From 4eb6b8c5354bff2cf6512b7647e389d50894ea1a Mon Sep 17 00:00:00 2001
From: Gondermann <gondermann@b1-systems.de>
Date: Mon, 25 Sep 2023 11:43:11 +0200
Subject: [PATCH] Converted shell check workflow to zuul

Signed-off-by: Gondermann <gondermann@b1-systems.de>
---
 .zuul.yaml                                  |  19 ++--
 playbooks/check-shell-syntax/run.yaml       |   5 +
 roles/check_shell_syntax/defaults/main.yaml |   9 ++
 roles/check_shell_syntax/tasks/main.yaml    | 114 ++++++++++++++++++++
 4 files changed, 141 insertions(+), 6 deletions(-)
 create mode 100644 playbooks/check-shell-syntax/run.yaml
 create mode 100644 roles/check_shell_syntax/defaults/main.yaml
 create mode 100644 roles/check_shell_syntax/tasks/main.yaml

diff --git a/.zuul.yaml b/.zuul.yaml
index 9498072..e81f049 100644
--- a/.zuul.yaml
+++ b/.zuul.yaml
@@ -5,21 +5,28 @@
     vars:
       tox_envlist: gilt
 
+- job:
+    name: check-shell-syntax
+    run: playbooks/check-shell-syntax/run.yaml
+
 - project:
     merge-mode: squash-merge
     default-branch: main
     check:
       jobs:
-        - cfg-generics-tox
-        - flake8
-        - yamllint
+        #- cfg-generics-tox
+        - check-shell-syntax
+        #- flake8
+        #- yamllint
     gate:
       jobs:
-        - cfg-generics-tox
-        - flake8
-        - yamllint
+        #- cfg-generics-tox
+        - check-shell-syntax
+        #- flake8
+        #- yamllint
     periodic-daily:
       jobs:
         - cfg-generics-tox
+        - check-shell-syntax
         - flake8
         - yamllint
diff --git a/playbooks/check-shell-syntax/run.yaml b/playbooks/check-shell-syntax/run.yaml
new file mode 100644
index 0000000..1879e3c
--- /dev/null
+++ b/playbooks/check-shell-syntax/run.yaml
@@ -0,0 +1,5 @@
+---
+- name: Check-shell-syntax
+  hosts: all
+  roles:
+    - check_shell_syntax
diff --git a/roles/check_shell_syntax/defaults/main.yaml b/roles/check_shell_syntax/defaults/main.yaml
new file mode 100644
index 0000000..011b159
--- /dev/null
+++ b/roles/check_shell_syntax/defaults/main.yaml
@@ -0,0 +1,9 @@
+---
+# defaults file for check_shell_syntax
+zuul_work_dir: "{{ zuul.project.src_dir }}"
+shell_check_install_path: "$HOME/shellcheck"
+shell_check_version: "stable"
+shell_check_scan_dir: "."
+shell_check_format: "gcc"
+shell_check_ignore_paths: ""
+shell_check_ignore_names: ""
diff --git a/roles/check_shell_syntax/tasks/main.yaml b/roles/check_shell_syntax/tasks/main.yaml
new file mode 100644
index 0000000..7f81b05
--- /dev/null
+++ b/roles/check_shell_syntax/tasks/main.yaml
@@ -0,0 +1,114 @@
+---
+# tasks file for check-shell-syntax
+- name: Download shellcheck
+  ansible.builtin.shell:
+    cmd: |
+      mkdir -p "{{ shell_check_install_path }}"
+
+      baseurl="https://github.com/koalaman/shellcheck/releases/download"
+
+      curl -Lso "{{ shell_check_install_path }}/sc.tar.xz" \
+        "${baseurl}/{{ shell_check_version }}/shellcheck-{{ shell_check_version }}.linux.x86_64.tar.xz"
+
+      tar -xf "{{ shell_check_install_path }}/sc.tar.xz" -C "{{ shell_check_install_path }}"
+      mv "{{ shell_check_install_path }}/shellcheck-{{ shell_check_version }}/shellcheck" \
+        "{{ shell_check_install_path }}/shellcheck"
+    executable: /bin/bash
+    changed_when: false
+
+- name: Display shellcheck version
+  ansible.builtin.shell:
+    cmd: |
+      "{{ shell_check_install_path }}/shellcheck" --version
+    executable: /bin/bash
+    changed_when: false
+
+- name: Run the check
+  ansible.builtin.shell:
+    cmd: |
+      set -o pipefail
+
+      statuscode=0
+      set -f # temporarily disable globbing so that globs in input aren't expanded
+
+      declare -a excludes
+
+      excludes+=("! -path *./.git/*")
+      excludes+=("! -path *.go")
+      excludes+=("! -path */mvnw")
+
+      if [[ -n "{{ shell_check_ignore_paths }}" ]]; then
+        for path in "{{ shell_check_ignore_paths }}"; do
+          excludes+=("! -path *./$path/*")
+          excludes+=("! -path */$path/*")
+          excludes+=("! -path $path")
+        done
+      fi
+
+      if [[ -n "{{ shell_check_ignore_names }}" ]]; then
+        for name in "{{ shell_check_ignore_names }}"; do
+          excludes+=("! -name $name")
+        done
+      fi
+
+      echo "excludes=${excludes[@]}"
+
+      declare -a filepaths
+      shebangregex="^#! */[^ ]*/(env *)?[abk]*sh"
+
+      while IFS= read -r -d '' file; do
+        filepaths+=("$file")
+      done < <(find "{{ shell_check_scan_dir }}" \
+          ${excludes} \
+          -type f \
+          '(' \
+          -name '*.bash' \
+          -o -name '.bashrc' \
+          -o -name 'bashrc' \
+          -o -name '.bash_aliases' \
+          -o -name '.bash_completion' \
+          -o -name '.bash_login' \
+          -o -name '.bash_logout' \
+          -o -name '.bash_profile' \
+          -o -name 'bash_profile' \
+          -o -name '*.ksh' \
+          -o -name 'suid_profile' \
+          -o -name '*.zsh' \
+          -o -name '.zlogin' \
+          -o -name 'zlogin' \
+          -o -name '.zlogout' \
+          -o -name 'zlogout' \
+          -o -name '.zprofile' \
+          -o -name 'zprofile' \
+          -o -name '.zsenv' \
+          -o -name 'zsenv' \
+          -o -name '.zshrc' \
+          -o -name 'zshrc' \
+          -o -name '*.sh' \
+          -o -path '*/.profile' \
+          -o -path '*/profile' \
+          -o -name '*.shlib' \
+          ')' \
+          -print0)
+
+      while IFS= read -r -d '' file; do
+        head -n1 "$file" | grep -Eqs "$shebangregex" || continue
+        filepaths+=("$file")
+      done < <(find "{{ shell_check_scan_dir }}" \
+          -type f ! -name '*.*' -perm /111 \
+          -print0)
+
+      for file in "${filepaths[@]}"; do
+        "{{ shell_check_install_path }}/shellcheck" \
+          --format={{ shell_check_format }} \
+          "$file" || statuscode=$?
+      done
+
+      echo "filepaths=${filepaths[@]}"
+
+      set +f # re-enable globbing
+
+      exit $statuscode
+    executable: /bin/bash
+    chdir: "{{ zuul_work_dir }}"
+    changed_when: false