Update alpine to 3.12.0

This fixes an error when a directory contains "bash" in the name. This
would lead to a shellcheck on a directory and crash.

.gitattributes

@@ -0,0 +1 @@
+* text=auto eol=lf

.github/main.workflow

@@ -1,16 +0,0 @@
-workflow "Trigger: Push" {
-  on = "push"
-  resolves = [
-    "Shellcheck",
-    "Black Code Formatter",
-  ]
-}
-
-action "Shellcheck" {
-  uses = "ludeeus/action-shellcheck@master"
-}
-
-action "Black Code Formatter" {
-  uses = "lgeiger/black-action@master"
-  args = "$GITHUB_WORKSPACE --check"
-}

.github/workflows/ShellCheck.yml

@@ -0,0 +1,13 @@
+on: [push, pull_request]
+name: 'ShellCheck'
+jobs:
+  shellcheck:
+    name: ShellCheck
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@master
+    - name: Run ShellCheck
+      uses: ./
+      with:
+        ignore: ignore

Dockerfile

@@ -1,16 +1,6 @@
-FROM debian:latest
+FROM alpine:3.12.0
 
-COPY runaction.sh /runaction.sh
+RUN apk add --no-cache shellcheck bash
-RUN chmod +x /runaction.sh
-RUN apt update
-RUN apt install -y shellcheck
 
-ENTRYPOINT ["/runaction.sh"]
+COPY runaction /action/runaction
-
+ENTRYPOINT ["bash", "/action/runaction"]
-LABEL "name"="shellcheck"
-LABEL "maintainer"="Ludeeus <ludeeus@gmail.com>"
-LABEL "version"="0.0.1"
-LABEL "com.github.actions.name"="shellcheck"
-LABEL "com.github.actions.description"="Run shell check on ALL sh files in the repository."
-LABEL "com.github.actions.icon"="terminal"
-LABEL "com.github.actions.color"="black"

README.md

@@ -1,24 +1,89 @@
-# SHELLCHECK
+# ShellCheck
 
-[![BuyMeCoffee][buymecoffeebedge]][buymecoffee]
+_GitHub action for ShellCheck._
-
-_Run shellcheck on ALL sh files in the repository._
 
 ## Example
 
-```
+```yaml
-workflow "Shellcheck" {
+on:
-  on = "push"
+  push:
-  resolves = [
+    branch:
-    "Shellcheck",
+      - master
-  ]
-}
 
+name: 'Trigger: Push action'
 
-action "Shellcheck" {
+jobs:
-  uses = "ludeeus/actions/shellcheck@master"
+  shellcheck:
-}
+    name: Shellcheck
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@master
+    - name: Run ShellCheck
+      uses: ludeeus/action-shellcheck@master
 ```
 
-[buymecoffee]: https://www.buymeacoffee.com/ludeeus
+## Globally disable checks
-[buymecoffeebedge]: https://camo.githubusercontent.com/cd005dca0ef55d7725912ec03a936d3a7c8de5b5/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6275792532306d6525323061253230636f666665652d646f6e6174652d79656c6c6f772e737667
+
+To disable specific checks add it to a `SHELLCHECK_OPTS` env key in the job definition.
+
+example:
+
+```yaml
+    ...
+    - name: Run ShellCheck
+      uses: ludeeus/action-shellcheck@master
+      env:
+        SHELLCHECK_OPTS: -e SC2059 -e SC2034 -e SC1090
+```
+
+## Ignore paths
+
+You can use the `ignore` input to disable specific directories.
+
+```text
+sample structure:
+sample/directory/with/files/toignore/test.sh
+sample/directory/with/files/test.sh
+```
+
+example:
+
+```yaml
+    ...
+    - name: Run ShellCheck
+      uses: ludeeus/action-shellcheck@master
+      with:
+        ignore: toignore
+```
+
+This will skip `sample/directory/with/files/toignore/test.sh`
+
+## Minimum severity of errors to consider (error, warning, info, style)
+
+You can use the `severity` input to not fail until specified severity is met, for example fail only if there are errors in scripts but ignore styling, info and warnings.
+
+example:
+
+```yaml
+    ...
+    - name: Run ShellCheck
+      uses: ludeeus/action-shellcheck@master
+      with:
+        severity: error
+```
+
+## Run shellcheck with all paths in a single invocation
+
+If you run into SC1090/SC1091 errors you may need to tell shellcheck to check
+all files at once:
+
+```yaml
+    ...
+    - name: Run ShellCheck
+    uses: ludeeus/action-shellcheck@master
+    with:
+      check_together: 'yes'
+```
+
+This can turn into a problem if you have enough script files to overwhelm the
+maximum argv length on your system.

action.yaml

@@ -0,0 +1,22 @@
+name: "ShellCheck"
+author: "Ludeeus <hi@ludeeus.dev>"
+description: "GitHub action for ShellCheck."
+inputs:
+  ignore:
+    description: 'Paths to ignore when running ShellCheck'
+    required: false
+    default: ''
+  severity:
+    description: 'Minimum severity of errors to consider. Options: [error, warning, info, style]'
+    required: false
+    default: ''
+  check_together:
+    description: 'Run shellcheck on _all_ files at once, instead of one at a time'
+    required: false
+    default: ''
+runs:
+  using: 'docker'
+  image: 'Dockerfile'
+branding:
+  icon: 'terminal'
+  color: 'gray-dark'

runaction

@@ -0,0 +1,82 @@
+#!/bin/bash
+
+cd "$GITHUB_WORKSPACE" || exit 1
+
+declare statuscode
+declare -a filepaths
+declare -a excludes
+declare -a tmp
+
+statuscode=0
+
+excludes+=( ! -path *./.git/* )
+excludes+=( ! -path *.go )
+excludes+=( ! -path */mvnw )
+
+for path in ${INPUT_IGNORE}; do
+    echo "::debug:: Adding '${path}' to excludes"
+    excludes+=(! -path "*./${path}/*" )
+    excludes+=(! -path "*/${path}/*" )
+done
+
+readarray -d '' filepaths < <(find . -type f "${excludes[@]}" \
+    '(' \
+    \
+    -name '*.bash' \
+    -o -path '*/.bash*' \
+    -o -path '*/bash*' \
+    -o -name '*.ksh' \
+    -o -name 'ksh*' \
+    -o -path '*/.ksh*' \
+    -o -path '*/ksh*' \
+    -o -name 'suid_profile' \
+    -o -name '*.zsh' \
+    -o -name '.zlogin*' \
+    -o -name 'zlogin*' \
+    -o -name '.zlogout*' \
+    -o -name 'zlogout*' \
+    -o -name '.zprofile*' \
+    -o -name 'zprofile*' \
+    -o -path '*/.zsh*' \
+    -o -path '*/zsh*' \
+    -o -name '*.sh' \
+    -o -path '*/.profile*' \
+    -o -path '*/.shlib*' \
+    -o -path '*/shlib*' \
+       ')'\
+    \
+    -print0)
+
+
+readarray -d '' tmp < <(find . "${excludes[@]}" -type f ! -name '*.*' -perm /111  -print0)
+for file in "${tmp[@]}"; do
+    head -n1 "$file" | grep -Eqs "^#! */[^ ]*/[abkz]*sh" || continue
+    filepaths+=("$file")
+done
+
+if  find . "${excludes[@]}" -path '*bin/*/*' -type f -perm /111 -print |
+    grep .
+then
+    echo >&2 "::warning:: subdirectories of bin directories are not usable via PATH"
+fi
+
+if  find . "${excludes[@]}" -path '*bin/*' -name '*.*' -type f -perm /111 -perm /444 -print |
+    grep .
+then
+    echo >&2 "::warning:: programs in PATH should not have a filename suffix"
+fi
+
+[[ -n "${INPUT_SEVERITY}" ]] && options+=(-S "${INPUT_SEVERITY}")
+
+if [[ -n "$INPUT_CHECK_TOGETHER" ]]; then
+    echo "::debug:: shellcheck ${options[*]} ${filepaths[*]}"
+    shellcheck "${options[@]}" "${filepaths[@]}" || statuscode=$?
+else
+    echo "::debug:: Shellcheck options: ${options[*]}"
+    for file in "${filepaths[@]}"; do
+        echo "::debug:: Checking $file"
+        shellcheck "${options[@]}" "$file" || statuscode=$?
+    done
+fi
+
+exit "$statuscode"

runaction.sh

@@ -1,4 +0,0 @@
-#!/bin/bash
-
-cd "$GITHUB_WORKSPACE" || exit 1
-find . -name \*.sh -exec shellcheck {} +

testfiles/ignore/ignore.sh

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+echo $test

testfiles/test

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+test="test"
+echo "$test"

testfiles/test.bash

@@ -0,0 +1,3 @@
+#!/bin/bash
+test="test"
+echo "$test"

testfiles/test.sh

@@ -0,0 +1,4 @@
+#!/usr/bin/sh
+
+test="test"
+echo "$test"