Merge pull request #70 from cisagov/bugfix/correct-quotes

Correct quotes in shell script

README.md

@@ -32,7 +32,7 @@ expects the secrets in a different location.
 To run the `cisagov/scanner` image via Docker:
 
 ```console
-docker run cisagov/scanner:1.3.1
+docker run cisagov/scanner:1.3.2
 ```
 
 ### Running with Docker Compose ###
@@ -45,7 +45,7 @@ docker run cisagov/scanner:1.3.1
 
     services:
       scanner:
-        image: cisagov/scanner:1.3.1
+        image: cisagov/scanner:1.3.2
         volumes:
           - type: bind
             source: <your_log_dir>
@@ -89,7 +89,7 @@ environment variables.  See the
 
     services:
       scanner:
-        image: cisagov/scanner:1.3.1
+        image: cisagov/scanner:1.3.2
         volumes:
           - type: bind
             source: <your_log_dir>
@@ -126,7 +126,7 @@ environment variables.  See the
 1. Pull the new image:
 
     ```console
-    docker pull cisagov/scanner:1.3.1
+    docker pull cisagov/scanner:1.3.2
     ```
 
 1. Recreate and run the container by following the [previous instructions](#running-with-docker).
@@ -136,11 +136,11 @@ environment variables.  See the
 The images of this container are tagged with [semantic
 versions](https://semver.org) of the underlying example project that they
 containerize.  It is recommended that most users use a version tag (e.g.
-`:1.3.1`).
+`:1.3.2`).
 
 | Image:tag | Description |
 |-----------|-------------|
-|`cisagov/scanner:1.3.1`| An exact release version. |
+|`cisagov/scanner:1.3.2`| An exact release version. |
 |`cisagov/scanner:1.3`| The most recent release matching the major and minor version numbers. |
 |`cisagov/scanner:1`| The most recent release matching the major version number. |
 |`cisagov/scanner:edge` | The most recent image built from a merge into the `develop` branch of this repository. |
@@ -200,8 +200,8 @@ Build the image locally using this git repository as the [build context](https:/
 
 ```console
 docker build \
-  --build-arg VERSION=1.3.1 \
-  --tag cisagov/scanner:1.3.1 \
+  --build-arg VERSION=1.3.2 \
+  --tag cisagov/scanner:1.3.2 \
   https://github.com/cisagov/scanner.git#develop
 ```
 
@@ -231,9 +231,9 @@ Docker:
     docker buildx build \
       --file Dockerfile-x \
       --platform linux/amd64 \
-      --build-arg VERSION=1.3.1 \
+      --build-arg VERSION=1.3.2 \
       --output type=docker \
-      --tag cisagov/scanner:1.3.1 .
+      --tag cisagov/scanner:1.3.2 .
     ```
 
 ## Contributing ##

src/scan.sh

@@ -1,22 +1,22 @@
 #!/bin/bash
 
-SHARED_DIR=${CISA_HOME}/shared
+SHARED_DIR="${CISA_HOME}"/shared
 
-echo "Creating artifacts folder..."
-mkdir -p "${SHARED_DIR}/artifacts/"
+echo Creating artifacts folder...
+mkdir -p "${SHARED_DIR}"/artifacts/
 
-echo "Waiting for gatherer"
+echo Waiting for gatherer
 while [ "$(redis-cli -h redis get gathering_complete)" != "true" ]; do
   sleep 5
 done
-echo "Gatherer finished"
+echo Gatherer finished
 
 # No longer needed
 redis-cli -h orchestrator_redis_1 del gathering_complete
 
 # Run the https-scan scan
-echo "Running domain-scan scan"
-cd "${SHARED_DIR}/artifacts/" || exit
+echo Running domain-scan scan
+cd "${SHARED_DIR}"/artifacts/ || exit
 # We run the three scans separately because we want to reduce the
 # concurrency for trustymail scans.  This is to avoid a situation
 # where DNS queries are too high a rate (more than 1024
@@ -30,7 +30,7 @@ cd "${SHARED_DIR}/artifacts/" || exit
 # See this link for an explanation as to why the VPC DNS limitation
 # was not initially a concern:
 # https://aws.amazon.com/blogs/compute/announcing-improved-vpc-networking-for-aws-lambda-functions/
-"${CISA_HOME}/domain-scan/scan" "${SHARED_DIR}/artifacts/scanme.csv" \
+"${CISA_HOME}"/domain-scan/scan "${SHARED_DIR}"/artifacts/scanme.csv \
   --scan=pshtt \
   --lambda \
   --lambda-retries=1 \
@@ -40,8 +40,8 @@ cd "${SHARED_DIR}/artifacts/" || exit
   --workers=40
 # This file would get deleted when we rerun domain-scan/scan if it
 # stayed where it is
-mv "${SHARED_DIR}/artifacts/results/pshtt.csv" "${SHARED_DIR}/artifacts"
-"${CISA_HOME}/domain-scan/scan" "${SHARED_DIR}/artifacts/scanme.csv" \
+mv "${SHARED_DIR}"/artifacts/results/pshtt.csv "${SHARED_DIR}"/artifacts
+"${CISA_HOME}"/domain-scan/scan "${SHARED_DIR}"/artifacts/scanme.csv \
   --scan=trustymail \
   --lambda \
   --lambda-retries=1 \
@@ -52,8 +52,8 @@ mv "${SHARED_DIR}/artifacts/results/pshtt.csv" "${SHARED_DIR}/artifacts"
   --smtp-localhost=ec2-100-27-42-254.compute-1.amazonaws.com
 # This file would get deleted when we rerun domain-scan/scan if it
 # stayed where it is
-mv "${SHARED_DIR}/artifacts/results/trustymail.csv" "${SHARED_DIR}/artifacts"
-"${CISA_HOME}/domain-scan/scan" "${SHARED_DIR}/artifacts/scanme.csv" \
+mv "${SHARED_DIR}"/artifacts/results/trustymail.csv "${SHARED_DIR}"/artifacts
+"${CISA_HOME}"/domain-scan/scan "${SHARED_DIR}"/artifacts/scanme.csv \
   --scan=sslyze \
   --lambda \
   --lambda-retries=1 \
@@ -62,7 +62,10 @@ mv "${SHARED_DIR}/artifacts/results/trustymail.csv" "${SHARED_DIR}/artifacts"
   --cache \
   --workers=40
 # Restore the files that we had temporarily copied to a safe place
-mv "${SHARED_DIR}/artifacts/{pshtt,trustymail}.csv" "${SHARED_DIR}/artifacts/results"
+#
+# Note that we cannot wrap {pshtt,trustymail} in double quotes, since
+# that would force the braces to be interpreted as literals.
+mv "${SHARED_DIR}"/artifacts/{pshtt,trustymail}.csv "${SHARED_DIR}"/artifacts/results
 
 # Let redis know we're done
 redis-cli -h redis set scanning_complete true

src/version.txt

@@ -1 +1 @@
-__version__ = "1.3.1"
+__version__ = "1.3.2"