Cleanup: Fix weird conditional statement syntax

Author: gw0

Dockerfile

@@ -17,7 +17,7 @@ ARG DEBUG_BUILD="0"
 ENV DO_DEBUG_BUILD="$DEBUG_BUILD"
 
 # Build mitmproxy via pip. This is heavy, takes minutes do build and creates a 90mb+ layer. Oh well.
-RUN [[ "a$DO_DEBUG_BUILD" == "a1" ]] && { echo "Debug build ENABLED." \
+RUN [ "$DO_DEBUG_BUILD" = "1" ] && { echo "Debug build ENABLED." \
  && apk add --no-cache --update su-exec git g++ libffi libffi-dev libstdc++ openssl-dev python3 python3-dev py3-pip py3-wheel py3-six py3-idna py3-certifi py3-setuptools \
  && LDFLAGS=-L/lib pip install mitmproxy==5.2 \
  && apk del --purge git g++ libffi-dev openssl-dev python3-dev py3-pip py3-wheel \
@@ -28,7 +28,7 @@ RUN [[ "a$DO_DEBUG_BUILD" == "a1" ]] && { echo "Debug build ENABLED." \
 ENV LANG=en_US.UTF-8
 
 # Check the installed mitmproxy version, if built.
-RUN [[ "a$DO_DEBUG_BUILD" == "a1" ]] && { mitmproxy --version && mitmweb --version ; } || { echo "Debug build disabled."; }
+RUN [ "$DO_DEBUG_BUILD" = "1" ] && { mitmproxy --version && mitmweb --version ; } || { echo "Debug build disabled."; }
 
 # Create the cache directory and CA directory
 RUN mkdir -p /docker_mirror_cache /ca

entrypoint.sh

@@ -5,7 +5,7 @@ trap "echo TRAPed signal" HUP INT QUIT TERM
 
 #configure nginx DNS settings to match host, why must we do that nginx?
 export RESOLVERS=$(awk '$1 == "nameserver" {print ($2 ~ ":")? "["$2"]": $2}' ORS=' ' /etc/resolv.conf | sed 's/ *$//g')
-if [ "x$RESOLVERS" = "x" ]; then
+if [ -z "$RESOLVERS" ]; then
     echo "Warning: unable to determine DNS resolvers for nginx" >&2
     exit 66
 fi
@@ -20,7 +20,7 @@ done
 
 echo "Final chosen resolver: $conf"
 confpath=/etc/nginx/resolvers.conf
-if [ ! -e $confpath ] || [ "$conf" != "$(cat $confpath)" ]
+if [ ! -e "$confpath" ] || [ "$conf" != "$(cat "$confpath")" ]
 then
     echo "Using auto-determined resolver '$conf' via '$confpath'"
     echo "$conf" > $confpath
@@ -55,7 +55,7 @@ echo -n "" > /etc/nginx/docker.targetHost.map
 echo -n "" > /etc/nginx/docker.auth.map
 
 # Only configure auth registries if the env var contains values
-if [ "$AUTH_REGISTRIES" ]; then
+if [ -n "$AUTH_REGISTRIES" ]; then
     # Ref: https://stackoverflow.com/a/47633817/219530
     AUTH_REGISTRIES_DELIMITER=${AUTH_REGISTRIES_DELIMITER:-" "}
     s=$AUTH_REGISTRIES$AUTH_REGISTRIES_DELIMITER
@@ -94,67 +94,66 @@ echo "proxy_cache_path /docker_mirror_cache levels=1:2 max_size=$CACHE_MAX_SIZE
 # Manifest caching configuration. We generate config based on the environment vars.
 echo -n "" >/etc/nginx/nginx.manifest.caching.config.conf
 
-[[ "a${ENABLE_MANIFEST_CACHE}" == "atrue" ]] && [[ "a${MANIFEST_CACHE_PRIMARY_REGEX}" != "a" ]] && cat <<EOD >>/etc/nginx/nginx.manifest.caching.config.conf
+if [ "${ENABLE_MANIFEST_CACHE}" = "true" ]; then
+    [ -n "${MANIFEST_CACHE_PRIMARY_REGEX}" ] && cat <<EOF >>/etc/nginx/nginx.manifest.caching.config.conf
     # First tier caching of manifests; configure via MANIFEST_CACHE_PRIMARY_REGEX and MANIFEST_CACHE_PRIMARY_TIME
     location ~ ^/v2/(.*)/manifests/${MANIFEST_CACHE_PRIMARY_REGEX} {
         set \$docker_proxy_request_type "manifest-primary";
         proxy_cache_valid ${MANIFEST_CACHE_PRIMARY_TIME};
         include "/etc/nginx/nginx.manifest.stale.conf";
     }
-EOD
-
-[[ "a${ENABLE_MANIFEST_CACHE}" == "atrue" ]] && [[ "a${MANIFEST_CACHE_SECONDARY_REGEX}" != "a" ]] && cat <<EOD >>/etc/nginx/nginx.manifest.caching.config.conf
+EOF
+    [ -n "${MANIFEST_CACHE_SECONDARY_REGEX}" ] && cat <<EOF >>/etc/nginx/nginx.manifest.caching.config.conf
     # Secondary tier caching of manifests; configure via MANIFEST_CACHE_SECONDARY_REGEX and MANIFEST_CACHE_SECONDARY_TIME
     location ~ ^/v2/(.*)/manifests/${MANIFEST_CACHE_SECONDARY_REGEX} {
         set \$docker_proxy_request_type "manifest-secondary";
         proxy_cache_valid ${MANIFEST_CACHE_SECONDARY_TIME};
         include "/etc/nginx/nginx.manifest.stale.conf";
     }
-EOD
-
-[[ "a${ENABLE_MANIFEST_CACHE}" == "atrue" ]] && cat <<EOD >>/etc/nginx/nginx.manifest.caching.config.conf
+EOF
+    cat <<EOF >>/etc/nginx/nginx.manifest.caching.config.conf
     # Default tier caching for manifests. Caches for ${MANIFEST_CACHE_DEFAULT_TIME} (from MANIFEST_CACHE_DEFAULT_TIME)
     location ~ ^/v2/(.*)/manifests/ {
         set \$docker_proxy_request_type "manifest-default";
         proxy_cache_valid ${MANIFEST_CACHE_DEFAULT_TIME};
         include "/etc/nginx/nginx.manifest.stale.conf";
     }
-EOD
-
-[[ "a${ENABLE_MANIFEST_CACHE}" != "atrue" ]] && cat <<EOD >>/etc/nginx/nginx.manifest.caching.config.conf
+EOF
+else
+    cat <<EOF >>/etc/nginx/nginx.manifest.caching.config.conf
     # Manifest caching is disabled. Enable it with ENABLE_MANIFEST_CACHE=true
     location ~ ^/v2/(.*)/manifests/ {
         set \$docker_proxy_request_type "manifest-default-disabled";
         proxy_cache_valid 0s;
         include "/etc/nginx/nginx.manifest.stale.conf";
     }
-EOD
+EOF
+fi
 
 echo -e "\nManifest caching config: ---\n"
 cat /etc/nginx/nginx.manifest.caching.config.conf
 echo "---"
 
-if [[ "a${ALLOW_OWN_AUTH}" == "atrue" ]]; then
-    cat << 'EOF' > /etc/nginx/conf.d/allowed_override_auth.conf
+echo -n "" > /etc/nginx/conf.d/allowed_override_auth.conf
+if [ "${ALLOW_OWN_AUTH}" = "true" ]; then
+    cat <<'EOF' > /etc/nginx/conf.d/allowed_override_auth.conf
     if ($http_authorization != "") {
         # override with own authentication if provided
         set $finalAuth $http_authorization;
     }
 EOF
-else
-    echo '' > /etc/nginx/conf.d/allowed_override_auth.conf
 fi
 
-if [[ "a${ALLOW_PUSH}" == "atrue" ]]; then
+if [ "${ALLOW_PUSH}" = "true" ]; then
     cat <<EOF > /etc/nginx/conf.d/allowed.methods.conf
     # allow to upload big layers
     client_max_body_size 0;
 
     # only cache GET requests
     proxy_cache_methods GET;
 EOF
-elif [[ "a${ALLOW_PUSH_WITH_OWN_AUTH}" == "atrue" ]]; then
-    cat << 'EOF' > /etc/nginx/conf.d/allowed.methods.conf
+elif [ "${ALLOW_PUSH_WITH_OWN_AUTH}" = "true" ]; then
+    cat <<'EOF' > /etc/nginx/conf.d/allowed.methods.conf
     # Block POST/PUT/DELETE if own authentication is not provided.
     set $combined_ha_rm "$http_authorization$request_method";
     if ($combined_ha_rm = POST) {
@@ -196,8 +195,8 @@ fi
 # normally use non-debug version of nginx
 NGINX_BIN="/usr/sbin/nginx"
 
-if [[ "a${DEBUG}" == "atrue" ]]; then
-  if [[ ! -f /usr/bin/mitmweb ]]; then
+if [ "${DEBUG}" = "true" ]; then
+  if [ ! -f /usr/bin/mitmweb ]; then
     echo "To debug, you need the -debug version of this image, eg: :latest-debug"
     exit 3
   fi
@@ -215,8 +214,8 @@ if [[ "a${DEBUG}" == "atrue" ]]; then
   echo "Access mitmweb via http://127.0.0.1:8081/ "
 fi
 
-if [[ "a${DEBUG_HUB}" == "atrue" ]]; then
-  if [[ ! -f /usr/bin/mitmweb ]]; then
+if [ "${DEBUG_HUB}" = "true" ]; then
+  if [ ! -f /usr/bin/mitmweb ]; then
     echo "To debug, you need the -debug version of this image, eg: :latest-debug"
     exit 3
   fi
@@ -238,8 +237,8 @@ if [[ "a${DEBUG_HUB}" == "atrue" ]]; then
   echo "Access mitmweb for outgoing DockerHub requests via http://127.0.0.1:8082/ "
 fi
 
-if [[ "a${DEBUG_NGINX}" == "atrue" ]]; then
-  if [[ ! -f /usr/sbin/nginx-debug ]]; then
+if [ "${DEBUG_NGINX}" = "true" ]; then
+  if [ ! -f /usr/sbin/nginx-debug ]; then
     echo "To debug, you need the -debug version of this image, eg: :latest-debug"
     exit 4
   fi
@@ -252,8 +251,8 @@ fi
 
 
 # Timeout configurations
-echo "" > /etc/nginx/nginx.timeouts.config.conf
-cat <<EOD >>/etc/nginx/nginx.timeouts.config.conf
+echo -n "" > /etc/nginx/nginx.timeouts.config.conf
+cat <<EOF >>/etc/nginx/nginx.timeouts.config.conf
   # Timeouts
 
   # ngx_http_core_module
@@ -271,23 +270,23 @@ cat <<EOD >>/etc/nginx/nginx.timeouts.config.conf
   proxy_connect_read_timeout ${PROXY_CONNECT_READ_TIMEOUT};
   proxy_connect_connect_timeout ${PROXY_CONNECT_CONNECT_TIMEOUT};
   proxy_connect_send_timeout ${PROXY_CONNECT_SEND_TIMEOUT};
-EOD
+EOF
 
 echo -e "\nTimeout configs: ---"
 cat /etc/nginx/nginx.timeouts.config.conf
 echo -e "---\n"
 
 # Upstream SSL verification.
-echo "" > /etc/nginx/docker.verify.ssl.conf
-if [[ "a${VERIFY_SSL}" == "atrue" ]]; then
-    cat << EOD > /etc/nginx/docker.verify.ssl.conf
+echo -n "" > /etc/nginx/docker.verify.ssl.conf
+if [ "${VERIFY_SSL}" = "true" ]; then
+    cat <<EOF > /etc/nginx/docker.verify.ssl.conf
     # We actually wanna be secure and avoid mitm attacks.
     # Fitting, since this whole thing is a mitm...
     # We'll accept any cert signed by a CA trusted by Mozilla (ca-certificates-bundle in alpine)
     proxy_ssl_verify on;
     proxy_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
     proxy_ssl_verify_depth 2;
-EOD
+EOF
     echo "Upstream SSL certificate verification enabled."
 else
     echo "Upstream SSL certificate verification is DISABLED."