRY_TEST_HOST/auth/login/sentry/" ]; then
     echo "Initial /auth/login/ redirect failed, exiting..."
@@ -65,34 +67,36 @@ login () {
     exit;
   }')
 
-  curl -sL --data-urlencode 'op=login' --data-urlencode "username=$TEST_USER" --data-urlencode "password=$TEST_PASS" --data-urlencode "$CSRF_TOKEN_FOR_LOGIN" "$SENTRY_TEST_HOST/auth/login/sentry/" -H "Referer: $SENTRY_TEST_HOST/auth/login/sentry/" -b "$COOKIE_FILE" -c "$COOKIE_FILE";
+  curl -sL --data-urlencode 'op=login' --data-urlencode "username=$TEST_USER" --data-urlencode "password=$TEST_PASS" --data-urlencode "$CSRF_TOKEN_FOR_LOGIN" "$SENTRY_TEST_HOST/auth/login/sentry/" -H "Referer: $SENTRY_TEST_HOST/auth/login/sentry/" -b "$COOKIE_FILE" -c "$COOKIE_FILE"
 }
 
-LOGIN_RESPONSE=$(login);
+LOGIN_RESPONSE=$(login)
 declare -a LOGIN_TEST_STRINGS=(
   '"isAuthenticated":true'
   '"username":"test@example.com"'
   '"isSuperuser":true'
 )
-for i in "${LOGIN_TEST_STRINGS[@]}"
-do
+for i in "${LOGIN_TEST_STRINGS[@]}"; do
   echo "Testing '$i'..."
-  echo "$LOGIN_RESPONSE" | grep "$i[,}]" >& /dev/null
+  echo "$LOGIN_RESPONSE" | grep "$i[,}]" >&/dev/null
   echo "Pass."
 done
 echo "${_endgroup}"
 
 echo "${_group}Running moar tests !!!"
 # Set up initial/required settings (InstallWizard request)
-sentry_api_request "internal/options/?query=is:required" -X PUT --data '{"mail.use-tls":false,"mail.username":"","mail.port":25,"system.admin-email":"ben@byk.im","mail.password":"","system.url-prefix":"'"$SENTRY_TEST_HOST"'","auth.allow-registration":false,"beacon.anonymous":true}' > /dev/null
+sentry_api_request "internal/options/?query=is:required" -X PUT --data '{"mail.use-tls":false,"mail.username":"","mail.port":25,"system.admin-email":"ben@byk.im","mail.password":"","system.url-prefix":"'"$SENTRY_TEST_HOST"'","auth.allow-registration":false,"beacon.anonymous":true}' >/dev/null
 
 SENTRY_DSN=$(sentry_api_request "projects/sentry/internal/keys/" | awk 'BEGIN { RS=",|:{\n"; FS="\""; } $2 == "public" && $4 ~ "^http" { print $4; exit; }')
 # We ignore the protocol and the host as we already know those
-DSN_PIECES=(`echo $SENTRY_DSN | sed -ne 's|^https\{0,1\}://\([0-9a-z]\{1,\}\)@[^/]\{1,\}/\([0-9]\{1,\}\)$|\1 \2|p' | tr ' ' '\n'`)
+DSN_PIECES=($(echo $SENTRY_DSN | sed -ne 's|^https\{0,1\}://\([0-9a-z]\{1,\}\)@[^/]\{1,\}/\([0-9]\{1,\}\)$|\1 \2|p' | tr ' ' '\n'))
 SENTRY_KEY=${DSN_PIECES[0]}
 PROJECT_ID=${DSN_PIECES[1]}
 
-TEST_EVENT_ID=$(export LC_ALL=C; head /dev/urandom | tr -dc "a-f0-9" | head -c 32)
+TEST_EVENT_ID=$(
+  export LC_ALL=C
+  head /dev/urandom | tr -dc "a-f0-9" | head -c 32
+)
 # Thanks @untitaker - https://forum.sentry.io/t/how-can-i-post-with-curl-a-sentry-event-which-authentication-credentials/4759/2?u=byk
 echo "Creating test event..."
 curl -sf --data '{"event_id": "'"$TEST_EVENT_ID"'","level":"error","message":"a failure","extra":{"object":"42"}}' -H 'Content-Type: application/json' -H "X-Sentry-Auth: Sentry sentry_version=7, sentry_key=$SENTRY_KEY, sentry_client=test-bash/0.1" "$SENTRY_TEST_HOST/api/$PROJECT_ID/store/" -o /dev/null
@@ -102,7 +106,7 @@ export -f sentry_api_request get_csrf_token
 export SENTRY_TEST_HOST COOKIE_FILE EVENT_PATH
 printf "Getting the test event back"
 timeout 60 bash -c 'until $(sentry_api_request "$EVENT_PATH" -Isf -X GET -o /dev/null); do printf '.'; sleep 0.5; done'
-echo " got it!";
+echo " got it!"
 
 EVENT_RESPONSE=$(sentry_api_request "$EVENT_PATH")
 declare -a EVENT_TEST_STRINGS=(
@@ -111,10 +115,9 @@ declare -a EVENT_TEST_STRINGS=(
   '"title":"a failure"'
   '"object":"42"'
 )
-for i in "${EVENT_TEST_STRINGS[@]}"
-do
+for i in "${EVENT_TEST_STRINGS[@]}"; do
   echo "Testing '$i'..."
-  echo "$EVENT_RESPONSE" | grep "$i[,}]" >& /dev/null
+  echo "$EVENT_RESPONSE" | grep "$i[,}]" >&/dev/null
   echo "Pass."
 done
 echo "${_endgroup}"

_unit-test/_test_setup.sh

@@ -31,16 +31,16 @@ setup() {
     local filestatus="$(cut -f1 -d' ' <(echo $line))"
 
     case $filestatus in
-      D)
-        rm "$_SANDBOX/$filepath"
-        ;;
-      A | M | AM | ??)
-        ln -sf "$(realpath $filepath)" "$_SANDBOX/$filepath"
-        ;;
-      **)
-        echo "Wuh? $line"
-        exit 77
-        ;;
+    D)
+      rm "$_SANDBOX/$filepath"
+      ;;
+    A | M | AM | ??)
+      ln -sf "$(realpath $filepath)" "$_SANDBOX/$filepath"
+      ;;
+    **)
+      echo "Wuh? $line"
+      exit 77
+      ;;
     esac
   done
 

_unit-test/ensure-relay-credentials-test.sh

@@ -17,8 +17,8 @@ test -f $creds_file
 test "$(jq -r 'keys[2]' $creds_file)" = "secret_key"
 
 # If the files exist we don't touch it.
-echo GARBAGE > $cfg_file
-echo MOAR GARBAGE > $creds_file
+echo GARBAGE >$cfg_file
+echo MOAR GARBAGE >$creds_file
 source ensure-relay-credentials.sh
 test "$(cat $cfg_file)" = "GARBAGE"
 test "$(cat $creds_file)" = "MOAR GARBAGE"

_unit-test/error-handling-test.sh

@@ -13,7 +13,7 @@ send_envelope() {
 export -f send_envelope
 echo "Testing initial send_event"
 export log_file="test_log.txt"
-echo "Test Logs" > "$basedir/$log_file"
+echo "Test Logs" >"$basedir/$log_file"
 SEND_EVENT_RESPONSE=$(send_event "12345123451234512345123451234512" "Test exited with status 1")
 rm "$basedir/$log_file"
 test "$SEND_EVENT_RESPONSE" == 'Test Sending sentry-envelope-12345123451234512345123451234512'

_unit-test/geoip-test.sh

@@ -9,7 +9,7 @@ source geoip.sh
 diff -rub $mmdb $mmdb.empty
 
 # Doesn't clobber existing, though.
-echo GARBAGE > $mmdb
+echo GARBAGE >$mmdb
 source geoip.sh
 test "$(cat $mmdb)" = "GARBAGE"
 

clean.sh

@@ -13,7 +13,7 @@ cd "$(dirname $0)"
 
 source install/dc-detect-version.sh
 
-function confirm () {
+function confirm() {
   read -p "$1 [y/n] " confirmation
   if [ "$confirmation" != "y" ]; then
     echo "Canceled. 😅"
@@ -21,7 +21,6 @@ function confirm () {
   fi
 }
 
-
 # If we have a version given, validate it.
 # ----------------------------------------
 # Note that arbitrary git refs won't work, because the *_IMAGE variables in
@@ -32,7 +31,7 @@ function confirm () {
 version="${1:-}"
 if [ -n "$version" ]; then
   set +e
-  git rev-parse --verify --quiet "refs/tags/$version" > /dev/null
+  git rev-parse --verify --quiet "refs/tags/$version" >/dev/null
   if [ $? -gt 0 ]; then
     echo "Bad version: $version"
     exit
@@ -54,9 +53,9 @@ $dc down --volumes --remove-orphans --rmi local
 
 # Remove any remaining (likely external) volumes with name matching 'sentry-.*'.
 for volume in $(docker volume list --format '{{ .Name }}' | grep '^sentry-'); do
-  docker volume remove $volume > /dev/null \
-    && echo "Removed volume: $volume" \
-    || echo "Skipped volume: $volume"
+  docker volume remove $volume >/dev/null &&
+    echo "Removed volume: $volume" ||
+    echo "Skipped volume: $volume"
 done
 
 # If we have a version given, switch to it.

cloudbuild.yaml

@@ -1,6 +1,6 @@
 steps:
   - name: "gcr.io/$PROJECT_ID/docker-compose"
-    id: clone-and-configure 
+    id: clone-and-configure
     entrypoint: "bash"
     args:
       - "-e"
@@ -10,7 +10,7 @@ steps:
         echo '{"version": "3.4", "networks":{"default":{"external":{"name":"cloudbuild"}}}}' > self-hosted/docker-compose.override.yml
     timeout: 60s
   - name: "gcr.io/$PROJECT_ID/docker-compose"
-    id: install 
+    id: install
     waitFor:
       - clone-and-configure
     dir: self-hosted
@@ -30,7 +30,7 @@ steps:
   - name: "gcr.io/$PROJECT_ID/docker-compose"
     id: e2e-test
     waitFor:
-      - install 
+      - install
     dir: self-hosted
     entrypoint: "bash"
     args:

cron/entrypoint.sh

@@ -8,12 +8,12 @@ fi
 # - https://github.com/renskiy/cron-docker-image/blob/5600db37acf841c6d7a8b4f3866741bada5b4622/debian/start-cron#L34-L36
 # - https://blog.knoldus.com/running-a-cron-job-in-docker-container/
 
-declare -p | grep -Ev 'BASHOPTS|BASH_VERSINFO|EUID|PPID|SHELLOPTS|UID' > /container.env
+declare -p | grep -Ev 'BASHOPTS|BASH_VERSINFO|EUID|PPID|SHELLOPTS|UID' >/container.env
 
 { for cron_job in "$@"; do echo -e "SHELL=/bin/bash
 BASH_ENV=/container.env
-${cron_job} > /proc/1/fd/1 2>/proc/1/fd/2"; done } \
-  | sed --regexp-extended 's/\\(.)/\1/g' \
-  | crontab -
+${cron_job} > /proc/1/fd/1 2>/proc/1/fd/2"; done; } |
+  sed --regexp-extended 's/\\(.)/\1/g' |
+  crontab -
 crontab -l
 exec cron -f -l -L 15

install.sh

@@ -3,11 +3,11 @@ set -eE
 
 # Pre-pre-flight? 🤷
 if [[ -n "$MSYSTEM" ]]; then
-  echo "Seems like you are using an MSYS2-based system (such as Git Bash) which is not supported. Please use WSL instead.";
+  echo "Seems like you are using an MSYS2-based system (such as Git Bash) which is not supported. Please use WSL instead."
   exit 1
 fi
 
-source "$(dirname $0)/install/_lib.sh"  # does a `cd .../install/`, among other things
+source "$(dirname $0)/install/_lib.sh" # does a `cd .../install/`, among other things
 
 # Pre-flight. No impact yet.
 source parse-cli.sh

install/_lib.sh

@@ -5,7 +5,7 @@ test "${DEBUG:-}" && set -x
 umask 002
 
 # Thanks to https://unix.stackexchange.com/a/145654/108960
-log_file="sentry_install_log-`date +'%Y-%m-%d_%H-%M-%S'`.txt"
+log_file="sentry_install_log-$(date +'%Y-%m-%d_%H-%M-%S').txt"
 exec &> >(tee -a "$log_file")
 
 # Thanks to https://tldp.org/LDP/abs/html/intandnonint.html
@@ -16,15 +16,18 @@ else
 fi
 
 # Work from /install/ for install.sh, project root otherwise
-if [[ "$(basename $0)" = "install.sh"  ]]; then
+if [[ "$(basename $0)" = "install.sh" ]]; then
   cd "$(dirname $0)/install/"
 else
-  cd "$(dirname $0)"  # assume we're a test script or some such
+  cd "$(dirname $0)" # assume we're a test script or some such
 fi
 
 # Allow `.env` overrides using the `.env.custom` file.
 # We pass this to docker compose in a couple places.
-basedir="$( cd .. ; pwd -P )"  # realpath is missing on stock macOS
+basedir="$(
+  cd ..
+  pwd -P
+)" # realpath is missing on stock macOS
 if [[ -f "$basedir/.env.custom" ]]; then
   _ENV="$basedir/.env.custom"
 else
@@ -32,7 +35,7 @@ else
 fi
 
 # Read .env for default values with a tip o' the hat to https://stackoverflow.com/a/59831605/90297
-t=$(mktemp) && export -p > "$t" && set -a && . $_ENV && set +a && . "$t" && rm "$t" && unset t
+t=$(mktemp) && export -p >"$t" && set -a && . $_ENV && set +a && . "$t" && rm "$t" && unset t
 
 if [ "${GITHUB_ACTIONS:-}" = "true" ]; then
   _group="::group::"

install/check-latest-commit.sh

@@ -4,7 +4,7 @@ echo "${_group}Checking for latest commit ... "
 if [[ -d "../.git" && "${SKIP_COMMIT_CHECK:-0}" != 1 ]]; then
   if [[ $(git branch | sed -n '/\* /s///p') == "master" ]]; then
     if [[ $(git rev-parse HEAD) != $(git ls-remote $(git rev-parse --abbrev-ref @{u} | sed 's/\// /g') | cut -f1) ]]; then
-      echo "Seems like you are not using the latest commit from the self-hosted repository. Please pull the latest changes and try again, or suppress this check with --skip-commit-check.";
+      echo "Seems like you are not using the latest commit from the self-hosted repository. Please pull the latest changes and try again, or suppress this check with --skip-commit-check."
       exit 1
     fi
   fi

install/check-minimum-requirements.sh

@@ -3,9 +3,10 @@ echo "${_group}Checking minimum requirements ..."
 source "$(dirname $0)/_min-requirements.sh"
 
 # Check the version of $1 is greater than or equal to $2 using sort. Note: versions must be stripped of "v"
-function vergte () { printf "%s\n%s" $1 $2 | sort --version-sort --check=quiet --reverse; echo $?; }
-
-
+function vergte() {
+  printf "%s\n%s" $1 $2 | sort --version-sort --check=quiet --reverse
+  echo $?
+}
 
 DOCKER_VERSION=$(docker version --format '{{.Server.Version}}' || echo '')
 if [[ -z "$DOCKER_VERSION" ]]; then
@@ -13,7 +14,7 @@ if [[ -z "$DOCKER_VERSION" ]]; then
   exit 1
 fi
 
-if [[ "$(vergte ${DOCKER_VERSION//v} $MIN_DOCKER_VERSION)" -eq 1 ]]; then
+if [[ "$(vergte ${DOCKER_VERSION//v/} $MIN_DOCKER_VERSION)" -eq 1 ]]; then
   echo "FAIL: Expected minimum docker version to be $MIN_DOCKER_VERSION but found $DOCKER_VERSION"
   exit 1
 fi
@@ -25,13 +26,13 @@ if [[ -z "$COMPOSE_VERSION" ]]; then
   exit 1
 fi
 
-if [[ "$(vergte ${COMPOSE_VERSION//v} $MIN_COMPOSE_VERSION)" -eq 1 ]]; then
+if [[ "$(vergte ${COMPOSE_VERSION//v/} $MIN_COMPOSE_VERSION)" -eq 1 ]]; then
   echo "FAIL: Expected minimum $dc_base version to be $MIN_COMPOSE_VERSION but found $COMPOSE_VERSION"
   exit 1
 fi
 echo "Found Docker Compose version $COMPOSE_VERSION"
 
-CPU_AVAILABLE_IN_DOCKER=$(docker run --rm busybox nproc --all);
+CPU_AVAILABLE_IN_DOCKER=$(docker run --rm busybox nproc --all)
 if [[ "$CPU_AVAILABLE_IN_DOCKER" -lt "$MIN_CPU_HARD" ]]; then
   echo "FAIL: Required minimum CPU cores available to Docker is $MIN_CPU_HARD, found $CPU_AVAILABLE_IN_DOCKER"
   exit 1
@@ -39,7 +40,7 @@ elif [[ "$CPU_AVAILABLE_IN_DOCKER" -lt "$MIN_CPU_SOFT" ]]; then
   echo "WARN: Recommended minimum CPU cores available to Docker is $MIN_CPU_SOFT, found $CPU_AVAILABLE_IN_DOCKER"
 fi
 
-RAM_AVAILABLE_IN_DOCKER=$(docker run --rm busybox free -m 2>/dev/null | awk '/Mem/ {print $2}');
+RAM_AVAILABLE_IN_DOCKER=$(docker run --rm busybox free -m 2>/dev/null | awk '/Mem/ {print $2}')
 if [[ "$RAM_AVAILABLE_IN_DOCKER" -lt "$MIN_RAM_HARD" ]]; then
   echo "FAIL: Required minimum RAM available to Docker is $MIN_RAM_HARD MB, found $RAM_AVAILABLE_IN_DOCKER MB"
   exit 1

install/dc-detect-version.sh

@@ -9,8 +9,8 @@ fi
 echo "${_group}Initializing Docker Compose ..."
 
 # Some environments still use `docker-compose` even for Docker Compose v2.
-dc_base="$(docker compose version &> /dev/null && echo 'docker compose' || echo 'docker-compose')"
-if [[ "$(basename $0)" = "install.sh"  ]]; then
+dc_base="$(docker compose version &>/dev/null && echo 'docker compose' || echo 'docker-compose')"
+if [[ "$(basename $0)" = "install.sh" ]]; then
   dc="$dc_base --ansi never --env-file ${_ENV}"
 else
   dc="$dc_base --ansi never"

install/detect-platform.sh

@@ -1,6 +1,5 @@
 echo "${_group}Detecting Docker platform"
 
-
 # Sentry SaaS uses stock Yandex ClickHouse, but they don't provide images that
 # support ARM, which is relevant especially for Apple M1 laptops, Sentry's
 # standard developer environment. As a workaround, we use an altinity image
@@ -16,14 +15,14 @@ echo "${_group}Detecting Docker platform"
 export DOCKER_ARCH=$(docker info --format '{{.Architecture}}')
 
 if [[ "$DOCKER_ARCH" = "x86_64" ]]; then
-    export DOCKER_PLATFORM="linux/amd64"
-    export CLICKHOUSE_IMAGE="yandex/clickhouse-server:20.3.9.70"
+  export DOCKER_PLATFORM="linux/amd64"
+  export CLICKHOUSE_IMAGE="yandex/clickhouse-server:20.3.9.70"
 elif [[ "$DOCKER_ARCH" = "aarch64" ]]; then
-    export DOCKER_PLATFORM="linux/arm64"
-    export CLICKHOUSE_IMAGE="altinity/clickhouse-server:21.6.1.6734-testing-arm"
+  export DOCKER_PLATFORM="linux/arm64"
+  export CLICKHOUSE_IMAGE="altinity/clickhouse-server:21.6.1.6734-testing-arm"
 else
-    echo "FAIL: Unsupported docker architecture $DOCKER_ARCH."
-    exit 1
+  echo "FAIL: Unsupported docker architecture $DOCKER_ARCH."
+  exit 1
 fi
 echo "Detected Docker platform is $DOCKER_PLATFORM"
 

install/ensure-relay-credentials.sh

@@ -26,7 +26,7 @@ else
 
   $dc pull relay
   creds="$dcr --no-deps -T relay credentials"
-  $creds generate --stdout > "$RELAY_CREDENTIALS_JSON".tmp
+  $creds generate --stdout >"$RELAY_CREDENTIALS_JSON".tmp
   mv "$RELAY_CREDENTIALS_JSON".tmp "$RELAY_CREDENTIALS_JSON"
   if ! grep -q Credentials <($creds show); then
     # Let's fail early if creds failed, to make debugging easier.

install/error-handling.sh

@@ -21,21 +21,21 @@ send_event() {
   # If the envelope file exists, we've already sent it
   if [[ -f $envelope_file_path ]]; then
     echo "Looks like you've already sent this error to us, we're on it :)"
-    return;
+    return
   fi
   # If we haven't sent the envelope file, make it and send to Sentry
   # The format is documented at https://develop.sentry.dev/sdk/envelopes/
   # Grab length of log file, needed for the envelope header to send an attachment
-  local file_length=$(wc -c < "$basedir/$log_file" | awk '{print $1}')
+  local file_length=$(wc -c <"$basedir/$log_file" | awk '{print $1}')
   # Add header for initial envelope information
-  echo '{"event_id":"'$event_hash'","dsn":"'$SENTRY_DSN'"}' > $envelope_file_path
+  echo '{"event_id":"'$event_hash'","dsn":"'$SENTRY_DSN'"}' >$envelope_file_path
   # Add header to specify the event type of envelope to be sent
-  echo '{"type":"event"}' >> $envelope_file_path
+  echo '{"type":"event"}' >>$envelope_file_path
   # Add traceback message to event
-  echo '{"message":"'$traceback_escaped'","level":"error"}' >> $envelope_file_path
+  echo '{"message":"'$traceback_escaped'","level":"error"}' >>$envelope_file_path
   # Add attachment to the event
-  echo '{"type":"attachment","length":'$file_length',"content_type":"text/plain","filename":"install_log.txt"}' >> $envelope_file_path
-  cat "$basedir/$log_file" >> $envelope_file_path
+  echo '{"type":"attachment","length":'$file_length',"content_type":"text/plain","filename":"install_log.txt"}' >>$envelope_file_path
+  cat "$basedir/$log_file" >>$envelope_file_path
   # Send envelope
   send_envelope $envelope_file
 }
@@ -83,7 +83,7 @@ if [[ -z "${REPORT_SELF_HOSTED_ISSUES:-}" ]]; then
     echo
     echo "Thanks for using Sentry."
     echo
-    export REPORT_SELF_HOSTED_ISSUES=0  # opt-in for now
+    export REPORT_SELF_HOSTED_ISSUES=0 # opt-in for now
   else
     echo
     echo "Hey, so ... we would love to automatically find out about issues with your"
@@ -109,13 +109,20 @@ if [[ -z "${REPORT_SELF_HOSTED_ISSUES:-}" ]]; then
     echo
 
     yn=""
-    until [ ! -z "$yn" ]
-    do
+    until [ ! -z "$yn" ]; do
       read -p "y or n? " yn
       case $yn in
-        y | yes | 1) export REPORT_SELF_HOSTED_ISSUES=1; echo; echo -n "Thank you.";;
-        n | no | 0) export REPORT_SELF_HOSTED_ISSUES=0; echo; echo -n "Understood.";;
-        *) yn="";;
+      y | yes | 1)
+        export REPORT_SELF_HOSTED_ISSUES=1
+        echo
+        echo -n "Thank you."
+        ;;
+      n | no | 0)
+        export REPORT_SELF_HOSTED_ISSUES=0
+        echo
+        echo -n "Understood."
+        ;;
+      *) yn="" ;;
       esac
     done
 
@@ -138,24 +145,25 @@ if [ "$REPORT_SELF_HOSTED_ISSUES" == 1 ]; then
   if ! docker pull getsentry/sentry-cli:latest; then
     echo "Failed to pull sentry-cli, won't report to Sentry after all."
     export REPORT_SELF_HOSTED_ISSUES=0
-  fi;
-fi;
+  fi
+fi
 
 # Courtesy of https://stackoverflow.com/a/2183063/90297
 trap_with_arg() {
-  func="$1" ; shift
-  for sig ; do
+  func="$1"
+  shift
+  for sig; do
     trap "$func $sig" "$sig"
   done
 }
 
 DID_CLEAN_UP=0
 # the cleanup function will be the exit point
-cleanup () {
+cleanup() {
   local retcode=$?
   local cmd="${BASH_COMMAND}"
   if [[ "$DID_CLEAN_UP" -eq 1 ]]; then
-    return 0;
+    return 0
   fi
   DID_CLEAN_UP=1
   if [[ "$1" != "EXIT" ]]; then
@@ -166,12 +174,12 @@ cleanup () {
     local stack_depth=${#FUNCNAME[@]}
     local traceback=""
     if [ $stack_depth -gt 2 ]; then
-      for ((i=$(($stack_depth - 1)),j=1;i>0;i--,j++)); do
-          local indent="$(yes a | head -$j | tr -d '\n')"
-          local src=${BASH_SOURCE[$i]}
-          local lineno=${BASH_LINENO[$i-1]}
-          local funcname=${FUNCNAME[$i]}
-          printf -v traceback '%s\n' "$traceback${indent//a/-}> $src:$funcname:$lineno"
+      for ((i = $(($stack_depth - 1)), j = 1; i > 0; i--, j++)); do
+        local indent="$(yes a | head -$j | tr -d '\n')"
+        local src=${BASH_SOURCE[$i]}
+        local lineno=${BASH_LINENO[$i - 1]}
+        local funcname=${FUNCNAME[$i]}
+        printf -v traceback '%s\n' "$traceback${indent//a/-}> $src:$funcname:$lineno"
       done
     fi
     echo "$traceback"
@@ -190,7 +198,7 @@ cleanup () {
   fi
 
   if [[ -z "$MINIMIZE_DOWNTIME" ]]; then
-    $dc stop -t $STOP_TIMEOUT &> /dev/null
+    $dc stop -t $STOP_TIMEOUT &>/dev/null
   fi
 }
 

install/generate-secret-key.sh

@@ -1,10 +1,13 @@
 echo "${_group}Generating secret key ..."
 
-if grep -xq "system.secret-key: '!!changeme!!'" $SENTRY_CONFIG_YML ; then
+if grep -xq "system.secret-key: '!!changeme!!'" $SENTRY_CONFIG_YML; then
   # This is to escape the secret key to be used in sed below
   # Note the need to set LC_ALL=C due to BSD tr and sed always trying to decode
   # whatever is passed to them. Kudos to https://stackoverflow.com/a/23584470/90297
-  SECRET_KEY=$(export LC_ALL=C; head /dev/urandom | tr -dc "a-z0-9@#%^&*(-_=+)" | head -c 50 | sed -e 's/[\/&]/\\&/g')
+  SECRET_KEY=$(
+    export LC_ALL=C
+    head /dev/urandom | tr -dc "a-z0-9@#%^&*(-_=+)" | head -c 50 | sed -e 's/[\/&]/\\&/g'
+  )
   sed -i -e 's/^system.secret-key:.*$/system.secret-key: '"'$SECRET_KEY'"'/' $SENTRY_CONFIG_YML
   echo "Secret key written to $SENTRY_CONFIG_YML"
 fi

install/install-wal2json.sh

@@ -5,34 +5,33 @@ ARCH=$(uname -m)
 FILE_NAME="wal2json-Linux-$ARCH-glibc.so"
 
 docker_curl() {
-    # The environment variables can be specified in lower case or upper case.
-    # The lower case version has precedence. http_proxy is an exception as it is only available in lower case.
-    docker run --rm -e http_proxy -e https_proxy -e HTTPS_PROXY -e no_proxy -e NO_PROXY curlimages/curl:7.77.0 "$@"
+  # The environment variables can be specified in lower case or upper case.
+  # The lower case version has precedence. http_proxy is an exception as it is only available in lower case.
+  docker run --rm -e http_proxy -e https_proxy -e HTTPS_PROXY -e no_proxy -e NO_PROXY curlimages/curl:7.77.0 "$@"
 }
 
 if [[ $WAL2JSON_VERSION == "latest" ]]; then
-    VERSION=$(
-        docker_curl https://api.github.com/repos/getsentry/wal2json/releases/latest |
-        grep '"tag_name":' |
-        sed -E 's/.*"([^"]+)".*/\1/'
-    )
+  VERSION=$(
+    docker_curl https://api.github.com/repos/getsentry/wal2json/releases/latest |
+      grep '"tag_name":' |
+      sed -E 's/.*"([^"]+)".*/\1/'
+  )
 
-    if [[ ! $VERSION ]]; then
-        echo "Cannot find wal2json latest version"
-        exit 1
-    fi
+  if [[ ! $VERSION ]]; then
+    echo "Cannot find wal2json latest version"
+    exit 1
+  fi
 else
-    VERSION=$WAL2JSON_VERSION
+  VERSION=$WAL2JSON_VERSION
 fi
 
 mkdir -p ../postgres/wal2json
 if [ ! -f "../postgres/wal2json/$VERSION/$FILE_NAME" ]; then
-    mkdir -p "../postgres/wal2json/$VERSION"
-    docker_curl -L \
-        "https://github.com/getsentry/wal2json/releases/download/$VERSION/$FILE_NAME" \
-        > "../postgres/wal2json/$VERSION/$FILE_NAME"
+  mkdir -p "../postgres/wal2json/$VERSION"
+  docker_curl -L \
+    "https://github.com/getsentry/wal2json/releases/download/$VERSION/$FILE_NAME" \
+    >"../postgres/wal2json/$VERSION/$FILE_NAME"
 fi
 cp "../postgres/wal2json/$VERSION/$FILE_NAME" "$FILE_TO_USE"
 
-
 echo "${_endgroup}"

install/parse-cli.sh

@@ -42,20 +42,30 @@ MINIMIZE_DOWNTIME="${MINIMIZE_DOWNTIME:-}"
 SKIP_COMMIT_CHECK="${SKIP_COMMIT_CHECK:-}"
 REPORT_SELF_HOSTED_ISSUES="${REPORT_SELF_HOSTED_ISSUES:-}"
 
-while (( $# )); do
+while (($#)); do
   case "$1" in
-    -h | --help) show_help; exit;;
-    --no-user-prompt) SKIP_USER_CREATION=1;
-      depwarn "--no-user-prompt flag" "--skip-user-creation";;
-    --skip-user-prompt) SKIP_USER_CREATION=1;
-      depwarn "--skip-user-prompt flag" "--skip-user-creation";;
-    --skip-user-creation) SKIP_USER_CREATION=1;;
-    --minimize-downtime) MINIMIZE_DOWNTIME=1;;
-    --skip-commit-check) SKIP_COMMIT_CHECK=1;;
-    --report-self-hosted-issues) REPORT_SELF_HOSTED_ISSUES=1;;
-    --no-report-self-hosted-issues) REPORT_SELF_HOSTED_ISSUES=0;;
-    --) ;;
-    *) echo "Unexpected argument: $1. Use --help for usage information."; exit 1;;
+  -h | --help)
+    show_help
+    exit
+    ;;
+  --no-user-prompt)
+    SKIP_USER_CREATION=1
+    depwarn "--no-user-prompt flag" "--skip-user-creation"
+    ;;
+  --skip-user-prompt)
+    SKIP_USER_CREATION=1
+    depwarn "--skip-user-prompt flag" "--skip-user-creation"
+    ;;
+  --skip-user-creation) SKIP_USER_CREATION=1 ;;
+  --minimize-downtime) MINIMIZE_DOWNTIME=1 ;;
+  --skip-commit-check) SKIP_COMMIT_CHECK=1 ;;
+  --report-self-hosted-issues) REPORT_SELF_HOSTED_ISSUES=1 ;;
+  --no-report-self-hosted-issues) REPORT_SELF_HOSTED_ISSUES=0 ;;
+  --) ;;
+  *)
+    echo "Unexpected argument: $1. Use --help for usage information."
+    exit 1
+    ;;
   esac
   shift
 done

install/update-docker-images.sh

@@ -9,6 +9,6 @@ echo "${_group}Fetching and updating Docker images ..."
 $dc pull -q --ignore-pull-failures 2>&1 | grep -v -- -self-hosted-local || true
 
 # We may not have the set image on the repo (local images) so allow fails
-docker pull ${SENTRY_IMAGE} || true;
+docker pull ${SENTRY_IMAGE} || true
 
 echo "${_endgroup}"

install/wrap-up.sh

@@ -20,9 +20,9 @@ else
   echo "You're all done! Run the following command to get Sentry running:"
   echo ""
   if [[ "${_ENV}" =~ ".env.custom" ]]; then
-  echo "  $dc_base --env-file ${_ENV} up -d"
+    echo "  $dc_base --env-file ${_ENV} up -d"
   else
-  echo "  $dc_base up -d"
+    echo "  $dc_base up -d"
   fi
   echo ""
   echo "-----------------------------------------------------------------"

integration-test.sh

@@ -12,14 +12,14 @@ echo "Testing initial install"
 ./_integration-test/ensure-customizations-not-present.sh
 
 echo "Make customizations"
-cat <<EOT > sentry/enhance-image.sh
+cat <<EOT >sentry/enhance-image.sh
 #!/bin/bash
 touch /created-by-enhance-image
 apt-get update
 apt-get install -y gcc libsasl2-dev python-dev libldap2-dev libssl-dev
 EOT
 chmod +x sentry/enhance-image.sh
-printf "python-ldap" > sentry/requirements.txt
+printf "python-ldap" >sentry/requirements.txt
 
 echo "Testing in-place upgrade and customizations"
 ./install.sh --minimize-downtime

postgres/init_hba.sh

@@ -4,4 +4,4 @@
 
 set -e
 
-{ echo "host replication all all trust"; } >> "$PGDATA/pg_hba.conf"
+{ echo "host replication all all trust"; } >>"$PGDATA/pg_hba.conf"

postgres/postgres-entrypoint.sh

@@ -13,34 +13,34 @@
 set -e
 
 prep_init_db() {
-    cp /opt/sentry/init_hba.sh /docker-entrypoint-initdb.d/init_hba.sh
+  cp /opt/sentry/init_hba.sh /docker-entrypoint-initdb.d/init_hba.sh
 }
 
 cdc_setup_hba_conf() {
-    # Ensure pg-hba is properly configured to allow connections
-    # to the replication slots.
+  # Ensure pg-hba is properly configured to allow connections
+  # to the replication slots.
 
-    PG_HBA="$PGDATA/pg_hba.conf"
-    if [ ! -f "$PG_HBA" ]; then
-        echo "DB not initialized. Postgres will take care of pg_hba"
-    elif [ "$(grep -c -E "^host\s+replication" "$PGDATA"/pg_hba.conf)" != 0 ]; then
-        echo "Replication config already present in pg_hba. Not changing anything."
-    else
-        # Execute the same script we run on DB initialization
-        /opt/sentry/init_hba.sh
-    fi
+  PG_HBA="$PGDATA/pg_hba.conf"
+  if [ ! -f "$PG_HBA" ]; then
+    echo "DB not initialized. Postgres will take care of pg_hba"
+  elif [ "$(grep -c -E "^host\s+replication" "$PGDATA"/pg_hba.conf)" != 0 ]; then
+    echo "Replication config already present in pg_hba. Not changing anything."
+  else
+    # Execute the same script we run on DB initialization
+    /opt/sentry/init_hba.sh
+  fi
 }
 
 bind_wal2json() {
-    # Copy the file in the right place
-    cp /opt/sentry/wal2json/wal2json.so `pg_config --pkglibdir`/wal2json.so
+  # Copy the file in the right place
+  cp /opt/sentry/wal2json/wal2json.so $(pg_config --pkglibdir)/wal2json.so
 }
 
 echo "Setting up Change Data Capture"
 
 prep_init_db
 if [ "$1" = 'postgres' ]; then
-    cdc_setup_hba_conf
-    bind_wal2json
+  cdc_setup_hba_conf
+  bind_wal2json
 fi
 exec /usr/local/bin/docker-entrypoint.sh "$@"

scripts/bump-version.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 set -eu
 
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 cd $SCRIPT_DIR/..
 
 OLD_VERSION="$1"

scripts/post-release.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 set -eu
 
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 cd $SCRIPT_DIR/..
 
 # Bring master back to nightlies after merge from release branch

unit-test.sh

@@ -2,12 +2,12 @@
 FORCE_CLEAN=1 "$(dirname $0)/clean.sh"
 fail=0
 for test_file in ./_unit-test/*-test.sh; do
-    echo "🙈 Running $test_file ..."
-    $test_file
-    if [ $? != 0 ]; then
-        echo fail 👎
-        fail=1
-    fi
+  echo "🙈 Running $test_file ..."
+  $test_file
+  if [ $? != 0 ]; then
+    echo fail 👎
+    fail=1
+  fi
 done
 
 exit $fail