Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: add shellcheck gh action, lint fixes, parallel acts #298

Open
wants to merge 1 commit into
base: trunk
Choose a base branch
from

Conversation

rockett-m
Copy link
Contributor

@rockett-m rockett-m commented Aug 7, 2024

This adds a shellcheck github workflow to check lint our shell files after discussion with @HalosGhost

I fixed a bunch of warnings / errors / info messages from shellcheck across our *.sh scripts.

Edit: added
I assume we will want a scripts/shellcheck.sh script to tidy up the .github/workflows/ci.yml :: shellcheck stage - and to have an easy way for users to run shellcheck / view reports.

act -j shellcheck --container-architecture linux/amd64

scripts/test-transaction.sh Outdated Show resolved Hide resolved
benchmarks/transactions.cpp Outdated Show resolved Hide resolved
scripts/lint.sh Outdated Show resolved Hide resolved
.github/workflows/ci.yml Outdated Show resolved Hide resolved
@rockett-m rockett-m force-pushed the shellcheck-gh-action branch 2 times, most recently from 50befb9 to bc19c19 Compare August 7, 2024 15:24
Copy link
Collaborator

@HalosGhost HalosGhost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are a lot of style-only changes included here (namely, a dramatic but non-universal adoption of bracing variable expansions); I'm fine with these being included (they are, at worst, benign so long as the braces don't change the expansion, which some of the included ones do), but it's a ton of noise making the review much harder.

In the future, any style-only changes should be in a separate commit so they can be reviewed separately; ideally including a script which could be used to apply the style change so that the reviewer can verify the changes are entirely mechanical style modifications.

scripts/test-transaction.sh Outdated Show resolved Hide resolved
.github/workflows/ci.yml Outdated Show resolved Hide resolved
benchmarks/transactions.cpp Outdated Show resolved Hide resolved
scripts/benchmarks.sh Outdated Show resolved Hide resolved
scripts/build-docker.sh Outdated Show resolved Hide resolved
scripts/native-system-benchmark.sh Outdated Show resolved Hide resolved
scripts/native-system-benchmark.sh Outdated Show resolved Hide resolved
scripts/native-system-benchmark.sh Outdated Show resolved Hide resolved
scripts/setup-dependencies.sh Outdated Show resolved Hide resolved
@rockett-m
Copy link
Contributor Author

@HalosGhost I did see the braces recommendation a lot via shellcheck. A warning not an error. I tried to clear as many warnings as I could for this PR

https://www.shellcheck.net/wiki/SC2250

@rockett-m rockett-m force-pushed the shellcheck-gh-action branch 3 times, most recently from 9c5ec61 to 2609413 Compare August 8, 2024 20:32
@rockett-m
Copy link
Contributor Author

rockett-m commented Aug 8, 2024

Divide and conquer PR new plan
Commit 1: ci.yml and shellcheck.sh and any fatal errors across *.sh files (so the stage can pass)
Commit 2: shellcheck info and warning messages fixed to *.sh files
Commit 3: style fixes etc and shebang update to *.sh scripts
Commit 4: use NUM_CORES and xargs in lint.sh for parallelization to lint.sh

scripts/native-system-benchmark.sh Show resolved Hide resolved
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't know that this script is really providing a lot of benefit; It's a lot of boilerplate for what is essentially just

git ls-files '*.sh' | xargs -n 1 -P "$CPUS" shellcheck

But it adds the ceremony of dep-checking, writing the output to a file, and some ad-hoc inspection of that file. The only strict benefit is that it offers a shortcut for people not familiar with shellcheck.

Especially since I expect the GH action that uses this script to be much slower than the native action (because the native action doesn't need to spin up a bare ubuntu container, clone the repo, install all the dependencies, and then run this script).

This is the strongest argument I've seen so far for a command-runner (the least interesting use of Make) instead of the ad-hoc script paradigm we've had so far in this repo.

I'd love comments/thoughts from @maurermi as well. At the very least, I think the GH action should be the native form instead of this; and that immediately calls into question the benefit this script offers.

Copy link
Contributor Author

@rockett-m rockett-m Aug 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I find it very helpful for making shell script changes and being able to run scripts/shellcheck.sh to generate the report right away without having to remember the command above and then how to tee to a file etc.

scripts/create-e2e-report.sh Outdated Show resolved Hide resolved
@rockett-m rockett-m force-pushed the shellcheck-gh-action branch 3 times, most recently from 1d89264 to 1d4dc50 Compare August 15, 2024 21:49
scripts/shellcheck.sh Outdated Show resolved Hide resolved
scripts/shellcheck.sh Outdated Show resolved Hide resolved
scripts/shellcheck.sh Outdated Show resolved Hide resolved
Comment on lines 3 to 18
CYAN="\e[36m"
YELLOW="\e[33m"
BLUE="\e[34m"
RED="\e[31m"
GREEN="\e[32m"
RST_COLOR="\e[0m"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm always a bit hesitant to use color in shell output. If nothing else, I think it has to be used sparingly, and this strikes me as a bit excessive. Is there a specific motivation for having such colorized output?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I find its much easier to understand the key insights quickly with the color. A friend who works in UI actually recommended I add it. We do have color output in some of the other scripts such as ./scripts/install-build-tools.sh and ./scripts/setup-dependencies.sh
failing:
shellcheck-output
passing:
shellcheck-pass
The shellcheck report itself ./shellcheck-report.txt does not have color.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The report can have color, because shellcheck supports configurable colorization.

Other scripts do have color, and we should unify them at some point to behave well for accessibility reasons (color can be helpful, but it can also be terrible; the most accessible option is to support configuration). However, most of those are either run-once, run-super-rarely, or are intended for pipelines and not really for humans (like the end-to-end kubernetes test). If we want to support colorization in this tool, we should at least support a basic way of disabling/enabling it (as shellcheck does).

The gold standard is to offer -c|--color[=WHEN] where WHEN can be one of auto (which disables color when the output is going to a pipe or file, and is a bit tricky to really get right), always, and never (defaulting to auto); and, to support the NO_COLOR environment variable. We should, at least, support the env-var if not something more flexible.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK - gave this a shot

scripts/shellcheck.sh Outdated Show resolved Hide resolved
scripts/shellcheck.sh Outdated Show resolved Hide resolved
scripts/shellcheck.sh Show resolved Hide resolved
scripts/shellcheck.sh Outdated Show resolved Hide resolved
fi
}

check_report() {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you clarify for me why you prefer having the report saved to a file instead of just sending to stdout? This adds a lot of complexity and requires you to deal with things like cache-invalidation.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I allow for both. Send to file always, and --view option to see stdout.
When I am fixing errors I can search very easily in a file, but the stdout could exceed 1000 lines of output and be harder to view the errors of a code. Can grep the stdout but error messages take different amounts of line space so would have to play with grep -B2 -A4 etc.
shellcheck-file

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You barely need to add anything to support outputting to a file (because shells support redirection). Is overriding this default behavior (how almost all other command-line utilities work) of-use? Why not just redirect the output to a file as you need to?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It creates two files now so this wouldn't be trivial anymore

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It now creates two files by running shellcheck twice every time, once at the requested severity level, and one bypassing the user's choice to make a "full" report. Why do this?

Copy link
Contributor Author

@rockett-m rockett-m Aug 22, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The default for shellcheck is 'style' and that seems too strict to make a github action/prevent code from getting in. My script defaults to 'error'.

There are over 100 messages of severity stricter than 'error' (warning, info, style) which I don't want myself or others to be blind to when turning in shell scripts or modifying them.

Very good to have the full report for commit 2 to mow down (warning, info, style) messages. And future reference. Plus being able to see if a certain code is a nuisance more than a help and to deliberate over making it an exclude if so.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

“It would be better to give contributors more feedback than is enforced or asked for” does not feel sufficient to me to rationalize the additional complication of bypassing the standard convention of printing output to stdout (which can be captured by file-redirection should the caller desire). Moreover, even though deriving from a positive motivation, taking an argument to specify severity level and then ignoring it intentionally (note that this will duplicate effort entirely if the user specifies the severity to be equal to shellcheck's default) comes close to being user-hostile (and our users in this case, are contributors)!

If you feel strongly that we should prefer a less restrictive severity level by-default, make the argument for why (and we would instead default to that severity level, perhaps disabling specific codes we find less-than-useful).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Error is the least restrictive severity level as anything more strict gets ignored in pass/fail of the stage.
What if we changed it to warning or info as default and used whichever one in the gh action? Can discuss in slack/zoom if need be.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My phrasing might have been confusing. I meant less-restrictive in the sense of “print more diagnostics”. As I alluded to, I'm comfortable with “raising” the default from error to something higher, but I would ask that you make an argument for why we should prefer that. I appreciate unifying standards across the repository, and improving the CI/CD, and raising the bar for quality of code committed; but, for a research project predominantly focused on engineering novel solutions and not-at-all currently driven by productionization, these improvements are quality-of-life, not top-priority or of most research-interest. Adding friction for contributors absolutely must be justified; it isn't free.

scripts/shellcheck.sh Outdated Show resolved Hide resolved
@rockett-m rockett-m force-pushed the shellcheck-gh-action branch 3 times, most recently from 0e25109 to 034d69e Compare August 22, 2024 04:03
@rockett-m
Copy link
Contributor Author

rockett-m commented Aug 22, 2024

@HalosGhost Incorporated your suggestions. Added more intelligent coloring, waived error codes/severity messages, summary report.

Can be viewed here: https://github.com/mit-dci/opencbdc-tx/actions/runs/10501604065/job/29091863763?pr=298

The waivers are more powerful when looking beyond errors (majority of the info warnings are about variable quotations 'SC2086')

$ ./scripts/shellcheck.sh -C auto -S info -e SC2034 -e SC2086 -e SC1010

sh-chk

Edit: I will add a path to the full report as well in the next push

Copy link
Collaborator

@HalosGhost HalosGhost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll make a full review after the file-output/severity issue has been appropriately resolved or justified.

.github/workflows/ci.yml Outdated Show resolved Hide resolved
scripts/shellcheck.sh Outdated Show resolved Hide resolved
scripts/shellcheck.sh Outdated Show resolved Hide resolved
This commit made with the assistance of github copilot

Signed-off-by: Morgan Rockett <[email protected]>
check_shellcheck_install
parse_cli_args "$@"

if [[ "$COLOR" != "never" ]]; then
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is fine, but auto should be removed from the help output, it's not being handled (which is okay! handling auto-coloring is a bit sticky).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants