Standard Variables Separation and Dedicated Scripts for Bash_Utils an… #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: bash_code_analysis | |
| on: | |
| push: | |
| branches: | |
| - develop | |
| pull_request_target: # safe as long as code is not being run | |
| workflow_dispatch: | |
| jobs: | |
| shfmt: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read # for actions/checkout to fetch code | |
| pull-requests: write # to get PR metadata | |
| security-events: write | |
| checks: write | |
| steps: | |
| - name: determine hash | |
| uses: haya14busa/action-cond@v1 | |
| id: hash | |
| with: | |
| cond: ${{ github.event_name == 'pull_request_target' }} | |
| if_true: ${{ github.event.pull_request.head.sha }} | |
| if_false: '' | |
| - name: checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ steps.hash.outputs.value }} | |
| submodules: false | |
| - name: determine reporter | |
| uses: haya14busa/action-cond@v1 | |
| id: reporter | |
| with: | |
| cond: ${{ github.event_name == 'pull_request_target' }} | |
| if_true: 'github-pr-review' | |
| if_false: 'github-check' | |
| - name: shfmt scan | |
| uses: reviewdog/action-shfmt@v1 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| filter_mode: nofilter | |
| level: any | |
| reviewdog_flags: '-reporter=${{ steps.reporter.outputs.value }} -fail-level=any' | |
| shfmt_flags: '' | |
| shellcheck: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read # for actions/checkout to fetch code | |
| pull-requests: write # to get PR metadata | |
| security-events: write | |
| checks: write | |
| steps: | |
| - name: determine hash | |
| uses: haya14busa/action-cond@v1 | |
| id: hash | |
| with: | |
| cond: ${{ github.event_name == 'pull_request_target' }} | |
| if_true: ${{ github.event.pull_request.head.sha }} | |
| if_false: '' | |
| - name: checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ steps.hash.outputs.value }} | |
| submodules: false | |
| - name: determine reporter | |
| uses: haya14busa/action-cond@v1 | |
| id: reporter | |
| with: | |
| cond: ${{ github.event_name == 'pull_request_target' }} | |
| if_true: 'github-pr-review' | |
| if_false: 'github-check' | |
| - name: shellcheck scan | |
| uses: reviewdog/action-shellcheck@v1 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| reporter: ${{ steps.reporter.outputs.value }} | |
| filter_mode: nofilter | |
| fail_level: any | |
| level: any | |
| pattern: | | |
| config.* | |
| JG* | |
| *.env | |
| *.sh | |
| *.bash | |
| exclude: | | |
| */.git/* | |
| */*.yml | |
| */*.yaml | |
| check_all_files_with_shebangs: true |