Over a million developers have joined DZone.

Challenge Your Shell Scripts Using ShellCheck

It's exactly what it sounds like: a tool to check if you're actually a shell script master.

· DevOps Zone

The DevOps zone is brought to you in partnership with Sonatype Nexus. The Nexus suite helps scale your DevOps delivery with continuous component intelligence integrated into development tools, including Eclipse, IntelliJ, Jenkins, Bamboo, SonarQube and more. Schedule a demo today

Bash scripting is a must-have skill for DevOps. I used to be very very confident at bash. But when I first tried ShellCheck, I realized that I'm just too proud and arrogant.

ShellCheck is a powerful code analysis tool for bash scripts. Like Pylint for Python or Rubocop for Ruby. Give it a try! You'll get surprised.


Permanent link: http://dennyzhang.com/shellcheck

ShellCheck helps to identify a lot of potential issues in your bash scripts. For example, here is one common mistake which ShellCheck caught for me. Most original code will work. However if we feed $dir with a value like "Denny Documents", it hurts. Sometime the bad code may incur very severe damage!

# Before:
rm -rf $dir

# After:
rm -rf "$dir"

More Bad Code Examples


ShellCheck is very easy to install and use. It is built and packaged using Cabal. We can install by apt-get/yum. Or use cabal-install directly like below.

# Install ShellCheck
sudo apt-get install -y cabal-install
sudo cabal update
sudo cabal install shellcheck
ln -s /root/.cabal/bin/shellcheck /usr/sbin/shellcheck

# Example: Run check for bash scripts
sudo shellcheck my_script.sh

By default, ShellCheck enforces hundreds of rules. Each rule has a dedicated wiki page, which explains the purpose and improvement suggestion clearly. For example, wiki for Rule SC1000: https://github...shellcheck/wiki/SC1000. I'm sure you can easily guess the wiki link of other rules.

Skip some ShellCheck rules which don't fit your projects. For your reference, here are the rules I used to skip.

# Run test excluding certain rules
sudo shellcheck -e $EXCLUDE_CODE_LIST $file

# Run test against all scripts under a folder
find . -name "*.sh" | xargs sudo \
    shellcheck -e $EXCLUDE_CODE_LIST $file

Enforce Daily Bash Code Check by Jenkins. Enforcing code quality checks in your daily CI definitely helps.


More Reading: Avoid Blind Wait In DevOps Code

The DevOps zone is brought to you in partnership with Sonatype Nexus. Use the Nexus Suite to automate your software supply chain and ensure you're using the highest quality open source components at every step of the development lifecycle. Get Nexus today

devops,bash,jenkins,quality code

The best of DZone straight to your inbox.

Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}