chore: Partially utilize bash modules to use readonly

modules/akmods/akmods.sh

@@ -1,21 +1,21 @@
 #!/usr/bin/env bash
 set -euo pipefail
 
-ENABLE_MULTIMEDIA_REPO() {
+enable_multimedia_repo() {
   sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_ublue-os-akmods.repo
   sed -i "0,/enabled/ s@enabled=0@enabled=1@g" /etc/yum.repos.d/negativo17-fedora-multimedia.repo
 }
-readonly -f ENABLE_MULTIMEDIA_REPO
+readonly -f enable_multimedia_repo
 
-DISABLE_MULTIMEDIA_REPO() {
+disable_multimedia_repo() {
   sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/negativo17-fedora-multimedia.repo
 }
-readonly -f DISABLE_MULTIMEDIA_REPO
+readonly -f disable_multimedia_repo
 
-SET_HIGHER_PRIORITY_AKMODS_REPO() {
+set_higher_priority_akmods_repo() {
   echo "priority=90" >> /etc/yum.repos.d/_copr_ublue-os-akmods.repo
 }
-readonly -f SET_HIGHER_PRIORITY_AKMODS_REPO
+readonly -f set_higher_priority_akmods_repo
 
 get_yaml_array INSTALL '.install[]' "$1"
 
@@ -26,8 +26,8 @@ readonly INSTALL_STR=$(echo "${INSTALL_PATH[*]}" | tr -d '\n')
 if [[ ${#INSTALL[@]} -gt 0 ]]; then
   echo "Installing akmods"
   echo "Installing: $(echo "${INSTALL[*]}" | tr -d '\n')"
-  SET_HIGHER_PRIORITY_AKMODS_REPO
-  ENABLE_MULTIMEDIA_REPO
+  set_higher_priority_akmods_repo
+  enable_multimedia_repo
   rpm-ostree install ${INSTALL_STR}
-  DISABLE_MULTIMEDIA_REPO
+  disable_multimedia_repo
 fi    

modules/bling/installers/1password.sh

@@ -1,17 +1,17 @@
 #!/usr/bin/env bash
 
-set -ouex pipefail
+set -euxo pipefail
 
 #### Variables
 
 # Can be "beta" or "stable"
-RELEASE_CHANNEL="${ONEPASSWORD_RELEASE_CHANNEL:-stable}"
+readonly RELEASE_CHANNEL="${ONEPASSWORD_RELEASE_CHANNEL:-stable}"
 
 # Must be over 1000
-GID_ONEPASSWORD="${GID_ONEPASSWORD:-1500}"
+readonly GID_ONEPASSWORD="${GID_ONEPASSWORD:-1500}"
 
 # Must be over 1000
-GID_ONEPASSWORDCLI="${GID_ONEPASSWORDCLI:-1600}"
+readonly GID_ONEPASSWORDCLI="${GID_ONEPASSWORDCLI:-1600}"
 
 echo "Installing 1Password"
 
@@ -81,7 +81,7 @@ chmod 4755 /usr/lib/1Password/chrome-sandbox
 
 # BrowserSupport binary needs setgid. This gives no extra permissions to the binary.
 # It only hardens it against environmental tampering.
-BROWSER_SUPPORT_PATH="/usr/lib/1Password/1Password-BrowserSupport"
+readonly BROWSER_SUPPORT_PATH="/usr/lib/1Password/1Password-BrowserSupport"
 
 chgrp "${GID_ONEPASSWORD}" "${BROWSER_SUPPORT_PATH}"
 chmod g+s "${BROWSER_SUPPORT_PATH}"

modules/bling/installers/gnome-vrr.sh

@@ -9,7 +9,7 @@ if [[ $(gnome-shell --version) =~ "46" ]]; then
     exit 1
 fi
 
-REPO_URL="https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-${OS_VERSION}/ublue-os-staging-fedora-${OS_VERSION}.repo"
+readonly REPO_URL="https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-${OS_VERSION}/ublue-os-staging-fedora-${OS_VERSION}.repo"
 
 echo "Downloading repo file ${REPO_URL}"
 curl -fLs --create-dirs "${REPO_URL}" -o "/etc/yum.repos.d/ublue-os-staging.repo"

modules/bling/installers/ublue-update.sh

@@ -6,29 +6,31 @@ set -euo pipefail
 get_config_value() {
     sed -n '/^'"$1"'=/{s/'"$1"'=//;p}' "$2"
 }
+readonly -f get_config_value
 
 set_config_value() {
     CURRENT=$(get_config_value "$1" "$3")
     sed -i 's/'"$1"'='"$CURRENT"'/'"$1"'='"$2"'/g' "$3"
 }
+readonly -f set_config_value
 
 # Check if ublue-os-update-services rpm is installed, these services conflict with ublue-update
 if rpm -q ublue-os-update-services > /dev/null; then
     rpm-ostree override remove ublue-os-update-services
 fi
 
 # Change the conflicting update policy for rpm-ostreed
-RPM_OSTREE_CONFIG="/etc/rpm-ostreed.conf"
+readonly -f RPM_OSTREE_CONFIG="/etc/rpm-ostreed.conf"
 
-if [[ -f "$RPM_OSTREE_CONFIG" ]]; then
-    if [[ $(get_config_value "AutomaticUpdatePolicy" "$RPM_OSTREE_CONFIG") == "stage" ]]; then
-        set_config_value "AutomaticUpdatePolicy" "none" "$RPM_OSTREE_CONFIG"
+if [[ -f "${RPM_OSTREE_CONFIG}" ]]; then
+    if [[ $(get_config_value "AutomaticUpdatePolicy" "${RPM_OSTREE_CONFIG}") == "stage" ]]; then
+        set_config_value "AutomaticUpdatePolicy" "none" "${RPM_OSTREE_CONFIG}"
     fi
 fi
 systemctl disable rpm-ostreed-automatic.timer
 
 # Fetch ublue COPR
-REPO_URL="https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-${OS_VERSION}/ublue-os-staging-fedora-${OS_VERSION}.repo"
+readonly REPO_URL="https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-${OS_VERSION}/ublue-os-staging-fedora-${OS_VERSION}.repo"
 echo "Downloading repo file ${REPO_URL}"
 curl -fLs --create-dirs "${REPO_URL}" -o "/etc/yum.repos.d/ublue-os-staging-fedora-${OS_VERSION}.repo"
 echo "Downloaded repo file ${REPO_URL}"

modules/brew/brew-nofile-limits-logic.sh

@@ -7,11 +7,11 @@ set -euo pipefail
 # (if nofile limit is already applied with appropriate values in the base image, than this tweak is not applied)
 # Modifies limits nofile value & systemd DefaultLimitNOFILE value
 
-DESIRED_SOFT_LIMIT=4096
-DESIRED_HARD_LIMIT=524288
-BREW_LIMITS_D_CONFIG="/etc/security/limits.d/zz1-brew-limits.conf"
-BREW_SYSTEMD_SYSTEM_CONFIG="/usr/lib/systemd/system.conf.d/zz1-brew-limits.conf"
-BREW_SYSTEMD_USER_CONFIG="/usr/lib/systemd/user.conf.d/zz1-brew-limits.conf"
+readonly DESIRED_SOFT_LIMIT=4096
+readonly DESIRED_HARD_LIMIT=524288
+readonly BREW_LIMITS_D_CONFIG="/etc/security/limits.d/zz1-brew-limits.conf"
+readonly BREW_SYSTEMD_SYSTEM_CONFIG="/usr/lib/systemd/system.conf.d/zz1-brew-limits.conf"
+readonly BREW_SYSTEMD_USER_CONFIG="/usr/lib/systemd/user.conf.d/zz1-brew-limits.conf"
 
 # SSH/TTY nofile limit (security ulimit config)
 

modules/brew/brew.sh

@@ -246,8 +246,8 @@ if [[ "${BREW_ANALYTICS}" == false ]]; then
   if [[ ! -f "/etc/environment" ]]; then
     echo "" > "/etc/environment" # touch fails for some reason, probably a bug with it
   fi
-  CURRENT_ENVIRONMENT=$(cat "/etc/environment")
-  CURRENT_HOMEBREW_CONFIG=$(awk -F= '/HOMEBREW_NO_ANALYTICS/ {print $0}' "/etc/environment")
+  readonly CURRENT_ENVIRONMENT=$(cat "/etc/environment")
+  readonly CURRENT_HOMEBREW_CONFIG=$(awk -F= '/HOMEBREW_NO_ANALYTICS/ {print $0}' "/etc/environment")
   if [[ -n "${CURRENT_ENVIRONMENT}" ]]; then
     if [[ "${CURRENT_HOMEBREW_CONFIG}" == "HOMEBREW_NO_ANALYTICS=0" ]]; then
       echo "Disabling Brew analytics"  

modules/chezmoi/chezmoi.sh

@@ -16,7 +16,7 @@ if [[ $DEBUG == true ]]; then
 fi
 
 # The repository with your chezmoi dotfiles. (default: null)
-DOTFILE_REPOSITORY=$(echo "$1" | yq -I=0 ".repository") # (string)
+readonly DOTFILE_REPOSITORY=$(echo "$1" | yq -I=0 ".repository") # (string)
 
 # If true, chezmoi services will be enabled for all logged in users, and users with lingering enabled. (default: true)
 # If false, chezmoi services will not be enabled for any users, but can be enabled manually, after installation.

modules/gnome-extensions/gnome-extensions.sh

@@ -28,9 +28,9 @@ else
 fi  
 
 
-GNOME_VER=$(gnome-shell --version | sed 's/[^0-9]*\([0-9]*\).*/\1/')
+readonly GNOME_VER=$(gnome-shell --version | sed 's/[^0-9]*\([0-9]*\).*/\1/')
 echo "Gnome version: ${GNOME_VER}"
-LEGACY=false
+legacy=false
 
 # Legacy support for installing extensions, to retain compatibility with legacy configs
 if [[ ${#INSTALL[@]} -gt 0 ]]; then
@@ -41,7 +41,7 @@ if [[ ${#INSTALL[@]} -gt 0 ]]; then
       if [[ ! "${EXTENSION}" == *".v"*([0-9]) ]]; then
         break
       else
-        LEGACY=true
+        legacy=true
       fi
       shopt -u extglob
       echo "ATTENTION: This is the legacy method of installing extensions."
@@ -129,7 +129,7 @@ if [[ ${#INSTALL[@]} -gt 0 ]]; then
 fi
 
 # New method of installing extensions
-if [[ ${#INSTALL[@]} -gt 0 ]] && ! "${LEGACY}"; then
+if [[ ${#INSTALL[@]} -gt 0 ]] && ! "${legacy}"; then
   for INSTALL_EXT in "${INSTALL[@]}"; do
       if [[ ! "${INSTALL_EXT}" =~ ^[0-9]+$ ]]; then
         # Literal-name extension config

modules/gschema-overrides/gschema-overrides.sh

@@ -4,9 +4,9 @@ set -euo pipefail
 
 get_yaml_array INCLUDE '.include[]' "$1"
 
-schema_include_location="${CONFIG_DIRECTORY}/gschema-overrides"
-schema_test_location="/tmp/bluebuild-schema-test"
-schema_location="/usr/share/glib-2.0/schemas"
+readonly SCHEMA_INCLUDE_LOCATION="${CONFIG_DIRECTORY}/gschema-overrides"
+readonly SCHEMA_TEST_LOCATION="/tmp/bluebuild-schema-test"
+readonly SCHEMA_LOCATION="/usr/share/glib-2.0/schemas"
 gschema_extension=false
 
 echo "Installing gschema-overrides module"
@@ -20,7 +20,7 @@ fi
 # Abort build if included file does not have .gschema.override extension
 if [[ ${#INCLUDE[@]} -gt 0 ]]; then
   for file in "${INCLUDE[@]}"; do
-    if [[ "$file" == *.gschema.override ]]; then
+    if [[ "${file}" == *.gschema.override ]]; then
       gschema_extension=true
     else  
       echo "Module failed because included files in module don't have .gschema.override extension."
@@ -33,20 +33,20 @@ fi
 if [[ ${#INCLUDE[@]} -gt 0 ]] && $gschema_extension; then
   printf "Applying the following gschema-overrides:\n"
   for file in "${INCLUDE[@]}"; do
-    printf "%s\n" "$file"
+    printf "%s\n" "${file}"
   done
-  mkdir -p "$schema_test_location" "$schema_location"
-  find "$schema_location" -type f ! -name "*.gschema.override" -exec cp {} "$schema_test_location" \;
+  mkdir -p "${SCHEMA_TEST_LOCATION}" "${SCHEMA_LOCATION}"
+  find "${SCHEMA_LOCATION}" -type f ! -name "*.gschema.override" -exec cp {} "${SCHEMA_TEST_LOCATION}" \;
   for file in "${INCLUDE[@]}"; do
-    file_path="${schema_include_location}/${file}"
-    cp "$file_path" "$schema_test_location"
+    file_path="${SCHEMA_INCLUDE_LOCATION}/${file}"
+    cp "${file_path}" "${SCHEMA_TEST_LOCATION}"
   done
   echo "Running error-checking test for your gschema-overrides. If test fails, build also fails."
-  glib-compile-schemas --strict "$schema_test_location"
+  glib-compile-schemas --strict "${SCHEMA_TEST_LOCATION}"
   echo "Compiling gschema to include your changes with gschema-override"
   for file in "${INCLUDE[@]}"; do
-    file_path="${schema_test_location}/${file}"
-    cp "$file_path" "$schema_location"
+    file_path="${SCHEMA_TEST_LOCATION}/${file}"
+    cp "${file_path}" "${SCHEMA_LOCATION}"
   done  
-  glib-compile-schemas "$schema_location" &>/dev/null
+  glib-compile-schemas "${SCHEMA_LOCATION}" &>/dev/null
 fi