Example gh action

[ceelias]

Just made a random change to show what the github actions looks like when it runs into issues. it creates a commnent that shows what the issues are and also how they can be fixed. This doesn't block the merge and can ultimately be ignored

[github-actions]

sh-checker report

To get the full details, please check in the job output.

shellcheck errors

'shellcheck -e SC1004' returned error 1 finding the following syntactical issues:

----------

In bin/common.sh line 1:
# Copyright © 2021, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
^-- SC2148 (error): Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.


In bin/common.sh line 20:
         extract_trap_cmd() { printf '%s\n' "$3"; }
                              ^----------------^ SC2317 (info): Command appears to be unreachable. Check usage (or ignore if invoked indirectly).


In bin/common.sh line 29:
      log_error "Exiting script [`basename $0`] due to an error executing the command [$BASH_COMMAND]."
                                 ^-----------^ SC2006 (style): Use $(...) notation instead of legacy backticks `...`.
                                           ^-- SC2086 (info): Double quote to prevent globbing and word splitting.

Did you mean: 
      log_error "Exiting script [$(basename "$0")] due to an error executing the command [$BASH_COMMAND]."


In bin/common.sh line 31:
      log_debug "Trap [ERR] triggered in [`basename $0`] while executing the command [$BASH_COMMAND]."
                                          ^-----------^ SC2006 (style): Use $(...) notation instead of legacy backticks `...`.
                                                    ^-- SC2086 (info): Double quote to prevent globbing and word splitting.

Did you mean: 
      log_debug "Trap [ERR] triggered in [$(basename "$0")] while executing the command [$BASH_COMMAND]."


In bin/common.sh line 40:
    source bin/colors-include.sh
           ^-------------------^ SC1091 (info): Not following: bin/colors-include.sh was not specified as input (see shellcheck -x).


In bin/common.sh line 41:
    source bin/log-include.sh
           ^----------------^ SC1091 (info): Not following: bin/log-include.sh was not specified as input (see shellcheck -x).


In bin/common.sh line 42:
    source bin/openshift-include.sh
           ^----------------------^ SC1091 (info): Not following: bin/openshift-include.sh was not specified as input (see shellcheck -x).


In bin/common.sh line 44:
    if [ ! $(which sha256sum) ]; then
           ^----------------^ SC2046 (warning): Quote this to prevent word splitting.


In bin/common.sh line 57:
            export $userEnv
                   ^------^ SC2163 (warning): This does not export 'userEnv'. Remove $/${} for that, or use ${var?} to quiet.
                   ^------^ SC2086 (info): Double quote to prevent globbing and word splitting.

Did you mean: 
            export "$userEnv"


In bin/common.sh line 69:
      export USER_DIR=$(cd "$(dirname "$USER_DIR")"; pwd)/$(basename "$USER_DIR")
             ^------^ SC2155 (warning): Declare and assign separately to avoid masking return values.
                        ^-------------------------^ SC2164 (warning): Use 'cd ... || exit' or 'cd ... || return' in case cd fails.

Did you mean: 
      export USER_DIR=$(cd "$(dirname "$USER_DIR")" || exit; pwd)/$(basename "$USER_DIR")


In bin/common.sh line 72:
        userEnv=$(grep -v '^[[:blank:]]*$' $USER_DIR/user.env | grep -v '^#' | xargs)
                                           ^-------^ SC2086 (info): Double quote to prevent globbing and word splitting.

Did you mean: 
        userEnv=$(grep -v '^[[:blank:]]*$' "$USER_DIR"/user.env | grep -v '^#' | xargs)


In bin/common.sh line 76:
            export $userEnv
                   ^------^ SC2163 (warning): This does not export 'userEnv'. Remove $/${} for that, or use ${var?} to quiet.
                   ^------^ SC2086 (info): Double quote to prevent globbing and word splitting.

Did you mean: 
            export "$userEnv"


In bin/common.sh line 88:
       source bin/helm-include.sh
              ^-----------------^ SC1091 (info): Not following: bin/helm-include.sh was not specified as input (see shellcheck -x).


In bin/common.sh line 94:
       source bin/kube-include.sh
              ^-----------------^ SC1091 (info): Not following: bin/kube-include.sh was not specified as input (see shellcheck -x).


In bin/common.sh line 121:
    export TMP_DIR=$(mktemp -d -t sas.mon.XXXXXXXX)
           ^-----^ SC2155 (warning): Declare and assign separately to avoid masking return values.


In bin/common.sh line 127:
    echo "# This file intentionally empty" > $TMP_DIR/empty.yaml
                                             ^------^ SC2086 (info): Double quote to prevent globbing and word splitting.

Did you mean: 
    echo "# This file intentionally empty" > "$TMP_DIR"/empty.yaml


In bin/common.sh line 177:
      for n in ${reservedNames[@]}; do
               ^-----------------^ SC2068 (error): Double quote array expansions to avoid re-splitting elements.


In bin/common.sh line 218:
      kubectl -n $ns patch serviceAccount $sa_name -p '{"automountServiceAccountToken":false}'
                 ^-^ SC2086 (info): Double quote to prevent globbing and word splitting.
                                          ^------^ SC2086 (info): Double quote to prevent globbing and word splitting.

Did you mean: 
      kubectl -n "$ns" patch serviceAccount "$sa_name" -p '{"automountServiceAccountToken":false}'


In bin/common.sh line 239:
        kubectl -n $ns patch $resource_type  $resource_name -p '{"spec": {"template": {"spec": {"automountServiceAccountToken":true}}}}'
                   ^-^ SC2086 (info): Double quote to prevent globbing and word splitting.
                             ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
                                             ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.

Did you mean: 
        kubectl -n "$ns" patch "$resource_type"  "$resource_name" -p '{"spec": {"template": {"spec": {"automountServiceAccountToken":true}}}}'

For more information:
  https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ...
  https://www.shellcheck.net/wiki/SC2148 -- Tips depend on target shell and y...
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
----------

You can address the above issues in one of three ways:
1. Manually correct the issue in the offending shell script;
2. Disable specific issues by adding the comment:
  # shellcheck disable=NNNN
above the line that contains the issue, where NNNN is the error code;
3. Add '-e NNNN' to the SHELLCHECK_OPTS setting in your .yml action file.

shfmt errors

'shfmt -s' returned error 1 finding the following formatting issues:

----------
--- bin/common.sh.orig
+++ bin/common.sh
@@ -5,245 +5,244 @@
 # Current directory must be the root directory of the repo
 
 function trap_add() {
- # based on https://stackoverflow.com/questions/3338030/multiple-bash-traps-for-the-same-signal
- # but: prepends new cmd rather than append it, changed var names and eliminated messages
+	# based on https://stackoverflow.com/questions/3338030/multiple-bash-traps-for-the-same-signal
+	# but: prepends new cmd rather than append it, changed var names and eliminated messages
 
-   local cmd_to_add signal
+	local cmd_to_add signal
 
-   cmd_to_add=$1; shift
-   for signal in "$@"; do
-      trap -- "$(
-         # print the new trap command
-         printf '%s\n' "${cmd_to_add}"
-         # helper fn to get existing trap command from output
-         # of trap -p
-         extract_trap_cmd() { printf '%s\n' "$3"; }
-         # print existing trap command with newline
-         eval "extract_trap_cmd $(trap -p "${signal}")"
-      )" "${signal}"
-   done
+	cmd_to_add=$1
+	shift
+	for signal in "$@"; do
+		trap -- "$(
+			# print the new trap command
+			printf '%s\n' "${cmd_to_add}"
+			# helper fn to get existing trap command from output
+			# of trap -p
+			extract_trap_cmd() { printf '%s\n' "$3"; }
+			# print existing trap command with newline
+			eval "extract_trap_cmd $(trap -p "${signal}")"
+		)" "${signal}"
+	done
 }
 
 function errexit_msg {
-   if [ -o errexit ]; then
-      log_error "Exiting script [`basename $0`] due to an error executing the command [$BASH_COMMAND]."
-   else
-      log_debug "Trap [ERR] triggered in [`basename $0`] while executing the command [$BASH_COMMAND]."
-   fi
+	if [ -o errexit ]; then
+		log_error "Exiting script [$(basename $0)] due to an error executing the command [$BASH_COMMAND]."
+	else
+		log_debug "Trap [ERR] triggered in [$(basename $0)] while executing the command [$BASH_COMMAND]."
+	fi
 }
 
 if [ "$SAS_COMMON_SOURCED" = "" ]; then
-    # Save standard out to a new descriptor
-    exec 3>&1
+	# Save standard out to a new descriptor
+	exec 3>&1
 
-    # Includes
-    source bin/colors-include.sh
-    source bin/log-include.sh
-    source bin/openshift-include.sh
+	# Includes
+	source bin/colors-include.sh
+	source bin/log-include.sh
+	source bin/openshift-include.sh
 
-    if [ ! $(which sha256sum) ]; then
-      log_error "Missing required utility: sha256sum"
-      exit 1
-    fi
+	if [ ! $(which sha256sum) ]; then
+		log_error "Missing required utility: sha256sum"
+		exit 1
+	fi
 
-    # Load component Helm chart version infomation
-    # NOTE: This is loaded prior to the USER_DIR to allow
-    # overriding these defaults via USER_DIR user.env files
-    if [ -f "component_versions.env" ]; then
-        userEnv=$(grep -v '^[[:blank:]]*$' component_versions.env | grep -v '^#' | xargs)
-        if [ "$userEnv" != "" ]; then
-          log_debug "Loading global user environment file: component_versions.env"
-          if [ "$userEnv" != "" ]; then
-            export $userEnv
-          fi
-        fi
-    else
-        log_debug "No component_versions.env file found"
-    fi
+	# Load component Helm chart version infomation
+	# NOTE: This is loaded prior to the USER_DIR to allow
+	# overriding these defaults via USER_DIR user.env files
+	if [ -f "component_versions.env" ]; then
+		userEnv=$(grep -v '^[[:blank:]]*$' component_versions.env | grep -v '^#' | xargs)
+		if [ "$userEnv" != "" ]; then
+			log_debug "Loading global user environment file: component_versions.env"
+			if [ "$userEnv" != "" ]; then
+				export $userEnv
+			fi
+		fi
+	else
+		log_debug "No component_versions.env file found"
+	fi
 
+	export USER_DIR=${USER_DIR:-$(pwd)}
+	if [ -d "$USER_DIR" ]; then
+		# Resolve full path
+		export USER_DIR=$(
+			cd "$(dirname "$USER_DIR")"
+			pwd
+		)/$(basename "$USER_DIR")
+	fi
+	if [ -f "$USER_DIR/user.env" ]; then
+		userEnv=$(grep -v '^[[:blank:]]*$' $USER_DIR/user.env | grep -v '^#' | xargs)
+		if [ "$userEnv" != "" ]; then
+			log_debug "Loading global user environment file: $USER_DIR/user.env"
+			if [ "$userEnv" != "" ]; then
+				export $userEnv
+			fi
+		fi
+	fi
 
+	log_debug "Working directory: $(pwd)"
+	log_info "User directory: $USER_DIR"
 
-    export USER_DIR=${USER_DIR:-$(pwd)}
-    if [ -d "$USER_DIR" ]; then
-      # Resolve full path
-      export USER_DIR=$(cd "$(dirname "$USER_DIR")"; pwd)/$(basename "$USER_DIR")
-    fi
-    if [ -f "$USER_DIR/user.env" ]; then
-        userEnv=$(grep -v '^[[:blank:]]*$' $USER_DIR/user.env | grep -v '^#' | xargs)
-        if [ "$userEnv" != "" ]; then
-          log_debug "Loading global user environment file: $USER_DIR/user.env"
-          if [ "$userEnv" != "" ]; then
-            export $userEnv
-          fi
-        fi
-    fi
+	export AIRGAP_DEPLOYMENT=${AIRGAP_DEPLOYMENT:-false}
 
-    log_debug "Working directory: $(pwd)"
-    log_info "User directory: $USER_DIR"
+	CHECK_HELM=${CHECK_HELM:-true}
+	if [ "$CHECK_HELM" == "true" ]; then
+		source bin/helm-include.sh
+		log_verbose "Helm client version: $HELM_VER_FULL"
+	fi
 
-    export AIRGAP_DEPLOYMENT=${AIRGAP_DEPLOYMENT:-false}
-    
-    CHECK_HELM=${CHECK_HELM:-true}
-    if [ "$CHECK_HELM" == "true" ]; then
-       source bin/helm-include.sh
-       log_verbose "Helm client version: $HELM_VER_FULL"
-    fi
+	CHECK_KUBERNETES=${CHECK_KUBERNETES:-true}
+	if [ "$CHECK_KUBERNETES" == "true" ]; then
+		source bin/kube-include.sh
 
-    CHECK_KUBERNETES=${CHECK_KUBERNETES:-true}
-    if [ "$CHECK_KUBERNETES" == "true" ]; then
-       source bin/kube-include.sh
+		log_verbose Kubernetes client version: "$KUBE_CLIENT_VER"
+		log_verbose Kubernetes server version: "$KUBE_SERVER_VER"
 
-       log_verbose Kubernetes client version: "$KUBE_CLIENT_VER"
-       log_verbose Kubernetes server version: "$KUBE_SERVER_VER"
+		# Check that the current KUBECONFIG has admin access
+		CHECK_ADMIN=${CHECK_ADMIN:-true}
+		if [ "$CHECK_ADMIN" == "true" ]; then
+			if [ "$(kubectl auth can-i create namespace --all-namespaces)" == "no" ]; then
+				ctx=$(kubectl config current-context)
+				log_error "The current kubectl context [$ctx] does not have cluster admin access"
+				exit 1
+			else
+				log_debug "Cluster admin check OK"
+			fi
+		else
+			log_debug "Cluster admin check disabled"
+		fi
+	fi
 
-       # Check that the current KUBECONFIG has admin access
-       CHECK_ADMIN=${CHECK_ADMIN:-true}
-       if [ "$CHECK_ADMIN" == "true" ]; then
-          if [ "$(kubectl auth can-i create namespace --all-namespaces)" == "no" ]; then
-             ctx=$(kubectl config current-context)
-             log_error "The current kubectl context [$ctx] does not have cluster admin access"
-             exit 1
-          else
-             log_debug "Cluster admin check OK"
-          fi
-       else
-          log_debug "Cluster admin check disabled"
-       fi
-    fi
+	# set TLS Cert Generator (cert-manager|openssl)
+	export CERT_GENERATOR="${CERT_GENERATOR:-openssl}"
 
-    # set TLS Cert Generator (cert-manager|openssl)
-    export CERT_GENERATOR="${CERT_GENERATOR:-openssl}"
+	# Set default timeout for kubectl namespace delete command
+	export KUBE_NAMESPACE_DELETE_TIMEOUT=${KUBE_NAMESPACE_DELETE_TIMEOUT:-5m}
 
+	export TMP_DIR=$(mktemp -d -t sas.mon.XXXXXXXX)
+	if [ ! -d "$TMP_DIR" ]; then
+		log_error "Could not create temporary directory [$TMP_DIR]"
+		exit 1
+	fi
+	log_debug "Temporary directory: [$TMP_DIR]"
+	echo "# This file intentionally empty" >$TMP_DIR/empty.yaml
 
-    # Set default timeout for kubectl namespace delete command
-    export KUBE_NAMESPACE_DELETE_TIMEOUT=${KUBE_NAMESPACE_DELETE_TIMEOUT:-5m}
+	# Delete the temp directory on exit
+	function cleanup {
+		KEEP_TMP_DIR=${KEEP_TMP_DIR:-false}
+		if [ "$KEEP_TMP_DIR" != "true" ]; then
+			rm -rf "$TMP_DIR"
+			log_debug "Deleted temporary directory: [$TMP_DIR]"
+		else
+			log_info "TMP_DIR [$TMP_DIR] was not removed"
+		fi
+	}
+	trap_add cleanup EXIT
 
-    export TMP_DIR=$(mktemp -d -t sas.mon.XXXXXXXX)
-    if [ ! -d "$TMP_DIR" ]; then
-      log_error "Could not create temporary directory [$TMP_DIR]"
-      exit 1
-    fi
-    log_debug "Temporary directory: [$TMP_DIR]"
-    echo "# This file intentionally empty" > $TMP_DIR/empty.yaml
+	trap_add errexit_msg ERR
 
-    # Delete the temp directory on exit
-    function cleanup {
-      KEEP_TMP_DIR=${KEEP_TMP_DIR:-false}
-      if [ "$KEEP_TMP_DIR" != "true" ]; then
-        rm -rf "$TMP_DIR"
-        log_debug "Deleted temporary directory: [$TMP_DIR]"
-      else
-        log_info "TMP_DIR [$TMP_DIR] was not removed"
-      fi
-    }
-    trap_add cleanup EXIT
-
-    trap_add errexit_msg ERR
-
-    export SAS_COMMON_SOURCED=true
+	export SAS_COMMON_SOURCED=true
 fi
 
 function checkDefaultStorageClass {
-    if [ -z "$defaultStorageClass" ]; then
-      # Check for kubernetes environment conflicts/requirements
-      defaultStorageClass=$(kubectl get storageclass -o jsonpath="{range .items[*]}{.metadata.name}{'\t'}{.metadata.annotations..storageclass\.kubernetes\.io/is-default-class}{'\n'}{end}" | grep true | awk '{print $1}')
-      if [ "$defaultStorageClass" ]; then
-        log_debug "Found default storageClass: [$defaultStorageClass]"
-      else
-        # Try again with beta storageclass annotation key
-        defaultStorageClass=$(kubectl get storageclass -o jsonpath="{range .items[*]}{.metadata.name}{'\t'}{.metadata.annotations..storageclass\.beta\.kubernetes\.io/is-default-class}{'\n'}{end}" | grep true | awk '{print $1}')
-        if [ "$defaultStorageClass" ]; then
-          log_debug "Found default storageClass: [$defaultStorageClass]"
-        else
-          log_warn "This cluster does not have a default storageclass defined"
-          log_warn "This may cause errors unless storageclass values are explicitly defined"
-          defaultStorageClass=_NONE_
-        fi
-      fi
-    fi
+	if [ -z "$defaultStorageClass" ]; then
+		# Check for kubernetes environment conflicts/requirements
+		defaultStorageClass=$(kubectl get storageclass -o jsonpath="{range .items[*]}{.metadata.name}{'\t'}{.metadata.annotations..storageclass\.kubernetes\.io/is-default-class}{'\n'}{end}" | grep true | awk '{print $1}')
+		if [ "$defaultStorageClass" ]; then
+			log_debug "Found default storageClass: [$defaultStorageClass]"
+		else
+			# Try again with beta storageclass annotation key
+			defaultStorageClass=$(kubectl get storageclass -o jsonpath="{range .items[*]}{.metadata.name}{'\t'}{.metadata.annotations..storageclass\.beta\.kubernetes\.io/is-default-class}{'\n'}{end}" | grep true | awk '{print $1}')
+			if [ "$defaultStorageClass" ]; then
+				log_debug "Found default storageClass: [$defaultStorageClass]"
+			else
+				log_warn "This cluster does not have a default storageclass defined"
+				log_warn "This may cause errors unless storageclass values are explicitly defined"
+				defaultStorageClass=_NONE_
+			fi
+		fi
+	fi
 }
 
 function validateTenantID {
-  tenantID=$1
-  reservedNames=(default provider shared sharedservices spre uaa viya)
+	tenantID=$1
+	reservedNames=(default provider shared sharedservices spre uaa viya)
 
-  CHECK_TENANT_NAME=${CHECK_TENANT_NAME:-true}
-  if [ "$CHECK_TENANT_NAME" == "true" ]; then
-    if [[ $tenantID =~ ^[a-z]([a-z0-9]){0,15}$ ]]; then
-      if [[ $tenantID =~ ^sas ]]; then
-        log_error "Tenant names cannot start with 'sas'"
-        exit 1
-      fi
-      for n in ${reservedNames[@]}; do
-        if [ "$tenantID" == "$n" ]; then
-          log_error "The tenant name [$tenantID] is a reserved name"
-          exit 1
-        fi
-      done
-    else
-      log_error "[$tenantID] is not a valid tenant name"
-      exit 1
-    fi
-  else
-    log_debug "Tenant name validation is disabled"
-  fi
+	CHECK_TENANT_NAME=${CHECK_TENANT_NAME:-true}
+	if [ "$CHECK_TENANT_NAME" == "true" ]; then
+		if [[ $tenantID =~ ^[a-z]([a-z0-9]){0,15}$ ]]; then
+			if [[ $tenantID =~ ^sas ]]; then
+				log_error "Tenant names cannot start with 'sas'"
+				exit 1
+			fi
+			for n in ${reservedNames[@]}; do
+				if [ "$tenantID" == "$n" ]; then
+					log_error "The tenant name [$tenantID] is a reserved name"
+					exit 1
+				fi
+			done
+		else
+			log_error "[$tenantID] is not a valid tenant name"
+			exit 1
+		fi
+	else
+		log_debug "Tenant name validation is disabled"
+	fi
 }
 
-
 function validateNamespace {
-  local namespace
-  namespace="$1"
-  if [[ "$namespace" =~ ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?$ ]]; then
-    log_debug "Namespace [$namespace] passes validation"
-  else
-    log_error "[$namespace] is not a valid namespace name"
-    exit 1
-  fi
+	local namespace
+	namespace="$1"
+	if [[ $namespace =~ ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?$ ]]; then
+		log_debug "Namespace [$namespace] passes validation"
+	else
+		log_error "[$namespace] is not a valid namespace name"
+		exit 1
+	fi
 }
 
-
 function randomPassword {
-  date +%s | sha256sum | base64 | head -c 32 ; echo
+	date +%s | sha256sum | base64 | head -c 32
+	echo
 }
 
 function disable_sa_token_automount {
-  local ns sa_name should_disable
-  ns=$1
-  sa_name=$2
-  should_disable=${SEC_DISABLE_SA_TOKEN_AUTOMOUNT:-true}
-  
-  if [ "$should_disable" == "true" ]; then
-    if [ -n "$(kubectl -n "$ns" get serviceAccount "$sa_name" -o name 2>/dev/null)" ]; then
-      log_debug "Disabling automount of API tokens for serviceAccount [$ns/$sa_name]"
-      kubectl -n $ns patch serviceAccount $sa_name -p '{"automountServiceAccountToken":false}'
-    else
-      log_debug "ServiceAccount [$ns/$sa_name] not found. Skipping patch"
-    fi
-  else
-    log_debug "NOT disabling token automount serviceAccount [$ns/$sa_name]; SEC_DISABLE_SA_TOKEN_AUTOMOUNT set to [$SEC_DISABLE_SA_TOKEN_AUTOMOUNT]"
-  fi
+	local ns sa_name should_disable
+	ns=$1
+	sa_name=$2
+	should_disable=${SEC_DISABLE_SA_TOKEN_AUTOMOUNT:-true}
+
+	if [ "$should_disable" == "true" ]; then
+		if [ -n "$(kubectl -n "$ns" get serviceAccount "$sa_name" -o name 2>/dev/null)" ]; then
+			log_debug "Disabling automount of API tokens for serviceAccount [$ns/$sa_name]"
+			kubectl -n $ns patch serviceAccount $sa_name -p '{"automountServiceAccountToken":false}'
+		else
+			log_debug "ServiceAccount [$ns/$sa_name] not found. Skipping patch"
+		fi
+	else
+		log_debug "NOT disabling token automount serviceAccount [$ns/$sa_name]; SEC_DISABLE_SA_TOKEN_AUTOMOUNT set to [$SEC_DISABLE_SA_TOKEN_AUTOMOUNT]"
+	fi
 }
 
 function enable_pod_token_automount {
-  local ns resource_type resource_name should_disable
-  ns=$1
-  resource_type=$2
-  resource_name=$3
-  should_disable=${SEC_DISABLE_SA_TOKEN_AUTOMOUNT:-true}
+	local ns resource_type resource_name should_disable
+	ns=$1
+	resource_type=$2
+	resource_name=$3
+	should_disable=${SEC_DISABLE_SA_TOKEN_AUTOMOUNT:-true}
 
+	if [ "$should_disable" == "true" ]; then
+		log_debug "Enabling automount of API tokens for pods deployed via [$resource_type/$resource_name]"
 
-  if [ "$should_disable" == "true" ]; then
-     log_debug "Enabling automount of API tokens for pods deployed via [$resource_type/$resource_name]"
-
-     if [ "$resource_type" == "daemonset" ] || [ "$resource_type" == "deployment" ]; then
-        kubectl -n $ns patch $resource_type  $resource_name -p '{"spec": {"template": {"spec": {"automountServiceAccountToken":true}}}}'
-     else
-        log_error "Invalid request to function [${FUNCNAME[0]}]; unsupported resource_type [$resource_type]"
-        return 1
-     fi
-  else
-     log_debug "NOT enabling token automount on pods for [$ns/$resource_type/$resource_name]; SEC_DISABLE_SA_TOKEN_AUTOMOUNT set to [$SEC_DISABLE_SA_TOKEN_AUTOMOUNT]"
-  fi
+		if [ "$resource_type" == "daemonset" ] || [ "$resource_type" == "deployment" ]; then
+			kubectl -n $ns patch $resource_type $resource_name -p '{"spec": {"template": {"spec": {"automountServiceAccountToken":true}}}}'
+		else
+			log_error "Invalid request to function [${FUNCNAME[0]}]; unsupported resource_type [$resource_type]"
+			return 1
+		fi
+	else
+		log_debug "NOT enabling token automount on pods for [$ns/$resource_type/$resource_name]; SEC_DISABLE_SA_TOKEN_AUTOMOUNT set to [$SEC_DISABLE_SA_TOKEN_AUTOMOUNT]"
+	fi
 }
 
 export -f checkDefaultStorageClass
----------

You can reformat the above files to meet shfmt's requirements by typing:

  shfmt -s -w filename