[#3287] automatically determine list of files to shellcheck

To not allow developers to get away with not shellchecking a new script
by omitting to add it to the manual list that existed before.

.gitlab-ci.yml

@@ -4,13 +4,6 @@ variables:
 
   CI_REGISTRY_IMAGE: registry.gitlab.isc.org/isc-projects/kea
 
-  # Disabled shellcheck warnings:
-  # SC1117: Backslash is literal in "\/". Prefer explicit escaping: "\\/".
-  # SC2119: Use "$@" if function's $1 should mean script's $1.
-  # SC2039: In POSIX sh, 'local' is undefined.
-  # SC3043: In POSIX sh, 'local' is undefined.
-  SHELLCHECK_OPTS: "--exclude=SC1117 --exclude=SC2119 --exclude=SC2039 --exclude=SC3043"
-
   # Setting this variable will affect all Security templates
   # (SAST, Dependency Scanning, ...)
   SECURE_ANALYZERS_PREFIX: "registry.gitlab.com/gitlab-org/security-products/analyzers"
@@ -23,96 +16,6 @@ image: "${CI_REGISTRY_IMAGE}:latest"
 stages:
   - test
 
-shellcheck:
-  stage: test
-  script:
-    - SCRIPTS=
-    - SCRIPTS+="src/bin/admin/admin-utils.sh.in "
-    - SCRIPTS+="src/bin/admin/kea-admin.in "
-    - SCRIPTS+="src/bin/admin/tests/admin_tests.sh.in "
-    - SCRIPTS+="src/bin/admin/tests/memfile_tests.sh.in "
-    - SCRIPTS+="src/bin/admin/tests/mysql_tests.sh.in "
-    - SCRIPTS+="src/bin/admin/tests/pgsql_tests.sh.in "
-    - SCRIPTS+="src/bin/agent/tests/ca_process_tests.sh.in "
-    - SCRIPTS+="src/bin/d2/tests/d2_process_tests.sh.in "
-    - SCRIPTS+="src/bin/dhcp4/tests/dhcp4_process_tests.sh.in "
-    - SCRIPTS+="src/bin/dhcp6/tests/dhcp6_process_tests.sh.in "
-    - SCRIPTS+="src/bin/keactrl/keactrl.conf.in "
-    - SCRIPTS+="src/bin/keactrl/keactrl.in "
-    - SCRIPTS+="src/bin/keactrl/tests/keactrl_tests.sh.in "
-    - SCRIPTS+="src/bin/netconf/tests/shtests/netconf_tests.sh.in "
-    - SCRIPTS+="src/bin/shell/tests/basic_auth_tests.sh.in "
-    - SCRIPTS+="src/bin/shell/tests/shell_process_tests.sh.in "
-    - SCRIPTS+="src/lib/asiolink/tests/process_spawn_app.sh.in "
-    - SCRIPTS+="src/lib/log/tests/buffer_logger_test.sh.in "
-    - SCRIPTS+="src/lib/log/tests/console_test.sh.in "
-    - SCRIPTS+="src/lib/log/tests/destination_test.sh.in "
-    - SCRIPTS+="src/lib/log/tests/init_logger_test.sh.in "
-    - SCRIPTS+="src/lib/log/tests/local_file_test.sh.in "
-    - SCRIPTS+="src/lib/log/tests/logger_lock_test.sh.in "
-    - SCRIPTS+="src/lib/log/tests/severity_test.sh.in "
-    - SCRIPTS+="src/lib/testutils/dhcp_test_lib.sh.in "
-    - SCRIPTS+="src/lib/testutils/xml_reporting_test_lib.sh.in "
-    - SCRIPTS+="src/hooks/dhcp/run_script/tests/run_script_test.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_001.0_to_002.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_002.0_to_003.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_003.0_to_004.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_004.0_to_004.1.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_004.1_to_005.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_005.0_to_005.1.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_005.1_to_005.2.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_005.2_to_006.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_006.0_to_007.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_007.0_to_008.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_008.0_to_008.1.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_008.1_to_008.2.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_008.2_to_009.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_009.0_to_009.1.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_009.1_to_009.2.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_009.2_to_009.3.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_009.3_to_009.4.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_009.4_to_009.5.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_009.5_to_009.6.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_009.6_to_010.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_010_to_011.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_011_to_012.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_012_to_013.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/upgrade_013_to_014.sh.in "
-    - SCRIPTS+="src/share/database/scripts/mysql/wipe_data.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_001.0_to_002.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_002.0_to_003.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_003.0_to_003.1.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_003.1_to_003.2.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_003.2_to_003.3.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_003.3_to_004.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_004.0_to_005.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_005.0_to_005.1.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_005.1_to_006.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_006.0_to_006.1.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_006.1_to_006.2.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_006.2_to_007.0.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_007_to_008.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_008_to_009.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_009_to_010.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_010_to_011.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_011_to_012.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/upgrade_012_to_013.sh.in "
-    - SCRIPTS+="src/share/database/scripts/pgsql/wipe_data.sh.in "
-    - SCRIPTS+="src/share/yang/modules/utils/check-hashes.sh.in "
-    - SCRIPTS+="src/share/yang/modules/utils/check-revisions.sh.in "
-    - SCRIPTS+="src/share/yang/modules/utils/gen-revisions.sh "
-    - SCRIPTS+="src/share/yang/modules/utils/reinstall.sh.in "
-    - SCRIPTS+="tools/add-config-h.sh "
-    - SCRIPTS+="tools/bump-lib-versions.sh "
-    - SCRIPTS+="tools/check-for-duplicate-includes.sh "
-    - SCRIPTS+="tools/check-for-missing-api-commands.sh "
-    - SCRIPTS+="tools/mk_cfgrpt.sh "
-    - SCRIPTS+="tools/path_replacer.sh.in "
-    - SCRIPTS+="tools/print-generated-files.sh "
-    - SCRIPTS+="tools/shellcheck-all.sh "
-    - SCRIPTS+="tools/tests_in_valgrind.sh "
-    - shellcheck -x ${SCRIPTS} ${SHELLCHECK_OPTS}
-
 are-database-scripts-in-sync:
   stage: test
   script:
@@ -164,6 +67,11 @@ missing-git-attribute:
     - git_diff=$(git diff)
     - if test -n "${git_diff}"; then printf '%s\n\n.gitattributes are missing a generated file. Please run "./tools/print-generated-files.sh -a" and commit the resulting change to fix them.\n' "${git_diff}"; exit 1; fi
 
+shellcheck:
+  stage: test
+  script:
+    - ./tools/shellcheck-all.sh
+
 ############################### SAST ################################
 # Read more about this feature here: https://docs.gitlab.com/ee/user/application_security/sast/
 #

tools/shellcheck-all.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# Copyright (C) 2020-2021 Internet Systems Consortium, Inc. ("ISC")
+# Copyright (C) 2020-2024 Internet Systems Consortium, Inc. ("ISC")
 #
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -55,7 +55,27 @@ done
 root_path=$(cd "$(dirname "${0}")/.." && pwd)
 cd "${root_path}"
 
+# Disable shellcheck warnings:
+# SC1117: Backslash is literal in "\/". Prefer explicit escaping: "\\/".
+# SC2119: Use "$@" if function's $1 should mean script's $1.
+# SC2039: In POSIX sh, 'local' is undefined.
+# SC3043: In POSIX sh, 'local' is undefined.
+shellcheck_opts="--exclude=SC1117 --exclude=SC2119 --exclude=SC2039 --exclude=SC3043"
+
+files="$(find . -type f -name '*.sh' -or -name '*.sh.in' | sort)"
+
+# Add shell script files that don't end in .sh or .sh.in.
+for i in \
+  src/bin/admin/kea-admin.in \
+  src/bin/keactrl/keactrl.conf.in \
+  src/bin/keactrl/keactrl.in \
+; do
+  if test -f "${i}"; then
+    files="${files} ${i}"
+  fi
+done
+
 # shellcheck disable=SC2046
 # SC2046: Quote this to prevent word splitting.
 # Reason: We explicitly want the parameters split.
-shellcheck $(grep -F 'SHELLCHECK_OPTS:' ./.gitlab-ci.yml | cut -d '"' -f 2 | xargs | sort -uV) $(grep -F 'SCRIPTS+=' ./.gitlab-ci.yml | cut -d '"' -f 2 | xargs | sort -uV)
+shellcheck ${shellcheck_opts} ${files}