Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make yq task more accepting of whatever is put in SCRIPT #1095

Open
wants to merge 3 commits into
base: main
Choose a base branch
from

Conversation

frerikandriessen
Copy link

Changes

This make the yq task more accepting of whatever is put in the SCRIPT param.
I currently had some issues with SCRIPT values as

            # Retrieve old neo4j instance name
            yq eval ".myName" ./apps/myApp/values-$(params.environment).yaml | tr -d "\n" > $(results.yq.path)

            # Overwrite it
            yq eval -i "myName=\"$(params.newName)\"" ./apps/myApp/values-$(params.environment).yaml

or

            yq eval ".myName" ./apps/myApp/values-$(params.environment).yaml | tr -d "\n" > $(results.yq.path)
            yq eval -i "del(.myApps.$(params.myName))" ./apps/app-of-apps/values.yaml

both should just work, since they're valid scripts.

This is fixed now (and I've used them both in my pipeline so it seems to actually work)

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

  • Follows the authoring recommendations
  • Includes docs (if user facing)
  • Includes tests (for new tasks or changed functionality)
  • Meets the Tekton contributor standards (including functionality, content, code)
  • Commit messages follow commit message best practices
  • Has a kind label. You can add one by adding a comment on this PR that
    contains /kind <type>. Valid types are bug, cleanup, design, documentation,
    feature, flake, misc, question, tep
  • Complies with Catalog Organization TEP, see example. Note An issue has been filed to automate this validation
    • File path follows <kind>/<name>/<version>/name.yaml

    • Has README.md at <kind>/<name>/<version>/README.md

    • Has mandatory metadata.labels - app.kubernetes.io/version the same as the <version> of the resource

    • Has mandatory metadata.annotations tekton.dev/pipelines.minVersion

    • mandatory spec.description follows the convention

        ```
      
        spec:
          description: >-
            one line summary of the resource
      
            Paragraph(s) to describe the resource.
        ```
      

See the contribution guide for more details.

@tekton-robot tekton-robot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Oct 22, 2022
@tekton-robot
Copy link

Catlin Output
FILE: task/yq/0.4/yq.yaml
WARN : Step "yq-script" uses image "$(params.image)" that contains variables; skipping validation

@vinamra28
Copy link
Member

@frerikandriessen can you please fix the CI?

@tekton-robot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale with a justification.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close with a justification.
If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/lifecycle stale

Send feedback to tektoncd/plumbing.

@tekton-robot tekton-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 1, 2023
@tekton-robot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten with a justification.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close with a justification.
If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/lifecycle rotten

Send feedback to tektoncd/plumbing.

@tekton-robot tekton-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Mar 3, 2023
@tekton-robot
Copy link

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen with a justification.
Mark the issue as fresh with /remove-lifecycle rotten with a justification.
If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/close

Send feedback to tektoncd/plumbing.

@tekton-robot
Copy link

@tekton-robot: Closed this PR.

In response to this:

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen with a justification.
Mark the issue as fresh with /remove-lifecycle rotten with a justification.
If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/close

Send feedback to tektoncd/plumbing.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@frerikandriessen
Copy link
Author

/reopen
/remove-lifecycle rotten

@tekton-robot tekton-robot reopened this May 15, 2023
@tekton-robot
Copy link

@frerikandriessen: Reopened this PR.

In response to this:

/reopen
/remove-lifecycle rotten

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@tekton-robot tekton-robot removed the lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. label May 15, 2023
@tekton-robot
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign vinamra28 after the PR has been reviewed.
You can assign the PR to them by writing /assign @vinamra28 in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

1 similar comment
@tekton-robot
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign vinamra28 after the PR has been reviewed.
You can assign the PR to them by writing /assign @vinamra28 in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot
Copy link

Catlin Output
FILE: task/yq/0.4/yq.yaml
WARN : Step "yq-script" uses image "$(params.image)" that contains variables; skipping validation

1 similar comment
@tekton-robot
Copy link

Catlin Output
FILE: task/yq/0.4/yq.yaml
WARN : Step "yq-script" uses image "$(params.image)" that contains variables; skipping validation

@frerikandriessen
Copy link
Author

/retest

@frerikandriessen
Copy link
Author

Am I interpreting the results correctly that it failed while testing helm-upgrade-from-repo?

Update Complete. ⎈Happy Helming!⎈
installing helm chart...
history.go:56: [debug] getting history for release helm-repo-sample
install.go:173: [debug] Original chart version: ""
Release "helm-repo-sample" does not exist. Installing it now.
install.go:190: [debug] CHART PATH: /root/.cache/helm/repository/envoy-1.9.4.tgz
WARNING: This chart is deprecated
Error: unable to build kubernetes objects from release manifest: unable to recognize "": no matches for kind "PodDisruptionBudget" in version "policy/v1beta1"
helm.go:81: [debug] unable to recognize "": no matches for kind "PodDisruptionBudget" in version "policy/v1beta1"

Is that even related to my changes? If so, how would I fix it? If not, what now?

@frerikandriessen
Copy link
Author

/test pull-tekton-catalog-integration-tests

@frerikandriessen
Copy link
Author

@vinamra28 pinging you because I've left this to rot for quite some time.

@vinamra28
Copy link
Member

@frerikandriessen can you please try to rebase your branch with latest upstream/main and then retry?

@tekton-robot
Copy link

Catlin Output
FILE: task/42crunch-api-security-audit/0.1/42crunch-api-security-audit.yaml
FILE: task/42crunch-api-security-audit/0.2/42crunch-api-security-audit.yaml
FILE: task/ansible-runner/0.2/ansible-runner.yaml
WARN : Step "requirements" uses image "$(params.image)" that contains variables; skipping validation
WARN : Step "run-playbook" uses image "$(params.image)" that contains variables; skipping validation
FILE: task/blue-green-deploy/0.2/blue-green-deploy.yaml
WARN : Step "change-deployment" uses image "$(params.IMAGE)" that contains variables; skipping validation
FILE: task/boskos-acquire/0.1/boskos-acquire.yaml
HINT : Task: tekton.dev/v1beta1 - name: "boskos-acquire" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "boskosctl-acquire" uses image "gcr.io/k8s-staging-boskos/boskosctl@sha256:a7fc984732c5dd0b4e0fe0a92e2730fa4b6bddecd0f6f6c7c6b5501abe4ab105"; consider using a image tagged with specific version along with digest eg. abc.io/img:v1@sha256:abcde
WARN : Step "create-heartbeat-pod-yaml" uses image "docker.io/lachlanevenson/k8s-kubectl@sha256:3a5e22a406a109f4f26ec06b5f1f6a66ae0cd0e185bc28499eb7b7a3bbf1fe09"; consider using a image tagged with specific version along with digest eg. abc.io/img:v1@sha256:abcde
FILE: task/buildah/0.1/buildah.yaml
HINT : Task: tekton.dev/v1beta1 - name: "buildah" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/buildah/0.2/buildah.yaml
HINT : Task: tekton.dev/v1beta1 - name: "buildah" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/buildah/0.3/buildah.yaml
HINT : Task: tekton.dev/v1beta1 - name: "buildah" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/buildah/0.5/buildah.yaml
HINT : Task: tekton.dev/v1beta1 - name: "buildah" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/buildpacks/0.6/buildpacks.yaml
WARN : Step "create" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/git-cli/0.4/git-cli.yaml
WARN : Step "git" uses image "$(params.BASE_IMAGE)" that contains variables; skipping validation
FILE: task/git-clone/0.9/git-clone.yaml
WARN : Step "clone" uses image "$(params.gitInitImage)" that contains variables; skipping validation
FILE: task/git-rebase/0.1/git-rebase.yaml
FILE: task/gke-cluster-create/0.1/gke-cluster-create.yaml
FILE: task/gogit/0.1/gogit.yaml
HINT : Task: tekton.dev/v1beta1 - name: "gogit" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "gogit" uses image "$(params.gogit-image)" that contains variables; skipping validation
FILE: task/gradle/0.3/gradle.yaml
WARN : Step "gradle-tasks" uses image "$(params.GRADLE_IMAGE)" that contains variables; skipping validation
FILE: task/jib-gradle/0.2/jib-gradle.yaml
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/jib-gradle/0.3/jib-gradle.yaml
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/jib-maven/0.2/jib-maven.yaml
WARN : Step "build-and-push" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
FILE: task/jib-maven/0.3/jib-maven.yaml
WARN : Step "build-and-push" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
FILE: task/jib-maven/0.4/jib-maven.yaml
WARN : Step "build-and-push" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
FILE: task/jib-maven/0.5/jib-maven.yaml
WARN : Step "build-and-push" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
FILE: task/kaniko/0.1/kaniko.yaml
HINT : Task: tekton.dev/v1beta1 - name: "kaniko" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "docker.io/stedolan/jq@sha256:a61ed0bca213081b64be94c5e1b402ea58bc549f457c2682a86704dd55231e09"; consider using a image tagged with specific version along with digest eg. abc.io/img:v1@sha256:abcde
FILE: task/kaniko/0.2/kaniko.yaml
HINT : Task: tekton.dev/v1beta1 - name: "kaniko" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "docker.io/stedolan/jq@sha256:a61ed0bca213081b64be94c5e1b402ea58bc549f457c2682a86704dd55231e09"; consider using a image tagged with specific version along with digest eg. abc.io/img:v1@sha256:abcde
FILE: task/kaniko/0.3/kaniko.yaml
HINT : Task: tekton.dev/v1beta1 - name: "kaniko" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "docker.io/stedolan/jq@sha256:a61ed0bca213081b64be94c5e1b402ea58bc549f457c2682a86704dd55231e09"; consider using a image tagged with specific version along with digest eg. abc.io/img:v1@sha256:abcde
FILE: task/kaniko/0.4/kaniko.yaml
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.JQ_IMAGE)" that contains variables; skipping validation
FILE: task/kaniko/0.5/kaniko.yaml
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/ko/0.1/ko.yaml
WARN : Step "build" uses image "$(params.ko-image)" that contains variables; skipping validation
FILE: task/pylint/0.2/pylint.yaml
WARN : Step "pylint" uses image "$(params.image)" that contains variables; skipping validation
FILE: task/pylint/0.3/pylint.yaml
WARN : Step "pylint" uses image "$(params.image)" that contains variables; skipping validation
FILE: task/pytest/0.2/pytest.yaml
WARN : Step "unit-test" uses image "$(params.PYTHON_IMAGE)" that contains variables; skipping validation
FILE: task/s2i/0.2/s2i.yaml
HINT : Task: tekton.dev/v1beta1 - name: "s2i" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" references "$(params.TLSVERIFY)" directly from its script block. For reliability and security, consider putting the param into an environment variable of the Step and accessing that environment variable in your script instead.
WARN : Step "push" references "$(params.TLSVERIFY)" directly from its script block. For reliability and security, consider putting the param into an environment variable of the Step and accessing that environment variable in your script instead.
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/s2i/0.3/s2i.yaml
HINT : Task: tekton.dev/v1beta1 - name: "s2i" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" references "$(params.TLSVERIFY)" directly from its script block. For reliability and security, consider putting the param into an environment variable of the Step and accessing that environment variable in your script instead.
FILE: task/trivy-scanner/0.2/trivy-scanner.yaml
WARN : Step "trivy-scan" uses image "$(params.TRIVY_IMAGE)" that contains variables; skipping validation
FILE: task/yq/0.4/yq.yaml
WARN : Step "yq-script" uses image "$(params.image)" that contains variables; skipping validation
Catlin script lint Output
WARN : step: ansible-runner is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s bash] failed:

In blue-green-deploy-change-deployment line 4:
[[ "$(workspaces.manifest-dir.bound)" == "true" ]] && cd $(workspaces.manifest-dir.path)
                                                      ^-- SC2164: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
                                                         ^-----------------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
[[ "$(workspaces.manifest-dir.bound)" == "true" ]] && cd $(workspaces.manifest-dir.path) || exit


In blue-green-deploy-change-deployment line 7:
  export KUBECONFIG=$(workspaces.kubeconfig-dir.path)/kubeconfig
         ^--------^ SC2155: Declare and assign separately to avoid masking return values.


In blue-green-deploy-change-deployment line 12:
  kubectl -n $(params.NAMESPACE) get deploy "$deploy_name" \
             ^-----------------^ SC2046: Quote this to prevent word splitting.


In blue-green-deploy-change-deployment line 20:
  kubectl -n $(params.NAMESPACE) get deploy "$deploy_name" \
             ^-----------------^ SC2046: Quote this to prevent word splitting.


In blue-green-deploy-change-deployment line 21:
    -o jsonpath='{range .status.conditions['$index']}{.status}{"\n"}{end}'
                                            ^----^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    -o jsonpath='{range .status.conditions['"$index"']}{.status}{"\n"}{end}'


In blue-green-deploy-change-deployment line 28:
  local replicasUnavailable=$(kubectl -n $(params.NAMESPACE) get deploy "$deploy_name" -o jsonpath='{.status.unavailableReplicas}')
        ^-----------------^ SC2155: Declare and assign separately to avoid masking return values.
                                         ^-----------------^ SC2046: Quote this to prevent word splitting.


In blue-green-deploy-change-deployment line 35:
  for reason in $(getReasons $deploy_name); do
                             ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  for reason in $(getReasons "$deploy_name"); do


In blue-green-deploy-change-deployment line 37:
      local ready=$(getStatusAtIndex $deploy_name ${INDEX})
            ^---^ SC2155: Declare and assign separately to avoid masking return values.
                                     ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
      local ready=$(getStatusAtIndex "$deploy_name" ${INDEX})


In blue-green-deploy-change-deployment line 48:
  for reason in $(getReasons $deploy_name); do
                             ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  for reason in $(getReasons "$deploy_name"); do


In blue-green-deploy-change-deployment line 50:
      local status=$(getStatusAtIndex $deploy_name ${INDEX})
            ^----^ SC2155: Declare and assign separately to avoid masking return values.
                                      ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
      local status=$(getStatusAtIndex "$deploy_name" ${INDEX})


In blue-green-deploy-change-deployment line 59:
  kubectl -n $(params.NAMESPACE) patch svc ${service} \
             ^-----------------^ SC2046: Quote this to prevent word splitting.
                                           ^--------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  kubectl -n $(params.NAMESPACE) patch svc "${service}" \


In blue-green-deploy-change-deployment line 64:
  local deploy_name=$(params.SERVICE_NAME)-$(params.NEW_VERSION)
        ^---------^ SC2155: Declare and assign separately to avoid masking return values.


In blue-green-deploy-change-deployment line 65:
  local service=$(params.SERVICE_NAME)
        ^-----^ SC2155: Declare and assign separately to avoid masking return values.


In blue-green-deploy-change-deployment line 66:
  local version=$(params.NEW_VERSION)
        ^-----^ SC2155: Declare and assign separately to avoid masking return values.


In blue-green-deploy-change-deployment line 68:
  kubectl -n $(params.NAMESPACE) apply -f $(params.MANIFEST)
             ^-----------------^ SC2046: Quote this to prevent word splitting.
                                          ^----------------^ SC2046: Quote this to prevent word splitting.


In blue-green-deploy-change-deployment line 75:
    getMinimumReplicaStatus ${deploy_name}
                            ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    getMinimumReplicaStatus "${deploy_name}"


In blue-green-deploy-change-deployment line 76:
    [[ $? -eq 0 ]] && break
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 77:
    checkProgressDeadline ${deploy_name}
                          ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    checkProgressDeadline "${deploy_name}"


In blue-green-deploy-change-deployment line 78:
    [[ $? -eq 0 ]] && break
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 83:
  checkProgressDeadline ${deploy_name}
                        ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  checkProgressDeadline "${deploy_name}"


In blue-green-deploy-change-deployment line 84:
  if [[ $? -eq 0 ]]; then
        ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 85:
    echo "Failed to change the service" && break
                                           ^---^ SC2104: In functions, use return instead of break.


In blue-green-deploy-change-deployment line 91:
    checkUnavailableReplicas ${deploy_name}
                             ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    checkUnavailableReplicas "${deploy_name}"


In blue-green-deploy-change-deployment line 92:
    [[ $? -eq 0 ]] && break
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 93:
    checkProgressDeadline ${deploy_name}
                          ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    checkProgressDeadline "${deploy_name}"


In blue-green-deploy-change-deployment line 94:
    [[ $? -eq 0 ]] && break
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 100:
  checkProgressDeadline ${deploy_name}
                        ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  checkProgressDeadline "${deploy_name}"


In blue-green-deploy-change-deployment line 101:
  if [[ $? -eq 0 ]]; then
        ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 104:
    switchService ${service} ${version}
                  ^--------^ SC2086: Double quote to prevent globbing and word splitting.
                             ^--------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    switchService "${service}" "${version}"


In blue-green-deploy-change-deployment line 105:
    [[ $? -eq 0 ]] && echo "Done." || exit 1
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.

For more information:
  https://www.shellcheck.net/wiki/SC2104 -- In functions, use return instead ...
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2155 -- Declare and assign separately to ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In boskos-acquire-boskosctl-acquire line 3:
  --server-url=$(params.server-url) \
               ^------------------^ SC2046: Quote this to prevent word splitting.


In boskos-acquire-boskosctl-acquire line 4:
  --owner-name=$(params.owner-name) \
               ^------------------^ SC2046: Quote this to prevent word splitting.


In boskos-acquire-boskosctl-acquire line 5:
  --type=$(params.type) \
         ^------------^ SC2046: Quote this to prevent word splitting.


In boskos-acquire-boskosctl-acquire line 8:
echo $RESOURCE > /workspace/full-resource-output.json
     ^-------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
echo "$RESOURCE" > /workspace/full-resource-output.json


In boskos-acquire-boskosctl-acquire line 9:
echo $RESOURCE | jq -rj ".name" > $(results.leased-resource.path)
     ^-------^ SC2086: Double quote to prevent globbing and word splitting.
                                  ^-----------------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
echo "$RESOURCE" | jq -rj ".name" > $(results.leased-resource.path)

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In boskos-acquire-create-heartbeat-pod-yaml line 3:
LEASED_RESOURCE=$(cat $(results.leased-resource.path))
                      ^-----------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-build line 2:
buildah --storage-driver=$(params.STORAGE_DRIVER) bud \
                         ^----------------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 3:
  $(params.BUILD_EXTRA_ARGS) --format=$(params.FORMAT) \
  ^------------------------^ SC2046: Quote this to prevent word splitting.
                                      ^--------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 4:
  --tls-verify=$(params.TLSVERIFY) --no-cache \
               ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 5:
  -f $(params.DOCKERFILE) -t $(params.IMAGE) $(params.CONTEXT)
     ^------------------^ SC2046: Quote this to prevent word splitting.
                             ^-------------^ SC2046: Quote this to prevent word splitting.
                                             ^---------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-push line 2:
buildah --storage-driver=$(params.STORAGE_DRIVER) push \
                         ^----------------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 3:
  $(params.PUSH_EXTRA_ARGS) --tls-verify=$(params.TLSVERIFY) \
  ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                         ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 4:
  --digestfile $(workspaces.source.path)/image-digest $(params.IMAGE) \
               ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                                      ^-------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 5:
  docker://$(params.IMAGE)
           ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-digest-to-results line 2:
cat $(workspaces.source.path)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-build line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-build line 3:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) bud \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) bud \


In buildah-build line 4:
  $(params.BUILD_EXTRA_ARGS) --format=$(params.FORMAT) \
  ^------------------------^ SC2046: Quote this to prevent word splitting.
                                      ^--------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 5:
  --tls-verify=$(params.TLSVERIFY) --no-cache \
               ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 6:
  -f $(params.DOCKERFILE) -t $(params.IMAGE) $(params.CONTEXT)
     ^------------------^ SC2046: Quote this to prevent word splitting.
                             ^-------------^ SC2046: Quote this to prevent word splitting.
                                             ^---------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-push line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-push line 3:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) push \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) push \


In buildah-push line 4:
  $(params.PUSH_EXTRA_ARGS) --tls-verify=$(params.TLSVERIFY) \
  ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                         ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 5:
  --digestfile $(workspaces.source.path)/image-digest $(params.IMAGE) \
               ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                                      ^-------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 6:
  docker://$(params.IMAGE)
           ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-digest-to-results line 2:
cat $(workspaces.source.path)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-build line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-build line 3:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) bud \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) bud \


In buildah-build line 4:
  $(params.BUILD_EXTRA_ARGS) --format=$(params.FORMAT) \
  ^------------------------^ SC2046: Quote this to prevent word splitting.
                                      ^--------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 5:
  --tls-verify=$(params.TLSVERIFY) --no-cache \
               ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 6:
  -f $(params.DOCKERFILE) -t $(params.IMAGE) $(params.CONTEXT)
     ^------------------^ SC2046: Quote this to prevent word splitting.
                             ^-------------^ SC2046: Quote this to prevent word splitting.
                                             ^---------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-push line 2:
[[ "$(params.SKIP_PUSH)" == "true" ]] && echo "Push skipped" && exit 0
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-push line 3:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-push line 4:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) push \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) push \


In buildah-push line 5:
  $(params.PUSH_EXTRA_ARGS) --tls-verify=$(params.TLSVERIFY) \
  ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                         ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 6:
  --digestfile $(workspaces.source.path)/image-digest $(params.IMAGE) \
               ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                                      ^-------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 7:
  docker://$(params.IMAGE)
           ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-digest-to-results line 2:
cat $(workspaces.source.path)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-build line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-build line 3:
[[ "$(workspaces.dockerconfig.bound)" == "true" ]] && export DOCKER_CONFIG="$(workspaces.dockerconfig.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.
                                                             ^-----------^ SC2155: Declare and assign separately to avoid masking return values.


In buildah-build line 4:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) bud \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) bud \


In buildah-build line 5:
  $(params.BUILD_EXTRA_ARGS) --format=$(params.FORMAT) \
  ^------------------------^ SC2046: Quote this to prevent word splitting.
                                      ^--------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 6:
  --tls-verify=$(params.TLSVERIFY) --no-cache \
               ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 7:
  -f $(params.DOCKERFILE) -t $(params.IMAGE) $(params.CONTEXT)
     ^------------------^ SC2046: Quote this to prevent word splitting.
                             ^-------------^ SC2046: Quote this to prevent word splitting.
                                             ^---------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 8:
[[ "$(params.SKIP_PUSH)" == "true" ]] && echo "Push skipped" && exit 0
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-build line 9:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) push \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) push \


In buildah-build line 10:
  $(params.PUSH_EXTRA_ARGS) --tls-verify=$(params.TLSVERIFY) \
  ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                         ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 11:
  --digestfile /tmp/image-digest $(params.IMAGE) \
                                 ^-------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 12:
  docker://$(params.IMAGE)
           ^-------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 13:
cat /tmp/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^---------------^ SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                            ^--------------------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 14:
echo -n "$(params.IMAGE)" | tee $(results.IMAGE_URL.path)
     ^-- SC3037: In POSIX sh, echo flags are undefined.
                                ^-----------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2155 -- Declare and assign separately to ...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In git-rebase-rebase line 10:
  git reset --soft HEAD~$(params.SQUASH_COUNT)
                        ^--------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 17:
git ls-remote --exit-code $(params.PULL_REMOTE_NAME)
                          ^------------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 21:
  git remote add $(params.PULL_REMOTE_NAME) $(params.PULL_REMOTE_URL)
                 ^------------------------^ SC2046: Quote this to prevent word splitting.
                                            ^-----------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 25:
git pull --rebase $(params.PULL_REMOTE_NAME) $(params.PULL_BRANCH_NAME)
                  ^------------------------^ SC2046: Quote this to prevent word splitting.
                                             ^------------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 28:
git ls-remote --exit-code $(params.PUSH_REMOTE_NAME)
                          ^------------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 32:
  git remote add $(params.PUSH_REMOTE_NAME) $(params.PUSH_REMOTE_URL)
                 ^------------------------^ SC2046: Quote this to prevent word splitting.
                                            ^-----------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 36:
git push $(params.PUSH_REMOTE_NAME) $(params.PUSH_BRANCH_NAME) -f
         ^------------------------^ SC2046: Quote this to prevent word splitting.
                                    ^------------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 41:
echo -n "$RESULT_SHA" > $(results.commit.path)
     ^-- SC3037: In POSIX sh, echo flags are undefined.
                        ^--------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3037 -- In POSIX sh, echo flags are undef...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In gke-cluster-create-gcloud line 6:
gcloud auth activate-service-account --key-file=$(workspaces.gcp-service-account.path)/$(params.private-key-path)
                                                ^-- SC2046: Quote this to prevent word splitting.
                                                                                       ^------------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 9:
gcloud compute networks create $UNIQUE_NAME --project $(params.project-name) --subnet-mode=auto
                               ^----------^ SC2086: Double quote to prevent globbing and word splitting.
                                                      ^--------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
gcloud compute networks create "$UNIQUE_NAME" --project $(params.project-name) --subnet-mode=auto


In gke-cluster-create-gcloud line 16:
  --project=$(params.project-name) \
            ^--------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 17:
  --cluster-version=$(params.cluster-version) \
                    ^-----------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 18:
  --min-nodes=$(params.min-nodes) \
              ^-----------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 19:
  --max-nodes=$(params.max-nodes) \
              ^-----------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 20:
  --region=$(params.region) \
           ^--------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 21:
  --machine-type=$(params.machine-type) \
                 ^--------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 22:
  --image-type=$(params.image-type) \
               ^------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 24:
  --network=$UNIQUE_NAME\
            ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --network="$UNIQUE_NAME"\


In gke-cluster-create-gcloud line 25:
  $UNIQUE_NAME
  ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  "$UNIQUE_NAME"


In gke-cluster-create-gcloud line 29:
  --project=$(params.project-name) \
            ^--------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 30:
  --region=$(params.region) \
           ^--------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 31:
  $UNIQUE_NAME
  ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  "$UNIQUE_NAME"


In gke-cluster-create-gcloud line 35:
  --project=$(params.project-name) \
            ^--------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 36:
  --filter=metadata.cluster-name=$UNIQUE_NAME \
                                 ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --filter=metadata.cluster-name="$UNIQUE_NAME" \


In gke-cluster-create-gcloud line 42:
gcloud compute firewall-rules create ports-$UNIQUE_STR \
                                           ^---------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
gcloud compute firewall-rules create ports-"$UNIQUE_STR" \


In gke-cluster-create-gcloud line 43:
  --project=$(params.project-name) \
            ^--------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 44:
  --network=$UNIQUE_NAME \
            ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --network="$UNIQUE_NAME" \


In gke-cluster-create-gcloud line 46:
  --target-tags=$INSTANCE_TAG
                ^-----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --target-tags="$INSTANCE_TAG"


In gke-cluster-create-gcloud line 48:
printf $UNIQUE_NAME > $(results.cluster-name.path)
       ^----------^ SC2059: Don't use variables in the printf format string. Use printf '..%s..' "$foo".
       ^----------^ SC2086: Double quote to prevent globbing and word splitting.
                      ^--------------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
printf "$UNIQUE_NAME" > $(results.cluster-name.path)

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2059 -- Don't use variables in the printf...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

WARN : step: jib-gradle is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-gradle-build-and-push line 15:
      }" > $HOME/init-script.gradle
           ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
      }" > "$HOME"/init-script.gradle


In jib-gradle-build-and-push line 20:
  --init-script=$HOME/init-script.gradle \
                ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --init-script="$HOME"/init-script.gradle \


In jib-gradle-build-and-push line 21:
  --gradle-user-home=$HOME/.gradle \
                     ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --gradle-user-home="$HOME"/.gradle \


In jib-gradle-build-and-push line 22:
  -Dgradle.user.home=$HOME/.gradle \
                     ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Dgradle.user.home="$HOME"/.gradle \


In jib-gradle-build-and-push line 23:
  -Duser.home=$HOME \
              ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Duser.home="$HOME" \


In jib-gradle-build-and-push line 24:
  -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \
                                ^------------------------^ SC2046: Quote this to prevent word splitting.


In jib-gradle-build-and-push line 25:
  -Djib.to.image=$(params.IMAGE) \
                 ^-------------^ SC2046: Quote this to prevent word splitting.


In jib-gradle-build-and-push line 26:
  -Djib.outputPaths.digest=$(workspaces.source.path)/$(params.DIRECTORY)/image-digest
                           ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                                     ^-----------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-gradle-digest-to-results line 2:
cat $(workspaces.source.path)/$(params.DIRECTORY)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                              ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                     ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

WARN : step: jib-gradle is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-gradle-build-and-push line 27:
  $(params.EXTRA_ARGS)
  ^------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-gradle-digest-to-results line 2:
cat $(workspaces.source.path)/$(params.DIRECTORY)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                              ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                     ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

WARN : step: jib-maven is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-maven-build-and-push line 3:
  -Duser.home=$HOME \
              ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Duser.home="$HOME" \


In jib-maven-build-and-push line 4:
  -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \
                                ^------------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 5:
  -Djib.to.image=$(params.IMAGE) \
                 ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-maven-digest-to-results line 2:
cat $(workspaces.source.path)/target/jib-image.digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                            ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

WARN : step: jib-maven is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s bash] failed:

In jib-maven-build-and-push line 4:
keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass "changeit" -file /etc/ssl/certs/$(params.CACERTFILE) -noprompt
                          ^--------^ SC2086: Double quote to prevent globbing and word splitting.
                                                                                                     ^------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
keytool -import -keystore "$JAVA_HOME"/lib/security/cacerts -storepass "changeit" -file /etc/ssl/certs/$(params.CACERTFILE) -noprompt


In jib-maven-build-and-push line 7:
  -Duser.home=$HOME \
              ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Duser.home="$HOME" \


In jib-maven-build-and-push line 8:
  -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \
                                ^------------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 9:
  -Djib.to.image=$(params.IMAGE) \
                 ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-maven-digest-to-results line 2:
cat $(workspaces.source.path)/target/jib-image.digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                            ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

WARN : step: jib-maven is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s bash] failed:

In jib-maven-build-and-push line 4:
keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass "changeit" -file /tekton-custom-certs/$(params.CACERTFILE) -noprompt
                          ^--------^ SC2086: Double quote to prevent globbing and word splitting.
                                                                                                           ^------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
keytool -import -keystore "$JAVA_HOME"/lib/security/cacerts -storepass "changeit" -file /tekton-custom-certs/$(params.CACERTFILE) -noprompt


In jib-maven-build-and-push line 7:
  -Duser.home=$HOME \
              ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Duser.home="$HOME" \


In jib-maven-build-and-push line 8:
  -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \
                                ^------------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 9:
  -Djib.to.image=$(params.IMAGE) \
                 ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-maven-digest-to-results line 2:
cat $(workspaces.source.path)/$(params.DIRECTORY)/target/jib-image.digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                              ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                                ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

WARN : step: jib-maven is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s bash] failed:

In jib-maven-build-and-push line 5:
  rm $(workspaces.source.path)/truststore.jks
     ^-----------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 12:
  keytool -importkeystore -srckeystore $JAVA_HOME/lib/security/cacerts -srcstoretype JKS -destkeystore $(workspaces.source.path)/truststore.jks -storepass "changeit" -srcstorepass "changeit" > /tmp/logs 2>&1
                                       ^--------^ SC2086: Double quote to prevent globbing and word splitting.
                                                                                                       ^-----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
  keytool -importkeystore -srckeystore "$JAVA_HOME"/lib/security/cacerts -srcstoretype JKS -destkeystore $(workspaces.source.path)/truststore.jks -storepass "changeit" -srcstorepass "changeit" > /tmp/logs 2>&1


In jib-maven-build-and-push line 13:
  if [ $? -ne 0 ]; then
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In jib-maven-build-and-push line 18:
  keytool -import -keystore $(workspaces.source.path)/truststore.jks -storepass "changeit" -file /tekton-custom-certs/$(params.CACERTFILE) -noprompt
                            ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                                                                                                      ^------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 26:
  -Duser.home=$HOME \
              ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Duser.home="$HOME" \


In jib-maven-build-and-push line 27:
  -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \
                                ^------------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 28:
  -Djib.to.image=$(params.IMAGE) \
                 ^-------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 29:
  $certParams \
  ^---------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  "$certParams" \

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...
  https://www.shellcheck.net/wiki/SC2181 -- Check exit code directly with e.g...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-maven-digest-to-results line 2:
cat $(workspaces.source.path)/$(params.DIRECTORY)/target/jib-image.digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                              ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                                ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In kaniko-digest-to-results line 2:
cat $(params.CONTEXT)/image-digested | jq '.[0].value' -rj | tee $(results.IMAGE-DIGEST.path)
    ^---------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In kaniko-digest-to-results line 2:
cat $(params.CONTEXT)/image-digested | jq '.[0].value' -rj | tee $(results.IMAGE-DIGEST.path)
    ^---------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In kaniko-digest-to-results line 2:
cat $(params.CONTEXT)/image-digested | jq '.[0].value' -rj | tee $(results.IMAGE-DIGEST.path)
    ^---------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In kaniko-digest-to-results line 2:
cat $(params.CONTEXT)/image-digested | jq '.[0].value' -rj | tee $(results.IMAGE-DIGEST.path)
    ^---------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In pylint-pylint line 5:
    python -mpip install --user -r $(params.requirements_file)
                                   ^-------------------------^ SC2046: Quote this to prevent word splitting.


In pylint-pylint line 7:
pylint $@ $(params.path)
       ^-- SC2068: Double quote array expansions to avoid re-splitting elements.
          ^------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ...
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In pylint-pylint line 11:
pylint $@ "$(params.path)"
       ^-- SC2068: Double quote array expansions to avoid re-splitting elements.

For more information:
  https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In s2i-build line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In s2i-build line 3:
buildah ${CERT_DIR_FLAG} bud --tls-verify=$(params.TLSVERIFY) --layers \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^-----------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" bud --tls-verify=$(params.TLSVERIFY) --layers \


In s2i-build line 4:
-f /gen-source/Dockerfile.gen -t $(params.IMAGE_NAME) .
                                 ^------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In s2i-push line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In s2i-push line 3:
buildah ${CERT_DIR_FLAG} push --tls-verify=$(params.TLSVERIFY) --digestfile $(workspaces.source.path)/image-digest \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                           ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                            ^-----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" push --tls-verify=$(params.TLSVERIFY) --digestfile $(workspaces.source.path)/image-digest \


In s2i-push line 4:
$(params.IMAGE_NAME) docker://$(params.IMAGE_NAME)
^------------------^ SC2046: Quote this to prevent word splitting.
                              ^------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In s2i-digest-to-results line 2:
cat $(workspaces.source.path)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In s2i-build line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In s2i-build line 3:
buildah ${CERT_DIR_FLAG} bud --tls-verify=$(params.TLSVERIFY) --layers \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^-----------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" bud --tls-verify=$(params.TLSVERIFY) --layers \


In s2i-build line 4:
  -f /gen-source/Dockerfile.gen -t $(params.IMAGE) .
                                   ^-------------^ SC2046: Quote this to prevent word splitting.


In s2i-build line 5:
[[ "$(workspaces.dockerconfig.bound)" == "true" ]] && export DOCKER_CONFIG="$(workspaces.dockerconfig.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.
                                                             ^-----------^ SC2155: Declare and assign separately to avoid masking return values.


In s2i-build line 6:
buildah ${CERT_DIR_FLAG} push --tls-verify=$(params.TLSVERIFY) --digestfile $(workspaces.source.path)/image-digest \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                           ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                            ^-----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" push --tls-verify=$(params.TLSVERIFY) --digestfile $(workspaces.source.path)/image-digest \


In s2i-build line 7:
  $(params.IMAGE) docker://$(params.IMAGE)
  ^-------------^ SC2046: Quote this to prevent word splitting.
                           ^-------------^ SC2046: Quote this to prevent word splitting.


In s2i-build line 8:
cat $(workspaces.source.path)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2155 -- Declare and assign separately to ...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In trivy-scanner-trivy-scan line 6:
    trivy --cache-dir $TRIVY_TEMP_DIR image --download-db-only
                      ^-------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    trivy --cache-dir "$TRIVY_TEMP_DIR" image --download-db-only


In trivy-scanner-trivy-scan line 7:
    tar -cf ./db.tar.gz -C $TRIVY_TEMP_DIR/db metadata.json trivy.db
                           ^-------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    tar -cf ./db.tar.gz -C "$TRIVY_TEMP_DIR"/db metadata.json trivy.db


In trivy-scanner-trivy-scan line 8:
    rm -rf $TRIVY_TEMP_DIR
           ^-------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    rm -rf "$TRIVY_TEMP_DIR"


In trivy-scanner-trivy-scan line 9:
    mkdir -p $HOME/.cache/trivy/db
             ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    mkdir -p "$HOME"/.cache/trivy/db


In trivy-scanner-trivy-scan line 10:
    tar xvf ./db.tar.gz -C $HOME/.cache/trivy/db
                           ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    tar xvf ./db.tar.gz -C "$HOME"/.cache/trivy/db


In trivy-scanner-trivy-scan line 11:
    cmd+="--skip-update "
    ^-^ SC3024: In POSIX sh, += is undefined.


In trivy-scanner-trivy-scan line 13:
  cmd+="$(params.IMAGE_PATH)"
  ^-^ SC3024: In POSIX sh, += is undefined.

For more information:
  https://www.shellcheck.net/wiki/SC3024 -- In POSIX sh, += is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

@tekton-robot
Copy link

Catlin Output
FILE: task/42crunch-api-security-audit/0.1/42crunch-api-security-audit.yaml
FILE: task/42crunch-api-security-audit/0.2/42crunch-api-security-audit.yaml
FILE: task/ansible-runner/0.2/ansible-runner.yaml
WARN : Step "requirements" uses image "$(params.image)" that contains variables; skipping validation
WARN : Step "run-playbook" uses image "$(params.image)" that contains variables; skipping validation
FILE: task/blue-green-deploy/0.2/blue-green-deploy.yaml
WARN : Step "change-deployment" uses image "$(params.IMAGE)" that contains variables; skipping validation
FILE: task/boskos-acquire/0.1/boskos-acquire.yaml
HINT : Task: tekton.dev/v1beta1 - name: "boskos-acquire" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "boskosctl-acquire" uses image "gcr.io/k8s-staging-boskos/boskosctl@sha256:a7fc984732c5dd0b4e0fe0a92e2730fa4b6bddecd0f6f6c7c6b5501abe4ab105"; consider using a image tagged with specific version along with digest eg. abc.io/img:v1@sha256:abcde
WARN : Step "create-heartbeat-pod-yaml" uses image "docker.io/lachlanevenson/k8s-kubectl@sha256:3a5e22a406a109f4f26ec06b5f1f6a66ae0cd0e185bc28499eb7b7a3bbf1fe09"; consider using a image tagged with specific version along with digest eg. abc.io/img:v1@sha256:abcde
FILE: task/buildah/0.1/buildah.yaml
HINT : Task: tekton.dev/v1beta1 - name: "buildah" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/buildah/0.2/buildah.yaml
HINT : Task: tekton.dev/v1beta1 - name: "buildah" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/buildah/0.3/buildah.yaml
HINT : Task: tekton.dev/v1beta1 - name: "buildah" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/buildah/0.5/buildah.yaml
HINT : Task: tekton.dev/v1beta1 - name: "buildah" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/buildpacks/0.6/buildpacks.yaml
WARN : Step "create" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/git-cli/0.4/git-cli.yaml
WARN : Step "git" uses image "$(params.BASE_IMAGE)" that contains variables; skipping validation
FILE: task/git-clone/0.9/git-clone.yaml
WARN : Step "clone" uses image "$(params.gitInitImage)" that contains variables; skipping validation
FILE: task/git-rebase/0.1/git-rebase.yaml
FILE: task/gke-cluster-create/0.1/gke-cluster-create.yaml
FILE: task/gogit/0.1/gogit.yaml
HINT : Task: tekton.dev/v1beta1 - name: "gogit" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "gogit" uses image "$(params.gogit-image)" that contains variables; skipping validation
FILE: task/gradle/0.3/gradle.yaml
WARN : Step "gradle-tasks" uses image "$(params.GRADLE_IMAGE)" that contains variables; skipping validation
FILE: task/jib-gradle/0.2/jib-gradle.yaml
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/jib-gradle/0.3/jib-gradle.yaml
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/jib-maven/0.2/jib-maven.yaml
WARN : Step "build-and-push" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
FILE: task/jib-maven/0.3/jib-maven.yaml
WARN : Step "build-and-push" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
FILE: task/jib-maven/0.4/jib-maven.yaml
WARN : Step "build-and-push" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
FILE: task/jib-maven/0.5/jib-maven.yaml
WARN : Step "build-and-push" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.MAVEN_IMAGE)" that contains variables; skipping validation
FILE: task/kaniko/0.1/kaniko.yaml
HINT : Task: tekton.dev/v1beta1 - name: "kaniko" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "docker.io/stedolan/jq@sha256:a61ed0bca213081b64be94c5e1b402ea58bc549f457c2682a86704dd55231e09"; consider using a image tagged with specific version along with digest eg. abc.io/img:v1@sha256:abcde
FILE: task/kaniko/0.2/kaniko.yaml
HINT : Task: tekton.dev/v1beta1 - name: "kaniko" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "docker.io/stedolan/jq@sha256:a61ed0bca213081b64be94c5e1b402ea58bc549f457c2682a86704dd55231e09"; consider using a image tagged with specific version along with digest eg. abc.io/img:v1@sha256:abcde
FILE: task/kaniko/0.3/kaniko.yaml
HINT : Task: tekton.dev/v1beta1 - name: "kaniko" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "docker.io/stedolan/jq@sha256:a61ed0bca213081b64be94c5e1b402ea58bc549f457c2682a86704dd55231e09"; consider using a image tagged with specific version along with digest eg. abc.io/img:v1@sha256:abcde
FILE: task/kaniko/0.4/kaniko.yaml
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
WARN : Step "digest-to-results" uses image "$(params.JQ_IMAGE)" that contains variables; skipping validation
FILE: task/kaniko/0.5/kaniko.yaml
WARN : Step "build-and-push" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/ko/0.1/ko.yaml
WARN : Step "build" uses image "$(params.ko-image)" that contains variables; skipping validation
FILE: task/pylint/0.2/pylint.yaml
WARN : Step "pylint" uses image "$(params.image)" that contains variables; skipping validation
FILE: task/pylint/0.3/pylint.yaml
WARN : Step "pylint" uses image "$(params.image)" that contains variables; skipping validation
FILE: task/pytest/0.2/pytest.yaml
WARN : Step "unit-test" uses image "$(params.PYTHON_IMAGE)" that contains variables; skipping validation
FILE: task/s2i/0.2/s2i.yaml
HINT : Task: tekton.dev/v1beta1 - name: "s2i" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" references "$(params.TLSVERIFY)" directly from its script block. For reliability and security, consider putting the param into an environment variable of the Step and accessing that environment variable in your script instead.
WARN : Step "push" references "$(params.TLSVERIFY)" directly from its script block. For reliability and security, consider putting the param into an environment variable of the Step and accessing that environment variable in your script instead.
WARN : Step "digest-to-results" uses image "$(params.BUILDER_IMAGE)" that contains variables; skipping validation
FILE: task/s2i/0.3/s2i.yaml
HINT : Task: tekton.dev/v1beta1 - name: "s2i" is missing a readable display name annotation("tekton.dev/displayName")
WARN : Step "build" references "$(params.TLSVERIFY)" directly from its script block. For reliability and security, consider putting the param into an environment variable of the Step and accessing that environment variable in your script instead.
FILE: task/trivy-scanner/0.2/trivy-scanner.yaml
WARN : Step "trivy-scan" uses image "$(params.TRIVY_IMAGE)" that contains variables; skipping validation
FILE: task/yq/0.4/yq.yaml
WARN : Step "yq-script" uses image "$(params.image)" that contains variables; skipping validation
Catlin script lint Output
WARN : step: ansible-runner is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s bash] failed:

In blue-green-deploy-change-deployment line 4:
[[ "$(workspaces.manifest-dir.bound)" == "true" ]] && cd $(workspaces.manifest-dir.path)
                                                      ^-- SC2164: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
                                                         ^-----------------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
[[ "$(workspaces.manifest-dir.bound)" == "true" ]] && cd $(workspaces.manifest-dir.path) || exit


In blue-green-deploy-change-deployment line 7:
  export KUBECONFIG=$(workspaces.kubeconfig-dir.path)/kubeconfig
         ^--------^ SC2155: Declare and assign separately to avoid masking return values.


In blue-green-deploy-change-deployment line 12:
  kubectl -n $(params.NAMESPACE) get deploy "$deploy_name" \
             ^-----------------^ SC2046: Quote this to prevent word splitting.


In blue-green-deploy-change-deployment line 20:
  kubectl -n $(params.NAMESPACE) get deploy "$deploy_name" \
             ^-----------------^ SC2046: Quote this to prevent word splitting.


In blue-green-deploy-change-deployment line 21:
    -o jsonpath='{range .status.conditions['$index']}{.status}{"\n"}{end}'
                                            ^----^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    -o jsonpath='{range .status.conditions['"$index"']}{.status}{"\n"}{end}'


In blue-green-deploy-change-deployment line 28:
  local replicasUnavailable=$(kubectl -n $(params.NAMESPACE) get deploy "$deploy_name" -o jsonpath='{.status.unavailableReplicas}')
        ^-----------------^ SC2155: Declare and assign separately to avoid masking return values.
                                         ^-----------------^ SC2046: Quote this to prevent word splitting.


In blue-green-deploy-change-deployment line 35:
  for reason in $(getReasons $deploy_name); do
                             ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  for reason in $(getReasons "$deploy_name"); do


In blue-green-deploy-change-deployment line 37:
      local ready=$(getStatusAtIndex $deploy_name ${INDEX})
            ^---^ SC2155: Declare and assign separately to avoid masking return values.
                                     ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
      local ready=$(getStatusAtIndex "$deploy_name" ${INDEX})


In blue-green-deploy-change-deployment line 48:
  for reason in $(getReasons $deploy_name); do
                             ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  for reason in $(getReasons "$deploy_name"); do


In blue-green-deploy-change-deployment line 50:
      local status=$(getStatusAtIndex $deploy_name ${INDEX})
            ^----^ SC2155: Declare and assign separately to avoid masking return values.
                                      ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
      local status=$(getStatusAtIndex "$deploy_name" ${INDEX})


In blue-green-deploy-change-deployment line 59:
  kubectl -n $(params.NAMESPACE) patch svc ${service} \
             ^-----------------^ SC2046: Quote this to prevent word splitting.
                                           ^--------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  kubectl -n $(params.NAMESPACE) patch svc "${service}" \


In blue-green-deploy-change-deployment line 64:
  local deploy_name=$(params.SERVICE_NAME)-$(params.NEW_VERSION)
        ^---------^ SC2155: Declare and assign separately to avoid masking return values.


In blue-green-deploy-change-deployment line 65:
  local service=$(params.SERVICE_NAME)
        ^-----^ SC2155: Declare and assign separately to avoid masking return values.


In blue-green-deploy-change-deployment line 66:
  local version=$(params.NEW_VERSION)
        ^-----^ SC2155: Declare and assign separately to avoid masking return values.


In blue-green-deploy-change-deployment line 68:
  kubectl -n $(params.NAMESPACE) apply -f $(params.MANIFEST)
             ^-----------------^ SC2046: Quote this to prevent word splitting.
                                          ^----------------^ SC2046: Quote this to prevent word splitting.


In blue-green-deploy-change-deployment line 75:
    getMinimumReplicaStatus ${deploy_name}
                            ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    getMinimumReplicaStatus "${deploy_name}"


In blue-green-deploy-change-deployment line 76:
    [[ $? -eq 0 ]] && break
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 77:
    checkProgressDeadline ${deploy_name}
                          ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    checkProgressDeadline "${deploy_name}"


In blue-green-deploy-change-deployment line 78:
    [[ $? -eq 0 ]] && break
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 83:
  checkProgressDeadline ${deploy_name}
                        ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  checkProgressDeadline "${deploy_name}"


In blue-green-deploy-change-deployment line 84:
  if [[ $? -eq 0 ]]; then
        ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 85:
    echo "Failed to change the service" && break
                                           ^---^ SC2104: In functions, use return instead of break.


In blue-green-deploy-change-deployment line 91:
    checkUnavailableReplicas ${deploy_name}
                             ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    checkUnavailableReplicas "${deploy_name}"


In blue-green-deploy-change-deployment line 92:
    [[ $? -eq 0 ]] && break
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 93:
    checkProgressDeadline ${deploy_name}
                          ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    checkProgressDeadline "${deploy_name}"


In blue-green-deploy-change-deployment line 94:
    [[ $? -eq 0 ]] && break
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 100:
  checkProgressDeadline ${deploy_name}
                        ^------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  checkProgressDeadline "${deploy_name}"


In blue-green-deploy-change-deployment line 101:
  if [[ $? -eq 0 ]]; then
        ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In blue-green-deploy-change-deployment line 104:
    switchService ${service} ${version}
                  ^--------^ SC2086: Double quote to prevent globbing and word splitting.
                             ^--------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    switchService "${service}" "${version}"


In blue-green-deploy-change-deployment line 105:
    [[ $? -eq 0 ]] && echo "Done." || exit 1
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.

For more information:
  https://www.shellcheck.net/wiki/SC2104 -- In functions, use return instead ...
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2155 -- Declare and assign separately to ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In boskos-acquire-boskosctl-acquire line 3:
  --server-url=$(params.server-url) \
               ^------------------^ SC2046: Quote this to prevent word splitting.


In boskos-acquire-boskosctl-acquire line 4:
  --owner-name=$(params.owner-name) \
               ^------------------^ SC2046: Quote this to prevent word splitting.


In boskos-acquire-boskosctl-acquire line 5:
  --type=$(params.type) \
         ^------------^ SC2046: Quote this to prevent word splitting.


In boskos-acquire-boskosctl-acquire line 8:
echo $RESOURCE > /workspace/full-resource-output.json
     ^-------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
echo "$RESOURCE" > /workspace/full-resource-output.json


In boskos-acquire-boskosctl-acquire line 9:
echo $RESOURCE | jq -rj ".name" > $(results.leased-resource.path)
     ^-------^ SC2086: Double quote to prevent globbing and word splitting.
                                  ^-----------------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
echo "$RESOURCE" | jq -rj ".name" > $(results.leased-resource.path)

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In boskos-acquire-create-heartbeat-pod-yaml line 3:
LEASED_RESOURCE=$(cat $(results.leased-resource.path))
                      ^-----------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-build line 2:
buildah --storage-driver=$(params.STORAGE_DRIVER) bud \
                         ^----------------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 3:
  $(params.BUILD_EXTRA_ARGS) --format=$(params.FORMAT) \
  ^------------------------^ SC2046: Quote this to prevent word splitting.
                                      ^--------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 4:
  --tls-verify=$(params.TLSVERIFY) --no-cache \
               ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 5:
  -f $(params.DOCKERFILE) -t $(params.IMAGE) $(params.CONTEXT)
     ^------------------^ SC2046: Quote this to prevent word splitting.
                             ^-------------^ SC2046: Quote this to prevent word splitting.
                                             ^---------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-push line 2:
buildah --storage-driver=$(params.STORAGE_DRIVER) push \
                         ^----------------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 3:
  $(params.PUSH_EXTRA_ARGS) --tls-verify=$(params.TLSVERIFY) \
  ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                         ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 4:
  --digestfile $(workspaces.source.path)/image-digest $(params.IMAGE) \
               ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                                      ^-------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 5:
  docker://$(params.IMAGE)
           ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-digest-to-results line 2:
cat $(workspaces.source.path)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-build line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-build line 3:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) bud \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) bud \


In buildah-build line 4:
  $(params.BUILD_EXTRA_ARGS) --format=$(params.FORMAT) \
  ^------------------------^ SC2046: Quote this to prevent word splitting.
                                      ^--------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 5:
  --tls-verify=$(params.TLSVERIFY) --no-cache \
               ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 6:
  -f $(params.DOCKERFILE) -t $(params.IMAGE) $(params.CONTEXT)
     ^------------------^ SC2046: Quote this to prevent word splitting.
                             ^-------------^ SC2046: Quote this to prevent word splitting.
                                             ^---------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-push line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-push line 3:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) push \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) push \


In buildah-push line 4:
  $(params.PUSH_EXTRA_ARGS) --tls-verify=$(params.TLSVERIFY) \
  ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                         ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 5:
  --digestfile $(workspaces.source.path)/image-digest $(params.IMAGE) \
               ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                                      ^-------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 6:
  docker://$(params.IMAGE)
           ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-digest-to-results line 2:
cat $(workspaces.source.path)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-build line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-build line 3:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) bud \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) bud \


In buildah-build line 4:
  $(params.BUILD_EXTRA_ARGS) --format=$(params.FORMAT) \
  ^------------------------^ SC2046: Quote this to prevent word splitting.
                                      ^--------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 5:
  --tls-verify=$(params.TLSVERIFY) --no-cache \
               ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 6:
  -f $(params.DOCKERFILE) -t $(params.IMAGE) $(params.CONTEXT)
     ^------------------^ SC2046: Quote this to prevent word splitting.
                             ^-------------^ SC2046: Quote this to prevent word splitting.
                                             ^---------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-push line 2:
[[ "$(params.SKIP_PUSH)" == "true" ]] && echo "Push skipped" && exit 0
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-push line 3:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-push line 4:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) push \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) push \


In buildah-push line 5:
  $(params.PUSH_EXTRA_ARGS) --tls-verify=$(params.TLSVERIFY) \
  ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                         ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 6:
  --digestfile $(workspaces.source.path)/image-digest $(params.IMAGE) \
               ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                                      ^-------------^ SC2046: Quote this to prevent word splitting.


In buildah-push line 7:
  docker://$(params.IMAGE)
           ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-digest-to-results line 2:
cat $(workspaces.source.path)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In buildah-build line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-build line 3:
[[ "$(workspaces.dockerconfig.bound)" == "true" ]] && export DOCKER_CONFIG="$(workspaces.dockerconfig.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.
                                                             ^-----------^ SC2155: Declare and assign separately to avoid masking return values.


In buildah-build line 4:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) bud \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) bud \


In buildah-build line 5:
  $(params.BUILD_EXTRA_ARGS) --format=$(params.FORMAT) \
  ^------------------------^ SC2046: Quote this to prevent word splitting.
                                      ^--------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 6:
  --tls-verify=$(params.TLSVERIFY) --no-cache \
               ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 7:
  -f $(params.DOCKERFILE) -t $(params.IMAGE) $(params.CONTEXT)
     ^------------------^ SC2046: Quote this to prevent word splitting.
                             ^-------------^ SC2046: Quote this to prevent word splitting.
                                             ^---------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 8:
[[ "$(params.SKIP_PUSH)" == "true" ]] && echo "Push skipped" && exit 0
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In buildah-build line 9:
buildah ${CERT_DIR_FLAG} --storage-driver=$(params.STORAGE_DRIVER) push \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" --storage-driver=$(params.STORAGE_DRIVER) push \


In buildah-build line 10:
  $(params.PUSH_EXTRA_ARGS) --tls-verify=$(params.TLSVERIFY) \
  ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                         ^-----------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 11:
  --digestfile /tmp/image-digest $(params.IMAGE) \
                                 ^-------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 12:
  docker://$(params.IMAGE)
           ^-------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 13:
cat /tmp/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^---------------^ SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                            ^--------------------------^ SC2046: Quote this to prevent word splitting.


In buildah-build line 14:
echo -n "$(params.IMAGE)" | tee $(results.IMAGE_URL.path)
     ^-- SC3037: In POSIX sh, echo flags are undefined.
                                ^-----------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2155 -- Declare and assign separately to ...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In git-rebase-rebase line 10:
  git reset --soft HEAD~$(params.SQUASH_COUNT)
                        ^--------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 17:
git ls-remote --exit-code $(params.PULL_REMOTE_NAME)
                          ^------------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 21:
  git remote add $(params.PULL_REMOTE_NAME) $(params.PULL_REMOTE_URL)
                 ^------------------------^ SC2046: Quote this to prevent word splitting.
                                            ^-----------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 25:
git pull --rebase $(params.PULL_REMOTE_NAME) $(params.PULL_BRANCH_NAME)
                  ^------------------------^ SC2046: Quote this to prevent word splitting.
                                             ^------------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 28:
git ls-remote --exit-code $(params.PUSH_REMOTE_NAME)
                          ^------------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 32:
  git remote add $(params.PUSH_REMOTE_NAME) $(params.PUSH_REMOTE_URL)
                 ^------------------------^ SC2046: Quote this to prevent word splitting.
                                            ^-----------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 36:
git push $(params.PUSH_REMOTE_NAME) $(params.PUSH_BRANCH_NAME) -f
         ^------------------------^ SC2046: Quote this to prevent word splitting.
                                    ^------------------------^ SC2046: Quote this to prevent word splitting.


In git-rebase-rebase line 41:
echo -n "$RESULT_SHA" > $(results.commit.path)
     ^-- SC3037: In POSIX sh, echo flags are undefined.
                        ^--------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3037 -- In POSIX sh, echo flags are undef...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In gke-cluster-create-gcloud line 6:
gcloud auth activate-service-account --key-file=$(workspaces.gcp-service-account.path)/$(params.private-key-path)
                                                ^-- SC2046: Quote this to prevent word splitting.
                                                                                       ^------------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 9:
gcloud compute networks create $UNIQUE_NAME --project $(params.project-name) --subnet-mode=auto
                               ^----------^ SC2086: Double quote to prevent globbing and word splitting.
                                                      ^--------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
gcloud compute networks create "$UNIQUE_NAME" --project $(params.project-name) --subnet-mode=auto


In gke-cluster-create-gcloud line 16:
  --project=$(params.project-name) \
            ^--------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 17:
  --cluster-version=$(params.cluster-version) \
                    ^-----------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 18:
  --min-nodes=$(params.min-nodes) \
              ^-----------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 19:
  --max-nodes=$(params.max-nodes) \
              ^-----------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 20:
  --region=$(params.region) \
           ^--------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 21:
  --machine-type=$(params.machine-type) \
                 ^--------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 22:
  --image-type=$(params.image-type) \
               ^------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 24:
  --network=$UNIQUE_NAME\
            ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --network="$UNIQUE_NAME"\


In gke-cluster-create-gcloud line 25:
  $UNIQUE_NAME
  ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  "$UNIQUE_NAME"


In gke-cluster-create-gcloud line 29:
  --project=$(params.project-name) \
            ^--------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 30:
  --region=$(params.region) \
           ^--------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 31:
  $UNIQUE_NAME
  ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  "$UNIQUE_NAME"


In gke-cluster-create-gcloud line 35:
  --project=$(params.project-name) \
            ^--------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 36:
  --filter=metadata.cluster-name=$UNIQUE_NAME \
                                 ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --filter=metadata.cluster-name="$UNIQUE_NAME" \


In gke-cluster-create-gcloud line 42:
gcloud compute firewall-rules create ports-$UNIQUE_STR \
                                           ^---------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
gcloud compute firewall-rules create ports-"$UNIQUE_STR" \


In gke-cluster-create-gcloud line 43:
  --project=$(params.project-name) \
            ^--------------------^ SC2046: Quote this to prevent word splitting.


In gke-cluster-create-gcloud line 44:
  --network=$UNIQUE_NAME \
            ^----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --network="$UNIQUE_NAME" \


In gke-cluster-create-gcloud line 46:
  --target-tags=$INSTANCE_TAG
                ^-----------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --target-tags="$INSTANCE_TAG"


In gke-cluster-create-gcloud line 48:
printf $UNIQUE_NAME > $(results.cluster-name.path)
       ^----------^ SC2059: Don't use variables in the printf format string. Use printf '..%s..' "$foo".
       ^----------^ SC2086: Double quote to prevent globbing and word splitting.
                      ^--------------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
printf "$UNIQUE_NAME" > $(results.cluster-name.path)

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2059 -- Don't use variables in the printf...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

WARN : step: jib-gradle is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-gradle-build-and-push line 15:
      }" > $HOME/init-script.gradle
           ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
      }" > "$HOME"/init-script.gradle


In jib-gradle-build-and-push line 20:
  --init-script=$HOME/init-script.gradle \
                ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --init-script="$HOME"/init-script.gradle \


In jib-gradle-build-and-push line 21:
  --gradle-user-home=$HOME/.gradle \
                     ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  --gradle-user-home="$HOME"/.gradle \


In jib-gradle-build-and-push line 22:
  -Dgradle.user.home=$HOME/.gradle \
                     ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Dgradle.user.home="$HOME"/.gradle \


In jib-gradle-build-and-push line 23:
  -Duser.home=$HOME \
              ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Duser.home="$HOME" \


In jib-gradle-build-and-push line 24:
  -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \
                                ^------------------------^ SC2046: Quote this to prevent word splitting.


In jib-gradle-build-and-push line 25:
  -Djib.to.image=$(params.IMAGE) \
                 ^-------------^ SC2046: Quote this to prevent word splitting.


In jib-gradle-build-and-push line 26:
  -Djib.outputPaths.digest=$(workspaces.source.path)/$(params.DIRECTORY)/image-digest
                           ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                                     ^-----------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-gradle-digest-to-results line 2:
cat $(workspaces.source.path)/$(params.DIRECTORY)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                              ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                     ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

WARN : step: jib-gradle is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-gradle-build-and-push line 27:
  $(params.EXTRA_ARGS)
  ^------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-gradle-digest-to-results line 2:
cat $(workspaces.source.path)/$(params.DIRECTORY)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                              ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                     ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

WARN : step: jib-maven is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-maven-build-and-push line 3:
  -Duser.home=$HOME \
              ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Duser.home="$HOME" \


In jib-maven-build-and-push line 4:
  -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \
                                ^------------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 5:
  -Djib.to.image=$(params.IMAGE) \
                 ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-maven-digest-to-results line 2:
cat $(workspaces.source.path)/target/jib-image.digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                            ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

WARN : step: jib-maven is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s bash] failed:

In jib-maven-build-and-push line 4:
keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass "changeit" -file /etc/ssl/certs/$(params.CACERTFILE) -noprompt
                          ^--------^ SC2086: Double quote to prevent globbing and word splitting.
                                                                                                     ^------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
keytool -import -keystore "$JAVA_HOME"/lib/security/cacerts -storepass "changeit" -file /etc/ssl/certs/$(params.CACERTFILE) -noprompt


In jib-maven-build-and-push line 7:
  -Duser.home=$HOME \
              ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Duser.home="$HOME" \


In jib-maven-build-and-push line 8:
  -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \
                                ^------------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 9:
  -Djib.to.image=$(params.IMAGE) \
                 ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-maven-digest-to-results line 2:
cat $(workspaces.source.path)/target/jib-image.digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                            ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

WARN : step: jib-maven is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s bash] failed:

In jib-maven-build-and-push line 4:
keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass "changeit" -file /tekton-custom-certs/$(params.CACERTFILE) -noprompt
                          ^--------^ SC2086: Double quote to prevent globbing and word splitting.
                                                                                                           ^------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
keytool -import -keystore "$JAVA_HOME"/lib/security/cacerts -storepass "changeit" -file /tekton-custom-certs/$(params.CACERTFILE) -noprompt


In jib-maven-build-and-push line 7:
  -Duser.home=$HOME \
              ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Duser.home="$HOME" \


In jib-maven-build-and-push line 8:
  -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \
                                ^------------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 9:
  -Djib.to.image=$(params.IMAGE) \
                 ^-------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-maven-digest-to-results line 2:
cat $(workspaces.source.path)/$(params.DIRECTORY)/target/jib-image.digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                              ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                                ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

WARN : step: jib-maven is not using #!/usr/bin/env 
ERROR: /usr/bin/shellcheck, [-s bash] failed:

In jib-maven-build-and-push line 5:
  rm $(workspaces.source.path)/truststore.jks
     ^-----------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 12:
  keytool -importkeystore -srckeystore $JAVA_HOME/lib/security/cacerts -srcstoretype JKS -destkeystore $(workspaces.source.path)/truststore.jks -storepass "changeit" -srcstorepass "changeit" > /tmp/logs 2>&1
                                       ^--------^ SC2086: Double quote to prevent globbing and word splitting.
                                                                                                       ^-----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
  keytool -importkeystore -srckeystore "$JAVA_HOME"/lib/security/cacerts -srcstoretype JKS -destkeystore $(workspaces.source.path)/truststore.jks -storepass "changeit" -srcstorepass "changeit" > /tmp/logs 2>&1


In jib-maven-build-and-push line 13:
  if [ $? -ne 0 ]; then
       ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.


In jib-maven-build-and-push line 18:
  keytool -import -keystore $(workspaces.source.path)/truststore.jks -storepass "changeit" -file /tekton-custom-certs/$(params.CACERTFILE) -noprompt
                            ^-----------------------^ SC2046: Quote this to prevent word splitting.
                                                                                                                      ^------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 26:
  -Duser.home=$HOME \
              ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  -Duser.home="$HOME" \


In jib-maven-build-and-push line 27:
  -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \
                                ^------------------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 28:
  -Djib.to.image=$(params.IMAGE) \
                 ^-------------^ SC2046: Quote this to prevent word splitting.


In jib-maven-build-and-push line 29:
  $certParams \
  ^---------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
  "$certParams" \

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...
  https://www.shellcheck.net/wiki/SC2181 -- Check exit code directly with e.g...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In jib-maven-digest-to-results line 2:
cat $(workspaces.source.path)/$(params.DIRECTORY)/target/jib-image.digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                              ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                                ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In kaniko-digest-to-results line 2:
cat $(params.CONTEXT)/image-digested | jq '.[0].value' -rj | tee $(results.IMAGE-DIGEST.path)
    ^---------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In kaniko-digest-to-results line 2:
cat $(params.CONTEXT)/image-digested | jq '.[0].value' -rj | tee $(results.IMAGE-DIGEST.path)
    ^---------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In kaniko-digest-to-results line 2:
cat $(params.CONTEXT)/image-digested | jq '.[0].value' -rj | tee $(results.IMAGE-DIGEST.path)
    ^---------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In kaniko-digest-to-results line 2:
cat $(params.CONTEXT)/image-digested | jq '.[0].value' -rj | tee $(results.IMAGE-DIGEST.path)
    ^---------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In pylint-pylint line 5:
    python -mpip install --user -r $(params.requirements_file)
                                   ^-------------------------^ SC2046: Quote this to prevent word splitting.


In pylint-pylint line 7:
pylint $@ $(params.path)
       ^-- SC2068: Double quote array expansions to avoid re-splitting elements.
          ^------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ...
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In pylint-pylint line 11:
pylint $@ "$(params.path)"
       ^-- SC2068: Double quote array expansions to avoid re-splitting elements.

For more information:
  https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In s2i-build line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In s2i-build line 3:
buildah ${CERT_DIR_FLAG} bud --tls-verify=$(params.TLSVERIFY) --layers \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^-----------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" bud --tls-verify=$(params.TLSVERIFY) --layers \


In s2i-build line 4:
-f /gen-source/Dockerfile.gen -t $(params.IMAGE_NAME) .
                                 ^------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In s2i-push line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In s2i-push line 3:
buildah ${CERT_DIR_FLAG} push --tls-verify=$(params.TLSVERIFY) --digestfile $(workspaces.source.path)/image-digest \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                           ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                            ^-----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" push --tls-verify=$(params.TLSVERIFY) --digestfile $(workspaces.source.path)/image-digest \


In s2i-push line 4:
$(params.IMAGE_NAME) docker://$(params.IMAGE_NAME)
^------------------^ SC2046: Quote this to prevent word splitting.
                              ^------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In s2i-digest-to-results line 2:
cat $(workspaces.source.path)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2002 -- Useless cat. Consider 'cmd < file...

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In s2i-build line 2:
[[ "$(workspaces.sslcertdir.bound)" == "true" ]] && CERT_DIR_FLAG="--cert-dir $(workspaces.sslcertdir.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.


In s2i-build line 3:
buildah ${CERT_DIR_FLAG} bud --tls-verify=$(params.TLSVERIFY) --layers \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                          ^-----------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" bud --tls-verify=$(params.TLSVERIFY) --layers \


In s2i-build line 4:
  -f /gen-source/Dockerfile.gen -t $(params.IMAGE) .
                                   ^-------------^ SC2046: Quote this to prevent word splitting.


In s2i-build line 5:
[[ "$(workspaces.dockerconfig.bound)" == "true" ]] && export DOCKER_CONFIG="$(workspaces.dockerconfig.path)"
^-- SC3010: In POSIX sh, [[ ]] is undefined.
                                                             ^-----------^ SC2155: Declare and assign separately to avoid masking return values.


In s2i-build line 6:
buildah ${CERT_DIR_FLAG} push --tls-verify=$(params.TLSVERIFY) --digestfile $(workspaces.source.path)/image-digest \
        ^--------------^ SC2086: Double quote to prevent globbing and word splitting.
                                           ^-----------------^ SC2046: Quote this to prevent word splitting.
                                                                            ^-----------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
buildah "${CERT_DIR_FLAG}" push --tls-verify=$(params.TLSVERIFY) --digestfile $(workspaces.source.path)/image-digest \


In s2i-build line 7:
  $(params.IMAGE) docker://$(params.IMAGE)
  ^-------------^ SC2046: Quote this to prevent word splitting.
                           ^-------------^ SC2046: Quote this to prevent word splitting.


In s2i-build line 8:
cat $(workspaces.source.path)/image-digest | tee $(results.IMAGE_DIGEST.path)
    ^-----------------------^ SC2046: Quote this to prevent word splitting.
    ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
                                                 ^--------------------------^ SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2155 -- Declare and assign separately to ...
  https://www.shellcheck.net/wiki/SC3010 -- In POSIX sh, [[ ]] is undefined.

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In trivy-scanner-trivy-scan line 6:
    trivy --cache-dir $TRIVY_TEMP_DIR image --download-db-only
                      ^-------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    trivy --cache-dir "$TRIVY_TEMP_DIR" image --download-db-only


In trivy-scanner-trivy-scan line 7:
    tar -cf ./db.tar.gz -C $TRIVY_TEMP_DIR/db metadata.json trivy.db
                           ^-------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    tar -cf ./db.tar.gz -C "$TRIVY_TEMP_DIR"/db metadata.json trivy.db


In trivy-scanner-trivy-scan line 8:
    rm -rf $TRIVY_TEMP_DIR
           ^-------------^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    rm -rf "$TRIVY_TEMP_DIR"


In trivy-scanner-trivy-scan line 9:
    mkdir -p $HOME/.cache/trivy/db
             ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    mkdir -p "$HOME"/.cache/trivy/db


In trivy-scanner-trivy-scan line 10:
    tar xvf ./db.tar.gz -C $HOME/.cache/trivy/db
                           ^---^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
    tar xvf ./db.tar.gz -C "$HOME"/.cache/trivy/db


In trivy-scanner-trivy-scan line 11:
    cmd+="--skip-update "
    ^-^ SC3024: In POSIX sh, += is undefined.


In trivy-scanner-trivy-scan line 13:
  cmd+="$(params.IMAGE_PATH)"
  ^-^ SC3024: In POSIX sh, += is undefined.

For more information:
  https://www.shellcheck.net/wiki/SC3024 -- In POSIX sh, += is undefined.
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

@frerikandriessen
Copy link
Author

@vinamra28 is it good like this or do you want me to rebase the merge-commit?

@frerikandriessen
Copy link
Author

@vinamra28

@vinamra28
Copy link
Member

@frerikandriessen that would be very helpful 😅
PR looks good to me anyhow
/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Jul 22, 2023
@tekton-robot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale with a justification.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close with a justification.
If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/lifecycle stale

Send feedback to tektoncd/plumbing.

@tekton-robot tekton-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Oct 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
lgtm Indicates that a PR is ready to be merged. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants