From 56521937b70f46a90b31cf75647544420fd4816a Mon Sep 17 00:00:00 2001
From: sobolevn <mail@sobolevn.me>
Date: Tue, 8 Oct 2024 21:58:00 +0300
Subject: [PATCH] Add shellcheck CI (#7888)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

I started learning `uv` by inspecting the source code.
I've noticed that your shell scripts are very good! Which is rare!

## Test Plan

I propose to add `shellcheck` to the CI.
It is a great tool to help finding bugs and style issues in shell code.

Techincal details:
- This CI job will only run when any `.sh` files are changed (or the job
definition file)
- It takes just several seconds even on local machine:
```
» time shellcheck -S style **/*.sh
shellcheck -S style **/*.sh  0.02s user 0.05s system 61% cpu 0.123 total
```

- It is easy to use, for example: I just fixed the single problem you
had in your code with `# shellcheck disable=SC1091`
- I am using this tool for around 8 years now and didn't have any
issues. Examples:
https://github.com/sobolevn/git-secret/blob/ca899f3b694187f9027161f537414422ee99c483/.github/workflows/test.yml#L22-L27
and
https://github.com/wemake-services/wemake-django-template/blob/master/.github/workflows/shellcheck.yml

But, I understand that build / lint tools are very subjective. So, feel
free to close :)
---
 .github/renovate.json5    |  6 +++++-
 .github/workflows/ci.yml  | 11 +++++++++++
 scripts/sync_scenarios.sh |  1 +
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/.github/renovate.json5 b/.github/renovate.json5
index be3a4d41dcc1..f0cc4a760dfb 100644
--- a/.github/renovate.json5
+++ b/.github/renovate.json5
@@ -2,7 +2,11 @@
   $schema: "https://docs.renovatebot.com/renovate-schema.json",
   dependencyDashboard: true,
   suppressNotifications: ["prEditedNotification"],
-  extends: ["config:recommended"],
+  extends: [
+    "config:recommended",
+    // For tool versions defined in GitHub Actions:
+    "customManagers:githubActionsVersions",
+  ],
   labels: ["internal"],
   schedule: ["before 4am on Monday"],
   semanticCommits: "disabled",
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index df5c362e158e..41a626d7633d 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -81,6 +81,17 @@ jobs:
       - name: "Python type check"
         run: uvx mypy
 
+      - name: "Lint shell scripts"
+        uses: ludeeus/action-shellcheck@2.0.0
+        env:
+          # renovate: datasource=github-tags depName=koalaman/shellcheck
+          SHELLCHECK_VERSION: "v0.10.0"
+          SHELLCHECK_OPTS: --shell bash
+        with:
+          version: ${{ env.SHELLCHECK_VERSION }}
+          severity: style
+          check_together: "yes"
+
   cargo-clippy:
     timeout-minutes: 10
     needs: determine_changes
diff --git a/scripts/sync_scenarios.sh b/scripts/sync_scenarios.sh
index d89cbb4ebe0e..befbb1a1c4c4 100755
--- a/scripts/sync_scenarios.sh
+++ b/scripts/sync_scenarios.sh
@@ -25,6 +25,7 @@ cd "$script_root/scenarios"
 echo "Setting up a temporary environment..."
 uv venv
 
+# shellcheck disable=SC1091
 source ".venv/bin/activate"
 uv pip install -r requirements.txt --refresh-package packse