u2mejc/shellcheck-buildspec.md

Created October 28, 2024 21:07

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/u2mejc/9f52de7f3a830170c962634bcb6fe2ec.js"></script>
Save u2mejc/9f52de7f3a830170c962634bcb6fe2ec to your computer and use it in GitHub Desktop.

shellcheck for AWS's CodeBuild buildspec.yaml

Raw

shellcheck is an invaluable tool for validating shell (typically Bash) scripts. When working with a codified CI environment like AWS's CodeBuild, the shell script is defined inside a YAML list (YAML sequence). You can still run shellcheck, by parsing the YAML file with a tool like yq and piping the output to shellcheck:

yq '.phases.build.commands[]' < buildspec.yaml | shellcheck -

Note: shellcheck assumes that everything is a single file, which would execute consecutively in the same shell, but CodeBuild executes each string (line) in a new shell, copying exports only. So things like set don't work on different lines in CodeBuild.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment