treewide: Format with shellcheck, jsonlint and yamllint

2025-12-29 12:41:13 +01:00
parent d7e4fb43cb
commit f81a4b2732
53 changed files with 313 additions and 220 deletions
@@ -1,6 +1,7 @@
 *.tgz
 _*/
 .direnv/
+.env
 .pre-commit-config.yaml
 _*.yaml
 backup/
@@ -6,39 +6,46 @@ let
  values = lib.apps.appValues {
    inherit env;
    base = ../values/atlantis;
-    extraValues = {};
+    extraValues = { };
  };

-  kustomize = r:
+  kustomize =
+    r:
    if r.kind == "Deployment" then
      lib.attrsets.recursiveUpdate r {
-        spec.template.spec.containers =
-        builtins.map (x:
-        x // {
+        spec.template.spec.containers = builtins.map (
+          x:
+          x
+          // {
            livenessProbe.httpGet.path = "/healthz";
            readinessProble.httpGet.path = "/healthz";
-            env = x.env ++ [ { name = "INERNAL_PORT"; value = 8000; } ];
-        }) r.spec.template.spec.containers;
+            env = x.env ++ [
+              {
+                name = "INERNAL_PORT";
+                value = 8000;
+              }
+            ];
+          }
+        ) r.spec.template.spec.containers;
      }
-      else if r.kind == "Service" then
-      {}
-    else r;
+    else if r.kind == "Service" then
+      { }
+    else
+      r;
 in
 {
  options.apps.atlantis = lib.apps.appOptions {
-      revision = lib.mkOption {
-        type = lib.types.str;
-        default = "main";
-        description = "Revision";
-      };
+    revision = lib.mkOption {
+      type = lib.types.str;
+      default = "main";
+      description = "Revision";
+    };

-      hostname = lib.mkOption {
-        type = lib.types.str;
-        default = if env == "prod"
-          then "maps.oceanbox.io"
-          else "atlantis.beta.oceanbox.io";
-        description = "Revision";
-      };
+    hostname = lib.mkOption {
+      type = lib.types.str;
+      default = if env == "prod" then "maps.oceanbox.io" else "atlantis.beta.oceanbox.io";
+      description = "Revision";
+    };
  };

  config = lib.apps.appConfig cfg "${env}-atlantis" {
@@ -6,34 +6,32 @@ let
  values = lib.apps.appValues {
    inherit env;
    base = ../values/openfga;
-    extraValues = {};
+    extraValues = { };
  };

-  kustomize = r:
-    if r.kind == "Job" then
-      lib.attrsets.recursiveUpdate r { spec.backoffLimit = 2; }
-    else r;
+  kustomize =
+    r: if r.kind == "Job" then lib.attrsets.recursiveUpdate r { spec.backoffLimit = 2; } else r;

 in
-  {
-    options.apps.openfga = lib.apps.appOptions {};
+{
+  options.apps.openfga = lib.apps.appOptions { };

-    config = lib.apps.appConfig cfg "${env}-openfga" {
-        helm.releases."${env}-openfga" = {
-          inherit values;
-          chart = lib.helm.downloadHelmChart {
-            repo = "https://openfga.github.io/helm-charts";
-            chart = "openfga";
-              version = "0.2.12";
-              chartHash = "sha256-7yLcw9/oNPvCePrtTJwKAG88t0Ym5Dl/S83Gz+gQdDU=";
-          };
-          transformer = rs: builtins.map (x: kustomize x) rs;
-        };
-
-        annotations = {};
-        resources = {
-          services.poop.spec = {
-          };
-        };
+  config = lib.apps.appConfig cfg "${env}-openfga" {
+    helm.releases."${env}-openfga" = {
+      inherit values;
+      chart = lib.helm.downloadHelmChart {
+        repo = "https://openfga.github.io/helm-charts";
+        chart = "openfga";
+        version = "0.2.12";
+        chartHash = "sha256-7yLcw9/oNPvCePrtTJwKAG88t0Ym5Dl/S83Gz+gQdDU=";
      };
-  }
+      transformer = rs: builtins.map (x: kustomize x) rs;
+    };
+
+    annotations = { };
+    resources = {
+      services.poop.spec = {
+      };
+    };
+  };
+}
@@ -1,7 +1,4 @@
 {
-    // Use IntelliSense to learn about possible attributes.
-    // Hover to view descriptions of existing attributes.
-    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
    "version": "0.2.0",
    "configurations": [
        {
@@ -2,16 +2,16 @@

 server="root@fs1-0"
 path="/vol/brick0/nfs0/k1/pv-oceanbox-dex"
-dest="$server:$path"
+dest="${server}:${path}"

 index=$(basename dist/assets/index-*.js)

-ssh $server -- rm $path/static/js/*.js
-scp dist/assets/*.js $dest/static/js/
+ssh "${server}" -- rm "${path}"/static/js/*.js
+scp dist/assets/*.js "${dest}"/static/js/

-sed -r "s/@index@/$index/" ./dex/templates/login.html > login.html.$$
-scp ./dex/templates/* $dest/templates/
-scp ./dex/static/*.* $dest/static/
-scp login.html.$$ $dest/templates/login.html
+sed -r "s/@index@/${index}/" ./dex/templates/login.html > login.html.$$
+scp ./dex/templates/* "${dest}"/templates/
+scp ./dex/static/*.* "${dest}"/static/
+scp login.html.$$ "${dest}"/templates/login.html
 rm login.html.$$
 ssh admin@k1-0.itpartner.intern -- kubectl rollout restart -n oceanbox deployment/dex
@@ -1,4 +1,5 @@
 #!/usr/bin/env bash
+# shellcheck disable=SC2034  # Unused variables left for readability

 helmfile () {

@@ -10,30 +11,30 @@ bases:
 - ../envs/environments.yaml.gotmpl

 commonLabels:
-  tier: $tier
+  tier: ${tier}

 releases:
- name: $name
-  namespace: {{ .Environment.Name }}-$name
-  chart: ../charts/$name
-  condition: $name.enabled
+- name: ${name}
+  namespace: {{ .Environment.Name }}-${name}
+  chart: ../charts/${name}
+  condition: ${name}.enabled
  values:
-  - ../values/$name/values/values.yaml.gotmpl
-  - ../values/$name/values/values-{{ .Environment.Name }}.yaml
+  - ../values/${name}/values/values.yaml.gotmpl
+  - ../values/${name}/values/values-{{ .Environment.Name }}.yaml
  postRenderer: ../bin/kustomizer
  postRendererArgs:
-  - ../values/$name/kustomize/{{ .Environment.Name }}
+  - ../values/${name}/kustomize/{{ .Environment.Name }}
  missingFileHandler: Info
 - name: manifests
-  namespace: {{ .Environment.Name }}-$name
+  namespace: {{ .Environment.Name }}-${name}
  chart: manifests
-  condition: $name.enabled
+  condition: ${name}.enabled
  missingFileHandler: Info
  values:
  - ../values/env.yaml
  - ../values/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml
-  - ../values/$name/env.yaml.gotmpl
-  - ../values/$name/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml.gotmpl
+  - ../values/${name}/env.yaml.gotmpl
+  - ../values/${name}/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml.gotmpl
  hooks:
  - events: [ prepare, cleanup ]
    showlogs: true
@@ -42,7 +43,7 @@ releases:
    - '{{\`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}\`}}'
    - '{{\`{{ .Release.Chart }}\`}}'
    - '{{\`{{ .Environment.Name }}\`}}'
-    - ../values/$name/manifests
+    - ../values/${name}/manifests
    - manifests
 EOF
 }
@@ -59,10 +60,10 @@ done

 name=$1
 tier=$2
-if [ -n "$ns" ]; then
-    namespace="namespace: {{ .Environment.Name }}-$name"
+if [[ -n "${ns}" ]]; then
+    namespace="namespace: {{ .Environment.Name }}-${name}"
 else
-    namespace="namespace: $name"
+    namespace="namespace: ${name}"
 fi

-helmfile $1 $2
+helmfile "$1" "$2"
@@ -4,39 +4,38 @@ set -o pipefail

 cmd=$1
 chart=$2
-env=$3
 manifests=${4:-manifests}
 outdir=${5:-_manifests}

 build() {
-  mkdir -p $outdir/templates
-  echo "Creating $outdir/templates"
+  mkdir -p "${outdir}"/templates
+  echo "Creating ${outdir}/templates"

-  echo "generating $outdir/Chart.yaml" 1>&2
+  echo "generating ${outdir}/Chart.yaml" 1>&2

-  cat <<EOF > $outdir/Chart.yaml
+  cat <<EOF > "${outdir}"/Chart.yaml
 apiVersion: v1
 appVersion: "1.0"
 # description: A Helm chart for Kubernetes
-name: $chart
+name: ${chart}
 version: 0.1.0
 EOF

-if [ -d $manifests ]; then
-    cp -r $manifests/* $outdir/templates
-elif [ -f $manifests ]; then
-    cp $manifests $outdir/templates
+if [[ -d "${manifests}" ]]; then
+    cp -r "${manifests}"/* "${outdir}"/templates
+elif [[ -f "${manifests}" ]]; then
+    cp "${manifests}" "${outdir}"/templates
 fi
 }

 clean() {
-  echo "cleaning $outdir" 1>&2
-  rm -rf $outdir
+  echo "cleaning ${outdir}" 1>&2
+  rm -rf "${outdir}"
 }

-case "$cmd" in
+case "${cmd}" in
  "build" ) build ;;
  "clean" ) clean ;;
-  * ) echo "unsupported command: $cmd" 1>&2; exit 1 ;;
+  * ) echo "unsupported command: ${cmd}" 1>&2; exit 1 ;;
 esac

@@ -1,13 +1,13 @@
 #!/usr/bin/env bash

-[ $# != 1 ] && exit 1
+[[ $# != 1 ]] && exit 1

 dir=$1
-base=$dir/../base
+base=${dir}/../base

-if [ -f $base/kustomization.yaml -a -f $dir/kustomization.yaml ]; then
-    cat > $base/_manifest.yaml
-    kubectl kustomize $dir
+if [[ -f "${base}"/kustomization.yaml ]] && [[ -f "${dir}"/kustomization.yaml ]]; then
+    cat > "${base}"/_manifest.yaml
+    kubectl kustomize "${dir}"
 else
    cat
 fi
@@ -3,5 +3,5 @@
 img=registry.gitlab.com/oceanbox/manifests/helm-kustomize-cmp
 tag=${1:-latest}

-docker build -t $img:$tag .
-docker push $img:$tag
+docker build -t "${img}":"${tag}" .
+docker push "${img}":"${tag}"
@@ -1,14 +1,15 @@
 #!/bin/sh
+# shellcheck disable=SC2154

 export HOME=/plugin

-env > /tmp/$ARGOCD_APP_NAME.env
+env > /tmp/"${ARGOCD_APP_NAME}".env

-echo "$ARGOCD_APP_PARAMETERS" | jq '.[] | select(.name == "helm-parameters") | .map' | yq -P -oy > parameters.yaml
-cp parameters.yaml /tmp/$ARGOCD_APP_NAME-parameters.yaml
+echo "${ARGOCD_APP_PARAMETERS}" | jq '.[] | select(.name == "helm-parameters") | .map' | yq -P -oy > parameters.yaml
+cp parameters.yaml /tmp/"${ARGOCD_APP_NAME}"-parameters.yaml

-if [ -n "$PARAM_CHART" -a "$PARAM_CHART" != "." ]; then
-    CHART=$PARAM_CHART
+if [ -n "${PARAM_CHART}" ] && [ "${PARAM_CHART}" != "." ]; then
+    CHART=${PARAM_CHART}
 elif [ -d chart ]; then
    CHART=chart
 elif [ -f chart ]; then
@@ -18,19 +19,19 @@ else
 fi

 [ -f chart/values.yaml ] && VALUES="-f chart/values.yaml"
-[ -f values-chart.yaml ] && VALUES="$VALUES -f values-chart.yaml"
-[ -f values.yaml ] && VALUES="$VALUES -f values.yaml"
-[ -f values-$PARAM_ENV.yaml ] && VALUES="$VALUES -f values-$PARAM_ENV.yaml"
-VALUES="$VALUES -f parameters.yaml"
+[ -f values-chart.yaml ] && VALUES="${VALUES} -f values-chart.yaml"
+[ -f values.yaml ] && VALUES="${VALUES} -f values.yaml"
+[ -f values-"${PARAM_ENV}".yaml ] && VALUES="${VALUES} -f values-${PARAM_ENV}.yaml"
+VALUES="${VALUES} -f parameters.yaml"

-helm dependency update $CHART >/tmp/$ARGOCD_APP_NAME-helm-dependency-build.out
+helm dependency update "${CHART}" >/tmp/"${ARGOCD_APP_NAME}"-helm-dependency-build.out

 mkdir -p base
-echo "helm template -n $ARGOCD_APP_NAMESPACE $PARAM_FLAGS $VALUES $ARGOCD_APP_NAME $CHART" > /tmp/$ARGOCD_APP_NAME-helm.sh
-helm template -n $ARGOCD_APP_NAMESPACE $PARAM_FLAGS $VALUES $ARGOCD_APP_NAME $CHART > ./base/_manifest.yaml
+echo "helm template -n ${ARGOCD_APP_NAMESPACE} ${PARAM_FLAGS} ${VALUES} ${ARGOCD_APP_NAME} ${CHART}" > /tmp/"${ARGOCD_APP_NAME}"-helm.sh
+helm template -n "${ARGOCD_APP_NAMESPACE}" "${PARAM_FLAGS}" "${VALUES}" "${ARGOCD_APP_NAME}" "${CHART}" > ./base/_manifest.yaml

-cp ./base/_manifest.yaml /tmp/$ARGOCD_APP_NAME-manifest.yaml
+cp ./base/_manifest.yaml /tmp/"${ARGOCD_APP_NAME}"-manifest.yaml

-[ -d "$PARAM_ENV" ] && kubectl kustomize $PARAM_ENV > /tmp/$ARGOCD_APP_NAME-manifest.yaml
+[ -d "${PARAM_ENV}" ] && kubectl kustomize "${PARAM_ENV}" > /tmp/"${ARGOCD_APP_NAME}"-manifest.yaml

-cat /tmp/$ARGOCD_APP_NAME-manifest.yaml
+cat /tmp/"${ARGOCD_APP_NAME}"-manifest.yaml
@@ -18,7 +18,7 @@ EOF
    exit 0
 fi

-yq e -o=p $VALUES | jq --slurp --raw-input '
+yq e -o=p "${VALUES}" | jq --slurp --raw-input '
  [{
    name: "helm-parameters",
    title: "Helm Parameters",
@@ -1,8 +1,9 @@
 #!/bin/sh
+# shellcheck disable=SC2154

 export HOME=/plugin

-helm repo add --username argocd-helm --password "$OCEANBOX_HELM_ACCESS_TOKEN" oceanbox \
+helm repo add --username argocd-helm --password "${OCEANBOX_HELM_ACCESS_TOKEN}" oceanbox \
    https://gitlab.com/api/v4/projects/54396343/packages/helm/stable

 helm repo add bitnami https://charts.bitnami.com/bitnami
@@ -4,9 +4,9 @@ export HOME=/plugin

 helm repo update oceanbox

-if [ -n "$PARAM_CHART" -a "$PARAM_CHART" != "." ]; then
-    helm show values $PARAM_CHART > values-chart.yaml
+if [ -n "${PARAM_CHART}" ] && [ "${PARAM_CHART}" != "." ]; then
+    helm show values "${PARAM_CHART}" > values-chart.yaml
 elif [ -f chart ]; then
    CHART=$(cat chart)
-    helm show values $CHART > values-chart.yaml
+    helm show values "${CHART}" > values-chart.yaml
 fi
@@ -3,5 +3,5 @@
 img=registry.gitlab.com/oceanbox/manifests/helmfile-cmp
 tag=${1:-latest}

-docker build -t $img:$tag .
-docker push $img:$tag
+docker build -t "${img}":"${tag}" .
+docker push "${img}":"${tag}"
@@ -1,4 +1,5 @@
 #!/bin/sh
+# shellcheck disable=SC2154

 # NOTE: Ensure errors are part of exitcode
 # set -o pipefail
@@ -10,7 +11,7 @@ export HELM_CONFIG_HOME=/tmp/helm/config
 export HELMFILE_CACHE_HOME=/tmp/helmfile/cache
 export HELMFILE_TEMPDIR=/tmp/helmfile/tmp

-test -n ARGOCD_ENV_HELMFILE_ENVIRONMENT && export HELMFILE_ENVIRONMENT=$ARGOCD_ENV_HELMFILE_ENVIRONMENT
-test -n ARGOCD_ENV_HELMFILE_FILE_PATH && export HELMFILE_FILE_PATH=$ARGOCD_ENV_HELMFILE_FILE_PATH
+test -n ARGOCD_ENV_HELMFILE_ENVIRONMENT && export HELMFILE_ENVIRONMENT="${ARGOCD_ENV_HELMFILE_ENVIRONMENT}"
+test -n ARGOCD_ENV_HELMFILE_FILE_PATH && export HELMFILE_FILE_PATH="${ARGOCD_ENV_HELMFILE_FILE_PATH}"

-helmfile -n "$ARGOCD_APP_NAMESPACE" $ARGS template -q --include-crds 
+helmfile -n "${ARGOCD_APP_NAMESPACE}" "${ARGS}" template -q --include-crds
@@ -13,7 +13,7 @@ kubectl --context ekman apply -f cluster-admin-token.yaml
 # kubectl --context oceanbox apply -f _cluster-ekman.yaml

 token=$(kubectl --context ekman get secret -n kube-system argocd-manager-token -o yaml | grep ' token:' | cut -d' ' -f4 | base64 -d)
-sed "s/@token@/$token/" cluster-ekman.yaml > _cluster-ekman.yaml
+sed "s/@token@/${token}/" cluster-ekman.yaml > _cluster-ekman.yaml
 echo "configure argocd ekman-cluster..."
 cat _cluster-ekman.yaml
 kubectl --context oceanbox apply -f _cluster-ekman.yaml
@@ -0,0 +1,65 @@
+let
+  sources = import ./default.nix;
+  pkgs = import sources.nixpkgs { };
+  pre-commit = import sources.git-hooks;
+
+  globalExcludes = [
+    "nix/default.nix"
+    ".*vendor"
+    ".*chart/.*"
+    ".*schema.json"
+  ];
+
+in
+pre-commit.run {
+  src = pkgs.nix-gitignore.gitignoreSource [ ] ../.;
+  # Do not run at pre-commit time
+  default_stages = [
+    "pre-push"
+  ];
+  # TODO(mrtz): Remove when default
+  package = pkgs.prek;
+  # Linters From https://github.com/cachix/pre-commit-hooks.nix
+  hooks = {
+    nixfmt-rfc-style = {
+      enable = true;
+      excludes = globalExcludes;
+    };
+
+    trim-trailing-whitespace.enable = true;
+
+    shellcheck = {
+      enable = true;
+      excludes = [
+        "vcluster/"
+      ];
+      args = [
+        "-x"
+        "-o"
+        "all"
+      ];
+    };
+
+    yamllint = {
+      enable = false;
+      excludes = [
+        "attic/"
+        "charts/templates/"
+        "charts/charts/"
+      ];
+      settings = {
+        strict = true;
+        configData = ''{ extends: default, rules: { document-start: disable, line-length: {max: 165} } }'';
+      };
+    };
+
+    check-json.enable = true;
+
+    renovate-config-validator = {
+      enable = true;
+      files = "renovate.json$";
+      entry = "renovate-config-validator";
+    };
+
+  };
+}
@@ -1,5 +1,18 @@
 {
  "pins": {
+    "git-hooks": {
+      "type": "Git",
+      "repository": {
+        "type": "GitHub",
+        "owner": "cachix",
+        "repo": "git-hooks.nix"
+      },
+      "branch": "master",
+      "submodules": false,
+      "revision": "b68b780b69702a090c8bb1b973bab13756cc7a27",
+      "url": "https://github.com/cachix/git-hooks.nix/archive/b68b780b69702a090c8bb1b973bab13756cc7a27.tar.gz",
+      "hash": "1k99smax7zpa5cdw9afa4v4y4155amy21a8z5z8x3cikdz3gyx5p"
+    },
    "nixpkgs": {
      "type": "Channel",
      "name": "nixpkgs-unstable",
@@ -3,7 +3,7 @@
 # Simple script for uploading a base64 encoded image into our database. For
 # grafana business image panels.

-if [ $# -ne 2 ]
+if [[ $# -ne 2 ]]
 then
 	echo "Usage: $0 <image-name> <file>.png"
 	exit 1
@@ -12,9 +12,9 @@ fi
 filename=$1
 file=$2

-if [ ! -e $file ]
+if [[ ! -e "${file}" ]]
 then
-	echo "file $file does not exist"
+	echo "file ${file} does not exist"
 	exit 1
 fi

@@ -22,9 +22,9 @@ function create_image() {
 	local filename=$1
 	local data=$2
 cat << EOF
-INSERT INTO images VALUES('$filename', '$data');
+INSERT INTO images VALUES('${filename}', '${data}');
 EOF
 }

-data=$(cat $file | base64 -w0)
-create_image $filename $data
+data=$(base64 -w0 < "${file}")
+create_image "${filename}" "${data}"
@@ -1,4 +1,3 @@
-// -*- mode: jsonc -*-
 {
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": [
@@ -6,35 +6,45 @@ let
    config = { };
    overlays = [ ];
  };
+  checks = import ./nix/checks.nix;
 in
 pkgs.mkShellNoCC {
  name = "clstr";

-  packages = with pkgs; [
-    just
-    npins
+  packages =
+    with pkgs;
+    [
+      # dev tools
+      just
+      npins

-    # helm
-    helmfile
-    kubernetes-helm
+      # helm
+      helmfile
+      kubernetes-helm

-    # kubectl tools
-    kubectl-cnpg
-    kubectl-neat
-    kubelogin
-    kubelogin-oidc
-    kubectl-rook-ceph
+      # kubectl tools
+      kubectl-cnpg
+      kubectl-neat
+      kubelogin
+      kubelogin-oidc
+      kubectl-rook-ceph

-    # other tools
-    step-cli
-    linkerd
-    velero
-    cmctl
+      # other tools
+      step-cli
+      linkerd
+      velero
+      cmctl
+      renovate

-    # dapr
-    dapr-cli
-  ];
+      # dapr
+      dapr-cli
+    ]
+    ++ checks.enabledPackages;

-  ARGOCD_ENV_CLUSTER_NAME = "rossby";
+  ARGOCD_ENV_CLUSTER_NAME = "hel1";
  HELM_GIT_ACCESS_TOKEN = "glpat-xxx";
+
+  shellHook = builtins.concatStringsSep "\n" [
+    checks.shellHook
+  ];
 }
@@ -73,7 +73,7 @@
    "connString": "Username=postgres;Password=secret;Host=localhost;Port=5432;Database=app;Pooling=true;",
    "sorcerer" : "https://sorcerer.data.oceanbox.io",
    "allowedOrigins": [
-        "https://maps.oceanbox.io",
+        "https://maps.oceanbox.io"
    ],
    "appName": "atlantis",
    "appEnv": "prod",
@@ -6,5 +6,5 @@
    "appVersion": "1.0.0",
    "cacheDir": "/data/archives/cache/prod",
    "otelCollector": "http://10.255.241.12:4317",
-    "sentryUrl": "https://2b68ecf0c4d02e6cc9433c371321ac9d@o4509530141622272.ingest.de.sentry.io/4509910315237456",
+    "sentryUrl": "https://2b68ecf0c4d02e6cc9433c371321ac9d@o4509530141622272.ingest.de.sentry.io/4509910315237456"
 }
@@ -60,7 +60,7 @@
        "https://maps.beta.oceanbox.io",
        "https://atlantis.beta.oceanbox.io",
        "https://jonas-atlantis.dev.oceanbox.io",
-        "https://stig-atlantis.dev.oceanbox.io",
+        "https://stig-atlantis.dev.oceanbox.io"
    ],
    "appName": "sorcerer",
    "appEnv": "prod",
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash

-if [ $# -ne 1 ]
+if [[ $# -ne 1 ]]
 then
 	echo "Usage: $0 <file>.sql"
 	exit 1
@@ -8,11 +8,11 @@ fi

 file=$1

-if [ ! -e $file ]
+if [[ ! -e "${file}" ]]
 then
-	echo "file $file does not exist"
+	echo "file ${file} does not exist"
 	exit 1
 fi

-cat $file | kubectl -n analytics exec -i svc/prod-umami-db-rw -c postgres -- psql app
+kubectl -n analytics exec -i svc/prod-umami-db-rw -c postgres -- psql app < "${file}"