Using `shellcheck` to lint your bash/sh scripts.

Pheagey
Pheagey
Nov 27, 2018 · 3 min read
Image for post
Image for post

Opening

Being involved in technology, specifically web, it does not take long we have to write a bash (or shell) script. If you work with server side technology this event happens very soon after logging into a server. As a Dev(Sec)Ops practitioner linting code during the a CI/CD process is a basic requirement for me personally. Until recently linting Bash/sh code for me was a painful process. However, like so much else it was just a matter of time before a solution was found to automate the process. Enter ‘shellcheck’.

Installation

For this quick demo I am running Ubuntu 18.04. The installation process is very straight forward, APT work for this.

Image for post
Image for post
That was easy.

Once executed we should see the standard install output. Just to make sure everything completed as expected I execute a quick version check.

Image for post
Image for post
Worked as expected.

And has hoped shellcheck is indeed installed.

Options

Getting to the options of shellcheck is as easy as the installation. A quick ‘ — help’ argument provides us with the list of execution options.

Image for post
Image for post
Neat, colors and formatting!

Usage

So far so good. Now lets look at how it executes. I has a BASH file in my home directory that provides the SVN history of a file so I used that as a demo.

Image for post
Image for post
Oh man, I suck at BASH scripting.

Hey, that’s pretty neat. Give it is standard output it would be easy to pipe these messages to a reporting system or quality gate process. Nice.

Closing

shellcheck is one of those tools that makes life much easier, as long as you know about it before trying to write your own monster of a syntax checker. Easy to install, easy to use, easy to integrate with it becomes yet another quality and security insurance step along the development pipeline.

Share your favorite linter in the comments so we can all learn.

Additional Resources


Originally published at David J Eddy.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store