diff --git a/.circleci/get_version.sh b/.circleci/get_version.sh index f3134f5d7..26c472f92 100755 --- a/.circleci/get_version.sh +++ b/.circleci/get_version.sh @@ -1,6 +1,7 @@ #!/bin/bash set -eo pipefail +# shellcheck disable=SC2068,SC2046 LAST_RELEASE="$(git describe --always --tags $(git rev-list --tags) | grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | head -n 1)" NEXT_RELEASE="$(echo "${LAST_RELEASE}" | python -c "parts = input().split('.'); parts[-1] = str(int(parts[-1])+1); print('.'.join(parts))")" diff --git a/.circleci/publish_helm_chart.sh b/.circleci/publish_helm_chart.sh index 92b9965ed..1ddcde445 100755 --- a/.circleci/publish_helm_chart.sh +++ b/.circleci/publish_helm_chart.sh @@ -14,10 +14,10 @@ git clone git@github.com:specklesystems/helm.git ~/helm # before overwriting the chart with the build version, check if the current chart version # is not newer than the currently build one -CURRENT_VERSION=$(cat ~/helm/charts/speckle-server/Chart.yaml | grep ^version | grep -o '2\..*') -echo ${CURRENT_VERSION} +CURRENT_VERSION="$(grep ^version ~/helm/charts/speckle-server/Chart.yaml | grep -o '2\..*')" +echo "${CURRENT_VERSION}" -.circleci/check_version.py ${CURRENT_VERSION} ${RELEASE_VERSION} +.circleci/check_version.py "${CURRENT_VERSION}" "${RELEASE_VERSION}" if [ $? -eq 1 ] then echo "The current helm chart version is newer than the currently built. Exiting" @@ -27,10 +27,10 @@ fi rm -rf ~/helm/charts/speckle-server cp -r utils/helm/speckle-server ~/helm/charts/speckle-server -sed -i 's/version: [^\s]*/version: '$RELEASE_VERSION'/g' ~/helm/charts/speckle-server/Chart.yaml -sed -i 's/appVersion: [^\s]*/appVersion: '\"$RELEASE_VERSION\"'/g' ~/helm/charts/speckle-server/Chart.yaml +sed -i 's/version: [^\s]*/version: '"${RELEASE_VERSION}"'/g' ~/helm/charts/speckle-server/Chart.yaml +sed -i 's/appVersion: [^\s]*/appVersion: '\""${RELEASE_VERSION}"\"'/g' ~/helm/charts/speckle-server/Chart.yaml -sed -i 's/docker_image_tag: [^\s]*/docker_image_tag: '$RELEASE_VERSION'/g' ~/helm/charts/speckle-server/values.yaml +sed -i 's/docker_image_tag: [^\s]*/docker_image_tag: '"${RELEASE_VERSION}"'/g' ~/helm/charts/speckle-server/values.yaml cd ~/helm diff --git a/.circleci/should_build.sh b/.circleci/should_build.sh index 9b28adf20..9fcf29a06 100755 --- a/.circleci/should_build.sh +++ b/.circleci/should_build.sh @@ -5,7 +5,7 @@ set -eo pipefail [[ "${CIRCLE_BRANCH}" == "main" ]] && echo "true" && exit 0 # or it is on a branch with a Pull Request -[[ ! -z "${CIRCLE_PULL_REQUEST}" ]] && echo "true" && exit 0 +[[ -n "${CIRCLE_PULL_REQUEST}" ]] && echo "true" && exit 0 echo "false" exit 0 diff --git a/.circleci/should_publish.sh b/.circleci/should_publish.sh index c52b6805a..2774207c6 100755 --- a/.circleci/should_publish.sh +++ b/.circleci/should_publish.sh @@ -1,12 +1,14 @@ #!/usr/bin/env bash set -eo pipefail -IFS='£' read -a PUB_TAGS <<< "${PUBLISHABLE_TAGS}" +IFS='£' read -r -a PUB_TAGS <<< "${PUBLISHABLE_TAGS}" +# shellcheck disable=SC2068 for item in ${PUB_TAGS[@]}; do [[ "${CIRCLE_TAG}" =~ ${item} ]] && echo "true" && exit 0 done -IFS='£' read -a PUB_BRANCHES <<< "${PUBLISHABLE_BRANCHES}" +IFS='£' read -r -a PUB_BRANCHES <<< "${PUBLISHABLE_BRANCHES}" +# shellcheck disable=SC2068 for item in ${PUB_BRANCHES[@]}; do [[ "${CIRCLE_BRANCH}" =~ ${item} ]] && echo "true" && exit 0 done diff --git a/.husky/pre-commit b/.husky/pre-commit index 0936f0fec..1363567bd 100755 --- a/.husky/pre-commit +++ b/.husky/pre-commit @@ -2,6 +2,7 @@ set -eo pipefail [ -n "$CI" ] && exit 0 +#shellcheck source=/dev/null . "$(dirname "$0")/_/husky.sh" yarn lint-staged diff --git a/.pre-commit-config.deployment.yaml b/.pre-commit-config.deployment.yaml index 7de4c365c..d62743e41 100644 --- a/.pre-commit-config.deployment.yaml +++ b/.pre-commit-config.deployment.yaml @@ -6,5 +6,11 @@ repos: hooks: - id: hadolint + # Cannot use official repo as it relies on Docker, which cannot be supported by either pre-commit.ci or CircleCI + - repo: https://github.com/Jarmos-san/shellcheck-precommit + rev: 'v0.2.0' + hooks: + - id: shellcheck-system + ci: autoupdate_schedule: quarterly diff --git a/README.md b/README.md index f5e44f7ca..c4b130003 100644 --- a/README.md +++ b/README.md @@ -132,6 +132,7 @@ When committing to git, an automated script will run. This will check that your - To enable additional checks, you may wish to _optionally_ install the following: - [`pre-commit`](https://pre-commit.com/#install) - [`hadolint`](https://github.com/hadolint/hadolint#install) + - [`shellcheck`](https://github.com/koalaman/shellcheck#installing) - Please note that these additional checks will be run by Speckle's automated CI environment and non-conformances, if any, may prevent your Pull Request from being merged. - Please use the name of the package as the scope of your commit. diff --git a/packages/frontend/nginx/docker-entrypoint.sh b/packages/frontend/nginx/docker-entrypoint.sh index 517f8199a..098caa512 100755 --- a/packages/frontend/nginx/docker-entrypoint.sh +++ b/packages/frontend/nginx/docker-entrypoint.sh @@ -1,10 +1,11 @@ #!/bin/bash set -euo pipefail +# shellcheck disable=SC2016,SC2046 defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) -echo Starting nginx environment template rendering with $defined_envs +echo Starting nginx environment template rendering with "${defined_envs}" -envsubst "$defined_envs" < /etc/nginx/templates/nginx.conf.template > /etc/nginx/conf.d/nginx.conf +envsubst "${defined_envs}" < /etc/nginx/templates/nginx.conf.template > /etc/nginx/conf.d/nginx.conf echo Nginx conf rendered, starting server... exec "$@" diff --git a/utils/1click_image_scripts/download.sh b/utils/1click_image_scripts/download.sh index f4fb19284..ebc66bdb0 100644 --- a/utils/1click_image_scripts/download.sh +++ b/utils/1click_image_scripts/download.sh @@ -1,9 +1,10 @@ #!/bin/bash +set -euo pipefail echo "* Getting latest version of SpeckleServer Setup files..." mkdir -p /opt/speckle-server -cd /opt/speckle-server +cd /opt/speckle-server || exit 1 wget https://raw.githubusercontent.com/specklesystems/speckle-server/main/utils/1click_image_scripts/setup.py -O setup.py wget https://raw.githubusercontent.com/specklesystems/speckle-server/main/utils/1click_image_scripts/template-nginx-site.conf -O template-nginx-site.conf