feat: add format input and a single-line problem matcher (#40)

Co-authored-by: Joakim Sørensen <ludeeus@gmail.com>

.gitattributes

@@ -0,0 +1 @@
+* text=auto eol=lf

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1 @@
+blank_issues_enabled: false

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,24 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+labels: "Feature Request"
+---
+
+## Checklist
+
+- [ ] This Feature Request only contains 1 request (if you have multiple open multiple feature requests).
+
+## The idea
+
+A good description of what you are suggesting.
+
+## Implementation
+
+How do you see this being implemented?
+
+## Alternatives
+
+Are there any alternative solutions or features you've considered?
+
+## Additional context
+

.github/ISSUE_TEMPLATE/issue.md

@@ -0,0 +1,14 @@
+---
+name: "Issue"
+about: For issue reporting.
+labels: "bug"
+---
+
+## Describe the issue
+
+A clear and concise description of what the issue is.
+
+### Links
+
+- **Link to action run:**
+- **Link to action configuration:**

.github/main.workflow

@@ -1,16 +0,0 @@
-workflow "Trigger: Push" {
-  on = "push"
-  resolves = [
-    "Shellcheck",
-    "Black Code Formatter",
-  ]
-}
-
-action "Shellcheck" {
-  uses = "ludeeus/action-shellcheck@master"
-}
-
-action "Black Code Formatter" {
-  uses = "lgeiger/black-action@master"
-  args = "$GITHUB_WORKSPACE --check"
-}

.github/problem-matcher-gcc.json

@@ -0,0 +1,18 @@
+{
+  "problemMatcher": [
+    {
+      "owner": "shellcheck-gcc",
+      "pattern": [
+        {
+          "regexp": "^(.+):(\\d+):(\\d+):\\s(note|warning|error):\\s(.*)\\s\\[(SC\\d+)\\]$",
+          "file": 1,
+          "line": 2,
+          "column": 3,
+          "severity": 4,
+          "message": 5,
+          "code": 6
+        }
+      ]
+    }
+  ]
+}

.github/problem-matcher-tty.json

@@ -0,0 +1,23 @@
+{
+    "problemMatcher": [
+      {
+        "owner": "shellcheck-tty",
+        "pattern": [
+          {
+              "regexp": "^In\\s(.+)\\sline\\s(\\d+):$",
+              "file": 1,
+              "line": 2
+          },
+          {
+            "regexp": ".*"
+          },
+          {
+              "regexp": "(SC\\d+):\\s(.+)$",
+              "code": 1,
+              "message": 2,
+              "loop": true
+          }
+        ]
+      }
+    ]
+  }

.github/release-drafter.yml

@@ -0,0 +1,8 @@
+change-template: '- #$NUMBER $TITLE @$AUTHOR'
+sort-direction: ascending
+exclude-labels:
+  - "release-drafter-ignore"
+template: |
+  ## What’s Changed
+
+  $CHANGES

.github/workflows/additional_files.yml

@@ -0,0 +1,42 @@
+name: 'additional_files'
+
+on: 
+  push:
+    branches: ["master"]
+  pull_request:
+
+jobs:
+  additional_files:
+    name: additional_files
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os:
+          - ubuntu-latest
+          - macos-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+
+    - name: Run ShellCheck
+      uses: ./
+      id: check
+      with:
+        additional_files: run finish discovery
+        ignore: ignore
+        scandir: testfiles
+
+    - name: Verify check
+      run: | 
+        expect="testfiles/scandir/run"
+
+        if [[ ! "${{ steps.check.outputs.files }}" =~ testfiles/scandir/run ]];then
+          echo "::error:: Expected file testfiles/scandir/run not found in ${{ steps.check.outputs.files }}"
+          exit 1
+        elif [[ ! "${{ steps.check.outputs.files }}" =~ testfiles/scandir/finish ]];then
+          echo "::error:: Expected file testfiles/scandir/finish not found in ${{ steps.check.outputs.files }}"
+          exit 1
+        elif [[ ! "${{ steps.check.outputs.files }}" =~ testfiles/scandir/discovery ]];then
+          echo "::error:: Expected file testfiles/scandir/discovery not found in ${{ steps.check.outputs.files }}"
+          exit 1
+        fi 

.github/workflows/base.yml

@@ -0,0 +1,38 @@
+name: 'base'
+
+on: 
+  push:
+    branches: ["master"]
+  pull_request:
+
+jobs:
+  base:
+    name: base
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os:
+          - ubuntu-latest
+          - macos-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+
+    - name: Run ShellCheck
+      uses: ./
+      id: check
+      with:
+        ignore: ignore
+
+    - name: Verify check
+      run: | 
+        expect="testfiles/test.bash"
+        notexpect="testfiles/ignore/ignore.bash"
+
+        if [[ ! "${{ steps.check.outputs.files }}" =~ $expect ]];then
+          echo "::error:: Expected file $expect not found in ${{ steps.check.outputs.files }}"
+          exit 1
+        elif [[ "${{ steps.check.outputs.files }}" =~ $notexpect ]];then
+          echo "::error:: Expected file $notexpect found in ${{ steps.check.outputs.files }}"
+          exit 1
+        fi 

.github/workflows/check_together.yml

@@ -0,0 +1,39 @@
+name: 'check_together'
+
+on: 
+  push:
+    branches: ["master"]
+  pull_request:
+
+jobs:
+  check_together:
+    name: check_together
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os:
+          - ubuntu-latest
+          - macos-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+
+    - name: Run ShellCheck
+      uses: ./
+      id: check
+      with:
+        ignore: ignore
+        check_together: true
+
+    - name: Verify check
+      run: | 
+        expect="testfiles/test.bash"
+        notexpect="testfiles/ignore/ignore.bash"
+
+        if [[ ! "${{ steps.check.outputs.files }}" =~ $expect ]];then
+          echo "::error:: Expected file $expect not found in ${{ steps.check.outputs.files }}"
+          exit 1
+        elif [[ "${{ steps.check.outputs.files }}" =~ $notexpect ]];then
+          echo "::error:: Expected file $notexpect found in ${{ steps.check.outputs.files }}"
+          exit 1
+        fi 

.github/workflows/release-drafter.yml

@@ -0,0 +1,16 @@
+name: Release Drafter
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  release-drafter:
+    name: Release Drafter
+    runs-on: ubuntu-latest
+    steps:
+      - name: 🏃 Run Release Drafter
+        uses: release-drafter/release-drafter@v5
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/scandir.yml

@@ -0,0 +1,58 @@
+name: 'scandir'
+
+on: 
+  push:
+    branches: ["master"]
+  pull_request:
+
+jobs:
+  scandir:
+    name: scandir
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os:
+          - ubuntu-latest
+          - macos-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+
+    - name: Run ShellCheck
+      uses: ./
+      id: one
+      with:
+        scandir: testfiles/scandir
+
+    - name: Verify check
+      run: | 
+        expect="testfiles/scandir/test.bash"
+        notexpect="testfiles/test.bash"
+
+        if [[ ! "${{ steps.one.outputs.files }}" =~ $expect ]];then
+          echo "::error:: Expected file $expect not found in ${{ steps.one.outputs.files }}"
+          exit 1
+        elif [[ "${{ steps.one.outputs.files }}" =~ $notexpect ]];then
+          echo "::error:: Expected file $notexpect found in ${{ steps.one.outputs.files }}"
+          exit 1
+        fi 
+
+    - name: Run ShellCheck
+      uses: ./
+      id: two
+      with:
+        scandir: './testfiles/scandir'
+        ignore: ignore
+
+    - name: Verify check
+      run: | 
+        expect="testfiles/scandir/test.bash"
+        notexpect="testfiles/test.bash"
+
+        if [[ ! "${{ steps.two.outputs.files }}" =~ $expect ]];then
+          echo "::error:: Expected file $expect not found in ${{ steps.two.outputs.files }}"
+          exit 1
+        elif [[ "${{ steps.two.outputs.files }}" =~ $notexpect ]];then
+          echo "::error:: Expected file $notexpect found in ${{ steps.two.outputs.files }}"
+          exit 1
+        fi 

Dockerfile

@@ -1,16 +0,0 @@
-FROM debian:latest
-
-COPY runaction.sh /runaction.sh
-RUN chmod +x /runaction.sh
-RUN apt update
-RUN apt install -y shellcheck
-
-ENTRYPOINT ["/runaction.sh"]
-
-LABEL "name"="shellcheck"
-LABEL "maintainer"="Ludeeus <ludeeus@gmail.com>"
-LABEL "version"="0.0.1"
-LABEL "com.github.actions.name"="shellcheck"
-LABEL "com.github.actions.description"="Run shell check on ALL sh files in the repository."
-LABEL "com.github.actions.icon"="terminal"
-LABEL "com.github.actions.color"="black"

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2019 ludeeus
+Copyright (c) 2020 ludeeus
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,24 +1,149 @@
-# SHELLCHECK
+# ShellCheck
 
-[![BuyMeCoffee][buymecoffeebedge]][buymecoffee]
+_GitHub action for ShellCheck._
-
-_Run shellcheck on ALL sh files in the repository._
 
 ## Example
 
-```
+```yaml
-workflow "Shellcheck" {
+on:
-  on = "push"
+  push:
-  resolves = [
+    branch:
-    "Shellcheck",
+      - master
-  ]
-}
 
+name: 'Trigger: Push action'
 
-action "Shellcheck" {
+jobs:
-  uses = "ludeeus/actions/shellcheck@master"
+  shellcheck:
-}
+    name: Shellcheck
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Run ShellCheck
+      uses: ludeeus/action-shellcheck@master
 ```
 
-[buymecoffee]: https://www.buymeacoffee.com/ludeeus
+## ShellCheck options
-[buymecoffeebedge]: https://camo.githubusercontent.com/cd005dca0ef55d7725912ec03a936d3a7c8de5b5/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6275792532306d6525323061253230636f666665652d646f6e6174652d79656c6c6f772e737667
+
+You can pass any supported ShellCheck option or flag with the `SHELLCHECK_OPTS` env key in the job definition.
+
+Some examples include:
+
+* To disable specific checks (eg: `-e SC2059 -e SC2034 -e SC1090`)
+* To test against different shells (eg: `-s dash` or `-s ksh`)
+
+example:
+
+```yaml
+    ...
+    - name: Run ShellCheck
+      uses: ludeeus/action-shellcheck@master
+      env:
+        SHELLCHECK_OPTS: -e SC2059 -e SC2034 -e SC1090
+```
+
+## Ignore paths
+
+You can use the `ignore` input to disable specific directories.
+
+```text
+sample structure:
+sample/directory/with/files/ignoreme/test.sh
+sample/directory/with/files/ignoremetoo/test.sh
+sample/directory/with/files/test.sh
+```
+
+example:
+
+```yaml
+    ...
+    - name: Run ShellCheck
+      uses: ludeeus/action-shellcheck@master
+      with:
+        ignore: ignoreme ignoremetoo
+```
+
+This will skip `sample/directory/with/files/ignoreme/test.sh` and `sample/directory/with/files/ignoremetoo/test.sh`
+
+## Minimum severity of errors to consider (error, warning, info, style)
+
+You can use the `severity` input to not fail until specified severity is met, for example fail only if there are errors in scripts but ignore styling, info and warnings.
+
+example:
+
+```yaml
+    ...
+    - name: Run ShellCheck
+      uses: ludeeus/action-shellcheck@master
+      with:
+        severity: error
+```
+
+## Run shellcheck with all paths in a single invocation
+
+If you run into SC1090/SC1091 errors you may need to tell shellcheck to check
+all files at once:
+
+```yaml
+    ...
+    - name: Run ShellCheck
+      uses: ludeeus/action-shellcheck@master
+      with:
+        check_together: 'yes'
+```
+
+This can turn into a problem if you have enough script files to overwhelm the
+maximum argv length on your system.
+
+## Run shellcheck only in a single directory
+
+If you have multiple directories with scripts, but only want to scan
+one of them, you can use the following configuration:
+
+```yaml
+   ...
+   - name: Run ShellCheck
+     uses: ludeeus/action-shellcheck@master
+     with:
+       scandir: './scripts'
+```
+
+## Scan for additional files
+
+If you need to scan for unusual files, you can use the `additional_files` key.
+
+```yaml
+   ...
+   - name: Run ShellCheck
+     uses: ludeeus/action-shellcheck@master
+     with:
+       additional_files: 'run finish'
+```
+
+## Disable problem matcher
+
+If you do not want to have the problem-matcher annotate files, you can disable it
+by setting `disable_matcher` to `true`.
+
+```yaml
+   ...
+   - name: Run ShellCheck
+     uses: ludeeus/action-shellcheck@master
+     with:
+       disable_matcher: true
+```
+
+## Change output format
+
+Shellcheck can print output in these formats: `checkstyle`, `diff`, `gcc`, `json`, `json1`, `quiet`, `tty`. See some examples [here](https://github.com/koalaman/shellcheck/wiki/Integration#pick-the-output-format-that-makes-your-life-easier).
+Only `tty` and `gcc` produce file annotations via problem matcher, default is `gcc`.
+
+- `tty` has multi-line log messages, but all annotations are reported as errors
+- `gcc` has single-line log messages, so it's easier to parse with a problem matcher (including correct severity annotation)
+
+```yaml
+   ...
+   - name: Run ShellCheck
+     uses: ludeeus/action-shellcheck@master
+     with:
+       format: tty
+```

action.yaml

@@ -0,0 +1,210 @@
+name: "ShellCheck"
+author: "Ludeeus <hi@ludeeus.dev>"
+description: "GitHub action for ShellCheck."
+inputs:
+  additional_files:
+    description: "A space separated list of additional filename to check"
+    required: false
+    default: ""
+  ignore:
+    description: "Paths to ignore when running ShellCheck"
+    required: false
+    default: ""
+  severity:
+    description: "Minimum severity of errors to consider. Options: [error, warning, info, style]"
+    required: false
+    default: ""
+  check_together:
+    description: "Run shellcheck on _all_ files at once, instead of one at a time"
+    required: false
+    default: ""
+  scandir:
+    description: "Directory to be searched for files. Defaults to ."
+    required: false
+    default: "."
+  disable_matcher:
+    description: "Set to true to skip using problem-matcher"
+    required: false
+    default: "false"
+  format:
+    description: "Output format (checkstyle, diff, gcc, json, json1, quiet, tty)"
+    required: false
+    default: "gcc"
+outputs:
+  files:
+    description: A list of files with issues
+    value: ${{ steps.filepaths.outputs.filepaths }}
+  options:
+    description: The options used
+    value: ${{ steps.options.outputs.options }}
+branding:
+  icon: "terminal"
+  color: "gray-dark"
+runs:
+  using: "composite"
+  steps:
+    - name: Enable problem-matcher
+      shell: bash
+      run: |
+        problem_matcher_file="${{ github.action_path }}/.github/problem-matcher-${{ inputs.format }}.json"
+        if [[ ${{ inputs.disable_matcher }} != "true" && -f "$problem_matcher_file"  ]]; then
+          echo "::add-matcher::$problem_matcher_file"
+        fi
+
+    - name: Download shellcheck
+      shell: bash
+      run: |
+        if [[ "${{ runner.os }}" == "macOS" ]]; then
+          osvariant="darwin"
+        else
+          osvariant="linux"
+        fi
+
+        scversion="stable"
+        baseurl="https://github.com/koalaman/shellcheck/releases/download"
+
+        curl -Lso "${{ github.action_path }}/sc.tar.xz" \
+          "${baseurl}/${scversion}/shellcheck-${scversion}.${osvariant}.x86_64.tar.xz"
+
+        tar -xf "${{ github.action_path }}/sc.tar.xz" -C "${{ github.action_path }}"
+        mv "${{ github.action_path }}/shellcheck-${scversion}/shellcheck" \
+          "${{ github.action_path }}/shellcheck"
+
+    - name: Display shellcheck version
+      shell: bash
+      run: |
+        "${{ github.action_path }}/shellcheck" --version
+
+    - name: Set options
+      shell: bash
+      id: options
+      run: |
+        declare -a options
+        if [[ -n "${{ inputs.severity }}" ]]; then
+          options+=("-S ${{ inputs.severity }}")
+        fi
+        options+=("--format=${{ inputs.format }}")
+        echo "::set-output name=options::${options[@]}"
+
+    - name: Gather excluded paths
+      shell: bash
+      id: exclude
+      run: |
+        declare -a excludes
+        excludes+=("! -path \"*./.git/*\"")
+        excludes+=("! -path \"*.go\"")
+        excludes+=("! -path \"*/mvnw\"")
+        for path in ${{ inputs.ignore }}; do
+          echo "::debug:: Adding "$path" to excludes"
+          excludes+=("! -path \"*./$path/*\"")
+          excludes+=("! -path \"*/$path/*\"")
+        done
+        echo "::set-output name=excludes::${excludes[@]}"
+
+    - name: Gather additional files
+      shell: bash
+      id: additional
+      run: |
+        declare -a files
+        for file in ${{ inputs.additional_files }}; do
+          echo "::debug:: Adding "$file" to excludes"
+          files+=("-o -name \"*$file\"")
+        done
+        echo "::set-output name=files::${files[@]}"
+
+    - name: Gather base file paths
+      shell: bash
+      id: filepaths
+      run: |
+        declare -a filepaths
+        shebangregex="^#! */[^ ]*/(env *)?[abkz]*sh"
+
+        for path in $(find "${{ inputs.scandir }}" \
+            -type f -type f ${{ steps.exclude.outputs.excludes }} \
+            '(' \
+            -name '*.bash' \
+            -o -name '.bashrc' \
+            -o -name 'bashrc' \
+            -o -name '.bash_aliases' \
+            -o -name '.bash_completion' \
+            -o -name '.bash_login' \
+            -o -name '.bash_logout' \
+            -o -name '.bash_profile' \
+            -o -name 'bash_profile' \
+            -o -name '*.ksh' \
+            -o -name 'suid_profile' \
+            -o -name '*.zsh' \
+            -o -name '.zlogin' \
+            -o -name 'zlogin' \
+            -o -name '.zlogout' \
+            -o -name 'zlogout' \
+            -o -name '.zprofile' \
+            -o -name 'zprofile' \
+            -o -name '.zsenv' \
+            -o -name 'zsenv' \
+            -o -name '.zshrc' \
+            -o -name 'zshrc' \
+            -o -name '*.sh' \
+            -o -path '*/.profile' \
+            -o -path '*/profile' \
+            -o -name '*.shlib' \
+            ${{ steps.additional.outputs.files }} \
+              ')'\
+            -print); do
+          filepaths+=("$path");
+        done
+
+        for file in $(find "${{ inputs.scandir }}" ${{ steps.exclude.outputs.excludes }} -type f ! -name '*.*' -perm /111  -print); do
+          head -n1 "$file" | grep -Eqs "$shebangregex" || continue
+          filepaths+=("$file");
+        done
+        echo "::set-output name=filepaths::${filepaths[@]}"
+
+    - name: Check bin subdirs
+      shell: bash
+      run: |
+        if  find "${{ inputs.scandir }}" ${{ steps.exclude.outputs.excludes }} -path '*bin/*/*' -type f -perm /111 -print |
+            grep .
+        then
+            echo "::warning:: subdirectories of bin directories are not usable via PATH"
+        fi
+
+    - name: Check no suffix in PATH
+      shell: bash
+      run: |
+        if  find "${{ inputs.scandir }}" ${{ steps.exclude.outputs.excludes }} -path '*bin/*' -name '*.*' -type f -perm /111 -perm /444 -print |
+            grep .
+        then
+            echo "::warning:: programs in PATH should not have a filename suffix"
+        fi
+
+    - name: Run the file check
+      id: check
+      shell: bash
+      run: |
+        statuscode=0
+
+        if [[ -n "${{ inputs.check_together }}" ]]; then
+           "${{ github.action_path }}/shellcheck" \
+           ${{ steps.options.outputs.options }} \
+           ${{ steps.filepaths.outputs.filepaths }} || statuscode=$?
+        else
+          for file in ${{ steps.filepaths.outputs.filepaths }}; do
+            echo "::debug::Checking $file"
+            "${{ github.action_path }}/shellcheck" \
+            ${{ steps.options.outputs.options }} \
+            "$file" || statuscode=$?;
+          done
+        fi
+
+        echo "::set-output name=statuscode::$statuscode"
+
+    - name: Print information
+      shell: bash
+      run: |
+        echo "Files: ${{steps.filepaths.outputs.filepaths}}"
+        echo "Excluded: ${{ steps.exclude.outputs.excludes }}"
+        echo "Options: ${{ steps.options.outputs.options }}"
+        echo "Status code: ${{steps.check.outputs.statuscode}}"
+
+        exit ${{steps.check.outputs.statuscode}}

runaction.sh

@@ -1,4 +0,0 @@
-#!/bin/bash
-
-cd "$GITHUB_WORKSPACE" || exit 1
-find . -name \*.sh -exec shellcheck {} +

testfiles/bashfile.c

@@ -0,0 +1,6 @@
+/* C code test file
+ * file that should not be matched for shellcheck runs
+ */
+int main(void) {
+    return 0;
+}

testfiles/ignore/ignore.sh

@@ -0,0 +1,5 @@
+#!/bin/sh
+
+echo $test $test
+
+echo $test2

testfiles/scandir/discovery

@@ -0,0 +1,3 @@
+#!/usr/bin/env bashio
+
+echo "hi"

testfiles/scandir/finish

@@ -0,0 +1,5 @@
+#!/usr/bin/env bashio
+
+hi="hi"
+
+echo "$hi"

testfiles/scandir/run

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+echo "hi"

testfiles/scandir/test.bash

@@ -0,0 +1,3 @@
+#!/bin/bash
+test="test"
+echo "$test"

testfiles/test

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+test="test"
+echo "$test"

testfiles/test.bash

@@ -0,0 +1,3 @@
+#!/bin/bash
+test="test"
+echo "$test"

testfiles/test.sh

@@ -0,0 +1,4 @@
+#!/usr/bin/sh
+
+test="test"
+echo "$test"