Using `shellcheck` to lint your bash/sh scripts.
Being involved in technology, specifically web, it does not take long we have to write a bash (or shell) script. If you work with server side technology this event happens very soon after logging into a server. As a Dev(Sec)Ops practitioner linting code during the a CI/CD process is a basic requirement for me personally. Until recently linting Bash/sh code for me was a painful process. However, like so much else it was just a matter of time before a solution was found to automate the process. Enter ‘shellcheck’.
For this quick demo I am running Ubuntu 18.04. The installation process is very straight forward, APT work for this.
sudo apt-get install -y shellcheck
Once executed we should see the standard install output. Just to make sure everything completed as expected I execute a quick version check.
And has hoped shellcheck is indeed installed.
Getting to the options of shellcheck is as easy as the installation. A quick ‘ — help’ argument provides us with the list of execution options.
So far so good. Now lets look at how it executes. I has a BASH file in my home directory that provides the SVN history of a file so I used that as a demo.
Hey, that’s pretty neat. Give it is standard output it would be easy to pipe these messages to a reporting system or quality gate process. Nice.
shellcheck is one of those tools that makes life much easier, as long as you know about it before trying to write your own monster of a syntax checker. Easy to install, easy to use, easy to integrate with it becomes yet another quality and security insurance step along the development pipeline.
Share your favorite linter in the comments so we can all learn.
Originally published at David J Eddy.