From 9a11896df71254ca3d4bc9a0fb6475470e330d89 Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Mon, 27 Feb 2023 12:43:03 -0500 Subject: [PATCH 01/12] build: add workflow template for ShellCheck --- workflow-templates/shellcheck.yml | 65 +++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 workflow-templates/shellcheck.yml diff --git a/workflow-templates/shellcheck.yml b/workflow-templates/shellcheck.yml new file mode 100644 index 0000000..63b7356 --- /dev/null +++ b/workflow-templates/shellcheck.yml @@ -0,0 +1,65 @@ +# ShellCheck is a linter for your shell scripts: +# https://www.shellcheck.net/ +# This workflow runs it on PRs and pushes to $default-branch + +name: ShellCheck + +on: + pull_request: + push: + branches: + - $default-branch + +permissions: + contents: read + +jobs: + + shellcheck: + name: Run ShellCheck + runs-on: ubuntu-latest + + steps: + + - name: Check out branch + uses: actions/checkout@v3 + + # Run ShellCheck using a predefine action: + # https://github.com/marketplace/actions/shellcheck + - name: Run ShellCheck + uses: ludeeus/action-shellcheck@master + env: + + # We pin to a specific version of ShellCheck so that your build doesn't + # break as newer versions with more warnings are released. + # Maintainers: Keep an eye out for newer ShellCheck versions and consider + # upgrading to them when they are released: + # https://github.com/koalaman/shellcheck/tags + version: v0.9.0 + + # Severity levels, in increasing order of strictness: + # error + # warning + # info + # style + # We recommend `style` for maximum coverage, but adjust as you see fit. + severity: style + + # Add any custom shellcheck CLI options here. + # For example, use `-e SC2059` to ignore a certain warning. + # (However, it's usually to ignore individual warnings inline: `# shellcheck: disable=SC2059`) + SHELLCHECK_OPTS: + + # Ignore filepaths or filenames. + # Each is a single string, space-separated. + ignore_paths: + ignore_names: + + # By default, your whole repo is scanned for shell scripts. + # Uncomment the next line if you want to limit to a certain directory. + #scandir: './scripts' + + # This ensures that all .sh files are passed to shellcheck in one go, making + # ShellCheck aware of "include" logic (`source ./constants.sh`) between scripts. + check_together: 'yes' + From 919ca4c8be45ccb79ea29cd2d2b152a6ceb69bae Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Wed, 1 Mar 2023 19:31:01 -0500 Subject: [PATCH 02/12] build: squash: drop 3rd party action in favor of home-rolled workflow --- .github/workflows/shellcheck.yml | 61 ++++++++++++++++++++++++++++ workflow-templates/shellcheck.yml | 67 ++++++------------------------- 2 files changed, 74 insertions(+), 54 deletions(-) create mode 100644 .github/workflows/shellcheck.yml diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml new file mode 100644 index 0000000..d0b6f6b --- /dev/null +++ b/.github/workflows/shellcheck.yml @@ -0,0 +1,61 @@ +# This is a reusable workflow for running ShellCheck, +# a linter for shell scripts (https://shellcheck.net). + +# For more context, see: +# https://github.com/openedx/.github/blob/master/docs/decisions/0001-shellcheck.rst + +name: ShellCheck + +on: + - workflow_call + +defaults: + run: + shell: bash + +permissions: + contents: read + +# Repositories can provide overrides to these environment variables. +env: + + # ShellCheck version to install. + # Must be a tag or branch of https://github.com/koalaman/shellcheck. + # We pin a reasonable version here and will update it over time. + # However, repositories that are particuarly concerned about + # build stability should specify an override SHELLCHECK_VERSION + # and manage updates themselves. + SHELLCHECK_VERSION: "v0.9.0" + + # List of directories to check for .sh files, space-separated. + SHELLCHECK_ROOT_DIRS: "./scripts ./.github" + + # Options to pass to the shellcheck command. + SHELLCHECK_OPTIONS: "" + +jobs: + + shellcheck: + name: Run ShellCheck + runs-on: ubuntu-latest + + steps: + + - name: Download & unpack ShellCheck + run: wget -qO- "https://github.com/koalaman/shellcheck/releases/download/$SHELLCHECK_VERSION/shellcheck-$SHELLCHECK_VERSION.linux.x86_64.tar.xz" | tar -xJv + + - name: Install ShellCheck + run: sudo cp "shellcheck-$SHELLCHECK_VERSION/shellcheck" /usr/bin + + - name: Show ShellCheck version + run: shellcheck -V + + - name: Check out repository branch + uses: actions/checkout@v3 + + - name: Show shell scripts that will be checked + run: find $SHELLCHECK_ROOT_DIRS -name '*.sh' + + - name: Check shell scripts + run: find $SHELLCHECK_ROOT_DIRS -name '*.sh' -print0 | xargs -0 shellcheck $SHELLCHECK_OPTIONS + diff --git a/workflow-templates/shellcheck.yml b/workflow-templates/shellcheck.yml index 63b7356..218f318 100644 --- a/workflow-templates/shellcheck.yml +++ b/workflow-templates/shellcheck.yml @@ -1,6 +1,8 @@ -# ShellCheck is a linter for your shell scripts: -# https://www.shellcheck.net/ -# This workflow runs it on PRs and pushes to $default-branch +# Run ShellCheck on PRs and $default-branch. + +# For more context, see: +# https://github.com/openedx/.github/blob/master/docs/decisions/0001-shellcheck.rst + name: ShellCheck @@ -10,56 +12,13 @@ on: branches: - $default-branch -permissions: - contents: read - jobs: - shellcheck: - name: Run ShellCheck - runs-on: ubuntu-latest - - steps: - - - name: Check out branch - uses: actions/checkout@v3 - - # Run ShellCheck using a predefine action: - # https://github.com/marketplace/actions/shellcheck - - name: Run ShellCheck - uses: ludeeus/action-shellcheck@master - env: - - # We pin to a specific version of ShellCheck so that your build doesn't - # break as newer versions with more warnings are released. - # Maintainers: Keep an eye out for newer ShellCheck versions and consider - # upgrading to them when they are released: - # https://github.com/koalaman/shellcheck/tags - version: v0.9.0 - - # Severity levels, in increasing order of strictness: - # error - # warning - # info - # style - # We recommend `style` for maximum coverage, but adjust as you see fit. - severity: style - - # Add any custom shellcheck CLI options here. - # For example, use `-e SC2059` to ignore a certain warning. - # (However, it's usually to ignore individual warnings inline: `# shellcheck: disable=SC2059`) - SHELLCHECK_OPTS: - - # Ignore filepaths or filenames. - # Each is a single string, space-separated. - ignore_paths: - ignore_names: - - # By default, your whole repo is scanned for shell scripts. - # Uncomment the next line if you want to limit to a certain directory. - #scandir: './scripts' - - # This ensures that all .sh files are passed to shellcheck in one go, making - # ShellCheck aware of "include" logic (`source ./constants.sh`) between scripts. - check_together: 'yes' - + # Call out to our predefined ShellCheck workflow. + uses: openedx/.github/.github/workflows/shellcheck.yml@master + env: + # The following environment variables can be used to configure + # the shared ShellCheck workflow: + #SHELLCHECK_VERSION: "v0.9.0" + #SHELLCHECK_ROOT_DIRS: "./scripts ./.github" + #SHELLCHECK_OPTIONS: "" From d00e88da1f15f052b1e6d815d753780ffc9a3df3 Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Wed, 1 Mar 2023 19:54:05 -0500 Subject: [PATCH 03/12] build: squash: let's try an action instead of a workflow --- .github/actions/shellcheck/action.yml | 61 +++++++++++++++++++++++++++ .github/workflows/shellcheck.yml | 61 --------------------------- workflow-templates/shellcheck.yml | 36 +++++++++++----- 3 files changed, 87 insertions(+), 71 deletions(-) create mode 100644 .github/actions/shellcheck/action.yml delete mode 100644 .github/workflows/shellcheck.yml diff --git a/.github/actions/shellcheck/action.yml b/.github/actions/shellcheck/action.yml new file mode 100644 index 0000000..6005947 --- /dev/null +++ b/.github/actions/shellcheck/action.yml @@ -0,0 +1,61 @@ +# This is a reusable action for running ShellCheck, +# a linter for shell scripts (https://shellcheck.net). + +# For more context, see: +# https://github.com/openedx/.github/blob/master/docs/decisions/0001-shellcheck.rst + +name: ShellCheck + +inputs: + + root-dirs: + description: "Directories to search for .sh files, space-separated." + reqired: true + + # We pin a reasonable default version here and will update it over time. + # However, repositories that are particuarly concerned about + # build stability should specify an override shellcheck-version + # and manage updates themselves. + shellcheck-version: + description: "ShellCheck version to install.Must be a tag or branch of https://github.com/koalaman/shellcheck." + required: false + default: "v0.9.0" + + shellcheck-options: + description: "Command-line options to pass through to shellcheck." + required: false + default: "" + +runs: + + using: composite + + # Note: Unfortunately, GitHub will not print the names of steps in + # composite actions, so we must rely on comments and echo'ing to + # make it clear to the user what's going on on. + steps: + + - shell: bash + run: | + # Download, unpack & install ShellCheck ${{ inputs.shellcheck-version }}. + wget -qO- "https://github.com/koalaman/shellcheck/releases/download/${{ inputs.shellcheck-version }}/shellcheck-${{ inputs.shellcheck-version}}.linux.x86_64.tar.xz" | tar -xJ + sudo cp "shellcheck-${{ inputs.shellcheck-version }}/shellcheck" /usr/bin + echo "Successfully installed:" + shellcheck -V + echo + + - shell: bash + run: | + # Ensure that at least one shell script will be checked + if [[ -z "$(find ${{ inputs.root-dirs }} -name '*.sh')" ]] ; then + echo "::error::Error: No .sh files found within any of the root-dirs: ${{ inputs.root-dirs }}" && exit 1 + fi + echo "The following shell scripts will be checked:" + find ${{ inputs.root-dirs }} -name '*.sh' + echo + + # This step is intentionally a big one-line command so that + # devs can easily copy it and run it on their own machine. + - shell: bash + run: find ${{ inputs.root-dirs }} -name '*.sh' -print0 | xargs -0 shellcheck ${{ inputs.shellcheck-options }} + diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml deleted file mode 100644 index d0b6f6b..0000000 --- a/.github/workflows/shellcheck.yml +++ /dev/null @@ -1,61 +0,0 @@ -# This is a reusable workflow for running ShellCheck, -# a linter for shell scripts (https://shellcheck.net). - -# For more context, see: -# https://github.com/openedx/.github/blob/master/docs/decisions/0001-shellcheck.rst - -name: ShellCheck - -on: - - workflow_call - -defaults: - run: - shell: bash - -permissions: - contents: read - -# Repositories can provide overrides to these environment variables. -env: - - # ShellCheck version to install. - # Must be a tag or branch of https://github.com/koalaman/shellcheck. - # We pin a reasonable version here and will update it over time. - # However, repositories that are particuarly concerned about - # build stability should specify an override SHELLCHECK_VERSION - # and manage updates themselves. - SHELLCHECK_VERSION: "v0.9.0" - - # List of directories to check for .sh files, space-separated. - SHELLCHECK_ROOT_DIRS: "./scripts ./.github" - - # Options to pass to the shellcheck command. - SHELLCHECK_OPTIONS: "" - -jobs: - - shellcheck: - name: Run ShellCheck - runs-on: ubuntu-latest - - steps: - - - name: Download & unpack ShellCheck - run: wget -qO- "https://github.com/koalaman/shellcheck/releases/download/$SHELLCHECK_VERSION/shellcheck-$SHELLCHECK_VERSION.linux.x86_64.tar.xz" | tar -xJv - - - name: Install ShellCheck - run: sudo cp "shellcheck-$SHELLCHECK_VERSION/shellcheck" /usr/bin - - - name: Show ShellCheck version - run: shellcheck -V - - - name: Check out repository branch - uses: actions/checkout@v3 - - - name: Show shell scripts that will be checked - run: find $SHELLCHECK_ROOT_DIRS -name '*.sh' - - - name: Check shell scripts - run: find $SHELLCHECK_ROOT_DIRS -name '*.sh' -print0 | xargs -0 shellcheck $SHELLCHECK_OPTIONS - diff --git a/workflow-templates/shellcheck.yml b/workflow-templates/shellcheck.yml index 218f318..4914573 100644 --- a/workflow-templates/shellcheck.yml +++ b/workflow-templates/shellcheck.yml @@ -1,9 +1,8 @@ -# Run ShellCheck on PRs and $default-branch. +# Run ShellCheck on PRs and $default-branch # For more context, see: # https://github.com/openedx/.github/blob/master/docs/decisions/0001-shellcheck.rst - name: ShellCheck on: @@ -12,13 +11,30 @@ on: branches: - $default-branch +permissions: + contents: read + jobs: shellcheck: - # Call out to our predefined ShellCheck workflow. - uses: openedx/.github/.github/workflows/shellcheck.yml@master - env: - # The following environment variables can be used to configure - # the shared ShellCheck workflow: - #SHELLCHECK_VERSION: "v0.9.0" - #SHELLCHECK_ROOT_DIRS: "./scripts ./.github" - #SHELLCHECK_OPTIONS: "" + runs-on: ubuntu-latest + steps: + + - name: Check out this repository + uses: actions/checkout@v3 + + - name: Check out shared actions + uses: actions/checkout@v3 + with: + repository: openedx/.github + path: ./openedx-dot-github + + - name: Run ShellCheck! + uses: ./openedx-dot-github/.github/actions/shellcheck + with: + + # Required arguments for the ShellCheck action: + root-dirs: "./scripts ./.github" + + # Optional arguments: + #shellcheck-version: "v0.9.0" + #shellcheck-options: "" From 3fbf8ea302faab59fc2ff9728412cbe66d2deb6f Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Thu, 2 Mar 2023 12:07:40 -0500 Subject: [PATCH 04/12] build: squash: move arg descriptions to template comments & echo more help --- .github/actions/shellcheck/action.yml | 23 +++++++++++++---------- workflow-templates/shellcheck.yml | 22 +++++++++++++++++++--- 2 files changed, 32 insertions(+), 13 deletions(-) diff --git a/.github/actions/shellcheck/action.yml b/.github/actions/shellcheck/action.yml index 6005947..8a3ff7d 100644 --- a/.github/actions/shellcheck/action.yml +++ b/.github/actions/shellcheck/action.yml @@ -6,23 +6,19 @@ name: ShellCheck +# For details on each of these input arguments, see: +# ../../../workflow-templates/shellcheck.yml +# which invokes this action. inputs: root-dirs: - description: "Directories to search for .sh files, space-separated." reqired: true - # We pin a reasonable default version here and will update it over time. - # However, repositories that are particuarly concerned about - # build stability should specify an override shellcheck-version - # and manage updates themselves. shellcheck-version: - description: "ShellCheck version to install.Must be a tag or branch of https://github.com/koalaman/shellcheck." required: false default: "v0.9.0" shellcheck-options: - description: "Command-line options to pass through to shellcheck." required: false default: "" @@ -38,7 +34,7 @@ runs: - shell: bash run: | # Download, unpack & install ShellCheck ${{ inputs.shellcheck-version }}. - wget -qO- "https://github.com/koalaman/shellcheck/releases/download/${{ inputs.shellcheck-version }}/shellcheck-${{ inputs.shellcheck-version}}.linux.x86_64.tar.xz" | tar -xJ + wget -qO- "https://github.com/koalaman/shellcheck/releases/download/${{ inputs.shellcheck-version }}/shellcheck-${{ inputs.shellcheck-version }}.linux.x86_64.tar.xz" | tar -xJ sudo cp "shellcheck-${{ inputs.shellcheck-version }}/shellcheck" /usr/bin echo "Successfully installed:" shellcheck -V @@ -46,13 +42,20 @@ runs: - shell: bash run: | - # Ensure that at least one shell script will be checked + # Ensure that at least one shell script will be checked & print helpful info if [[ -z "$(find ${{ inputs.root-dirs }} -name '*.sh')" ]] ; then - echo "::error::Error: No .sh files found within any of the root-dirs: ${{ inputs.root-dirs }}" && exit 1 + echo "::error::Error: No .sh files found within any of the root-dirs: ${{ inputs.root-dirs }}" + exit 1 fi echo "The following shell scripts will be checked:" find ${{ inputs.root-dirs }} -name '*.sh' echo + echo "If ShellCheck passes, the next step will have no output." + echo "If ShellCheck fails, you should see a list of violations." + echo "Each violation type has an SCXXXX code which can be looked up at https://www.shellcheck.net/wiki/SCXXXX" + echo "We recommend that you try to resolve any violations." + echo "In the case where resolving the violation doesn't make sense, you can use directives (https://www.shellcheck.net/wiki/Directive) to ignore a single violation instance or an entire shell script." + echo # This step is intentionally a big one-line command so that # devs can easily copy it and run it on their own machine. diff --git a/workflow-templates/shellcheck.yml b/workflow-templates/shellcheck.yml index 4914573..051ffaf 100644 --- a/workflow-templates/shellcheck.yml +++ b/workflow-templates/shellcheck.yml @@ -32,9 +32,25 @@ jobs: uses: ./openedx-dot-github/.github/actions/shellcheck with: - # Required arguments for the ShellCheck action: + # REQUIRED: + # Directories to search for .sh files, space-separated, each relative + # to the root of the repository. Directories containing spaces or other + # Bash delimiters must be wrapped in single quotes. root-dirs: "./scripts ./.github" - # Optional arguments: - #shellcheck-version: "v0.9.0" + # OPTIONAL: + # ShellCheck version to install. + # Must be a tag or branch of https://github.com/koalaman/shellcheck. + # By default, the upstream action will use a reasonable, stable shellcheck version, + # which will be updated over time as new stable ShellCheck versions come out. + # If you want your repositoriy's build to be totally deterministic, though, then + # override with a specific version pin here, and manage updates ShellCheck yourself. + #shellcheck-version: "vX.Y.Z" + + # OPTIONAL: + # Command-line options to pass to ShellCheck. + # These options will be inserted into the shellcheck invocation, a la: + # shellcheck + # For details of the options that are availble, run: + # shellcheck --help #shellcheck-options: "" From ccc390f2891311ccb62b58dc512475fef507f13b Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Wed, 8 Mar 2023 23:03:23 -0500 Subject: [PATCH 05/12] build: squash: switch back to reusable workflow --- .github/actions/shellcheck/action.yml | 64 --------------- .github/workflows/shellcheck.yml | 111 ++++++++++++++++++++++++++ workflow-templates/shellcheck.yml | 49 +++--------- 3 files changed, 122 insertions(+), 102 deletions(-) delete mode 100644 .github/actions/shellcheck/action.yml create mode 100644 .github/workflows/shellcheck.yml diff --git a/.github/actions/shellcheck/action.yml b/.github/actions/shellcheck/action.yml deleted file mode 100644 index 8a3ff7d..0000000 --- a/.github/actions/shellcheck/action.yml +++ /dev/null @@ -1,64 +0,0 @@ -# This is a reusable action for running ShellCheck, -# a linter for shell scripts (https://shellcheck.net). - -# For more context, see: -# https://github.com/openedx/.github/blob/master/docs/decisions/0001-shellcheck.rst - -name: ShellCheck - -# For details on each of these input arguments, see: -# ../../../workflow-templates/shellcheck.yml -# which invokes this action. -inputs: - - root-dirs: - reqired: true - - shellcheck-version: - required: false - default: "v0.9.0" - - shellcheck-options: - required: false - default: "" - -runs: - - using: composite - - # Note: Unfortunately, GitHub will not print the names of steps in - # composite actions, so we must rely on comments and echo'ing to - # make it clear to the user what's going on on. - steps: - - - shell: bash - run: | - # Download, unpack & install ShellCheck ${{ inputs.shellcheck-version }}. - wget -qO- "https://github.com/koalaman/shellcheck/releases/download/${{ inputs.shellcheck-version }}/shellcheck-${{ inputs.shellcheck-version }}.linux.x86_64.tar.xz" | tar -xJ - sudo cp "shellcheck-${{ inputs.shellcheck-version }}/shellcheck" /usr/bin - echo "Successfully installed:" - shellcheck -V - echo - - - shell: bash - run: | - # Ensure that at least one shell script will be checked & print helpful info - if [[ -z "$(find ${{ inputs.root-dirs }} -name '*.sh')" ]] ; then - echo "::error::Error: No .sh files found within any of the root-dirs: ${{ inputs.root-dirs }}" - exit 1 - fi - echo "The following shell scripts will be checked:" - find ${{ inputs.root-dirs }} -name '*.sh' - echo - echo "If ShellCheck passes, the next step will have no output." - echo "If ShellCheck fails, you should see a list of violations." - echo "Each violation type has an SCXXXX code which can be looked up at https://www.shellcheck.net/wiki/SCXXXX" - echo "We recommend that you try to resolve any violations." - echo "In the case where resolving the violation doesn't make sense, you can use directives (https://www.shellcheck.net/wiki/Directive) to ignore a single violation instance or an entire shell script." - echo - - # This step is intentionally a big one-line command so that - # devs can easily copy it and run it on their own machine. - - shell: bash - run: find ${{ inputs.root-dirs }} -name '*.sh' -print0 | xargs -0 shellcheck ${{ inputs.shellcheck-options }} - diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml new file mode 100644 index 0000000..8652f88 --- /dev/null +++ b/.github/workflows/shellcheck.yml @@ -0,0 +1,111 @@ +# This is a reusable workflow for running ShellCheck, +# a linter for shell scripts (https://shellcheck.net). + +# For more context, see: +# https://github.com/openedx/.github/blob/master/docs/decisions/0001-shellcheck.rst + +name: ShellCheck + +on: + workflow_call: + inputs: + + root-dirs: + type: string + required: true + description: | + Directories to search for .sh files, space-separated, each relative + to the root of the repository. Directories containing spaces or other + Bash delimiters must be wrapped in single quotes. + + operating-system: + type: string + required: false + default: "ubuntu" + description: | + Operating system on which to run ShellCheck. Options are 'ubuntu' and 'macos'. + + shellcheck-version: + type: string + required: false + default: "v0.9.0" + description: + ShellCheck version to install. + Must be a tag or branch of https://github.com/koalaman/shellcheck. + By default, the upstream action will use a reasonable, stable shellcheck version, + which will be updated over time as new stable ShellCheck versions come out. + If you want your repositoriy's build to be totally deterministic, though, then + override with a specific version pin here, and manage updates ShellCheck yourself. + + shellcheck-options: + type: string + required: false + default: "" + description: | + Command-line options to forward to shellcheck. + For details of available options, run "shellcheck --help." + +jobs: + shellcheck: + + runs-on: "${{ inputs.operating-system }}-latest" + + defaults: + run: + # Specifying bash ensures that `-o pipefail` (exit when the input to a pipeline fails) is enabled. + shell: bash + + env: + SHELLCHECK_ARCHIVE: "" # We set this below based on operating-system. + + steps: + + - name: (Setup) Choose Linux AMD64 ShellCheck archive + if: inputs.operating-system == 'ubuntu' + run: echo "SHELLCHECK_ARCHIVE=shellcheck-${{ inputs.shellcheck-version }}.linux.x86_64.tar.xz" >> "$GITHUB_ENV" + + - name: (Setup) Choose Darwin (macOS) AMD64 ShellCheck archive + if: inputs.operating-system == 'macos' + run: echo "SHELLCHECK_ARCHIVE=shellcheck-${{ inputs.shellcheck-version }}.darwin.x86_64.tar.xz" >> "$GITHUB_ENV" + + - name: (Setup) Fail if we did not choose a ShellCheck archive + if: env.SHELLCHECK_ARCHIVE == '' + run: | + echo "::error::Error: Invalid input for operating-system: ${{ inputs.operating-system }}." && exit 1 + + - name: (Setup) Download & unpack ShellCheck + run: curl -L --fail --silent --show-error "https://github.com/koalaman/shellcheck/releases/download/${{ inputs.shellcheck-version }}/${{ env.SHELLCHECK_ARCHIVE }}" | tar --extract --xz + + - name: (Setup) Install ShellCheck + run: sudo cp "shellcheck-${{ inputs.shellcheck-version }}/shellcheck" /usr/local/bin + + - name: (Setup) Show ShellCheck version + run: shellcheck -V + + - name: (Setup) Check out repository branch + uses: actions/checkout@v3 + + - name: Ensure that at least one script will be checked + run: | + if [[ -z "$(find ${{ inputs.root-dirs }} -name '*.sh')" ]] ; then + echo "::error::Error: No .sh files found within any of the root-dirs: ${{ inputs.root-dirs }}" + exit 1 + fi + + - name: Print helpful information + run: | + echo "The following shell scripts will be checked:" + find ${{ inputs.root-dirs }} -name '*.sh' + echo + echo "If ShellCheck passes, the next step will have no output." + echo "If ShellCheck fails, you should see a list of violations." + echo "Each violation type has an SCXXXX code which can be looked up at https://www.shellcheck.net/wiki/SCXXXX" + echo "We recommend that you try to resolve any violations." + echo "In the case where resolving the violation doesn't make sense, you can use directives (https://www.shellcheck.net/wiki/Directive) to ignore a single violation instance or an entire shell script." + echo + + # This step is intentionally a big one-line command so that + # devs can easily copy it and run it on their own machine. + - name: Run ShellCheck + run: find ${{ inputs.root-dirs }} -name '*.sh' -print0 | xargs -0 shellcheck ${{ inputs.shellcheck-options }} + diff --git a/workflow-templates/shellcheck.yml b/workflow-templates/shellcheck.yml index 051ffaf..ad55314 100644 --- a/workflow-templates/shellcheck.yml +++ b/workflow-templates/shellcheck.yml @@ -16,41 +16,14 @@ permissions: jobs: shellcheck: - runs-on: ubuntu-latest - steps: - - - name: Check out this repository - uses: actions/checkout@v3 - - - name: Check out shared actions - uses: actions/checkout@v3 - with: - repository: openedx/.github - path: ./openedx-dot-github - - - name: Run ShellCheck! - uses: ./openedx-dot-github/.github/actions/shellcheck - with: - - # REQUIRED: - # Directories to search for .sh files, space-separated, each relative - # to the root of the repository. Directories containing spaces or other - # Bash delimiters must be wrapped in single quotes. - root-dirs: "./scripts ./.github" - - # OPTIONAL: - # ShellCheck version to install. - # Must be a tag or branch of https://github.com/koalaman/shellcheck. - # By default, the upstream action will use a reasonable, stable shellcheck version, - # which will be updated over time as new stable ShellCheck versions come out. - # If you want your repositoriy's build to be totally deterministic, though, then - # override with a specific version pin here, and manage updates ShellCheck yourself. - #shellcheck-version: "vX.Y.Z" - - # OPTIONAL: - # Command-line options to pass to ShellCheck. - # These options will be inserted into the shellcheck invocation, a la: - # shellcheck - # For details of the options that are availble, run: - # shellcheck --help - #shellcheck-options: "" + strategy: + matrix: + os: ["ubuntu", "macos"] + uses: openedx/.github/.github/workflows/shellcheck.yml@master + with: + # For details on the meaning of each of these arguments, see: + # https://githu.com/openedx/.github/blob/master/.github/workflows/shellcheck.yml + root-dirs: "./scripts ./.github" + operating-system: "${{ matrix.os }}" + #shellcheck-version: "v0.9.0" + #shellcheck-options: "" From 088056222802125ac9349b673a0fc4643aa91581 Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Thu, 9 Mar 2023 11:53:26 -0500 Subject: [PATCH 06/12] docs: squash: comment typo githu -> github --- workflow-templates/shellcheck.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/workflow-templates/shellcheck.yml b/workflow-templates/shellcheck.yml index ad55314..8d80c2b 100644 --- a/workflow-templates/shellcheck.yml +++ b/workflow-templates/shellcheck.yml @@ -22,7 +22,7 @@ jobs: uses: openedx/.github/.github/workflows/shellcheck.yml@master with: # For details on the meaning of each of these arguments, see: - # https://githu.com/openedx/.github/blob/master/.github/workflows/shellcheck.yml + # https://github.com/openedx/.github/blob/master/.github/workflows/shellcheck.yml root-dirs: "./scripts ./.github" operating-system: "${{ matrix.os }}" #shellcheck-version: "v0.9.0" From c14ca8948aa81325249d97ea42a7d60f5916e8b4 Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Thu, 9 Mar 2023 14:21:32 -0500 Subject: [PATCH 07/12] build: squash: exclude, not include --- .github/workflows/shellcheck.yml | 38 ++++++++++++++++++++----------- workflow-templates/shellcheck.yml | 2 +- 2 files changed, 26 insertions(+), 14 deletions(-) diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 8652f88..2f0bdfc 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -10,13 +10,16 @@ on: workflow_call: inputs: - root-dirs: + exclude-patterns: type: string - required: true + required: false + default: "" description: | - Directories to search for .sh files, space-separated, each relative - to the root of the repository. Directories containing spaces or other - Bash delimiters must be wrapped in single quotes. + File paths matching these patterns will be skipped when running ShellCheck. + Space-separated. Patterns containing spaces are not supported. + Wildcard asterisks (*) are supported. + Note that all paths are prefixed with './', so in order to exclude a path, + you the pattern must begin with './' or '*'. operating-system: type: string @@ -71,7 +74,7 @@ jobs: - name: (Setup) Fail if we did not choose a ShellCheck archive if: env.SHELLCHECK_ARCHIVE == '' run: | - echo "::error::Error: Invalid input for operating-system: ${{ inputs.operating-system }}." && exit 1 + echo "::error::Error: Invalid input for operating-system: ${{ inputs.operating-system }}. Must be 'ubuntu' or 'macos'." && exit 1 - name: (Setup) Download & unpack ShellCheck run: curl -L --fail --silent --show-error "https://github.com/koalaman/shellcheck/releases/download/${{ inputs.shellcheck-version }}/${{ env.SHELLCHECK_ARCHIVE }}" | tar --extract --xz @@ -79,23 +82,32 @@ jobs: - name: (Setup) Install ShellCheck run: sudo cp "shellcheck-${{ inputs.shellcheck-version }}/shellcheck" /usr/local/bin - - name: (Setup) Show ShellCheck version - run: shellcheck -V - - name: (Setup) Check out repository branch uses: actions/checkout@v3 + - name: Build the command for findings shell scripts + run: | + shellcheck_find_cmd="find . -name '*.sh'" + for exclude_pattern in ${{ inputs.exclude-patterns }} ; do + if [[ -n "$exclude_pattern" ]] ; then + shellcheck_find_cmd="$shellcheck_find_cmd ! -wholename '$exclude_pattern'" + fi + done + echo "SHELLCHECK_FIND_CMD=$shellcheck_find_cmd" >> "$GITHUB_ENV" + - name: Ensure that at least one script will be checked run: | - if [[ -z "$(find ${{ inputs.root-dirs }} -name '*.sh')" ]] ; then - echo "::error::Error: No .sh files found within any of the root-dirs: ${{ inputs.root-dirs }}" + if [[ -z "$(${{ env.SHELLCHECK_FIND_CMD }}})" ]] ; then + echo "::error::Error: No .sh files found for input to ShellCheck!" exit 1 fi - name: Print helpful information run: | + shellcheck -V + echo echo "The following shell scripts will be checked:" - find ${{ inputs.root-dirs }} -name '*.sh' + ${{ env.SHELLCHECK_FIND_CMD }} echo echo "If ShellCheck passes, the next step will have no output." echo "If ShellCheck fails, you should see a list of violations." @@ -107,5 +119,5 @@ jobs: # This step is intentionally a big one-line command so that # devs can easily copy it and run it on their own machine. - name: Run ShellCheck - run: find ${{ inputs.root-dirs }} -name '*.sh' -print0 | xargs -0 shellcheck ${{ inputs.shellcheck-options }} + run: ${{ env.SHELLCHECK_FIND_CMD }} -print0 | xargs -0 shellcheck ${{ inputs.shellcheck-options }} diff --git a/workflow-templates/shellcheck.yml b/workflow-templates/shellcheck.yml index 8d80c2b..5bdf272 100644 --- a/workflow-templates/shellcheck.yml +++ b/workflow-templates/shellcheck.yml @@ -23,7 +23,7 @@ jobs: with: # For details on the meaning of each of these arguments, see: # https://github.com/openedx/.github/blob/master/.github/workflows/shellcheck.yml - root-dirs: "./scripts ./.github" + exclude-patterns: "./node_modules/*" operating-system: "${{ matrix.os }}" #shellcheck-version: "v0.9.0" #shellcheck-options: "" From 61b080aa35287cef36201d33dd26a8f78e6f6005 Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Thu, 9 Mar 2023 15:52:01 -0500 Subject: [PATCH 08/12] build: squash: no special logic needed for "no input files" scenario --- .github/workflows/shellcheck.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 2f0bdfc..646e759 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -95,13 +95,6 @@ jobs: done echo "SHELLCHECK_FIND_CMD=$shellcheck_find_cmd" >> "$GITHUB_ENV" - - name: Ensure that at least one script will be checked - run: | - if [[ -z "$(${{ env.SHELLCHECK_FIND_CMD }}})" ]] ; then - echo "::error::Error: No .sh files found for input to ShellCheck!" - exit 1 - fi - - name: Print helpful information run: | shellcheck -V From 45c36c637393eaedd181d89946f5ebd6f80536f9 Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Thu, 9 Mar 2023 16:04:27 -0500 Subject: [PATCH 09/12] build: squash: fix * munging in exclude patterns --- .github/workflows/shellcheck.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 646e759..a923948 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -88,10 +88,11 @@ jobs: - name: Build the command for findings shell scripts run: | shellcheck_find_cmd="find . -name '*.sh'" - for exclude_pattern in ${{ inputs.exclude-patterns }} ; do - if [[ -n "$exclude_pattern" ]] ; then - shellcheck_find_cmd="$shellcheck_find_cmd ! -wholename '$exclude_pattern'" - fi + # Convert space-delimited exclude pattern into a proper array of exclusions, + # and then loop through that array in order to build the 'find' command. + read -r -a exclude_patterns <<<'${{ inputs.exclude-patterns }}' + for exclude_pattern in "${exclude_patterns[@]}" ; do + shellcheck_find_cmd="$shellcheck_find_cmd ! -wholename '$exclude_pattern'" done echo "SHELLCHECK_FIND_CMD=$shellcheck_find_cmd" >> "$GITHUB_ENV" From 5b7b85419576430198ebf8dcde1e5a35bdbafe72 Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Thu, 9 Mar 2023 16:07:42 -0500 Subject: [PATCH 10/12] build: squash: arg description typo --- .github/workflows/shellcheck.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index a923948..d950c8b 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -19,7 +19,7 @@ on: Space-separated. Patterns containing spaces are not supported. Wildcard asterisks (*) are supported. Note that all paths are prefixed with './', so in order to exclude a path, - you the pattern must begin with './' or '*'. + you must begin the pattern with './' or '*'. operating-system: type: string From 215c82d6c2fd20ec43f9936dfdf2614cbe20e79f Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Fri, 10 Mar 2023 10:33:23 -0500 Subject: [PATCH 11/12] build: squash: explain node_modules exclusion in template Co-authored-by: Feanil Patel --- workflow-templates/shellcheck.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/workflow-templates/shellcheck.yml b/workflow-templates/shellcheck.yml index 5bdf272..453aa08 100644 --- a/workflow-templates/shellcheck.yml +++ b/workflow-templates/shellcheck.yml @@ -23,6 +23,9 @@ jobs: with: # For details on the meaning of each of these arguments, see: # https://github.com/openedx/.github/blob/master/.github/workflows/shellcheck.yml + # We exclude `./node_modules/*` by default because we want people to easily be able to + # copy and run the command locally. Local copies of most of our services have a `./node_modules` + # directory that we want to ignore. exclude-patterns: "./node_modules/*" operating-system: "${{ matrix.os }}" #shellcheck-version: "v0.9.0" From aad1e212189514ed2c75d02cb7cc99f796340f66 Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Fri, 10 Mar 2023 10:36:37 -0500 Subject: [PATCH 12/12] build: squash: try to explain exclude-patterns better --- .github/workflows/shellcheck.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index d950c8b..88e623d 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -18,8 +18,8 @@ on: File paths matching these patterns will be skipped when running ShellCheck. Space-separated. Patterns containing spaces are not supported. Wildcard asterisks (*) are supported. - Note that all paths are prefixed with './', so in order to exclude a path, - you must begin the pattern with './' or '*'. + This pattern will be matched against paths which all begin with './'; so, + in order to match any paths, your patterns should each begin with './' or '*'. operating-system: type: string