From 377e9742e2004b0c76bd86b4ed9367baea31d49d Mon Sep 17 00:00:00 2001 From: YueYue <76854136+ItzMiracleOwO@users.noreply.github.com> Date: Thu, 10 Feb 2022 23:04:17 +0800 Subject: [PATCH 1/4] Update README.md (#45) Fix error `every step must define a `uses` or `run` key` Co-authored-by: Justin Watts --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index e444507..f0cf0b1 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,7 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v1 + - name: Run ShellCheck uses: azohra/shell-linter@latest ``` From cba41f13fc4dbf980f893704d1e84c5df10b9cc9 Mon Sep 17 00:00:00 2001 From: asadmansr Date: Fri, 11 Jun 2021 07:13:24 -0400 Subject: [PATCH 2/4] Implemented shellcheck exclude feature to ignore specific issues during a scan --- README.md | 7 +++- action.yml | 6 ++- entrypoint.sh | 10 ++++- .../test_script_exclude_multiple_errors.sh | 6 +++ test_data/exclude/test_script_exclude_none.sh | 3 ++ .../exclude/test_script_exclude_one_error.sh | 4 ++ tests/integration_tests/exclude_tests.sh | 41 +++++++++++++++++++ 7 files changed, 73 insertions(+), 4 deletions(-) create mode 100644 test_data/exclude/test_script_exclude_multiple_errors.sh create mode 100644 test_data/exclude/test_script_exclude_none.sh create mode 100644 test_data/exclude/test_script_exclude_one_error.sh create mode 100755 tests/integration_tests/exclude_tests.sh diff --git a/README.md b/README.md index f0cf0b1..8602354 100644 --- a/README.md +++ b/README.md @@ -70,13 +70,14 @@ Note that `exclude-paths` only accepts paths relative to your project's root dir To exclude a folder and it's content recursively just provide the path of the folder **without** a `/` at the end. In the example above, the entire folder at the path `tests/unit_tests` will be excluded from linting. -#### Run static analysis for all the shell scripts and only report issue with error severity: +#### Run static analysis for all the shell scripts and only report issues with error severity while excluding specific issues: ```yml - name: Run ShellCheck uses: azohra/shell-linter@latest with: path: "src/*.sh" severity: "error" + exclude: "SC1068,SC1066" ``` #### Run analysis by using a specific version of Shell Linter: ```yml @@ -95,5 +96,9 @@ Optional. Exclude files and folders from ShellCheck scan. ### `severity` Optional. Specify minimum severity of errors to consider [style, info, warning, error]. Default: `style` +### `exclude` + +Optional. Specify shellcheck issues to exclude during scan. For more information refer to [Checks](https://github.com/koalaman/shellcheck/wiki/Checks). Default: scan all issues. + # License This software is available as open source under the terms of the MIT License. diff --git a/action.yml b/action.yml index 84be49e..b9d3122 100644 --- a/action.yml +++ b/action.yml @@ -14,7 +14,10 @@ inputs: description: 'Specify files or folders to exclude during scan.' required: false default: '' - + exclude: + description: 'Specify shellcheck issues to exclude during scan.' + required: false + default: '' runs: using: 'docker' image: 'Dockerfile' @@ -22,6 +25,7 @@ runs: - ${{ inputs.path }} - ${{ inputs.severity }} - ${{ inputs.exclude-paths}} + - ${{ inputs.exclude }} branding: icon: 'check-circle' color: 'green' diff --git a/entrypoint.sh b/entrypoint.sh index 9bdf8b8..b425560 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -4,7 +4,8 @@ input_paths="$1" severity_mode="$2" exclude_paths="$3" -execution_mode="$4" +exclude_code="$4" +execution_mode="$5" my_dir=$(pwd) status_code="0" find_path_clauses=(! -path "${my_dir}/.git/*") @@ -31,6 +32,11 @@ process_input(){ done fi + optional_params="" + if [[ ! -z "$exclude_code" ]]; then + optional_params="--exclude $exclude_code" + fi + if [[ -n "$input_paths" && "$input_paths" != "." ]]; then for path in $(echo "$input_paths" | tr "," "\n"); do if [ -d "$path" ]; then @@ -58,7 +64,7 @@ scan_file(){ echo "###############################################" echo " Scanning $file" echo "###############################################" - shellcheck -x "$file_path" --severity="$severity_mode" + shellcheck -x "$file_path" --severity="$severity_mode" $optional_params local exit_code=$? if [ $exit_code -eq 0 ] ; then printf "%b" "Successfully scanned ${file_path} 🙌\n" diff --git a/test_data/exclude/test_script_exclude_multiple_errors.sh b/test_data/exclude/test_script_exclude_multiple_errors.sh new file mode 100644 index 0000000..98598c6 --- /dev/null +++ b/test_data/exclude/test_script_exclude_multiple_errors.sh @@ -0,0 +1,6 @@ +#! /bin/bash + +var=World; echo "Hello " +echo "$(date)" + +$foo=42 diff --git a/test_data/exclude/test_script_exclude_none.sh b/test_data/exclude/test_script_exclude_none.sh new file mode 100644 index 0000000..0bf1a2d --- /dev/null +++ b/test_data/exclude/test_script_exclude_none.sh @@ -0,0 +1,3 @@ +#! /bin/bash + +echo "Hello $name" diff --git a/test_data/exclude/test_script_exclude_one_error.sh b/test_data/exclude/test_script_exclude_one_error.sh new file mode 100644 index 0000000..472b8f7 --- /dev/null +++ b/test_data/exclude/test_script_exclude_one_error.sh @@ -0,0 +1,4 @@ +#! /bin/sh + +var = 42 +echo -n 42 diff --git a/tests/integration_tests/exclude_tests.sh b/tests/integration_tests/exclude_tests.sh new file mode 100755 index 0000000..7123ec3 --- /dev/null +++ b/tests/integration_tests/exclude_tests.sh @@ -0,0 +1,41 @@ +#! /bin/bash + +source ./entrypoint.sh "" "" "" "--test" + +test_exclude_no_error(){ + input_paths="./test_data/exclude/test_script_exclude_none.sh" + severity_mode="style" + exclude_code="" + local expected_message="SC2154" + local actual_message=$(process_input) + + assertContains "Did not find the message." "$actual_message" "$expected_message" +} + +test_exclude_one_error(){ + input_paths="./test_data/exclude/test_script_exclude_one_error.sh" + severity_mode="style" + exclude_code="SC2039" + local expected_first_error="SC2034" + local expected_second_error="SC1068" + local actual_message=$(process_input) + + assertContains "Did not find the message." "$actual_message" "$expected_first_error" + assertContains "Did not find the message." "$actual_message" "$expected_second_error" +} + +test_exclude_multiple_errors(){ + input_paths="./test_data/exclude/test_script_exclude_multiple_errors.sh" + severity_mode="style" + exclude_code="SC2034,SC2005,SC2034,SC1066" + local expected_message="Successfully scanned" + local actual_message=$(process_input) + + assertContains "Did not find the message." "$actual_message" "$expected_message" +} + +tearDown(){ + input_paths="" +} + +source ./tests/shunit2 From 304d6707691ef95d52c0ae7f4684898f00075690 Mon Sep 17 00:00:00 2001 From: Asad Mansoor Date: Tue, 8 Mar 2022 12:27:08 -0500 Subject: [PATCH 3/4] Updated the exclude issues feature upon PR feedback and updated the naming of the feature in the README and scripts --- README.md | 15 +++---- action.yml | 4 +- entrypoint.sh | 6 +-- .../test_script_exclude_multiple_errors.sh | 0 .../test_script_exclude_none.sh | 0 .../test_script_exclude_one_error.sh | 3 +- .../integration_tests/exclude_issues_tests.sh | 37 +++++++++++++++++ tests/integration_tests/exclude_tests.sh | 41 ------------------- tests/integration_tests/ignored_path_tests.sh | 2 +- tests/integration_tests/input_path_tests.sh | 2 +- .../integration_tests/severity_mode_tests.sh | 2 +- tests/unit_tests/scan_tests.sh | 2 +- 12 files changed, 55 insertions(+), 59 deletions(-) rename test_data/{exclude => exclude_issues}/test_script_exclude_multiple_errors.sh (100%) rename test_data/{exclude => exclude_issues}/test_script_exclude_none.sh (100%) rename test_data/{exclude => exclude_issues}/test_script_exclude_one_error.sh (62%) create mode 100644 tests/integration_tests/exclude_issues_tests.sh delete mode 100755 tests/integration_tests/exclude_tests.sh diff --git a/README.md b/README.md index 8602354..1356c49 100644 --- a/README.md +++ b/README.md @@ -77,8 +77,10 @@ To exclude a folder and it's content recursively just provide the path of the fo with: path: "src/*.sh" severity: "error" - exclude: "SC1068,SC1066" + exclude-issues: "SC1068,SC1066" ``` +Note that `exclude-issues` contains a list of issues to ignore (example: "SC1068") comma-separated without any spaces. + #### Run analysis by using a specific version of Shell Linter: ```yml - name: Run ShellCheck @@ -87,18 +89,17 @@ To exclude a folder and it's content recursively just provide the path of the fo # Input -### `path` -Optional. Execute lint check on a specific file or folder. Default: `.` +### `exclude-issues` +Optional. Specify shellcheck issues to exclude during scan. For more information refer to [Checks](https://github.com/koalaman/shellcheck/wiki/Checks). Default: scan all issues. ### `exclude-paths` Optional. Exclude files and folders from ShellCheck scan. +### `path` +Optional. Execute lint check on a specific file or folder. Default: `.` + ### `severity` Optional. Specify minimum severity of errors to consider [style, info, warning, error]. Default: `style` -### `exclude` - -Optional. Specify shellcheck issues to exclude during scan. For more information refer to [Checks](https://github.com/koalaman/shellcheck/wiki/Checks). Default: scan all issues. - # License This software is available as open source under the terms of the MIT License. diff --git a/action.yml b/action.yml index b9d3122..2f29f82 100644 --- a/action.yml +++ b/action.yml @@ -14,7 +14,7 @@ inputs: description: 'Specify files or folders to exclude during scan.' required: false default: '' - exclude: + exclude-issues: description: 'Specify shellcheck issues to exclude during scan.' required: false default: '' @@ -25,7 +25,7 @@ runs: - ${{ inputs.path }} - ${{ inputs.severity }} - ${{ inputs.exclude-paths}} - - ${{ inputs.exclude }} + - ${{ inputs.exclude-issues }} branding: icon: 'check-circle' color: 'green' diff --git a/entrypoint.sh b/entrypoint.sh index b425560..27175c5 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -4,7 +4,7 @@ input_paths="$1" severity_mode="$2" exclude_paths="$3" -exclude_code="$4" +exclude_issues="$4" execution_mode="$5" my_dir=$(pwd) status_code="0" @@ -33,8 +33,8 @@ process_input(){ fi optional_params="" - if [[ ! -z "$exclude_code" ]]; then - optional_params="--exclude $exclude_code" + if [[ ! -z "$exclude_issues" ]]; then + optional_params="--exclude $exclude_issues" fi if [[ -n "$input_paths" && "$input_paths" != "." ]]; then diff --git a/test_data/exclude/test_script_exclude_multiple_errors.sh b/test_data/exclude_issues/test_script_exclude_multiple_errors.sh similarity index 100% rename from test_data/exclude/test_script_exclude_multiple_errors.sh rename to test_data/exclude_issues/test_script_exclude_multiple_errors.sh diff --git a/test_data/exclude/test_script_exclude_none.sh b/test_data/exclude_issues/test_script_exclude_none.sh similarity index 100% rename from test_data/exclude/test_script_exclude_none.sh rename to test_data/exclude_issues/test_script_exclude_none.sh diff --git a/test_data/exclude/test_script_exclude_one_error.sh b/test_data/exclude_issues/test_script_exclude_one_error.sh similarity index 62% rename from test_data/exclude/test_script_exclude_one_error.sh rename to test_data/exclude_issues/test_script_exclude_one_error.sh index 472b8f7..4120880 100644 --- a/test_data/exclude/test_script_exclude_one_error.sh +++ b/test_data/exclude_issues/test_script_exclude_one_error.sh @@ -1,4 +1,3 @@ -#! /bin/sh - +#!/bin/sh var = 42 echo -n 42 diff --git a/tests/integration_tests/exclude_issues_tests.sh b/tests/integration_tests/exclude_issues_tests.sh new file mode 100644 index 0000000..4855df4 --- /dev/null +++ b/tests/integration_tests/exclude_issues_tests.sh @@ -0,0 +1,37 @@ +#! /bin/bash + +source ./entrypoint.sh "" "" "" "" "--test" + +test_exclude_no_error(){ + input_paths="./test_data/exclude_issues/test_script_exclude_none.sh" + severity_mode="style" + exclude_issues="" + local expected_message="SC2154" + local actual_message=$(process_input) + + assertContains "Actual messages:$actual_message Did not find the message.\n" "$actual_message" "$expected_message" +} + +test_exclude_one_error(){ + input_paths="./test_data/exclude_issues/test_script_exclude_one_error.sh" + severity_mode="style" + exclude_issues="SC2283" + local expected_error="SC3037" + local not_expected_error="SC2283" + local actual_message=$(process_input) + + assertContains "Actual messages:$actual_message Did not find the message.\n" "$actual_message" "$expected_error" + assertNotContains "Actual messages:$actual_message contains the message.\n" "$actual_message" "$not_expected_error" +} + +test_exclude_multiple_errors(){ + input_paths="./test_data/exclude_issues/test_script_exclude_multiple_errors.sh" + severity_mode="style" + exclude_issues="SC1017,SC2281,SC2034,SC2154,SC2005" + local expected_message="Successfully scanned" + local actual_message=$(process_input) + + assertContains "Actual messages:$actual_message Did not find the message.\n" "$actual_message" "$expected_message" +} + +source ./tests/shunit2 diff --git a/tests/integration_tests/exclude_tests.sh b/tests/integration_tests/exclude_tests.sh deleted file mode 100755 index 7123ec3..0000000 --- a/tests/integration_tests/exclude_tests.sh +++ /dev/null @@ -1,41 +0,0 @@ -#! /bin/bash - -source ./entrypoint.sh "" "" "" "--test" - -test_exclude_no_error(){ - input_paths="./test_data/exclude/test_script_exclude_none.sh" - severity_mode="style" - exclude_code="" - local expected_message="SC2154" - local actual_message=$(process_input) - - assertContains "Did not find the message." "$actual_message" "$expected_message" -} - -test_exclude_one_error(){ - input_paths="./test_data/exclude/test_script_exclude_one_error.sh" - severity_mode="style" - exclude_code="SC2039" - local expected_first_error="SC2034" - local expected_second_error="SC1068" - local actual_message=$(process_input) - - assertContains "Did not find the message." "$actual_message" "$expected_first_error" - assertContains "Did not find the message." "$actual_message" "$expected_second_error" -} - -test_exclude_multiple_errors(){ - input_paths="./test_data/exclude/test_script_exclude_multiple_errors.sh" - severity_mode="style" - exclude_code="SC2034,SC2005,SC2034,SC1066" - local expected_message="Successfully scanned" - local actual_message=$(process_input) - - assertContains "Did not find the message." "$actual_message" "$expected_message" -} - -tearDown(){ - input_paths="" -} - -source ./tests/shunit2 diff --git a/tests/integration_tests/ignored_path_tests.sh b/tests/integration_tests/ignored_path_tests.sh index 313b2cc..dcb316b 100755 --- a/tests/integration_tests/ignored_path_tests.sh +++ b/tests/integration_tests/ignored_path_tests.sh @@ -1,7 +1,7 @@ #! /bin/bash # shellcheck disable=SC2155 -source ./entrypoint.sh "" "" "" "--test" +source ./entrypoint.sh "" "" "" "" "--test" test_ignore_directories(){ local exclude_paths="test_dir,severity_mode" diff --git a/tests/integration_tests/input_path_tests.sh b/tests/integration_tests/input_path_tests.sh index 941c6ba..10cce57 100755 --- a/tests/integration_tests/input_path_tests.sh +++ b/tests/integration_tests/input_path_tests.sh @@ -1,7 +1,7 @@ #! /bin/bash # shellcheck disable=SC2155 -source ./entrypoint.sh "" "" "" "--test" +source ./entrypoint.sh "" "" "" "" "--test" test_execution_mode(){ local expected_path=./test_data diff --git a/tests/integration_tests/severity_mode_tests.sh b/tests/integration_tests/severity_mode_tests.sh index b24bbec..0ca6372 100755 --- a/tests/integration_tests/severity_mode_tests.sh +++ b/tests/integration_tests/severity_mode_tests.sh @@ -1,6 +1,6 @@ #! /bin/bash -source ./entrypoint.sh "" "" "" "--test" +source ./entrypoint.sh "" "" "" "" "--test" test_severity_mode_invalid(){ input_paths="./test_data/severity_mode/test_script_warning.sh" diff --git a/tests/unit_tests/scan_tests.sh b/tests/unit_tests/scan_tests.sh index 45d62b6..84d7ea7 100755 --- a/tests/unit_tests/scan_tests.sh +++ b/tests/unit_tests/scan_tests.sh @@ -1,7 +1,7 @@ #! /bin/bash # shellcheck disable=SC2155 -source ./entrypoint.sh "" "style" "" "--test" +source ./entrypoint.sh "" "style" "" "" "--test" # scan_file tests test_scan_valid_script_with_extension(){ From d1402a5f63ade2c3dced2236ae06a0182135b5cb Mon Sep 17 00:00:00 2001 From: Asad Mansoor Date: Tue, 8 Mar 2022 12:36:17 -0500 Subject: [PATCH 4/4] Updated variable naming for exclude issues tests for readability --- tests/integration_tests/exclude_issues_tests.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/integration_tests/exclude_issues_tests.sh b/tests/integration_tests/exclude_issues_tests.sh index 4855df4..6cbb55f 100644 --- a/tests/integration_tests/exclude_issues_tests.sh +++ b/tests/integration_tests/exclude_issues_tests.sh @@ -6,10 +6,10 @@ test_exclude_no_error(){ input_paths="./test_data/exclude_issues/test_script_exclude_none.sh" severity_mode="style" exclude_issues="" - local expected_message="SC2154" + local expected_error="SC2154" local actual_message=$(process_input) - assertContains "Actual messages:$actual_message Did not find the message.\n" "$actual_message" "$expected_message" + assertContains "Actual messages:$actual_message Did not find the message.\n" "$actual_message" "$expected_error" } test_exclude_one_error(){