name: "ShellCheck" author: "Ludeeus " description: "GitHub action for ShellCheck." inputs: additional_files: description: "A space separated list of additional filename to check" required: false default: "" ignore: description: "Paths to ignore when running ShellCheck" required: false default: "" deprecationMessage: "Use ignore_paths or ignore_names instead." ignore_paths: description: "Paths to ignore when running ShellCheck" required: false default: "" ignore_names: description: "Names to ignore when running ShellCheck" required: false default: "" severity: description: "Minimum severity of errors to consider. Options: [error, warning, info, style]" required: false default: "" check_together: description: "Run shellcheck on _all_ files at once, instead of one at a time" required: false default: "" scandir: description: "Directory to be searched for files. Defaults to ." required: false default: "." disable_matcher: description: "Set to true to skip using problem-matcher" required: false default: "false" format: description: "Output format (checkstyle, diff, gcc, json, json1, quiet, tty)" required: false default: "gcc" version: description: "Specify a concrete version of ShellCheck to use" required: false default: "stable" outputs: files: description: A list of files with issues value: ${{ steps.check.outputs.filepaths }} options: description: The options used value: ${{ steps.options.outputs.options }} branding: icon: "terminal" color: "gray-dark" runs: using: "composite" steps: - name: Enable problem-matcher shell: bash env: INPUT_FORMAT: ${{ inputs.format }} INPUT_DISABLE_MATCHER: ${{ inputs.disable_matcher }} run: | problem_matcher_file="${{ github.action_path }}/.github/problem-matcher-${INPUT_FORMAT}.json" if [[ "${INPUT_DISABLE_MATCHER}" != "true" && -f "$problem_matcher_file" ]]; then echo "::add-matcher::$problem_matcher_file" fi - name: Download shellcheck shell: bash env: INPUT_VERSION: ${{ inputs.version }} run: | if [[ "${{ runner.os }}" == "macOS" ]]; then osvariant="darwin" else osvariant="linux" fi baseurl="https://github.com/koalaman/shellcheck/releases/download" curl -Lso "${{ github.action_path }}/sc.tar.xz" \ "${baseurl}/${INPUT_VERSION}/shellcheck-${INPUT_VERSION}.${osvariant}.x86_64.tar.xz" tar -xf "${{ github.action_path }}/sc.tar.xz" -C "${{ github.action_path }}" mv "${{ github.action_path }}/shellcheck-${INPUT_VERSION}/shellcheck" \ "${{ github.action_path }}/shellcheck" - name: Display shellcheck version shell: bash run: | "${{ github.action_path }}/shellcheck" --version - name: Set options shell: bash id: options env: INPUT_SEVERITY: ${{ inputs.severity }} INPUT_FORMAT: ${{ inputs.format }} run: | declare -a options if [[ -n "${INPUT_SEVERITY}" ]]; then options+=("-S ${INPUT_SEVERITY}") fi options+=("--format=${INPUT_FORMAT}") echo "options=${options[@]}" >> $GITHUB_OUTPUT - name: Gather excluded paths shell: bash id: exclude env: INPUT_IGNORE: ${{ inputs.ignore }} INPUT_IGNORE_PATHS: ${{ inputs.ignore_paths }} INPUT_IGNORE_NAMES: ${{ inputs.ignore_names }} run: | declare -a excludes set -f # temporarily disable globbing so that globs in input aren't expanded excludes+=("! -path *./.git/*") excludes+=("! -path *.go") excludes+=("! -path */mvnw") if [[ -n "${INPUT_IGNORE}" ]]; then for path in ${INPUT_IGNORE}; do excludes+=("! -path *./$path/*") excludes+=("! -path */$path/*") excludes+=("! -path $path") done else for path in ${INPUT_IGNORE_PATHS}; do excludes+=("! -path *./$path/*") excludes+=("! -path */$path/*") excludes+=("! -path $path") done fi for name in ${INPUT_IGNORE_NAMES}; do excludes+=("! -name $name") done echo "excludes=${excludes[@]}" >> $GITHUB_OUTPUT set +f # re-enable globbing - name: Gather additional files shell: bash id: additional env: INPUT_ADDITIONAL_FILES: ${{ inputs.additional_files }} run: | declare -a files for file in ${INPUT_ADDITIONAL_FILES}; do files+=("-o -name *$file") done echo "files=${files[@]}" >> $GITHUB_OUTPUT - name: Run the check shell: bash id: check env: INPUT_SCANDIR: ${{ inputs.scandir }} INPUT_CHECK_TOGETHER: ${{ inputs.check_together }} INPUT_EXCLUDE_ARGS: ${{ steps.exclude.outputs.excludes }} INPUT_ADDITIONAL_FILE_ARGS: ${{ steps.additional.outputs.files }} INPUT_SHELLCHECK_OPTIONS: ${{ steps.options.outputs.options }} run: | statuscode=0 declare -a filepaths shebangregex="^#! */[^ ]*/(env *)?[abk]*sh" set -f # temporarily disable globbing so that globs in inputs aren't expanded while IFS= read -r -d '' file; do filepaths+=("$file") done < <(find "${INPUT_SCANDIR}" \ ${INPUT_EXCLUDE_ARGS} \ -type f \ '(' \ -name '*.bash' \ -o -name '.bashrc' \ -o -name 'bashrc' \ -o -name '.bash_aliases' \ -o -name '.bash_completion' \ -o -name '.bash_login' \ -o -name '.bash_logout' \ -o -name '.bash_profile' \ -o -name 'bash_profile' \ -o -name '*.ksh' \ -o -name 'suid_profile' \ -o -name '*.zsh' \ -o -name '.zlogin' \ -o -name 'zlogin' \ -o -name '.zlogout' \ -o -name 'zlogout' \ -o -name '.zprofile' \ -o -name 'zprofile' \ -o -name '.zsenv' \ -o -name 'zsenv' \ -o -name '.zshrc' \ -o -name 'zshrc' \ -o -name '*.sh' \ -o -path '*/.profile' \ -o -path '*/profile' \ -o -name '*.shlib' \ ${INPUT_ADDITIONAL_FILE_ARGS} \ ')' \ -print0) while IFS= read -r -d '' file; do head -n1 "$file" | grep -Eqs "$shebangregex" || continue filepaths+=("$file") done < <(find "${INPUT_SCANDIR}" \ ${INPUT_EXCLUDE_ARGS} \ -type f ! -name '*.*' -perm /111 \ -print0) if [[ -n "${INPUT_CHECK_TOGETHER}" ]]; then "${{ github.action_path }}/shellcheck" \ ${INPUT_SHELLCHECK_OPTIONS} \ "${filepaths[@]}" || statuscode=$? else for file in "${filepaths[@]}"; do "${{ github.action_path }}/shellcheck" \ ${INPUT_SHELLCHECK_OPTIONS} \ "$file" || statuscode=$? done fi echo "filepaths=${filepaths[@]}" >> $GITHUB_OUTPUT echo "statuscode=$statuscode" >> $GITHUB_OUTPUT set +f # re-enable globbing - name: Remove problem-matcher shell: bash run: | echo "::remove-matcher owner=shellcheck-gcc::" echo "::remove-matcher owner=shellcheck-gcc-notice::" echo "::remove-matcher owner=shellcheck-tty::" - name: Exit action shell: bash run: exit ${{steps.check.outputs.statuscode}}