fix(ci): make the SC1091 suppression in lotus_deploy.sh actually apply
Lint / Shell (shellcheck) (push) Successful in 7s
Lint / JS (eslint) (push) Successful in 6s
Lint / Python (ruff) (push) Successful in 5s
Lint / Python deps (pip-audit) (push) Successful in 32s
Lint / Secret scan (gitleaks) (push) Successful in 4s

Shellcheck directives bind to the NEXT command; on the compound line
`set -a; source /etc/lotus-deploy.env; set +a` the existing
`# shellcheck disable=SC1091` bound to `set -a`, so the info-level SC1091
finding on the runtime-only env file still failed the lint workflow
(find -exec shellcheck exits non-zero on any finding). Split the line so the
directive sits directly above `source` (as `source=/dev/null`, the standard
idiom for host-only env files). Verified with CI's exact invocation:
`find . -name "*.sh" -exec shellcheck {} +` now exits 0 (shellcheck 0.9.0).

No runtime behavior change.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
2026-07-01 22:19:39 -04:00
parent d9585f13f1
commit d344b9b4b5
+8 -2
View File
@@ -15,8 +15,14 @@ echo "[$(date '+%Y-%m-%d %H:%M:%S')] ===== Deploy triggered ====="
# Load secrets (auth tokens etc — not in git)
if [ -f /etc/lotus-deploy.env ]; then
# shellcheck disable=SC1091
set -a; source /etc/lotus-deploy.env; set +a
set -a
# This env file only exists on the deploy host at runtime, so shellcheck
# can't follow it. The directive must sit DIRECTLY above the `source` —
# on a compound `set -a; source …` line it binds to `set -a` and the
# SC1091 finding still fails CI.
# shellcheck source=/dev/null
source /etc/lotus-deploy.env
set +a
fi
cd "$REPO"