Amber icon indicating copy to clipboard operation
Amber copied to clipboard
verified publisher icon Ph0enixKM

[Feature] Integration with shellcheck

Open franchb opened this issue 1 year ago • 10 comments

Usecase

As a DevSecOps specialist, I regularly enforce a check stage for all bash scripts in our project repository utilizing shellcheck, a tool that provides linting for bash scripts to ensure they are written following best practices and avoid common mistakes.

I am interested in experimenting with writing my automation scripts using the Amber scripting language and then compiling them into bash scripts. Ьн CI/CD system currently only permits the execution of bash scripts.

To streamline this workflow, I am seeking a feature in Amber that would allow the automatic generation of bash scripts that are compliant with shellcheck standards right out of the box. This would enable me to leverage the power and convenience of Amber without the need for post-processing or manual corrections on the generated bash scripts.

The ability to do this would ensure that we maintain our code quality and security standards without compromising on efficiency or having to disable shellcheck for these generated scripts.

franchb avatar May 22 '24 05:05 franchb

Right now there are various optimization that we can do to be more aligned with shellcheck:

cd /tmp > /dev/null 2>&1 https://www.shellcheck.net/wiki/SC2164

wget ${__0_download_url} https://www.shellcheck.net/wiki/SC2086

if [ $(echo '!' $__AF_dir_exist4_v0__57 | bc -l | sed '/\./ s/\.\{0,1\}0\{1,\}$//') != 0 ]; then https://www.shellcheck.net/wiki/SC2046

let index=${index}+1 https://www.shellcheck.net/wiki/SC2219

Mte90 avatar Jun 12 '24 09:06 Mte90

So looking at the error below, everytime Amber print a variable it should wrap them. In this way various error are automatically fixed.

For cd is more difficult as requires something to add stuff based on the command parsed. Maybe this can be fixed with https://github.com/Ph0enixKM/Amber/issues/178

I think that it will be cool if the bash generated is ShellCheck "approved".

Mte90 avatar Jun 12 '24 15:06 Mte90

Another Amber example:

move_to_bin(get_download_path("artempyanykh/marksman", 1), "marksman")

Generate this bash code:

 move_to_bin__41_v0 "${__AF_get_download_path40_v0__39_13}" "marksman";
 __AF_move_to_bin41_v0__39_1=$__AF_move_to_bin41_v0;
 echo $__AF_move_to_bin41_v0__39_1 > /dev/null 2>&1

For shellcheck the last like should be:

echo "$__AF_move_to_bin41_v0__39_1" > /dev/null 2>&1

Mte90 avatar Jul 04 '24 10:07 Mte90

We should add shellcheck tests for Amber compiled code and stdlib tests @Mte90

Ph0enixKM avatar Jul 04 '24 19:07 Ph0enixKM

Yes when we will address all of them is something we can do

Mte90 avatar Jul 04 '24 19:07 Mte90

So seems that it is possible to use Shellcheck to autofix the errors that find it.

shellcheck -f diff file.sh | git apply

Basically generating a diff file and using git to apply, so in the meantime we can integrate it if the machine has the tool. That integration should include also some tests that let us spot the issue that we didn't addressed yet in Amber.

Mte90 avatar Jul 09 '24 09:07 Mte90

@Mte90 I want to make it right. Let's make shellcheck tests on the bash code that gets produced by the Amber validity and stdlib tests

Ph0enixKM avatar Jul 09 '24 18:07 Ph0enixKM