shellcheck icon indicating copy to clipboard operation
shellcheck copied to clipboard
verified publisher icon koalaman

Add native support for "Code Climate" / "GitLab Code Quality" report

Open pmhahn opened this issue 9 months ago • 0 comments

shellcheck can be used with GitLab, which is already documented here: https://github.com/koalaman/shellcheck/wiki/GitLab-CI

There exists several so-called "GitLab components" like https://gitlab.com/pipeline-components/shellcheck which make it very easy to run shellcheck as part of ones own pipeline.

What most of them currently lack is "Code Quality report" integration, showing shellchecks findings next to the lines changed by a "Merge Request" in GitLab. This is currently still supported by running shellcheck via "Code Climate" https://docs.codeclimate.com/docs/shellcheck, but that is deprecated: https://docs.gitlab.com/ci/testing/code_quality/#use-the-built-in-code-quality-cicd-template-deprecated

This is replaced by running linters directly: https://docs.gitlab.com/ci/testing/code_quality/#integrate-common-tools-with-code-quality

The JSON output of shellcheck can be converted to the required "Code Climate" JSON format: https://docs.gitlab.com/ci/testing/code_quality/#code-quality-report-format using jq, see attached shell script. A GitLab pipeline fragment then might look like this:

$[[ inputs.job_name ]]:  # e.g. "shellcheck"
  stage: $[[ inputs.stage ]]  # e.g. "lint"
  image: $[[ inputs.image ]]  # e.g. your variant of "koalaman/shellcheck:stable"
  variables:
    GIT_DEPTH: "1"
  script: |
    set -e -u -o pipefail
    export severity="$[[ inputs.severity ]]"  # one of "error", "warning", "info" or "style"
    gl-shellcheck | tee gl-code-quality-report.json
  artifacts:
    reports:
      codequality: gl-code-quality-report.json
    when: always
  interruptible: true
  allow_failure:
    exit_codes:
      - 1

This has several drawbacks:

  1. You have to build a Docker image yourself, which both contains shellcheck and jq (and bash).
  2. You have to write the JSON into a file, but optionally also want a human readable output in the console output – see #2348 to add support for multiple outputs
  3. If you use | tee to redirect the output to both a file and the console, you loose the exit code from shellcheck

It would be good if shellcheck could directly generate a valid "Code Climate" JSON report.

pmhahn avatar Mar 10 '25 12:03 pmhahn