From 532506a0d1274a865f992f0bdbb8f6ef89e251af Mon Sep 17 00:00:00 2001 From: MareStare Date: Fri, 7 Nov 2025 02:59:53 +0000 Subject: [PATCH 01/12] Add shellcheck script --- scripts/shellcheck.sh | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100755 scripts/shellcheck.sh diff --git a/scripts/shellcheck.sh b/scripts/shellcheck.sh new file mode 100755 index 000000000..202ce4bda --- /dev/null +++ b/scripts/shellcheck.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash +# +# This script runs shellcheck on all shell scripts in the repository. +# It exists because shellcheck doesn't attempt to automatically discover +# shell scripts and requires specifying the files paths explicitly. +# +# This is somewhat understandable, because not all shell scripts use +# obvious file extensions like `.sh`. So, we discover such files by +# checking if they have one of the expected shebang lines at the beginning. + +set -euo pipefail + +. "$(dirname "${BASH_SOURCE[0]}")/lib.sh" + +function shell_script_files { + git ls-files "*.sh" + git grep --files-with-matches '^#!/usr/bin/env bash' + git grep --files-with-matches '^#!/usr/bin/env sh' +} + +mapfile -t files < <(shell_script_files "$@" | sort -u) + +step shellcheck --source-path SCRIPTDIR "${files[@]}" From 9fecea09e44b0611119b19769a2e80133ed57919 Mon Sep 17 00:00:00 2001 From: MareStare Date: Sun, 6 Apr 2025 03:08:24 +0000 Subject: [PATCH 02/12] Fix shellcheck lints in `post-receiver` --- post-receive | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/post-receive b/post-receive index c224455e5..fa67a667b 100755 --- a/post-receive +++ b/post-receive @@ -1,9 +1,12 @@ #!/usr/bin/env bash +set -euo pipefail + # Set up environment +# shellcheck disable=SC1090 source ~/bin/philomena-env -read oldrev newrev ref +read -r oldrev newrev ref echo "Updating $oldrev -> $newrev ($ref)" # Clear variable set to '.' so git commands don't complain @@ -16,13 +19,13 @@ die() { exit 1 } -if git diff --name-only $oldrev $newrev | grep -Ee "^mix.(exs|lock)"; then +if git diff --name-only "$oldrev" "$newrev" | grep -Ee "^mix.(exs|lock)"; then echo "Fetching deps" mix deps.get || die "mix failed to update" fi # Compile assets -if git diff --name-only $oldrev $newrev | grep "^assets/"; then +if git diff --name-only "$oldrev" "$newrev" | grep "^assets/"; then echo "Compiling assets" npm install --prefix ./assets || die "assets install failed" npm run deploy --prefix ./assets @@ -33,7 +36,7 @@ echo "Building release" mix release --overwrite || die "failed to generate release" # Run migrations -if git diff --name-only $oldrev $newrev | grep "^priv/repo/migrations"; then +if git diff --name-only "$oldrev" "$newrev" | grep "^priv/repo/migrations"; then echo "Running database migrations" _build/prod/rel/philomena/bin/philomena eval "Philomena.Release.migrate()" || die "ecto.migrate failed" fi From fa49a4327efd96a1c5147aa5cb44341ce6e0a22d Mon Sep 17 00:00:00 2001 From: MareStare Date: Fri, 7 Nov 2025 03:01:22 +0000 Subject: [PATCH 03/12] Fix shellcheck lints in purge-cache and run-test --- docker/app/purge-cache | 1 + docker/app/run-test | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/docker/app/purge-cache b/docker/app/purge-cache index f16ae4775..5cd1608a6 100755 --- a/docker/app/purge-cache +++ b/docker/app/purge-cache @@ -1,4 +1,5 @@ #!/usr/bin/env sh +# shellcheck disable=SC2034 # Run your custom purge command here. # diff --git a/docker/app/run-test b/docker/app/run-test index f845890f1..ccd69995a 100755 --- a/docker/app/run-test +++ b/docker/app/run-test @@ -11,10 +11,10 @@ mix format --check-formatted # Sleep to allow OpenSearch to finish initializing # if it's not done doing whatever it does yet -echo -n "Waiting for OpenSearch" +printf "Waiting for OpenSearch" until wget -qO - opensearch:9200; do - echo -n "." + printf "." sleep 2 done From 48f7d3b506ca22e56546d313838afb3f34a2c0e8 Mon Sep 17 00:00:00 2001 From: MareStare Date: Fri, 7 Nov 2025 03:27:10 +0000 Subject: [PATCH 04/12] Add shellcheck installation script --- scripts/install/shellcheck.sh | 10 ++++++++++ scripts/lib.sh | 12 ++++++++++++ 2 files changed, 22 insertions(+) create mode 100755 scripts/install/shellcheck.sh diff --git a/scripts/install/shellcheck.sh b/scripts/install/shellcheck.sh new file mode 100755 index 000000000..395f7c19f --- /dev/null +++ b/scripts/install/shellcheck.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +set -euo pipefail + +. "$(dirname "${BASH_SOURCE[0]}")/../lib.sh" + +version=0.11.0 + +fetch https://github.com/koalaman/shellcheck/releases/download/v$version/shellcheck-v$version.linux.x86_64.tar.xz \ + | step tar -xJf - -C /usr/local/bin --strip-components=1 shellcheck-v$version/shellcheck diff --git a/scripts/lib.sh b/scripts/lib.sh index 1ab0d4800..c78192d2e 100644 --- a/scripts/lib.sh +++ b/scripts/lib.sh @@ -80,3 +80,15 @@ function colorize_command { # and we use bash >= v5. If this ever becomes a problem, you know the why. echo -e "\033[1;32m${program}\033[0m ${args[*]}" } + +# `curl` wrapper with better defaults for non-interactive scripts +function fetch { + step curl \ + --fail \ + --silent \ + --show-error \ + --location \ + --retry 5 \ + --retry-all-errors \ + "$@" +} From 31c392e3fb00573623dddc5582404bbd07fd54d7 Mon Sep 17 00:00:00 2001 From: MareStare Date: Fri, 7 Nov 2025 03:27:40 +0000 Subject: [PATCH 05/12] Add shellcheck to the precommit hook. Don't handle non-existing tools. Run checks in parallel --- .githooks/pre-commit | 35 ++++++++++------------------------- 1 file changed, 10 insertions(+), 25 deletions(-) diff --git a/.githooks/pre-commit b/.githooks/pre-commit index 5387bd9f3..0177ceb72 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -11,17 +11,6 @@ set -euo pipefail # we need to resolve it before we can make path relative to this script's file. . "$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")/../scripts/lib.sh" -function command_exists() { - bin_name=$(basename "$1") - - if command -v "$1" &> /dev/null; then - return 0 - fi - - warn "$bin_name CLI was not found. Ignoring it..." - return 1 -} - files=$(git diff --cached --name-only --diff-filter=ACMR | sed 's| |\\ |g') if [[ -z "$files" ]]; then @@ -29,26 +18,22 @@ if [[ -z "$files" ]]; then exit 0 fi -if command_exists typos; then - echo "$files" | step xargs typos -fi +{ + echo "$files" | step xargs typos & + "$(repo)/scripts/shellcheck.sh" & + echo "$files" | step xargs npx prettier --ignore-unknown --write & -if command_exists npx; then - echo "$files" | step xargs npx prettier --ignore-unknown --write -fi - -if command_exists cargo; then # `rustfmt` doesn't ignore non-rust files automatically rust_files=$(echo "$files" | { grep -E '\.rs$' || true; }) - if [[ -n "$rust_files" ]]; then - echo "$rust_files" | step xargs cargo fmt --manifest-path native/Cargo.toml -- + echo "$rust_files" | step xargs cargo fmt --manifest-path native/Cargo.toml -- & fi -fi -if command_exists mix; then - echo "$files" | step xargs mix format -fi + echo "$files" | step xargs mix format & + + # Wait for all background processes to complete + wait +} # Add the modified/prettified files to staging echo "$files" | step xargs git add From 1af320f274e54fe2127bad95229962b2031cf7c5 Mon Sep 17 00:00:00 2001 From: MareStare Date: Fri, 7 Nov 2025 03:33:42 +0000 Subject: [PATCH 06/12] Remove unnecessary $(repo) --- .githooks/pre-commit | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.githooks/pre-commit b/.githooks/pre-commit index 0177ceb72..58b97c8f6 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -20,7 +20,7 @@ fi { echo "$files" | step xargs typos & - "$(repo)/scripts/shellcheck.sh" & + ./scripts/shellcheck.sh & echo "$files" | step xargs npx prettier --ignore-unknown --write & # `rustfmt` doesn't ignore non-rust files automatically From 6cb16650378cd9c9ecc4c974d9a6bfdadc31ff7a Mon Sep 17 00:00:00 2001 From: MareStare Date: Fri, 7 Nov 2025 03:34:09 +0000 Subject: [PATCH 07/12] Remove post-receive as per Liam --- post-receive | 51 --------------------------------------------------- 1 file changed, 51 deletions(-) delete mode 100755 post-receive diff --git a/post-receive b/post-receive deleted file mode 100755 index fa67a667b..000000000 --- a/post-receive +++ /dev/null @@ -1,51 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -# Set up environment -# shellcheck disable=SC1090 -source ~/bin/philomena-env - -read -r oldrev newrev ref -echo "Updating $oldrev -> $newrev ($ref)" - -# Clear variable set to '.' so git commands don't complain -unset GIT_DIR - -cd ~/philomena - -die() { - echo "$*" 1>&2 - exit 1 -} - -if git diff --name-only "$oldrev" "$newrev" | grep -Ee "^mix.(exs|lock)"; then - echo "Fetching deps" - mix deps.get || die "mix failed to update" -fi - -# Compile assets -if git diff --name-only "$oldrev" "$newrev" | grep "^assets/"; then - echo "Compiling assets" - npm install --prefix ./assets || die "assets install failed" - npm run deploy --prefix ./assets - mix phx.digest || die "assets compile failed" -fi - -echo "Building release" -mix release --overwrite || die "failed to generate release" - -# Run migrations -if git diff --name-only "$oldrev" "$newrev" | grep "^priv/repo/migrations"; then - echo "Running database migrations" - _build/prod/rel/philomena/bin/philomena eval "Philomena.Release.migrate()" || die "ecto.migrate failed" -fi - -# Include a task to restart your running appserver instances here. -# -# In general, you should have many app instances configured on different -# ports using the PORT environment variable, so as to allow you to roll -# releases and deploy new code with no visible downtime. -# -# You can use a reverse proxy like haproxy or nginx to load balance between -# different server instances automatically. From a4e03ac5dadca18c965a37ebb33928ae369bf49e Mon Sep 17 00:00:00 2001 From: MareStare Date: Fri, 7 Nov 2025 03:53:19 +0000 Subject: [PATCH 08/12] Make pre-commit hook sequential --- .githooks/pre-commit | 29 +++++++++++++---------------- 1 file changed, 13 insertions(+), 16 deletions(-) diff --git a/.githooks/pre-commit b/.githooks/pre-commit index 58b97c8f6..9e6005647 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -18,22 +18,19 @@ if [[ -z "$files" ]]; then exit 0 fi -{ - echo "$files" | step xargs typos & - ./scripts/shellcheck.sh & - echo "$files" | step xargs npx prettier --ignore-unknown --write & - - # `rustfmt` doesn't ignore non-rust files automatically - rust_files=$(echo "$files" | { grep -E '\.rs$' || true; }) - if [[ -n "$rust_files" ]]; then - echo "$rust_files" | step xargs cargo fmt --manifest-path native/Cargo.toml -- & - fi - - echo "$files" | step xargs mix format & - - # Wait for all background processes to complete - wait -} +echo "$files" | step xargs typos + +./scripts/shellcheck.sh + +echo "$files" | step xargs npx prettier --ignore-unknown --write + +# `rustfmt` doesn't ignore non-rust files automatically +rust_files=$(echo "$files" | { grep -E '\.rs$' || true; }) +if [[ -n "$rust_files" ]]; then + echo "$rust_files" | step xargs cargo fmt --manifest-path native/Cargo.toml -- +fi + +echo "$files" | step xargs mix format & # Add the modified/prettified files to staging echo "$files" | step xargs git add From d5ee3fd3894e7f0a16627ea8493e99a47b3c96af Mon Sep 17 00:00:00 2001 From: MareStare Date: Fri, 7 Nov 2025 04:01:54 +0000 Subject: [PATCH 09/12] Add shellcheck CI job --- .github/workflows/ci.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 99402ba14..d9b6b5a72 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -41,6 +41,13 @@ jobs: - uses: actions/checkout@v5 - uses: crate-ci/typos@master + shellcheck: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + - run: ./scripts/install/shellcheck.sh + - run: ./scripts/shellcheck.sh + cargo: name: Rust Linting and Unit Tests runs-on: ubuntu-latest From c733a65308113546f341694ef602c07af17c1893 Mon Sep 17 00:00:00 2001 From: MareStare Date: Fri, 7 Nov 2025 04:05:52 +0000 Subject: [PATCH 10/12] Follow CI jobs naming pattern for shellcheck --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d9b6b5a72..aba462a7a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -42,6 +42,7 @@ jobs: - uses: crate-ci/typos@master shellcheck: + name: Shellcheck runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 From 27e7545535d0dc7a48aca6393b9b7d0de610fe30 Mon Sep 17 00:00:00 2001 From: MareStare Date: Fri, 7 Nov 2025 04:10:35 +0000 Subject: [PATCH 11/12] Remove stray `&` --- .githooks/pre-commit | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.githooks/pre-commit b/.githooks/pre-commit index 9e6005647..b29cef04d 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -30,7 +30,7 @@ if [[ -n "$rust_files" ]]; then echo "$rust_files" | step xargs cargo fmt --manifest-path native/Cargo.toml -- fi -echo "$files" | step xargs mix format & +echo "$files" | step xargs mix format # Add the modified/prettified files to staging echo "$files" | step xargs git add From 78bd785226f934c7a319a535d86b5fb25aabd7eb Mon Sep 17 00:00:00 2001 From: MareStare Date: Fri, 7 Nov 2025 04:23:37 +0000 Subject: [PATCH 12/12] Fix small grammar mistake --- scripts/shellcheck.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/shellcheck.sh b/scripts/shellcheck.sh index 202ce4bda..022d11aa5 100755 --- a/scripts/shellcheck.sh +++ b/scripts/shellcheck.sh @@ -2,7 +2,7 @@ # # This script runs shellcheck on all shell scripts in the repository. # It exists because shellcheck doesn't attempt to automatically discover -# shell scripts and requires specifying the files paths explicitly. +# shell scripts and requires specifying the file paths explicitly. # # This is somewhat understandable, because not all shell scripts use # obvious file extensions like `.sh`. So, we discover such files by