/shellcheck

Perform static code analysis on shell scripts using ShellCheck.

Primary LanguageShellMIT LicenseMIT

CICDToolbox Logo
Github Build Status Release Commits since release

Overview

A tool to lint your shell scripts with ShellCheck in CI/CD pipelines.

This tool has been written and tested using GitHub Actions but it should work out of the box with a lot of other CI/CD tools.

Usage

on: [push, pull_request]

jobs:
  build:
    runs-on: ubuntu-latest
    - name: Run Shellcheck
      run: bash <(curl -s https://raw.githubusercontent.com/CICDToolbox/shellcheck/master/pipeline.sh)

Other Options

The following environment variables can be set in order to customise the script.

Name Purpose Default Value
EXCLUDE_FILES A comma separated list of files to exclude from being scanned. You can also use regex to do pattern matching. Unset
REPORT_ONLY Generate the report but do not fail the build even if an error occurred. False
SHOW_ERRORS Show the actual errors instead of just which files had errors. True
SHOW_SKIPPED Show which files are being skipped. False

You can use any combination of the above settings.

on: [push, pull_request]

jobs:
  build:
    runs-on: ubuntu-latest
    - name: Run Shellcheck
      env:
        REPORT_ONLY: true
        SHOW_ERRORS: true
      run: bash <(curl -s https://raw.githubusercontent.com/CICDToolbox/shellcheck/master/pipeline.sh)

Example Output

This is an example of the output report generated by this tool, this is the actual output from the tool running against itself.

-------------------------------------------------------------------------- Stage 1 - Parameters --
 No parameters given
--------------------------------------------------------------- Stage 2 - Install Prerequisites --
 [  OK  ] shellcheck is alredy installed
------------------------------------------------------------- Stage 3 - Run shellcheck (v0.7.0) --
 [  OK  ] pipeline.sh
 [  OK  ] tests/advanced-tests
 [  OK  ] tests/bash.sh
 [  OK  ] tests/dash.sh
 [  OK  ] tests/ksh.sh
 [  OK  ] tests/no-extension
 [  OK  ] tests/sh.sh
------------------------------------------------------------------------------ Stage 4 - Report --
 Total: 7, OK: 7, Failed: 0, Skipped: 0
---------------------------------------------------------------------------- Stage 5 - Complete --

File Identification

Shell scripts are identified using the following code:

file -b "${filename}" | grep -qE '(shell|dash) script'

AND

[[ ${filename} =~ \.(sh|bash|dash|ksh)$ ]]