From 0219c933e839fed5d8069ad5b65426328ff4fd40 Mon Sep 17 00:00:00 2001
From: Bret Fisher <bret@bretfisher.com>
Date: Sun, 15 May 2022 19:19:46 -0400
Subject: [PATCH] fixing lints

---
 .github/linters/.hadolint.yaml |  1 +
 Dockerfile                     |  4 ++--
 README.md                      | 14 +++++---------
 shpod.yaml                     | 25 +++++++++++++------------
 4 files changed, 21 insertions(+), 23 deletions(-)

diff --git a/.github/linters/.hadolint.yaml b/.github/linters/.hadolint.yaml
index 889d551..f64aaf5 100644
--- a/.github/linters/.hadolint.yaml
+++ b/.github/linters/.hadolint.yaml
@@ -11,6 +11,7 @@ ignored:
   - DL3006 #image pin versions
   - DL3008 #apt pin versions
   - DL3018 #apk add pin versions
+  - DL3019 #don't worry about avoiding cache in build-only stages
   - DL3022 #bad rule for COPY --from
   - DL3028 #gem install pin versions
   - DL3059 #multiple consecutive runs
diff --git a/Dockerfile b/Dockerfile
index ae2dcf6..f20d2c0 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -30,7 +30,7 @@ RUN helper-curl tar "--strip-components=1 linux-@GOARCH/helm" \
 FROM alpine AS httping
 RUN apk add build-base gettext git musl-libintl ncurses-dev
 RUN git clone https://salsa.debian.org/debian/httping
-WORKDIR httping
+WORKDIR /httping
 RUN sed -i s/60/0/ utils.c
 RUN make install BINDIR=/usr/local/bin
 
@@ -118,7 +118,7 @@ RUN helper-curl tar tilt \
 
 FROM alpine AS shpod
 ENV COMPLETIONS=/usr/share/bash-completion/completions
-RUN apk add apache2-utils bash bash-completion curl docker-cli file git iputils jq libintl ncurses openssh openssl sudo tmux tree vim yq
+RUN apk add --no-cache apache2-utils bash bash-completion curl docker-cli file git iputils jq libintl ncurses openssh openssl sudo tmux tree vim yq
 
 COPY --from=compose     /usr/local/bin/docker-compose /usr/local/bin
 COPY --from=crane       /usr/local/bin/crane          /usr/local/bin
diff --git a/README.md b/README.md
index 58bc4ab..4684c47 100644
--- a/README.md
+++ b/README.md
@@ -58,10 +58,10 @@ can attach to that shell. If it runs without a pseudo-terminal,
 it will start an SSH server, and you can connect to that SSH
 server to obtain the shell.
 
-
 ## Using with a pseudo-terminal
 
 Run it in a Pod and attach directly to it:
+
 ```bash
 kubectl run shpod --restart=Never --rm -it --image=bretfisher/shpod
 ```
@@ -71,11 +71,11 @@ Most Kubernetes commands won't work (you will get permission errors)
 until you create an appropriate RoleBinding or ClusterRoleBinding
 (see below for details).
 
-
 ## Using without a pseudo-terminal
 
 Run as a Pod (or Deployment), then expose (or port-forward) to port
 22 in that Pod, and connect with an SSH client:
+
 ```bash
 kubectl run shpod --image=bretfisher/shpod
 kubectl wait pod shpod --for=condition=ready
@@ -86,7 +86,6 @@ ssh -l k8s -p 2222 localhost # the default password is "k8s"
 Note: you can change the password by setting the `PASSWORD`
 environment variable.
 
-
 ## Granting permissions
 
 By default, shpod uses the ServiceAccount of the Pod that it's
@@ -94,7 +93,7 @@ running in; and by default (on most clusters) that ServiceAccount
 won't have much permissions, meaning that you will get errors like
 the following one:
 
-```console
+```bash
 $ kubectl get pods
 Error from server (Forbidden): pods is forbidden: User "system:serviceaccount:default:default" cannot list resource "pods" in API group "" in the namespace "default"
 ```
@@ -115,7 +114,6 @@ kubectl create clusterrolebinding shpod \
 
 You can also use the one-liner below.
 
-
 ## One-liner usage
 
 The [shpod.sh](shpod.sh) script will:
@@ -143,15 +141,16 @@ curl https://k8smastery.com/shpod.sh | sh
 If you don't like `curl|sh`, and/or if you want to execute things
 step by step, check the next section.
 
-
 ## Step-by-step usage
 
 1. Deploy the shpod pod:
+
    ```bash
    kubectl apply -f https://k8smastery.com/shpod.yaml
    ```
 
 2. Attach to the shpod pod:
+
    ```bash
    kubectl attach --namespace=shpod -ti shpod
    ```
@@ -171,7 +170,6 @@ and the ClusterRoleBinding with the same name:
 kubectl delete clusterrolebinding,ns shpod
 ```
 
-
 ## Opening multiple sessions
 
 Shpod tries to detect if it is already running; and if it's the case,
@@ -179,7 +177,6 @@ it will try to start another process using `kubectl exec`. Note that
 if the first shpod process exits, Kubernetes will terminate all the
 other processes.
 
-
 ## Special handling of kubeconfig
 
 If you have a ConfigMap named `kubeconfig` in the Namespace
@@ -188,7 +185,6 @@ that ConfigMap and use it to populate `~/.kube/config`.
 
 This lets you inject a custom kubeconfig file into shpod.
 
-
 ## Support for other architectures
 
 As of November 2021, the Dockerfile in this repository should be able
diff --git a/shpod.yaml b/shpod.yaml
index 8670d43..e1bd6bc 100644
--- a/shpod.yaml
+++ b/shpod.yaml
@@ -1,3 +1,4 @@
+---
 apiVersion: v1
 kind: Namespace
 metadata:
@@ -18,9 +19,9 @@ roleRef:
   kind: ClusterRole
   name: cluster-admin
 subjects:
-- kind: ServiceAccount
-  name: shpod
-  namespace: shpod
+  - kind: ServiceAccount
+    name: shpod
+    namespace: shpod
 ---
 apiVersion: v1
 kind: Pod
@@ -30,12 +31,12 @@ metadata:
 spec:
   serviceAccountName: shpod
   containers:
-  - name: shpod
-    image: bretfisher/shpod
-    stdin: true
-    tty: true
-    env:
-    - name: HOSTIP
-      valueFrom:
-        fieldRef:
-          fieldPath: status.hostIP
+    - name: shpod
+      image: bretfisher/shpod:latest
+      stdin: true
+      tty: true
+      env:
+        - name: HOSTIP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP