fix: find command failing and other improvements (#3)

* feat: better dockerfile, ci and cd for automatic new shellcheck release and better scripts compatible with POSIX

* fix: reviews

* fix: better logical syntax

* fix: added pipefail to script

* Add bash back to dockerfile

---------

Co-authored-by: Felipe Santos <felipecassiors@gmail.com>

Author: carlocorradini

.github/workflows/ci.yaml

@@ -2,7 +2,14 @@ name: ci
 
 on:
   push:
+    branches: [main]
     tags: ['v*.*.*']
+  pull_request:
+    branches: [main]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
 
 jobs:
   check:
@@ -24,15 +31,17 @@ jobs:
 
   release:
     runs-on: ubuntu-latest
+    env:
+      VERSION: ${{ github.ref_name }}
     needs: check
-    if: needs.check.result == 'success'
+    if: needs.check.result == 'success' && startsWith(github.ref, 'refs/tags/')
     steps:
       - name: Checkout
         uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2
-      - name: Extract VERSION from tag
-        run: echo "VERSION=${GITHUB_REF#refs/tags/v}" >> $GITHUB_ENV
       - name: Build packages
         uses: docker/bake-action@v2
       - name: Create GitHub release

.github/workflows/new.yaml

@@ -0,0 +1,71 @@
+name: new
+
+on:
+  schedule:
+    - cron: '0 0 * * *'
+
+jobs:
+  tag:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: ShellCheck latest release
+        id: shellcheck
+        run: |
+          _release=$(
+            curl \
+              --fail \
+              --silent \
+              --location \
+              --show-error \
+              https://api.github.com/repos/koalaman/shellcheck/releases/latest \
+              | jq \
+                --raw-output \
+                '.tag_name'
+          )
+
+          printf '{release}={%s}\n' "$_release" >> "$GITHUB_OUTPUT"
+
+      - name: ShellCheck binaries latest release
+        id: shellcheck_binaries
+        run: |
+          _release=$(
+            curl \
+              --fail \
+              --silent \
+              --location \
+              --show-error \
+              https://api.github.com/repos/vscode-shellcheck/shellcheck-binaries/releases/latest \
+              | jq \
+                --raw-output \
+                '.tag_name'
+          )
+
+          printf '{release}={%s}\n' "$_release" >> "$GITHUB_OUTPUT"
+
+      - name: Shellcheck homebrew container image exist
+        id: shellcheck_homebrew
+        run: |
+          _release_exist=$(
+            curl \
+              --fail \
+              --silent \
+              --location \
+              --show-error \
+              --header "Authorization: Bearer $(printf '%s\n' "${{ secrets.GITHUB_TOKEN }}" | base64)" \
+              https://ghcr.io/v2/homebrew/core/shellcheck/tags/list \
+              | jq \
+                --raw-output \
+                --arg release "$(printf '%s\n' "${{ steps.shellcheck.outputs.release }}" | sed 's/^.\{1\}//')" \
+                'any(.tags[]; . == $release)'
+          )
+
+          printf '{release_exist}={%s}\n' "$_release_exist" >> "$GITHUB_OUTPUT"
+
+      - name: Tag ${{ steps.shellcheck.outputs.release }}
+        uses: rickstaa/action-create-tag@v1
+        if: steps.shellcheck.outputs.release != steps.shellcheck_binaries.outputs.release && steps.shellcheck_homebrew.outputs.release_exist == 'true'
+        with:
+          tag: ${{ steps.shellcheck.outputs.release }}

Dockerfile

@@ -1,19 +1,43 @@
 # syntax=docker/dockerfile:1
 
+# ================
+# CONFIGURATION
+# ================
+# ShellCheck version
 ARG VERSION
 
-FROM --platform=darwin/arm64 ghcr.io/homebrew/core/shellcheck:${VERSION} AS darwin-arm64
+# ================
+# DARWIN ARM64
+# ================
+FROM --platform=darwin/arm64 ghcr.io/homebrew/core/shellcheck:$VERSION AS darwin-arm64
 
+# ================
+# ARCHIVES
+# ================
 FROM alpine AS archives
+ARG VERSION
 
-RUN apk add --no-cache bash curl tar unzip xz
+# Install packages
+RUN apk add --no-cache \
+  bash \
+  findutils \
+  tar \
+  unzip \
+  xz
 
-COPY scripts/download_and_archive.sh /scripts/download_and_archive.sh
+# Copy Darwin arm64 binary
+COPY --from=darwin-arm64 shellcheck/$VERSION/bin/shellcheck /shellcheck.darwin.arm64.data/
 
-ARG VERSION
-COPY --from=darwin-arm64 shellcheck/${VERSION}/bin/shellcheck /shellcheck.darwin.arm64.data/
+# Copy scripts directory
+COPY scripts /scripts
+
+# Execute script
 RUN /scripts/download_and_archive.sh
 
+# ================
+# SCRATCH
+# ================
 FROM scratch
 
+# Copy archives directory
 COPY --from=archives /archives/ /

scripts/__commons.sh

@@ -0,0 +1,139 @@
+# shellcheck shell=bash
+
+# ================
+# GLOBALS
+# ================
+# Downloader
+DOWNLOADER=
+
+# ================
+# LOGGER
+# ================
+# Fatal log level. Cause exit failure
+LOG_LEVEL_FATAL=100
+# Error log level
+LOG_LEVEL_ERROR=200
+# Warning log level
+LOG_LEVEL_WARN=300
+# Informational log level
+LOG_LEVEL_INFO=500
+# Debug log level
+LOG_LEVEL_DEBUG=600
+# Log level
+LOG_LEVEL=$LOG_LEVEL_INFO
+
+# Print log message
+# @param $1 Log level
+# @param $2 Message
+_log_print_message() {
+  log_level=${1:-LOG_LEVEL_FATAL}
+  shift
+  log_level_name=
+  log_message=${*:-}
+
+  # Check log level
+  [ "$log_level" -le "$LOG_LEVEL" ] || return 0
+
+  case $log_level in
+    "$LOG_LEVEL_FATAL")
+      log_level_name=FATAL
+      ;;
+    "$LOG_LEVEL_ERROR")
+      log_level_name=ERROR
+      ;;
+    "$LOG_LEVEL_WARN")
+      log_level_name=WARN
+      ;;
+    "$LOG_LEVEL_INFO")
+      log_level_name=INFO
+      ;;
+    "$LOG_LEVEL_DEBUG")
+      log_level_name=DEBUG
+      ;;
+  esac
+
+  # Log
+  printf '[%-5s] %b\n' "$log_level_name" "$log_message"
+}
+
+# Fatal log message
+# @param $1 Message
+FATAL() {
+  _log_print_message "$LOG_LEVEL_FATAL" "$@" >&2
+  exit 1
+}
+
+# Error log message
+# @param $1 Message
+ERROR() { _log_print_message "$LOG_LEVEL_ERROR" "$@" >&2; }
+
+# Warning log message
+# @param $1 Message
+WARN() { _log_print_message "$LOG_LEVEL_WARN" "$@" >&2; }
+
+# Informational log message
+# @param $1 Message
+INFO() { _log_print_message "$LOG_LEVEL_INFO" "$@"; }
+
+# Debug log message
+# @param $1 Message
+DEBUG() { _log_print_message "$LOG_LEVEL_DEBUG" "$@"; }
+
+# ================
+# ASSERT
+# ================
+# Assert command is installed
+# @param $1 Command name
+assert_cmd() {
+  check_cmd "$1" || FATAL "Command '$1' not found"
+  DEBUG "Command '$1' found at '$(command -v "$1")'"
+}
+
+# Assert executable downloader
+assert_downloader() {
+  [ -z "$DOWNLOADER" ] || return 0
+
+  _assert_downloader() {
+    # Return failure if it doesn't exist or is no executable
+    [ -x "$(command -v "$1")" ] || return 1
+
+    # Set downloader
+    DOWNLOADER=$1
+    return 0
+  }
+
+  # Downloader command
+  _assert_downloader "curl" \
+    || _assert_downloader "wget" \
+    || FATAL "No executable downloader found: 'curl' or 'wget'"
+  DEBUG "Downloader '$DOWNLOADER' found at '$(command -v "$DOWNLOADER")'"
+}
+
+# ================
+# FUNCTIONS
+# ================
+# Check command is installed
+# @param $1 Command name
+check_cmd() {
+  command -v "$1" > /dev/null 2>&1
+}
+
+# Download a file
+# @param $1 Output location
+# @param $2 Download URL
+download() {
+  assert_downloader
+
+  # Download
+  INFO "Downloading file '$2' to '$1'"
+  case $DOWNLOADER in
+    curl)
+      curl --fail --silent --location --show-error --output "$1" "$2" || FATAL "Download file '$2' failed"
+      ;;
+    wget)
+      wget --quiet --output-document="$1" "$2" || FATAL "Download file '$2' failed"
+      ;;
+    *) FATAL "Unknown downloader '$DOWNLOADER'" ;;
+  esac
+  DEBUG "Successfully downloaded file '$2' to '$1'"
+}