name: "ShellCheck" author: "Ludeeus " description: "GitHub action for ShellCheck." inputs: additional_files: description: "A space separated list of additional filename to check" required: false default: "" ignore: description: "Paths to ignore when running ShellCheck" required: false default: "" deprecationMessage: "Use ignore_paths or ignore_names instead." ignore_paths: description: "Paths to ignore when running ShellCheck" required: false default: "" ignore_names: description: "Names to ignore when running ShellCheck" required: false default: "" severity: description: "Minimum severity of errors to consider. Options: [error, warning, info, style]" required: false default: "" check_together: description: "Run shellcheck on _all_ files at once, instead of one at a time" required: false default: "" scandir: description: "Directory to be searched for files. Defaults to ." required: false default: "." disable_matcher: description: "Set to true to skip using problem-matcher" required: false default: "false" format: description: "Output format (checkstyle, diff, gcc, json, json1, quiet, tty)" required: false default: "gcc" version: description: "Specify a concrete version of ShellCheck to use" required: false default: "stable" outputs: files: description: A list of files with issues value: ${{ steps.check.outputs.filepaths }} options: description: The options used value: ${{ steps.options.outputs.options }} branding: icon: "terminal" color: "gray-dark" runs: using: "composite" steps: - name: Enable problem-matcher shell: bash env: format: ${{ inputs.format }} disable_matcher: ${{ inputs.disable_matcher }} run: | problem_matcher_file="${{ github.action_path }}/.github/problem-matcher-${format}.json" if [[ "${disable_matcher}" != "true" && -f "$problem_matcher_file" ]]; then echo "::add-matcher::$problem_matcher_file" fi - name: Download shellcheck shell: bash env: scversion: ${{ inputs.version }} run: | if [[ "${{ runner.os }}" == "macOS" ]]; then osvariant="darwin" else osvariant="linux" fi baseurl="https://github.com/koalaman/shellcheck/releases/download" curl -Lso "${{ github.action_path }}/sc.tar.xz" \ "${baseurl}/${scversion}/shellcheck-${scversion}.${osvariant}.x86_64.tar.xz" tar -xf "${{ github.action_path }}/sc.tar.xz" -C "${{ github.action_path }}" mv "${{ github.action_path }}/shellcheck-${scversion}/shellcheck" \ "${{ github.action_path }}/shellcheck" - name: Display shellcheck version shell: bash run: | "${{ github.action_path }}/shellcheck" --version - name: Set options shell: bash id: options env: severity: ${{ inputs.severity }} format: ${{ inputs.format }} run: | declare -a options if [[ -n "${severity}" ]]; then options+=("-S ${severity}") fi options+=("--format=${format}") echo "options=${options[@]}" >> $GITHUB_OUTPUT - name: Gather excluded paths shell: bash id: exclude env: ignore: ${{ inputs.ignore }} ignore_paths: ${{ inputs.ignore_paths }} ignore_names: ${{ inputs.ignore_names }} run: | declare -a excludes set -f # temporarily disable globbing so that globs in input aren't expanded excludes+=("! -path *./.git/*") excludes+=("! -path *.go") excludes+=("! -path */mvnw") if [[ -n "${ignore}" ]]; then echo "::warning::ignore is deprecated. Please use ignore_paths instead" for path in ${ignore}; do echo "::debug:: Adding '$path' to excludes" excludes+=("! -path *./$path/*") excludes+=("! -path */$path/*") excludes+=("! -path $path") done else for path in ${ignore_paths}; do echo "::debug:: Adding '$path' to excludes" excludes+=("! -path *./$path/*") excludes+=("! -path */$path/*") excludes+=("! -path $path") done fi for name in ${ignore_names}; do echo "::debug:: Adding '$name' to excludes" excludes+=("! -name $name") done echo "excludes=${excludes[@]}" >> $GITHUB_OUTPUT set +f # re-enable globbing - name: Gather additional files shell: bash id: additional env: additional_files: ${{ inputs.additional_files }} run: | declare -a files for file in ${additional_files}; do echo "::debug:: Adding '$file' to additional files" files+=("-o -name *$file") done echo "files=${files[@]}" >> $GITHUB_OUTPUT - name: Run the check shell: bash id: check env: scandir: ${{ inputs.scandir }} check_together: ${{ inputs.check_together }} exclude_args: ${{ steps.exclude.outputs.excludes }} additional_file_args: ${{ steps.additional.outputs.files }} shellcheck_options: ${{ steps.options.outputs.options }} run: | statuscode=0 declare -a filepaths shebangregex="^#! */[^ ]*/(env *)?[abk]*sh" set -f # temporarily disable globbing so that globs in inputs aren't expanded while IFS= read -r -d '' file; do filepaths+=("$file") done < <(find "${scandir}" \ ${exclude_args} \ -type f \ '(' \ -name '*.bash' \ -o -name '.bashrc' \ -o -name 'bashrc' \ -o -name '.bash_aliases' \ -o -name '.bash_completion' \ -o -name '.bash_login' \ -o -name '.bash_logout' \ -o -name '.bash_profile' \ -o -name 'bash_profile' \ -o -name '*.ksh' \ -o -name 'suid_profile' \ -o -name '*.zsh' \ -o -name '.zlogin' \ -o -name 'zlogin' \ -o -name '.zlogout' \ -o -name 'zlogout' \ -o -name '.zprofile' \ -o -name 'zprofile' \ -o -name '.zsenv' \ -o -name 'zsenv' \ -o -name '.zshrc' \ -o -name 'zshrc' \ -o -name '*.sh' \ -o -path '*/.profile' \ -o -path '*/profile' \ -o -name '*.shlib' \ ${additional_file_args} \ ')' \ -print0) while IFS= read -r -d '' file; do head -n1 "$file" | grep -Eqs "$shebangregex" || continue filepaths+=("$file") done < <(find "${scandir}" \ ${exclude_args} \ -type f ! -name '*.*' -perm /111 \ -print0) if [[ -n "${check_together}" ]]; then "${{ github.action_path }}/shellcheck" \ ${shellcheck_options} \ "${filepaths[@]}" || statuscode=$? else for file in "${filepaths[@]}"; do echo "::debug::Checking '$file'" "${{ github.action_path }}/shellcheck" \ ${shellcheck_options} \ "$file" || statuscode=$? done fi echo "filepaths=${filepaths[@]}" >> $GITHUB_OUTPUT echo "statuscode=$statuscode" >> $GITHUB_OUTPUT set +f # re-enable globbing - name: Exit action shell: bash run: exit ${{steps.check.outputs.statuscode}}