Shell Script 작성 과정에 읽고, 유지보수하기 쉽게 만들기 위한 Clean Code 방법
1. 의미 있는 변수명
변수에 담기는 값에 대한 용도, 의도 등을 파악할 수 있도록 변수명을 할당한다.
#!/bin/bash
VPC_NAME="lab-edu-vpc-ap-01"
PRI_SUB_NAME_01="lab-edu-sub-pri-01
PRI_SUB_NAME_02="lab-edu-sub-pri-02"
NETWORK_EC2_NAME_01="lab-edu-ec2-network-ap-01"
NETWORK_EC2_NAME_02="lab-edu-ec2-network-ap-02"
AMI_ID="ami-0ff1cd0b5d98708d1"
INSTANCE_TYPE="t3.micro"
KEY_NAME="lab-edu-key-ec2"
KEY_PATH="/home/ec2-user/.ssh/$KEY_NAME.pem"
SG_NAME="lab-edu-sg-network"
VPC_ID=$(aws ec2 describe-vpcs --filters "Name=tag:Name,Values=$VPC_NAME" --query "Vpcs[].VpcId" --output text)
2. 주석 작성
주석을 이용해 명령어, 변수, 함수 등을 이용하는 의도를 설명한다.
#!/bin/bash
# VPC / SUBNETS / EC2 INFORMATION
VPC_NAME="lab-edu-vpc-ap-01"
# PRI_SUB_NAME_01="lab-edu-sub-pri-01"
PRI_SUB_NAME_02="lab-edu-sub-pri-02"
# NETWORK_EC2_NAME_01="lab-edu-ec2-network-ap-01"
NETWORK_EC2_NAME_02="lab-edu-ec2-network-ap-02"
# INSTANCE INFORMATION
AMI_ID="ami-0ff1cd0b5d98708d1"
INSTANCE_TYPE="t3.micro"
KEY_NAME="lab-edu-key-ec2"
KEY_PATH="/home/ec2-user/.ssh/$KEY_NAME.pem"
SG_NAME="lab-edu-sg-network"
# GET VPC ID
VPC_ID=$(aws ec2 describe-vpcs --filters "Name=tag:Name,Values=$VPC_NAME" --query "Vpcs[].VpcId" --output text)
3. 에러 처리 추가
예상되는 문제를 처리하고 에러 메시지를 명확하게 출력하도록 구성한다.
3.1 적용 전 코드
# CREATE SECURITY-GROUP
SG_ID=$(aws ec2 create-security-group --group-name $SG_NAME --description "My security group" --vpc-id $VPC_ID --query 'GroupId' --output text)
# Allow SSH access
aws ec2 authorize-security-group-ingress --group-id $SG_ID --protocol tcp --port 22 --cidr 10.0.0.0/8 > /dev/null
# Allow ICMP access
aws ec2 authorize-security-group-ingress --group-id $SG_ID --protocol icmp --port -1 --cidr 10.0.0.0/8 > /dev/null3.2 적용 후 코드
# CREATE SECURITY-GROUP
SG_ID=$(aws ec2 create-security-group --group-name $SG_NAME --description "My security group" --vpc-id $VPC_ID --query 'GroupId' --output text)
if [ -z "$SG_ID" ]; then
echo "Failed to create Security Group: $SG_ID"
sleep 1
exit 1
else
echo "VPC found: $SG_ID"
fi
# Allow SSH access
aws ec2 authorize-security-group-ingress --group-id $SG_ID --protocol tcp --port 22 --cidr 10.0.0.0/8 > /dev/null
if [ $? -eq 0 ]; then
echo "Security Group Rule created successfully: SSH"
else
echo "Failed to create Security Group Rule: SSH"
exit 1
fi
# Allow ICMP access
aws ec2 authorize-security-group-ingress --group-id $SG_ID --protocol icmp --port -1 --cidr 10.0.0.0/8 > /dev/null
if [ $? -eq 0 ]; then
echo "Security Group Rule created successfully: ICMP"
else
echo "Failed to create Security Group Rule: ICMP"
exit 1
fi
4. 함수로 분리
중복되는 코드나 긴 스크립트는 함수로 나누어 구조화한다.
4.1 적용 전 코드
# Allow SSH access
aws ec2 authorize-security-group-ingress --group-id $SG_ID --protocol tcp --port 22 --cidr 10.0.0.0/8 > /dev/null
if [ $? -eq 0 ]; then
echo "Security Group Rule created successfully: SSH"
else
echo "Failed to create Security Group Rule: SSH"
exit 1
fi
# Allow ICMP access
aws ec2 authorize-security-group-ingress --group-id $SG_ID --protocol icmp --port -1 --cidr 10.0.0.0/8 > /dev/null
if [ $? -eq 0 ]; then
echo "Security Group Rule created successfully: ICMP"
else
echo "Failed to create Security Group Rule: ICMP"
exit 1
fi4.2 적용 후 코드
# Function to create a security group rule
# Parameters:
# $1 - Security Group ID
# $2 - Protocol (e.g., tcp, icmp)
# $3 - Port (use -1 for all ports, e.g., for ICMP)
# $4 - CIDR block (e.g., 10.0.0.0/8)
# $5 - Description of the rule (for logging purposes)
create_security_group_rule() {
local group_id=$1
local protocol=$2
local port=$3
local cidr=$4
local description=$5
aws ec2 authorize-security-group-ingress \
--group-id "$group_id" \
--protocol "$protocol" \
--port "$port" \
--cidr "$cidr" > /dev/null
if [ $? -eq 0 ]; then
echo "Security Group Rule created successfully: $description"
else
echo "Failed to create Security Group Rule: $description"
exit 1
fi
}
# Allow SSH / ICMP access to the Security Group
create_security_group_rule "$SG_ID" "tcp" "22" "10.0.0.0/8" "SSH"
create_security_group_rule "$SG_ID" "icmp" "-1" "10.0.0.0/8" "ICMP"
5. 일관적인 포맷
가독성을 높이기 위해 들여쓰기, 공백, 줄 길이 등을 통일한다.
