Bash scripting is a must-have skill for DevOps. I used to be very very confident at bash. But when I first tried ShellCheck, I realized that I'm just too proud and arrogant.
ShellCheck is a powerful code analysis tool for bash scripts. Like Pylint for Python or Rubocop for Ruby. Give it a try! You'll get surprised.
Permanent link: http://dennyzhang.com/shellcheck
ShellCheck helps to identify a lot of potential issues in your bash scripts. For example, here is one common mistake which ShellCheck caught for me. Most original code will work. However if we feed $dir with a value like "Denny Documents", it hurts. Sometime the bad code may incur very severe damage!
# Before: rm -rf $dir
# After: rm -rf "$dir"
ShellCheck is very easy to install and use. It is built and packaged using Cabal. We can install by apt-get/yum. Or use cabal-install directly like below.
# Install ShellCheck sudo apt-get install -y cabal-install sudo cabal update sudo cabal install shellcheck ln -s /root/.cabal/bin/shellcheck /usr/sbin/shellcheck # Example: Run check for bash scripts sudo shellcheck my_script.sh
By default, ShellCheck enforces hundreds of rules. Each rule has a dedicated wiki page, which explains the purpose and improvement suggestion clearly. For example, wiki for Rule SC1000: https://github...shellcheck/wiki/SC1000. I'm sure you can easily guess the wiki link of other rules.
Skip some ShellCheck rules which don't fit your projects. For your reference, here are the rules I used to skip.
# Run test excluding certain rules EXCLUDE_CODE_LIST="SC1090,SC1091,SC2154,SC2001,SC2002" sudo shellcheck -e $EXCLUDE_CODE_LIST $file # Run test against all scripts under a folder EXCLUDE_CODE_LIST="SC1090,SC1091,SC2154,SC2001,SC2002" find . -name "*.sh" | xargs sudo \ shellcheck -e $EXCLUDE_CODE_LIST $file
Enforce Daily Bash Code Check by Jenkins. Enforcing code quality checks in your daily CI definitely helps.
More Reading: Avoid Blind Wait In DevOps Code