mirror of
https://github.com/armbian/build.git
synced 2026-01-06 09:58:46 -08:00
28f5839d08
Make all workflow names consistent and action-oriented: - Use action verb first (Announce, Auto-label, Build, Check, Clean, Help, Label, Lint, Listen, Rewrite, Scan, Sync, Welcome) - Keep names concise and descriptive - Remove unnecessary details from the name Changes: - Analyze kernel security (was: Kernel Hardening Analysis) - Announce merge (was: Announce PR merge to Discord) - Announce PR (was: Announce PR on Discord for review) - Auto-label PR (was: Automatic Pull Request Labeling) - Build PR artifacts (was: Generate Artifacts on PR if...) - Check PR assets (was: Check new board assets exist...) - Clean workflow logs (was: Clean Workflow Logs) - Sync Jira (was: Jira Sync) - Help forks (was: Forked Helper) - Label PR on approval (was: PR review labeler) - Lint scripts (was: Lint on Scripts) - Listen PR review (was: PR review listener) - Rewrite kernel configs (was: Rewrite kernel configs - same) - Scan security (was: Scorecards Security Scan) - Sync board list (was: Update Board Lists) - Sync labels (was: Sync Labels from YAML) - Sync maintainers (was: Sync maintainers status) - Sync tools (was: Update Tools in Scripts) - Welcome first-time contributor (was: Welcome first-time issue contributor) - Welcome first-time PR contributor (was: same - kept as is)
60 lines
1.7 KiB
YAML
60 lines
1.7 KiB
YAML
name: Lint scripts
|
|
run-name: 'Shellcheck - PR #${{ github.event.pull_request.number }} ("${{ github.event.pull_request.title }}")'
|
|
#
|
|
# Run ShellCheck on all scripts and generate report as build artifact
|
|
#
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
pull_request:
|
|
types: [opened, reopened, synchronize]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
concurrency:
|
|
group: pipeline-lint-${{github.event.pull_request.number}}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
Shellcheck:
|
|
name: Shell script analysis
|
|
runs-on: ubuntu-latest
|
|
if: ${{ github.repository_owner == 'Armbian' }}
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v6
|
|
with:
|
|
fetch-depth: 2
|
|
|
|
- name: Get changed files
|
|
id: changed-files
|
|
uses: tj-actions/changed-files@e0021407031f5be11a464abee9a0776171c79891 # v46.0.3
|
|
|
|
- name: List all changed files
|
|
run: |
|
|
|
|
# Use framework internal mechanism for checking `lib` and `extensions` code only one file is passed,
|
|
# and source's are followed, thus the whole project is "understood" by shellcheck.
|
|
# For example, when checking individual files, one variable might be thought "unused" because it
|
|
# is only used in another file, which does not happen when done properly.
|
|
|
|
bash lib/tools/shellcheck.sh
|
|
|
|
ret=0
|
|
|
|
for file in ${{ steps.changed-files.outputs.all_changed_files }}; do
|
|
|
|
if [[ ! "${file}" =~ lib/|extensions/|.py|.service|.rules|.network|.netdev ]]; then
|
|
if grep -qE "^#\!/.*bash" $file; then
|
|
|
|
shellcheck --severity=error $file || ret=$?
|
|
|
|
fi
|
|
fi
|
|
|
|
done
|
|
|
|
exit $ret
|