moai-lang-shell - Enterprise v4.0.0

Skill Overview

Enterprise Shell scripting with Bash 5.2+, static analysis (ShellCheck), bats-core testing framework, POSIX compliance, and defensive scripting patterns. This skill provides production-grade shell scripting guidance for system administration, CI/CD, and infrastructure automation.

Core Capabilities

• ✅ Bash 5.2+ modern features and best practices
• ✅ ShellCheck static analysis integration (0.10.0)
• ✅ bats-core testing framework (1.11.0)
• ✅ POSIX sh compliance validation
• ✅ Defensive scripting patterns (set -euo pipefail)
• ✅ Error handling and signal trapping
• ✅ Context7 MCP for real-time documentation
• ✅ Performance optimization techniques

---

When to Use This Skill

Automatic activation:

• Shell script development (.sh, .bash files)
• POSIX compliance requirements
• Shell script testing setup (bats-core)
• CI/CD shell automation
• System administration scripts

Manual invocation:

• Design defensive shell scripts
• Implement error handling patterns
• Optimize shell script performance
• Review shell script quality

---

Technology Stack (2025-11-13)

Component	Version	Purpose	Status
Bash	5.2.37	Core shell	Current
ShellCheck	0.10.0	Static analysis	Current
bats-core	1.11.0	Testing framework	Current
bats-assert	2.1.0	Test assertions	Current
jq	1.7.1	JSON processing	Optional
sed/awk	GNU	Text processing	Built-in

---

Core Language Features

1. Variables and Parameter Expansion

Bash provides powerful parameter expansion for safe string handling:

# Safe defaults
config="${CONFIG_FILE:-/etc/app/config.txt}"

# Parameter expansion
filename="document.txt"
name="${filename%.*}"           # Remove extension
extension="${filename##*.}"     # Get extension only

# Default values and error handling
value="${undefined:?Variable must be set}"

# Substring extraction
text="Hello World"
echo "${text:0:5}"              # "Hello"
echo "${text:6}"                # "World"

Key Benefits:

• Avoid repeated variable checks
• Safe defaults prevent errors
• No external tools needed

2. Structured Concurrency with Signals

Proper signal handling prevents zombies and resource leaks:

#!/bin/bash
set -euo pipefail               # Defensive mode

cleanup() {
    [[ -n "${temp_file:-}" ]] && rm -f "$temp_file"
    [[ -n "${bg_pid:-}" ]] && kill $bg_pid 2>/dev/null || true
}

trap cleanup EXIT               # Cleanup on exit
trap 'exit 130' INT             # Handle Ctrl+C
trap 'exit 143' TERM            # Handle termination

Key Benefits:

• Automatic resource cleanup
• Zombie process prevention
• Graceful signal handling

3. Arrays and Associative Arrays

# Indexed arrays
files=("file1.txt" "file2.txt")
for file in "${files[@]}"; do
    process "$file"
done

# Associative arrays (dictionaries)
declare -A config
config[url]="https://api.example.com"
config[key]="secret123"
echo "${config[url]}"

---

Defensive Scripting Patterns

Error Handling

# Set error options
set -euo pipefail

# Error trapping
error_handler() {
    echo "Error on line $1: $(tail -1 <(sed -n "$1p" "$0"))" >&2
    exit 1
}
trap 'error_handler $LINENO' ERR

# Safe command execution
if ! command_that_might_fail; then
    echo "Failed with exit code $?" >&2
    exit 1
fi

Input Validation

validate_not_empty() {
    local var=$1
    local name=$2
    [[ -z "$var" ]] && { echo "Error: $name is empty" >&2; return 1; }
}

validate_file() {
    local file=$1
    [[ ! -f "$file" ]] && { echo "Error: File not found: $file" >&2; return 1; }
}

# Usage
validate_not_empty "$username" "Username" || exit 1
validate_file "$config_file" || exit 1

---

ShellCheck Integration

Common Checks

# Good: Quoted variables
echo "$var"                     # SC2086 prevention

# Good: Command existence check
command -v python3 &>/dev/null || {
    echo "Python 3 not found" >&2
    exit 1
}

# Good: Proper array iteration
for file in "${files[@]}"; do   # SC2068 prevention
    process "$file"
done

# Disable warnings when necessary
# shellcheck disable=SC1091
source /etc/profile.d/custom.sh

---

Testing with bats-core

Writing Tests

#!/usr/bin/env bats

source ./functions.sh

@test "add function returns correct sum" {
    result=$(add 5 3)
    [[ "$result" == "8" ]]
}

@test "error handling returns error code" {
    run safe_divide 10 0
    [[ $status -eq 1 ]]
    [[ "$output" =~ "Error" ]]
}

@test "file operations handle missing files" {
    run process_file "nonexistent.txt"
    [[ $status -eq 1 ]]
}

Running Tests

# Run all tests
bats tests/

# Run specific test
bats tests/test_functions.bats -f "add function"

# Run with TAP output
bats --tap tests/

---

Performance Optimization

Built-in Commands vs External

# GOOD: Use built-in commands
while read -r line; do
    echo "$line"
done < file.txt

# AVOID: Unnecessary external commands
cat file.txt | while read -r line

Sequence vs Stream Processing

# Lazy evaluation with process substitution
diff <(sort file1.txt) <(sort file2.txt)

# Avoid:
sort file1.txt > temp1
sort file2.txt > temp2
diff temp1 temp2
rm temp1 temp2

Local Variables in Functions

# GOOD: Local scope prevents polluting global namespace
fast_function() {
    local count=0
    local result=""
    for i in {1..1000}; do
        ((count++))
    done
    echo "$count"
}

# AVOID: Global variables cause issues
function slow_function() {
    count=0
    result=""
    # ...
}

---

POSIX Compliance

For maximum portability across different shells (bash, dash, ksh):

#!/bin/sh
# POSIX-compliant script

# Use [ ] instead of [[ ]]
if [ -f "file.txt" ]; then
    echo "File exists"
fi

# Use $() instead of backticks
date=$(date +%Y-%m-%d)

# Use expr for arithmetic (POSIX)
result=$(expr 5 + 3)

# POSIX arrays (positional parameters)
set -- "apple" "banana" "cherry"
echo "First: $1"
echo "All: $*"

---

Best Practices Summary

1. Always Start with Defensive Mode

#!/bin/bash
set -euo pipefail               # Exit on error, undefined, pipe failure
IFS=$'\n\t'                     # Safer default separator

2. Quote All Variables

# GOOD
echo "$var"
for file in "${files[@]}"

# AVOID
echo $var
for file in $files

3. Use Local Variables in Functions

function my_func() {
    local var="value"
    local result=$(compute)
    echo "$result"
}

4. Trap for Cleanup

trap cleanup EXIT
trap 'error_handler $LINENO' ERR

5. Validate Input Early

[[ -z "$username" ]] && { echo "Username required" >&2; exit 1; }
[[ ! -f "$config" ]] && { echo "Config not found" >&2; exit 1; }

---

Common Patterns

Logging

log() {
    local timestamp=$(date '+%Y-%m-%d %H:%M:%S')
    echo "[$timestamp] $*" | tee -a app.log
}

log_error() {
    log "ERROR: $*" >&2
}

Configuration Loading

load_config() {
    local file="${1:-.config}"
    [[ ! -f "$file" ]] && return 1

    while IFS='=' read -r key value; do
        [[ "$key" =~ ^#.*$ ]] && continue
        [[ -z "$key" ]] && continue
        export "$key=$value"
    done < "$file"
}

Safe Temporary Files

temp_file=$(mktemp) || exit 1
trap 'rm -f "$temp_file"' EXIT

# Use temp_file
echo "data" > "$temp_file"

---

Context7 MCP Integration

This skill integrates with Context7 for real-time documentation access:

• Bash Manual: /gnu/bash
• GNU Coreutils: /gnu/coreutils
• POSIX Shell: /posix/shell

---

Testing Strategy

Category	Target	Tools
Unit Tests	80%	bats-core
Integration Tests	15%	bats + external tools
Linting	100%	ShellCheck

---

Works Well With

• moai-foundation-security (Security patterns)
• moai-foundation-testing (Testing strategies)
• moai-essentials-debug (Debugging)
• moai-cc-mcp-integration (MCP integration)

---

For Complete Information

• Working Examples: See examples.md (23 examples covering all patterns)
• CLI Reference: See reference.md (commands, syntax, troubleshooting)
• GNU Bash Manual: https://www.gnu.org/software/bash/manual/
• ShellCheck: https://www.shellcheck.net

---

Changelog

• v4.0.0 (2025-11-13): Refactored to Progressive Disclosure with comprehensive examples.md and reference.md
• v3.0.0 (2025-03-15): Added POSIX compliance guide
• v2.0.0 (2025-01-10): Testing and linting guide
• v1.0.0 (2024-12-01): Initial release

---

Last updated: 2025-11-13