ShellCheck does not recommend quote variables

dalisoft commented 4 months ago

For bugs

Rule Id (if any, e.g. SC1000):
My shellcheck version (shellcheck --version or "online"):
[x] The rule's wiki page does not already cover this (e.g. https://shellcheck.net/wiki/SC2086)
[x] I tried on https://www.shellcheck.net/ and verified that this is still a problem on the latest commit

For new checks and feature suggestions

[x] https://www.shellcheck.net/ (i.e. the latest commit) currently gives no useful warnings about this
[x] I searched through https://github.com/koalaman/shellcheck/issues and didn't find anything related

Here's a snippet or screenshot that shows the problem:

#!/bin/sh
set -eu

# Docker buildx script was copied from
# https://docs.docker.com/build/cloud/ci
# and modified by @dalisoft for AMD64/ARM64 platforms
ARCH=$(uname -m | sed 's/aarch64/arm64/' | sed 's/x86_64/amd64/')
OS=$(uname -s | tr '[:upper:]' '[:lower:]')

prepare() {
  BUILDX_URL=$(curl -s https://raw.githubusercontent.com/docker/actions-toolkit/main/.github/buildx-lab-releases.json | grep "${OS}-${ARCH}\",$" | head -1 | xargs | tr -d ',' | xargs)
  # Download docker buildx with Hyrdobuild support
  mkdir -vp ~/.docker/cli-plugins/
  curl --silent -L --output ~/.docker/cli-plugins/docker-buildx "${BUILDX_URL}"
  chmod a+x ~/.docker/cli-plugins/docker-buildx

  echo "${DOCKER_HUB_PAT-}" | docker login --username "${DOCKER_HUB_USERNAME-}" --password-stdin
}

cleanup() {
  rm -rf ~/.docker/cli-plugins/

  docker logout
}

release() {
  # Build and publish a `Docker` tag
  if [ -n "${DOCKER_HUB_USERNAME-}" ] && [ -n "${DOCKER_HUB_PAT-}" ]; then

    log "Building and publishing Docker image..."
    log_verbose "Docker tag: $NEXT_RELEASE_TAG and version: $NEXT_RELEASE_VERSION!"

    # Don't load this plugin if
    # - `--dry-run` used
    # - `Dockerfile` is missing
    if ! $IS_DRY_RUN; then
      if [ ! -f Dockerfile ]; then
        log "Project does not have Dockerfile"
        return 1
      fi

      prepare

      docker build -t "$GIT_REPO_NAME:$NEXT_BUILD_VERSION" . --push
      docker tag "$GIT_REPO_NAME:$NEXT_BUILD_VERSION" "$GIT_REPO_NAME:latest"
      docker push "$GIT_REPO_NAME:latest"

      log "Docker image published [$NEXT_RELEASE_TAG]!"

      cleanup
    else
      log "Skipped Docker image [$NEXT_RELEASE_TAG] in DRY-RUN mode."
    fi

  else
    echo "
Docker Personal Access Token is not found
Please export Docker Personal Access Token so this plugin can be used
"
    exit 1
  fi
}

Here's what shellcheck currently says:

No reports

Here's what I wanted or expected to see:

Should be quoted variables

#!/bin/sh
set -eu

# Docker buildx script was copied from
# https://docs.docker.com/build/cloud/ci
# and modified by @dalisoft for AMD64/ARM64 platforms
+ARCH="$(uname -m | sed 's/aarch64/arm64/' | sed 's/x86_64/amd64/')"
+OS="$(uname -s | tr '[:upper:]' '[:lower:]')"

prepare() {
  BUILDX_URL=$(curl -s https://raw.githubusercontent.com/docker/actions-toolkit/main/.github/buildx-lab-releases.json | grep "${OS}-${ARCH}\",$" | head -1 | xargs | tr -d ',' | xargs)
  # Download docker buildx with Hyrdobuild support
  mkdir -vp ~/.docker/cli-plugins/
  curl --silent -L --output ~/.docker/cli-plugins/docker-buildx "${BUILDX_URL}"
  chmod a+x ~/.docker/cli-plugins/docker-buildx

  echo "${DOCKER_HUB_PAT-}" | docker login --username "${DOCKER_HUB_USERNAME-}" --password-stdin
}

cleanup() {
  rm -rf ~/.docker/cli-plugins/

  docker logout
}

release() {
  # Build and publish a `Docker` tag
  if [ -n "${DOCKER_HUB_USERNAME-}" ] && [ -n "${DOCKER_HUB_PAT-}" ]; then

    log "Building and publishing Docker image..."
    log_verbose "Docker tag: $NEXT_RELEASE_TAG and version: $NEXT_RELEASE_VERSION!"

    # Don't load this plugin if
    # - `--dry-run` used
    # - `Dockerfile` is missing
    if ! $IS_DRY_RUN; then
      if [ ! -f Dockerfile ]; then
        log "Project does not have Dockerfile"
        return 1
      fi

      prepare

      docker build -t "$GIT_REPO_NAME:$NEXT_BUILD_VERSION" . --push
      docker tag "$GIT_REPO_NAME:$NEXT_BUILD_VERSION" "$GIT_REPO_NAME:latest"
      docker push "$GIT_REPO_NAME:latest"

      log "Docker image published [$NEXT_RELEASE_TAG]!"

      cleanup
    else
      log "Skipped Docker image [$NEXT_RELEASE_TAG] in DRY-RUN mode."
    fi

  else
    echo "
Docker Personal Access Token is not found
Please export Docker Personal Access Token so this plugin can be used
"
    exit 1
  fi
}

dalisoft commented 4 months ago

This case will may fix case of https://github.com/infertux/bashcov/issues/86 partially

brother commented 4 months ago

Uppercase variables are treated as global and always skipped. If you enable check-unassigned-uppercase you'll notice some extra warnings around that, not those lines though as they are used later on inside quoted things and most probably are safe any ways..

ale5000-git commented 4 months ago

You can use this directive to enable all warnings/info/style/etc. messages: # shellcheck enable=all

aeiplatform commented 4 months ago

This is correct behaviour

a=$(printf %s "a b c d")
echo "$a"

dalisoft commented 4 months ago

@ale5000-git Thank you, enabe=all solved my case

koalaman / shellcheck