diff --git a/hack/.shellcheck_failures b/hack/.shellcheck_failures new file mode 100644 index 00000000000..8e7a846747a --- /dev/null +++ b/hack/.shellcheck_failures @@ -0,0 +1,275 @@ +./build/build-image/rsyncd.sh +./build/common.sh +./build/copy-output.sh +./build/lib/release.sh +./build/make-build-image.sh +./build/make-clean.sh +./build/package-tarballs.sh +./build/release-images.sh +./build/release-in-a-container.sh +./build/release.sh +./build/run.sh +./build/shell.sh +./build/util.sh +./cluster/addons/addon-manager/kube-addons.sh +./cluster/addons/fluentd-elasticsearch/es-image/run.sh +./cluster/addons/fluentd-elasticsearch/fluentd-es-image/run.sh +./cluster/centos/build.sh +./cluster/centos/config-build.sh +./cluster/centos/config-default.sh +./cluster/centos/config-test.sh +./cluster/centos/deployAddons.sh +./cluster/centos/make-ca-cert.sh +./cluster/centos/master/scripts/flannel.sh +./cluster/centos/node/bin/mk-docker-opts.sh +./cluster/centos/node/scripts/flannel.sh +./cluster/centos/util.sh +./cluster/clientbin.sh +./cluster/common.sh +./cluster/gce/config-common.sh +./cluster/gce/config-default.sh +./cluster/gce/config-test.sh +./cluster/gce/delete-stranded-load-balancers.sh +./cluster/gce/gci/configure-helper.sh +./cluster/gce/gci/configure.sh +./cluster/gce/gci/flexvolume_node_setup.sh +./cluster/gce/gci/health-monitor.sh +./cluster/gce/gci/master-helper.sh +./cluster/gce/gci/mounter/stage-upload.sh +./cluster/gce/gci/node-helper.sh +./cluster/gce/gci/shutdown.sh +./cluster/gce/list-resources.sh +./cluster/gce/upgrade-aliases.sh +./cluster/gce/upgrade.sh +./cluster/gce/util.sh +./cluster/get-kube-binaries.sh +./cluster/get-kube-local.sh +./cluster/get-kube.sh +./cluster/images/etcd-empty-dir-cleanup/etcd-empty-dir-cleanup.sh +./cluster/juju/prereqs/ubuntu-juju.sh +./cluster/juju/util.sh +./cluster/kube-down.sh +./cluster/kube-up.sh +./cluster/kube-util.sh +./cluster/kubeadm.sh +./cluster/kubectl.sh +./cluster/kubemark/gce/config-default.sh +./cluster/kubemark/iks/config-default.sh +./cluster/kubemark/util.sh +./cluster/local/util.sh +./cluster/log-dump/log-dump.sh +./cluster/pre-existing/util.sh +./cluster/restore-from-backup.sh +./cluster/test-e2e.sh +./cluster/test-network.sh +./cluster/test-smoke.sh +./cluster/update-storage-objects.sh +./cluster/validate-cluster.sh +./hack/benchmark-go.sh +./hack/build-cross.sh +./hack/build-go.sh +./hack/build-ui.sh +./hack/cherry_pick_pull.sh +./hack/dev-build-and-push.sh +./hack/dev-build-and-up.sh +./hack/dev-push-hyperkube.sh +./hack/e2e-internal/e2e-cluster-size.sh +./hack/e2e-internal/e2e-down.sh +./hack/e2e-internal/e2e-grow-cluster.sh +./hack/e2e-internal/e2e-shrink-cluster.sh +./hack/e2e-internal/e2e-status.sh +./hack/e2e-internal/e2e-up.sh +./hack/e2e-node-test.sh +./hack/gen-swagger-doc/gen-swagger-docs.sh +./hack/generate-bindata.sh +./hack/generate-docs.sh +./hack/get-build.sh +./hack/ginkgo-e2e.sh +./hack/godep-restore.sh +./hack/godep-save.sh +./hack/grab-profiles.sh +./hack/install-etcd.sh +./hack/jenkins/benchmark-dockerized.sh +./hack/jenkins/build.sh +./hack/jenkins/test-dockerized.sh +./hack/jenkins/upload-to-gcs.sh +./hack/jenkins/verify-dockerized.sh +./hack/lib/etcd.sh +./hack/lib/golang.sh +./hack/lib/init.sh +./hack/lib/logging.sh +./hack/lib/protoc.sh +./hack/lib/swagger.sh +./hack/lib/test.sh +./hack/lib/util.sh +./hack/lib/version.sh +./hack/list-feature-tests.sh +./hack/local-up-cluster.sh +./hack/make-rules/build.sh +./hack/make-rules/clean.sh +./hack/make-rules/cross.sh +./hack/make-rules/helpers/cache_go_dirs.sh +./hack/make-rules/make-help.sh +./hack/make-rules/test-cmd.sh +./hack/make-rules/test-e2e-node.sh +./hack/make-rules/test-integration.sh +./hack/make-rules/test-kubeadm-cmd.sh +./hack/make-rules/test.sh +./hack/make-rules/update.sh +./hack/make-rules/verify.sh +./hack/make-rules/vet.sh +./hack/print-workspace-status.sh +./hack/run-in-gopath.sh +./hack/test-go.sh +./hack/test-integration.sh +./hack/test-update-storage-objects.sh +./hack/update-all.sh +./hack/update-api-reference-docs.sh +./hack/update-bazel.sh +./hack/update-cloudprovider-gce.sh +./hack/update-codegen.sh +./hack/update-generated-device-plugin-dockerized.sh +./hack/update-generated-device-plugin.sh +./hack/update-generated-docs.sh +./hack/update-generated-kms-dockerized.sh +./hack/update-generated-kms.sh +./hack/update-generated-kubelet-plugin-registration-dockerized.sh +./hack/update-generated-kubelet-plugin-registration.sh +./hack/update-generated-protobuf-dockerized.sh +./hack/update-generated-protobuf.sh +./hack/update-generated-runtime-dockerized.sh +./hack/update-generated-runtime.sh +./hack/update-generated-swagger-docs.sh +./hack/update-godep-licenses.sh +./hack/update-gofmt.sh +./hack/update-openapi-spec.sh +./hack/update-staging-godeps-dockerized.sh +./hack/update-staging-godeps.sh +./hack/update-swagger-spec.sh +./hack/update-translations.sh +./hack/update-workspace-mirror.sh +./hack/verify-all.sh +./hack/verify-api-groups.sh +./hack/verify-api-reference-docs.sh +./hack/verify-bazel.sh +./hack/verify-boilerplate.sh +./hack/verify-cli-conventions.sh +./hack/verify-cloudprovider-gce.sh +./hack/verify-codegen.sh +./hack/verify-description.sh +./hack/verify-generated-device-plugin.sh +./hack/verify-generated-docs.sh +./hack/verify-generated-files-remake.sh +./hack/verify-generated-files.sh +./hack/verify-generated-kms.sh +./hack/verify-generated-kubelet-plugin-registration.sh +./hack/verify-generated-protobuf.sh +./hack/verify-generated-runtime.sh +./hack/verify-generated-swagger-docs.sh +./hack/verify-godep-licenses.sh +./hack/verify-godeps.sh +./hack/verify-gofmt.sh +./hack/verify-golint.sh +./hack/verify-govet.sh +./hack/verify-import-boss.sh +./hack/verify-imports.sh +./hack/verify-linkcheck.sh +./hack/verify-no-vendor-cycles.sh +./hack/verify-openapi-spec.sh +./hack/verify-pkg-names.sh +./hack/verify-readonly-packages.sh +./hack/verify-spelling.sh +./hack/verify-staging-godeps.sh +./hack/verify-staging-meta-files.sh +./hack/verify-swagger-spec.sh +./hack/verify-symbols.sh +./hack/verify-test-images.sh +./hack/verify-test-owners.sh +./hack/verify-typecheck.sh +./pkg/kubectl/cmd/testdata/edit/record_testcase.sh +./pkg/util/verify-util-pkg.sh +./plugin/pkg/admission/imagepolicy/gencerts.sh +./staging/src/k8s.io/apiextensions-apiserver/examples/client-go/hack/update-codegen.sh +./staging/src/k8s.io/apiextensions-apiserver/examples/client-go/hack/verify-codegen.sh +./staging/src/k8s.io/apiextensions-apiserver/hack/build-image.sh +./staging/src/k8s.io/apiextensions-apiserver/hack/update-codegen.sh +./staging/src/k8s.io/apiextensions-apiserver/hack/verify-codegen.sh +./staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/testcerts/gencerts.sh +./staging/src/k8s.io/apiserver/pkg/util/webhook/gencerts.sh +./staging/src/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/testdata/gen.sh +./staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/gencerts.sh +./staging/src/k8s.io/code-generator/generate-groups.sh +./staging/src/k8s.io/code-generator/generate-internal-groups.sh +./staging/src/k8s.io/code-generator/hack/update-codegen.sh +./staging/src/k8s.io/code-generator/hack/verify-codegen.sh +./staging/src/k8s.io/csi-api/hack/update-codegen.sh +./staging/src/k8s.io/csi-api/hack/verify-codegen.sh +./staging/src/k8s.io/kube-aggregator/hack/build-image.sh +./staging/src/k8s.io/kube-aggregator/hack/local-up-kube-aggregator.sh +./staging/src/k8s.io/kube-aggregator/hack/register-all-apis-from.sh +./staging/src/k8s.io/kube-aggregator/hack/update-codegen.sh +./staging/src/k8s.io/kube-aggregator/hack/verify-codegen.sh +./staging/src/k8s.io/metrics/hack/update-codegen.sh +./staging/src/k8s.io/metrics/hack/verify-codegen.sh +./staging/src/k8s.io/sample-apiserver/hack/build-image.sh +./staging/src/k8s.io/sample-apiserver/hack/update-codegen.sh +./staging/src/k8s.io/sample-apiserver/hack/verify-codegen.sh +./staging/src/k8s.io/sample-controller/hack/update-codegen.sh +./staging/src/k8s.io/sample-controller/hack/verify-codegen.sh +./test/cmd/apply.sh +./test/cmd/apps.sh +./test/cmd/authorization.sh +./test/cmd/batch.sh +./test/cmd/certificate.sh +./test/cmd/core.sh +./test/cmd/crd.sh +./test/cmd/create.sh +./test/cmd/discovery.sh +./test/cmd/generic-resources.sh +./test/cmd/get.sh +./test/cmd/initializers.sh +./test/cmd/legacy-script.sh +./test/cmd/node-management.sh +./test/cmd/old-print.sh +./test/cmd/proxy.sh +./test/cmd/rbac.sh +./test/cmd/request-timeout.sh +./test/cmd/run.sh +./test/cmd/save-config.sh +./test/cmd/storage.sh +./test/cmd/template-output.sh +./test/cmd/version.sh +./test/e2e_node/conformance/run_test.sh +./test/e2e_node/environment/setup_host.sh +./test/e2e_node/gubernator.sh +./test/e2e_node/jenkins/conformance/conformance-jenkins.sh +./test/e2e_node/jenkins/copy-e2e-image.sh +./test/e2e_node/jenkins/e2e-node-jenkins.sh +./test/e2e_node/jenkins/ubuntu-14.04-nvidia-install.sh +./test/images/image-util.sh +./test/images/pets/redis-installer/on-start.sh +./test/images/pets/zookeeper-installer/install.sh +./test/images/pets/zookeeper-installer/on-start.sh +./test/images/volume/gluster/run_gluster.sh +./test/images/volume/iscsi/create_block.sh +./test/images/volume/nfs/run_nfs.sh +./test/images/volume/rbd/bootstrap.sh +./test/images/volume/rbd/create_block.sh +./test/images/volume/rbd/mon.sh +./test/images/volume/rbd/osd.sh +./test/integration/ipamperf/test-performance.sh +./test/integration/scheduler_perf/test-performance.sh +./test/kubemark/common/util.sh +./test/kubemark/configure-kubectl.sh +./test/kubemark/gce/util.sh +./test/kubemark/iks/shutdown.sh +./test/kubemark/iks/startup.sh +./test/kubemark/iks/util.sh +./test/kubemark/master-log-dump.sh +./test/kubemark/pre-existing/util.sh +./test/kubemark/resources/start-kubemark-master.sh +./test/kubemark/run-e2e-tests.sh +./test/kubemark/start-kubemark.sh +./test/kubemark/stop-kubemark.sh +./third_party/forked/shell2junit/sh2ju.sh +./third_party/intemp/intemp.sh diff --git a/hack/verify-shellcheck.sh b/hack/verify-shellcheck.sh new file mode 100755 index 00000000000..4f92ba258ff --- /dev/null +++ b/hack/verify-shellcheck.sh @@ -0,0 +1,155 @@ +#!/usr/bin/env bash + +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. +source "${KUBE_ROOT}/hack/lib/init.sh" + + +# disabled lints +disabled=( + # this lint dissalows non-constant source, which we use extensively + 1090 + # this lint prefers command -v to which, they are not the same + 2230 +) +# comma separate for passing to shellcheck +join_by() { + local IFS="$1"; + shift; + echo "$*"; +} +SHELLCHECK_DISABLED="$(join_by , "${disabled[@]}")" +readonly SHELLCHECK_DISABLED + +if ! which shellcheck > /dev/null; then + echo 'Can not find shellcheck, please install shellcheck to run this script' + echo 'see: https://github.com/koalaman/shellcheck#installing' + # TODO(bentheelder): we should discuss how to better handle this + exit 1 +fi + +cd "${KUBE_ROOT}" + +# find all shell scripts excluding ./_* and ./vendor* +all_shell_scripts=() +while IFS=$'\n' read -r script; + do all_shell_scripts+=("$script"); +done < <(find . -name "*.sh" \ + -not \( \ + -path ./_\* -o \ + -path ./vendor\* \ + \)) + +# make sure known failures are sorted +failure_file="${KUBE_ROOT}/hack/.shellcheck_failures" +if ! diff -u "${failure_file}" <(LC_ALL=C sort "${failure_file}"); then + { + echo + echo "hack/.shellcheck_failures is not in alphabetical order. Please sort it:" + echo + echo " LC_ALL=C sort -o hack/.shellcheck_failures hack/.shellcheck_failures" + echo + } >&2 + false +fi + +# load known failure files +failing_files=() +while IFS=$'\n' read -r script; + do failing_files+=("$script"); +done < <(cat "${failure_file}") + +# TODO(bentheelder): we should probably move this and the copy in verify-golint.sh +# to one of the bash libs +array_contains () { + local seeking=$1; shift # shift will iterate through the array + local in=1 # in holds the exit status for the function + for element; do + if [[ "$element" == "$seeking" ]]; then + in=0 # set in to 0 since we found it + break + fi + done + return $in +} + +# lint each script, tracking failures +errors=() +not_failing=() +for f in "${all_shell_scripts[@]}"; do + set +o errexit + failedLint=$(shellcheck --exclude="${SHELLCHECK_DISABLED}" "${f}") + set -o errexit + array_contains "${f}" "${failing_files[@]}" && in_failing=$? || in_failing=$? + if [[ -n "${failedLint}" ]] && [[ "${in_failing}" -ne "0" ]]; then + errors+=( "${failedLint}" ) + fi + if [[ -z "${failedLint}" ]] && [[ "${in_failing}" -eq "0" ]]; then + not_failing+=( "${f}" ) + fi +done + +# Check to be sure all the packages that should pass lint are. +if [ ${#errors[@]} -eq 0 ]; then + echo 'Congratulations! All shell files have been linted.' +else + { + echo "Errors from shellcheck:" + for err in "${errors[@]}"; do + echo "$err" + done + echo + echo 'Please review the above warnings. You can test via "./hack/verify-shellcheck"' + echo 'If the above warnings do not make sense, you can exempt this package from shellcheck' + echo 'checking by adding it to hack/.shellcheck_failures (if your reviewer is okay with it).' + echo + } >&2 + false +fi + +if [[ ${#not_failing[@]} -gt 0 ]]; then + { + echo "Some packages in hack/.shellcheck_failures are passing shellcheck. Please remove them." + echo + for f in "${not_failing[@]}"; do + echo " $f" + done + echo + } >&2 + false +fi + +# Check that all failing_packages actually still exist +gone=() +for f in "${failing_files[@]}"; do + array_contains "$f" "${all_shell_scripts[@]}" || gone+=( "$f" ) +done + +if [[ ${#gone[@]} -gt 0 ]]; then + { + echo "Some files in hack/.shellcheck_failures do not exist anymore. Please remove them." + echo + for f in "${gone[@]}"; do + echo " $f" + done + echo + } >&2 + false +fi