From 64c3de4203bccecfd9d13f86e52822b37e98028a Mon Sep 17 00:00:00 2001
From: Muhammad Atif Ali <me@matifali.dev>
Date: Tue, 13 Feb 2024 12:18:53 +0300
Subject: [PATCH] review suggestions

---
 vault-token/run.sh | 100 +++++++++++++++++++++++++--------------------
 1 file changed, 55 insertions(+), 45 deletions(-)

diff --git a/vault-token/run.sh b/vault-token/run.sh
index f9ecf90..4d0da44 100644
--- a/vault-token/run.sh
+++ b/vault-token/run.sh
@@ -14,67 +14,77 @@ fetch() {
     busybox wget -O "$${dest}" "$${url}"
   else
     printf "curl, wget, or busybox is not installed. Please install curl or wget in your image.\n"
-    exit 1
+    return 1
   fi
 }
 
-unzip() {
+unzip_safe() {
   if command -v unzip > /dev/null 2>&1; then
     command unzip "$@"
   elif command -v busybox > /dev/null 2>&1; then
     busybox unzip "$@"
   else
     printf "unzip or busybox is not installed. Please install unzip in your image.\n"
-    exit 1
+    return 1
   fi
 }
 
-# Fetch the latest version of Vault if INSTALL_VERSION is 'latest'
-if [ "$${INSTALL_VERSION}" = "latest" ]; then
-  LATEST_VERSION=$(curl -s https://releases.hashicorp.com/vault/ | grep -oP 'vault/\K[0-9]+\.[0-9]+\.[0-9]+' | sort -V | tail -n 1)
-  printf "Latest version of Vault is %s.\n\n" "$${LATEST_VERSION}"
-  if [ -z "$${LATEST_VERSION}" ]; then
-    printf "Failed to determine the latest Vault version.\n"
-    exit 1
+install() {
+  # Fetch the latest version of Vault if INSTALL_VERSION is 'latest'
+  if [ "$${INSTALL_VERSION}" = "latest" ]; then
+    LATEST_VERSION=$(curl -s https://releases.hashicorp.com/vault/ | grep -oP 'vault/\K[0-9]+\.[0-9]+\.[0-9]+' | sort -V | tail -n 1)
+    printf "Latest version of Vault is %s.\n\n" "$${LATEST_VERSION}"
+    if [ -z "$${LATEST_VERSION}" ]; then
+      printf "Failed to determine the latest Vault version.\n"
+      return 1
+    fi
+    INSTALL_VERSION=$${LATEST_VERSION}
   fi
-  INSTALL_VERSION=$${LATEST_VERSION}
-fi
 
-# Check if the vault CLI is installed and has the correct version
-installation_needed=1
-if command -v vault > /dev/null 2>&1; then
-  CURRENT_VERSION=$(vault version | grep -oE '[0-9]+\.[0-9]+\.[0-9]+')
-  if [ "$${CURRENT_VERSION}" = "$${INSTALL_VERSION}" ]; then
-    printf "Vault version %s is already installed and up-to-date.\n\n" "$${CURRENT_VERSION}"
-    installation_needed=0
+  # Check if the vault CLI is installed and has the correct version
+  installation_needed=1
+  if command -v vault > /dev/null 2>&1; then
+    CURRENT_VERSION=$(vault version | grep -oE '[0-9]+\.[0-9]+\.[0-9]+')
+    if [ "$${CURRENT_VERSION}" = "$${INSTALL_VERSION}" ]; then
+      printf "Vault version %s is already installed and up-to-date.\n\n" "$${CURRENT_VERSION}"
+      installation_needed=0
+    fi
   fi
-fi
 
-if [ $${installation_needed} -eq 1 ]; then
-  # Download and install Vault
-  if [ -z "$${CURRENT_VERSION}" ]; then
-    printf "Installing Vault CLI ...\n\n"
-  else
-    printf "Upgrading Vault CLI from version %s to %s ...\n\n" "$${CURRENT_VERSION}" "$${INSTALL_VERSION}"
-  fi
-  fetch vault.zip "https://releases.hashicorp.com/vault/$${INSTALL_VERSION}/vault_$${INSTALL_VERSION}_linux_amd64.zip"
-  if [ $? -ne 0 ]; then
-    printf "Failed to download Vault.\n"
-    exit 1
-  fi
-  if ! unzip vault.zip; then
-    printf "Failed to unzip Vault.\n"
-    exit 1
-  fi
-  rm vault.zip
-  if sudo mv vault /usr/local/bin/vault 2> /dev/null; then
-    printf "Vault installed successfully!\n\n"
-  else
-    mkdir -p ~/.local/bin
-    if ! mv vault ~/.local/bin/vault; then
-      printf "Failed to move Vault to local bin.\n"
-      exit 1
+  if [ $${installation_needed} -eq 1 ]; then
+    # Download and install Vault
+    if [ -z "$${CURRENT_VERSION}" ]; then
+      printf "Installing Vault CLI ...\n\n"
+    else
+      printf "Upgrading Vault CLI from version %s to %s ...\n\n" "$${CURRENT_VERSION}" "${INSTALL_VERSION}"
+    fi
+    fetch vault.zip "https://releases.hashicorp.com/vault/$${INSTALL_VERSION}/vault_$${INSTALL_VERSION}_linux_amd64.zip"
+    if [ $? -ne 0 ]; then
+      printf "Failed to download Vault.\n"
+      return 1
+    fi
+    if ! unzip_safe vault.zip; then
+      printf "Failed to unzip Vault.\n"
+      return 1
+    fi
+    rm vault.zip
+    if sudo mv vault /usr/local/bin/vault 2> /dev/null; then
+      printf "Vault installed successfully!\n\n"
+    else
+      mkdir -p ~/.local/bin
+      if ! mv vault ~/.local/bin/vault; then
+        printf "Failed to move Vault to local bin.\n"
+        return 1
+      fi
+      printf "Please add ~/.local/bin to your PATH to use vault CLI.\n"
     fi
-    printf "Please add ~/.local/bin to your PATH to use vault CLI.\n"
   fi
+}
+
+TMP=$(mktemp -d)
+pushd "${TMP}" > /dev/null
+if ! install; then
+  printf "Installation failed\n"
 fi
+popd > /dev/null
+rm -rf "${TMP}"