A tool to lint your shell scripts with ShellCheck in CI/CD pipelines.
This tool has been written and tested using GitHub Actions but it should work out of the box with a lot of other CI/CD tools.
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
- name: Run Shellcheck
run: bash <(curl -s https://raw.githubusercontent.com/CICDToolbox/shellcheck/master/pipeline.sh)
The following environment variables can be set in order to customise the script.
Name | Purpose | Default Value |
---|---|---|
EXCLUDE_FILES | A comma separated list of files to exclude from being scanned. You can also use regex to do pattern matching. |
Unset |
REPORT_ONLY | Generate the report but do not fail the build even if an error occurred. | False |
SHOW_ERRORS | Show the actual errors instead of just which files had errors. | True |
SHOW_SKIPPED | Show which files are being skipped. | False |
You can use any combination of the above settings.
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
- name: Run Shellcheck
env:
REPORT_ONLY: true
SHOW_ERRORS: true
run: bash <(curl -s https://raw.githubusercontent.com/CICDToolbox/shellcheck/master/pipeline.sh)
This is an example of the output report generated by this tool, this is the actual output from the tool running against itself.
-------------------------------------------------------------------------- Stage 1 - Parameters --
No parameters given
--------------------------------------------------------------- Stage 2 - Install Prerequisites --
[ OK ] shellcheck is alredy installed
------------------------------------------------------------- Stage 3 - Run shellcheck (v0.7.0) --
[ OK ] pipeline.sh
[ OK ] tests/advanced-tests
[ OK ] tests/bash.sh
[ OK ] tests/dash.sh
[ OK ] tests/ksh.sh
[ OK ] tests/no-extension
[ OK ] tests/sh.sh
------------------------------------------------------------------------------ Stage 4 - Report --
Total: 7, OK: 7, Failed: 0, Skipped: 0
---------------------------------------------------------------------------- Stage 5 - Complete --
Shell scripts are identified using the following code:
file -b "${filename}" | grep -qE '(shell|dash) script'
AND
[[ ${filename} =~ \.(sh|bash|dash|ksh)$ ]]