Docker>> shellcheck>> 返回
项目作者: CICDToolbox

项目描述 :
A tool to lint your shell scripts with shellcheck in CI/CD pipelines.
高级语言: Shell
项目地址: git://github.com/CICDToolbox/shellcheck.git
创建时间: 2021-06-12T16:05:45Z
项目社区:https://github.com/CICDToolbox/shellcheck
开源协议:MIT License
下载




CICDToolbox logo




Github Build Status


License


Created




Release


Released


Commits since release















Overview

A tool to perform static code analysis on shell scripts using ShellCheck.

This tool has been tested against the following:

  1. GitHub Actions
  2. Travis CI
  3. CircleCI
  4. BitBucket pipelines
  5. Local command line

However due to the way that they are built they should work on most CICD platforms where you can run arbitrary scripts.

We provide a script which pulls the latest copy of all the CICD tools and
places them in a local bin directory to allow them to be run any time locally for added validation.

Basic Usage

  1. on: [push, pull_request]
  3. jobs:
  4.   build:
  5.     name: ShellCheck
  6.     runs-on: ubuntu-latest
  8.     steps:
  9.       - name: Checkout the Repository
  10.         uses: actions/checkout@v4
  12.       - name: Perform ShellCheck Analysis
  13.         run: bash <(curl -s https://raw.githubusercontent.com/CICDToolbox/shellcheck/master/pipeline.sh)

Configuration Options

The following environment variables can be set in order to customise the script.

Name Default Value Purpose
INCLUDE_FILES Unset A comma separated list of files to include for being scanned. You can also use regex to do pattern matching.
EXCLUDE_FILES Unset A comma separated list of files to exclude from being scanned. You can also use regex to do pattern matching.
NO_COLOR False Turn off the color in the output.
REPORT_ONLY False Generate the report but do not fail the build even if an error occurred.
SHOW_ERRORS True Show the actual errors instead of just which files had errors.
SHOW_SKIPPED False Show which files are being skipped.

If you set INCLUDE_FILES - it will skip ALL files that do not match, including anything in EXCLUDE_FILES.

You can use any combination of the above settings.

  1. on: [push, pull_request]
  3. jobs:
  4.   build:
  5.     name: ShellCheck
  6.     runs-on: ubuntu-latest
  8.     steps:
  9.       - name: Checkout the Repository
  10.         uses: actions/checkout@v4
  12.       - name: Perform ShellCheck Analysis
  13.         env:
  14.           REPORT_ONLY: true
  15.           SHOW_ERRORS: true
  16.         run: bash <(curl -s https://raw.githubusercontent.com/CICDToolbox/shellcheck/master/pipeline.sh)

Example Output

This is an example of the output report generated by this tool, this is the actual output from the tool running against itself.

  1. --------------------------------------------------------------------- Stage 1: Parameters --
  2.  No parameters given
  3. ---------------------------------------------------------- Stage 2: Install Prerequisites --
  4.  [ OK ] docker pull --quiet koalaman/shellcheck:stable
  5. ------------------------------------------------------- Stage 3: Run shellcheck (v0.10.0) --
  6.  [ OK ] .github/scripts/check-jobs.sh
  7.  [ OK ] pipeline.sh
  8.  [ OK ] tests/advanced-tests
  9.  [ OK ] tests/bash.sh
  10.  [ OK ] tests/dash.sh
  11.  [ OK ] tests/ksh.sh
  12.  [ OK ] tests/no-extension
  13.  [ OK ] tests/sh.sh
  14. ------------------------------------------------------------------------- Stage 4: Report --
  15.  Total: 8, OK: 8, Failed: 0, Skipped: 0
  16. ----------------------------------------------------------------------- Stage 5: Complete --

File Identification

Shell scripts are identified using the following code:

  1. file -b "${filename}" | grep -qE '(shell|dash) script'
  3. AND
  5. [[ ${filename} =~ \.(sh|bash|dash|ksh)$ ]]