From 53d60cc70fa3fe910328919b7ec74c8f3674bdac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20Hurlin?= Date: Wed, 24 Apr 2024 12:05:38 +0200 Subject: [PATCH 1/3] flake.nix: add shellcheck to the dev environment MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Clément Hurlin --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 9b8fd59b86..92eddf5348 100644 --- a/flake.nix +++ b/flake.nix @@ -87,7 +87,7 @@ stylish-haskell = "0.14.5.0"; }; # and from nixpkgs or other inputs - shell.nativeBuildInputs = with nixpkgs; [ gh jq yq-go ]; + shell.nativeBuildInputs = with nixpkgs; [ gh jq yq-go shellcheck ]; # disable Hoogle until someone request it shell.withHoogle = false; # Skip cross compilers for the shell From 544b145b8cda00ac951b9016277e0122d7e73bce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20Hurlin?= Date: Wed, 24 Apr 2024 12:05:47 +0200 Subject: [PATCH 2/3] Make check-cabal-files.sh shellcheck-compliant MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Clément Hurlin --- scripts/ci/check-cabal-files.sh | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/scripts/ci/check-cabal-files.sh b/scripts/ci/check-cabal-files.sh index 2cd8ae36fb..5771c266d5 100755 --- a/scripts/ci/check-cabal-files.sh +++ b/scripts/ci/check-cabal-files.sh @@ -1,10 +1,11 @@ #!/usr/bin/env bash +# +# Runs "cabal check" in all directories containing a versioned .cabal file -for x in $(find . -name '*.cabal' | grep -v dist-newstyle | cut -c 3-); do - ( - d=$(dirname $x) - echo "== $d ==" - cd $d - cabal check - ) +for cabal_file in $(git ls-files "*.cabal") +do + cd "$(dirname "$cabal_file")" || { echo "Cannot cd"; exit 1; } + echo "$(pwd)> cabal-check" + cabal check + cd - || { echo "Cannot cd back"; exit 1; } done From 085a80a65508771f8901ab1e46a4d6490b996814 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20Hurlin?= Date: Wed, 24 Apr 2024 12:05:55 +0200 Subject: [PATCH 3/3] CI: shellcheck scripts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Clément Hurlin --- .github/workflows/shellcheck-exceptions.txt | 0 .github/workflows/shellcheck.yml | 39 +++++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 .github/workflows/shellcheck-exceptions.txt create mode 100644 .github/workflows/shellcheck.yml diff --git a/.github/workflows/shellcheck-exceptions.txt b/.github/workflows/shellcheck-exceptions.txt new file mode 100644 index 0000000000..e69de29bb2 diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml new file mode 100644 index 0000000000..6bdb89c27b --- /dev/null +++ b/.github/workflows/shellcheck.yml @@ -0,0 +1,39 @@ +name: Shellcheck +# This pipeline runs shellcheck on all files with extension .sh, +# except the ones listed in .github/workflows/shellcheck-exceptions.txt. +# +# This pipeline uses Nix, so that the shellcheck version used is the same +# ones as used by developers in Nix shells. This ensures the CI's behavior +# is consistent with the one of developers. + +on: + pull_request: + +jobs: + shellcheck: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install Nix with good defaults + uses: input-output-hk/install-nix-action@v20 + with: + extra_nix_config: | + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= + substituters = https://cache.iog.io/ https://cache.nixos.org/ + nix_path: nixpkgs=channel:nixos-unstable + - uses: cachix/install-nix-action@v18 + with: + nix_path: nixpkgs=channel:nixos-unstable + # Make the Nix environment available to next steps + - uses: rrbutani/use-nix-shell-action@v1 + - name: Shellcheck + run: | + for file in $(git ls-files "*.sh") + do + if grep -q "$file" ".github/workflows/shellcheck-exceptions.txt" + then + echo "⚠️ $file is ignored from shellcheck's verifications. Please consider fixing it." + else + shellcheck "$file" + fi + done