IMP: new tag in file to tell that the script should pass shellcheck

The `# run-shellchek` tag must be placed in the first 10 lines of the
file
This commit is contained in:
Charles Herlin 2019-01-24 11:11:08 +01:00
parent 13c88c7da2
commit e8ae07c2e8
12 changed files with 24 additions and 3 deletions

View File

@ -1,4 +1,7 @@
#!/bin/bash #!/bin/bash
# run-shellcheck
# usage : $0 [shell script to check]
# called without arguments, il will shellcheck any *.sh file found in the project
set -e set -e
dockerfile="$(dirname "$0")/Dockerfile.shellcheck" dockerfile="$(dirname "$0")/Dockerfile.shellcheck"

View File

@ -1,7 +1,9 @@
#!/bin/bash #!/bin/bash
# run-shellcheck
# please do not run this script directly but `docker_build_and_run_shellcheck.sh`
files="" files=""
retval=0
if [ $# -eq 0 ]; then if [ $# -eq 0 ]; then
files=$(find . -name "*.sh") files=$(find . -name "*.sh")
@ -10,6 +12,11 @@ else
fi fi
for f in $files; do for f in $files; do
if head "$f" | grep -qE "^# run-shellcheck$"; then
printf "\e[1;36mRunning shellcheck on: %s \e[0m\n" "$f" printf "\e[1;36mRunning shellcheck on: %s \e[0m\n" "$f"
/usr/bin/shellcheck --color=always --external-sources --shell=bash "$f" if ! /usr/bin/shellcheck --color=always --external-sources --shell=bash "$f"; then
retval=$((retval + 1))
fi
fi
done done
exit "$retval"

View File

@ -1,5 +1,6 @@
#! /bin/bash #! /bin/bash
# This file builds a docker image for testing the targeted debian version # This file builds a docker image for testing the targeted debian version
# run-shellcheck
set -e set -e
target="" target=""

View File

@ -1,7 +1,9 @@
# run-shellcheck
test_audit() { test_audit() {
describe Running void to generate the conf file that will later be edited describe Running void to generate the conf file that will later be edited
# shellcheck disable=2154 # shellcheck disable=2154
/opt/debian-cis/bin/hardening/"${script}".sh || true /opt/debian-cis/bin/hardening/"${script}".sh || true
# shellcheck disable=2016
echo 'EXCEPTIONS="$EXCEPTIONS /usr/lib/dbus-1.0/dbus-daemon-launch-helper"' >> /opt/debian-cis/etc/conf.d/"${script}".cfg echo 'EXCEPTIONS="$EXCEPTIONS /usr/lib/dbus-1.0/dbus-daemon-launch-helper"' >> /opt/debian-cis/etc/conf.d/"${script}".cfg
describe Running on blank host describe Running on blank host

View File

@ -1,3 +1,4 @@
# run-shellcheck
test_audit() { test_audit() {
describe Running on blank host describe Running on blank host
register_test retvalshouldbe 0 register_test retvalshouldbe 0

View File

@ -1,3 +1,4 @@
# run-shellcheck
test_audit() { test_audit() {
describe Running on blank host describe Running on blank host
register_test retvalshouldbe 0 register_test retvalshouldbe 0

View File

@ -1,3 +1,4 @@
# run-shellcheck
test_audit() { test_audit() {
describe Running on blank host describe Running on blank host
register_test retvalshouldbe 0 register_test retvalshouldbe 0

View File

@ -1,3 +1,4 @@
# run-shellcheck
test_audit() { test_audit() {
describe Running on blank host describe Running on blank host
register_test retvalshouldbe 0 register_test retvalshouldbe 0

View File

@ -1,3 +1,4 @@
# run-shellcheck
test_audit() { test_audit() {
describe Running on blank host describe Running on blank host
register_test retvalshouldbe 0 register_test retvalshouldbe 0

View File

@ -1,4 +1,5 @@
#!/bin/bash #!/bin/bash
# run-shellcheck
# stop on any error # stop on any error
set -e set -e
# stop on undefined variable # stop on undefined variable

View File

@ -1,4 +1,5 @@
# shellcheck shell=bash # shellcheck shell=bash
# run-shellcheck
########################################### ###########################################
# Assertion functions for funcional tests # # Assertion functions for funcional tests #
########################################### ###########################################

View File

@ -1,4 +1,5 @@
#!/bin/bash #!/bin/bash
# run-shellcheck
# usage : $0 [--nodel|--nowait] [1.1_script-to-test.sh...] # usage : $0 [--nodel|--nowait] [1.1_script-to-test.sh...]
# --nodel will keep logs # --nodel will keep logs
# --nowait will not wait for you to see logs # --nowait will not wait for you to see logs