From b8a8448d4a72175c6d589284e5294f773c64984d Mon Sep 17 00:00:00 2001
From: wkoot <3715211+wkoot@users.noreply.github.com>
Date: Tue, 13 Feb 2024 12:08:40 +0100
Subject: [PATCH] Update to v4 checkout action and address warnings

---
 .github/workflows/docker-image.yml |  2 +-
 Dockerfile                         |  6 +++---
 plugins/install-plugins.sh         | 17 ++++++++++-------
 start-with-profile.sh              |  4 ++--
 4 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
index a700f69..d130897 100644
--- a/.github/workflows/docker-image.yml
+++ b/.github/workflows/docker-image.yml
@@ -18,7 +18,7 @@ jobs:
           - env:
               IMAGE_EDITION: developer
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Build the Docker image
         run: docker build --build-arg="IMAGE_EDITION=${{ matrix.env.IMAGE_EDITION }}" -t ci .
diff --git a/Dockerfile b/Dockerfile
index 02e4f4b..cbea376 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,7 +18,7 @@ RUN apt-get update \
     && apt-get install -y wget curl ca-certificates-java jq postgresql-client \
     && rm -rf /var/lib/apt/lists/*
 
-ADD ./plugins /tmp/plugins
+COPY ./plugins /tmp/plugins
 RUN rm -rf ./extensions/plugins/* && \
     cat /tmp/plugins/plugin-list && \
     chmod +x /tmp/plugins/install-plugins.sh && \
@@ -27,8 +27,8 @@ RUN rm -rf ./extensions/plugins/* && \
 WORKDIR /opt/sonarqube
 
 COPY ./start-with-profile.sh .
-ADD ./rules /tmp/rules
-ADD sonar.properties /opt/sonarqube/conf/sonar.properties
+COPY ./rules /tmp/rules
+COPY sonar.properties /opt/sonarqube/conf/sonar.properties
 
 RUN chown -R sonarqube:sonarqube . \
     && chmod +x start-with-profile.sh
diff --git a/plugins/install-plugins.sh b/plugins/install-plugins.sh
index 99b831e..67abcfa 100755
--- a/plugins/install-plugins.sh
+++ b/plugins/install-plugins.sh
@@ -1,19 +1,22 @@
 #!/bin/bash
 
 cwd="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-plugin_dir=/opt/sonarqube/extensions/plugins
+plugin_dir="/opt/sonarqube/extensions/plugins"
 
 # Download plugins
-while read plugin; do
-  wget $plugin -P $plugin_dir
+while read -r plugin; do
+  wget --no-verbose "${plugin}" -P "${plugin_dir}"
   rtn=$?
   if [ $rtn -ne 0 ]; then
-    echo "Error downloading $plugin"
+    echo "Error downloading ${plugin}"
     exit $rtn
   fi
-done < $cwd/plugin-list
+done < "${cwd}"/plugin-list
 
 # Check if unzip required
-for file in $plugin_dir/*; do
-  if [[ $file =~ \.zip$ ]]; then unzip $file -d $plugin_dir && rm -f $file; fi
+for file in "${plugin_dir}"/*; do
+  if [[ $file =~ \.zip$ ]]; then
+    unzip "${file}" -d "${plugin_dir}"
+    rm -f "${file}"
+  fi
 done
diff --git a/start-with-profile.sh b/start-with-profile.sh
index 1409805..042240b 100644
--- a/start-with-profile.sh
+++ b/start-with-profile.sh
@@ -109,7 +109,7 @@ function processRule {
     # Enable rules by group (types)
     if [[ "${ruleSet}" =~ types=.* ]]; then
 
-        IFS='=' read -r typekey ruleTypes <<< "${ruleSet}"
+        IFS='=' read -r _ ruleTypes <<< "${ruleSet}"
         if [ "${operationType}" == "+" ]; then
             echo "Activating rules ${ruleTypes} for ${language}"
             curlAdmin -X POST "${BASE_URL}/api/qualityprofiles/activate_rules?targetKey=${profileKey}&languages=${language}&types=${ruleTypes}&statuses=READY"
@@ -167,7 +167,7 @@ function createProfile {
 
     if [[ -f "${rulesFilename}" ]]; then
         # activate and deactivate rules in new profile
-        while read ruleLine || [ -n "${line}" ]; do
+        while read -r ruleLine || [ -n "${line}" ]; do
 
             # Each line contains: 
             #     (+|-)types=comma-seperated,list-of-types # comment