name: Shellcheck
on:
  workflow_dispatch:
  push:
    branches:
      - main
    paths:
      - "**.sh"
  pull_request:
    paths:
      - "**.sh"

# Abort runs of *this* workflow, if a new commit with the same ref is pushed.
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}

jobs:
  shellcheck:
    name: Shellcheck
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
        with:
          ref: ${{ github.event.pull_request.head.sha }}

      - name: Run ShellCheck
        uses: ludeeus/action-shellcheck@b2bbefc2e6b9dcbc6355b85e366c9e55bf8d57e1 # master
        with:
          severity: error
          ignore_paths: charts/cilium