fix(ci): resolve all shellcheck warnings to get CI green #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tests | |
| on: | |
| push: | |
| branches: [main, dev] | |
| pull_request: | |
| branches: [main, dev] | |
| jobs: | |
| shellcheck: | |
| name: ShellCheck | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Install shellcheck | |
| run: | | |
| sudo apt-get update -qq | |
| sudo apt-get install -y shellcheck | |
| - name: Run shellcheck | |
| # SC3043/SC3045: local and read -p/-t are ash extensions used deliberately; | |
| # not POSIX but supported by busybox ash on all target OpenWrt versions. | |
| run: shellcheck --shell=sh --severity=warning --exclude=SC3043,SC3045 openvpn_server_management.sh | |
| unit-tests: | |
| name: Unit Tests | |
| runs-on: ubuntu-latest | |
| needs: shellcheck | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Install busybox ash | |
| run: sudo apt-get update -qq && sudo apt-get install -y busybox | |
| - name: Install ShellSpec (pinned tarball, checksum verified) | |
| env: | |
| SHELLSPEC_VERSION: "0.28.1" | |
| SHELLSPEC_SHA256: "350d3de04ba61505c54eda31a3c2ee912700f1758b1a80a284bc08fd8b6c5992" | |
| SHELLSPEC_URL: "https://github.com/shellspec/shellspec/releases/download/0.28.1/shellspec-dist.tar.gz" | |
| run: | | |
| curl -fsSL -o /tmp/shellspec-dist.tar.gz "$SHELLSPEC_URL" | |
| echo "${SHELLSPEC_SHA256} /tmp/shellspec-dist.tar.gz" | sha256sum --check --strict | |
| tar -xzf /tmp/shellspec-dist.tar.gz -C /tmp | |
| sudo install -m 755 /tmp/shellspec/shellspec /usr/local/bin/shellspec | |
| - name: Run unit tests | |
| run: shellspec --shell busybox spec/unit/ | |
| integration-tests: | |
| name: Integration Tests | |
| runs-on: ubuntu-latest | |
| needs: unit-tests | |
| timeout-minutes: 20 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Install ShellSpec (pinned tarball, checksum verified) | |
| env: | |
| SHELLSPEC_VERSION: "0.28.1" | |
| SHELLSPEC_SHA256: "350d3de04ba61505c54eda31a3c2ee912700f1758b1a80a284bc08fd8b6c5992" | |
| SHELLSPEC_URL: "https://github.com/shellspec/shellspec/releases/download/0.28.1/shellspec-dist.tar.gz" | |
| run: | | |
| curl -fsSL -o /tmp/shellspec-dist.tar.gz "$SHELLSPEC_URL" | |
| echo "${SHELLSPEC_SHA256} /tmp/shellspec-dist.tar.gz" | sha256sum --check --strict | |
| tar -xzf /tmp/shellspec-dist.tar.gz -C /tmp | |
| sudo install -m 755 /tmp/shellspec/shellspec /usr/local/bin/shellspec | |
| - name: Build OpenWrt test container | |
| # Pin by digest to prevent tag mutation attacks. | |
| # To update: docker pull openwrt/rootfs:x86-64-23.05.5 && docker inspect --format '{{index .RepoDigests 0}}' openwrt/rootfs:x86-64-23.05.5 | |
| run: | | |
| docker build \ | |
| --build-arg SSH_PUBLIC_KEY="" \ | |
| -t openwrt-ovpn-test \ | |
| ./docker | |
| - name: Run integration tests | |
| run: shellspec --shell sh spec/integration/ |