Shell - 1.3

Extension ID

com.castsoftware.shell

What’s new?

Please see Shell 1.3 - Release Notes  for more information.

Description

This extension provides support for applications written using UNIX Shell languages.

Although this extension is officially supported by CAST, please note that it has been developed within the technical constraints of the CAST Universal Analyzer technology and to some extent adapted to meet specific customer needs. Therefore the extension may not address all of the coding techniques and patterns that exist for the target technology and may not produce the same level of analysis and precision regarding e.g. quality measurement and/or function point counts that are typically produced by other CAST AIP analyzers.

In what situation should you install this extension?

If your application contains source code written using UNIX Shells and you want to view these object types and their links with other objects, then you should install this extension.

Supported UNIX shells

This version of the extension provides partial support for:

UNIX shell	Supported
Bourne shell (bsh/sh/shell)
Bourne-Again Shell (bash)
C shell (csh)
KornShell (ksh)
Secure Shell (ssh)
Tenex C Shell (tcsh)

Function Point, Quality and Sizing support

This extension provides the following support:

• Function Points (transactions): a green tick indicates that OMG Function Point counting and Transaction Risk Index are supported
• Quality and Sizing: a green tick indicates that CAST can measure size and that a minimum set of Quality Rules exist

Function Points (transactions)
Quality and Sizing

AIP Core compatibility

This extension is compatible with:

AIP Core release	Extension release	Supported
8.3.x	≥ 1.0.1

Download and installation instructions

The extension will be automatically downloaded and installed in AIP Console when you deliver Shell code (i.e. any file with an extension listed below).

Prepare and deliver the source code

Once the extension is downloaded and installed, you can now package your source code and run an analysis. The process of preparing and delivering your source code is described below:

Source code preparation

Only files with following extensions will be analyzed:

• *.bash
• *.bsh
• *.csh
• *.ksh
• *.sh
• *.shell
• *.ssh
• *.tsch

If any files intended for other applications are included in the delivery and which are renamed to supported Shell extensions, the following effects might be observed during an analysis:

• inconsistent objects may get created
• end of string ’’’ not found errors
• if the file is binary: Invalid UTF-8 sequence found in text to be matched or searched for a regular expression

Source code preprocessing 

Shell source code needs to be preprocessed so that CAST can understand it and analyze it correctly. This code preprocessing is actioned automatically when an analysis is launched or a snapshot is generated (the code is preprocessed before the analysis starts). The Shell Preprocessor log file is stored in the following location:

%PROGRAMDATA%\CAST\CAST\Logs\<application_name>\Execute_Analysis_<guid>\com.castsoftware.shell.<_extension_version>.prepro_YYYYMMDDHHMMSS.log

Note that the LISA folder will be used to analyze the preprocessed files.

Analysis configuration and execution

There are no analysis/technology configuration options available for Shell, however you should check that at least one Shell analysis unit has been created as shown below.

AIP Console exposes the technology configuration options once a version has been accepted/imported, or an analysis has been run. Click Universal Technology (3) in the Config (1) > Analysis (2) tab to display the available options for your Shell source code:

Then choose the relevant Analysis Unit (1) to view the configuration:

Logging mechanism

Analysis log files

Analysis logs are stored in the default locations.

Shell Preprocessor

Shell Preprocessor log files (the preprocessor is launched automatically during an analysis) are stored in the following locations:

What results can you expect?

Objects

Links

Embedded SQL

Shell allows the use of here-document to write SQL queries, for example:

##!/bin/sh
/opt/solid/bin/solsql db db <<abc
select count(*) from table_1;
select count(*) from table_2;
exit;
!;
abc

The Shell extension can use these queries to create links.

Call to SQL script

The Shell extension allows links to SQL script when used with a dependency to the SQL analyzer

For example:

script.sh

##!/bin/env bash

sqlplus script.sql

script.sql

CREATE TABLE ...

In Enlighten

Links to external programs

The following call pattern are supported

• ./exe
• /path/to/exe
• python
• java
• nohup
• eval
• wlst.sh
• runcobol | runcobol.exe

Shell to Java links

The extension does support links between Shell programs and Java objects (for example methods). Links will be created between these technologies.

The extension manages call to Java classes and .jar files. For .jar files no links will go further as .jar aren’t handle by any extensions, the link is purely informative.

Basic Case

...
/bin/java UpdateRepartiteurs
...

wil generate the following diagram

Function Case

...
MajRepartiteurs ()
{
    ...
    java UpdateRepartiteurs
    ...
}
...

will generate the following diagram

Shell to COBOL links

The extension does support links between Shell programs and COBOL objects (for example programs). Links will be created between these technologies.

Basic Case

COBOL file

IDENTIFICATION DIVISION.
PROGRAM-ID. HELLO.
* simple hello world program
PROCEDURE DIVISION.
    DISPLAY 'Hello world!'.

SHELL script

./hello

will generate the following diagram

Shell to Python links

The extension does support links between Shell programs and Python objects (for example methods). Links will be created between these technologies.

The following script

...
python foo.py
...

will generate the following diagram, assuming that foo.py exists and has been analyzed

Support for AWS CLI

Lambda

An example of a command invoking a lambda named my-function.

$ aws lambda invoke --function-name my-function

When analyzing it, a Shell Call to AWS Lambda function object is created. This object will be linked to lambda functions objects (which may be created by other extensions) having the same name during application level analysis stage by the web services linker extension. When the name of an invoked Lamba function is not evaluated (either because of the absence of information or technical limitations) a Shell Call to AWS Unknown Lambda Function* *is created instead. A maximum of one call for each lambda (including unknowns) is created per caller.

An example of a command creating an AWS Lambda of name my-function where the handler is a javascript method.

$ aws lambda create-function --function-name my-function --zip-file fileb://function.zip --handler index.handler --runtime nodejs12.x --role arn:aws:iam::123456789012:role/lambda-ex

When analyzing it, a Shell AWS Lambda Function object is created. It contains the runtime and handler properties (here nodejs12.x and index*.handle*r, respectively). The linking from the lambda function to the handler function is then carried out during application level analysis stage by one of the following extensions (depending on the runtime):

Below we illustrate the expected results with a few aws commands. The code samples used are adaptations from available examples in official AWS documentation pages.

Example 

In the following code we enclose three cli calls to aws lambda services in three different shell functions:

CreateFunction() {
  aws lambda create-function --function-name my-lambda --runtime nodejs10.x --zip-file fileb://my-function.zip --handler my-function.handler --role arn:aws:iam::123456789012:role/service-role/MyTestFunction-role-tges6bf4
}

InvokeFunction1() {
  aws lambda invoke --function-name my-function --payload '{ "name": "Bob" }' response.json
}

## it contains an unresolved variable
InvokeFunction2() {
  aws lambda invoke --function-name $VarFunctionName --payload '{ "name": "Bob" }' response.json
}

As a result of the code above, a AWS Lambda function is created, and two calls to a AWS Lambda functions (one resolved and one unresolved).

The Lambda function object contains the runtime and handler properties (see details above in the section) necessary for linking to the respective handler in different technologies.

S3

There are at least two different APIs for manipulation of S3 buckets. The s3api command is used for low level manipulation where s3 has a higher-level functionality.

In the absence of explicit bucket creation, references to buckets in other commands are used to create table objects.

For the list of commands acting on a bucket that are modelized with a callLink, expand the list below

Click here to expand other methods…

Example 

In the following code we show a few calls to s3 and s3api commands.

Hello () {
   aws s3 cp test.txt s3://bucket1/test2.txt
}

MoveFile () {
   aws s3 mv s3://bucket19/test.txt s3://${BUCKET}/
}

GetObject () {
   aws s3api get-object --bucket text-content --key dir/my_images.tar.bz2 my_images.tar.bz2
}

GetObjectUnresolved () {
   aws s3api get-object --bucket $UnknownVar --key dir/my_images.tar.bz2 my_images.tar.bz2
}

The resulting buckets and links:

If the name of a bucket is not resolved, an unknown object is created as shown above. Note that a maximum of one unknown (SHELL) bucket will be created per project. However, if the name of the bucket is partially resolved, a normal bucket object will be created, with the unresolved name fragments replaced by the “?” character (example not shown here).

SQS

The supported API:

Example 

In the following code we send a message with the Send function and we retrieve the message in the Receive function:

Send () {
   aws sqs send-message --queue-url https://sqs.us-east-1.amazonaws.com/80398EXAMPLE/MyQueue --message-body "Information about the largest city in Any Region." --delay-seconds 10 --message-attributes file://send-message.json
}

Receive () {
   aws sqs receive-message --queue-url https://sqs.us-east-1.amazonaws.com/80398EXAMPLE/MyQueue --attribute-names All --message-attribute-names All --max-number-of-messages 10
}

The results in Enlighten show the created objects with name equal to the Queue url:

The callLink links between the Publisher and the respective Receivers are created by the Web Services Linker extension during application level based on the Queue name registered in the queueName property. The handler of the receiver is the function Receive itself, responsible of treating the received data.

When the evaluation of the queue name fails, a Shell AWS Unknown SQS Publisher (or Receiver) object will be created.

SNS

The supported protocols are the following:

The callLink links between the Publisher and the respective Subscribers are created by the Web Services Linker extension during application level.

For each method a maximum of one subscriber per given topic will be created as shown in the image above.

Example 1

In the following code we have to functions, one publishing into a topic, and the other one subscribing to different notification endpoints of different protocols.

Publish () {
   aws sns publish --topic-arn "arn:aws:sns:us-west-2:123456789012:my-topic" --message file://message.txt
}

Receive() {
    aws sns subscribe --topic-arn arn:aws:sns:us-west-2:123456789012:my-topic --protocol email --notification-endpoint my-email@example.com
    aws sns subscribe --topic-arn arn:aws:sns:us-west-2:123456789012:my-topic --protocol sms --notification-endpoint 123456789
    aws sns subscribe --topic-arn arn:aws:sns:us-west-2:123456789012:my-topic --protocol sqs --notification-endpoint arn:partition:service:region:account-id:queueName
    aws sns subscribe --topic-arn arn:aws:sns:us-west-2:123456789012:my-topic --protocol lambda --notification-endpoint fooarn:function:lambda_name:v2
    aws sns subscribe --topic-arn arn:aws:sns:us-west-2:123456789012:my-topic --protocol http --notification-endpoint http://foourl
}

The callLink links between the Publisher and the respective Subscribers are created by the Web Services Linker extension during application level.

For each method a maximum of one subscriber per given topic will be created as shown in the image above.

When the evaluation of the topic name fails, a Shell AWS Unknown SNS Publisher (or Subscriber) object will be created.

Example 2

We can also have direct sms deliveries from calls to publish API command:

PublishSMS () {
    aws sns publish --message "Hello world!" --phone-number +1-555-555-0100
}

resulting in the direct callLink to the Shell SMS object:

DynamoDB

Please refer: DynamoDB support for Shell source code

Structural Rules

The following structural rules are provided:

You can also find a global list here: https://technologies.castsoftware.com/rules?sec=t_1016000&ref=|| .

Limitations/known issues

Script file import

This extension does not support the “import” of functions defined in other script files using “sourcing”  (see https://www.mkssoftware.com/docs/man1/dot.1.asp ), therefore no links are expected between functions declared in other script files Note that “sourcing” is supported when used in variable definitions.

Deployment folder path

The deployment folder path should contain only ASCII characters (due to the way the command line text is passed in a Windows operating system). Names of folders and files inside the deployment folder can contain non-ASCII characters.

Links to database objects

When your Shell scripts contain references to database objects in the server side element of an application and these references use fully qualified names for the database object, no links will be created between Shell and the database objects when you have used the SQL Analyzer extension  to analyze the SQL if SQL Analyzer does not create database objects with same name. If you have used the SQL analyzers embedded in CAST AIP to analyze the SQL, then links will be created as normal. This is a known issue.

Metrics Assistant (embedded in CAST AIP) limitations

Searches not limited only to embedded SQL

The MA (Metric Assistant) which is used for metric search cannot search only in embedded SQL. Some Shell rules may be affected by this limitation and may produce false violations.

Cannot calculate metric excluding comments

The MA (Metric Assistant) which is used for metric search cannot search correctly while excluding comments especially if comments start or end adjacent to the keyword. If such a condition exists, random false violations may occur.

Shell embedded strings

Shell code allows string to be embedded in strings as shown in the code sample below. Currently, the Shell extension (and other Universal Analyzer type extensions) will consider this as one continuous string. Because we do not have any way to identify perfect end string patterns in this case, we cannot find the end of string and therefore the file will be skipped during the analysis.

echo '              
Outer string ;              
cat '$file03'             
Another outer string              
'$id'             
' | $command

KSH: guessing of ending single\double quote

Note that this limitation is no longer applicable to Shell ≥ 1.0.10.

KSH supports the guessing of ending single/double quotes. The Shell extension supports this when the string is in single line, however, it is not supported when the string is in a multiple line, for example:

export OUTPUT=`basename $SOME_VARIABLE | $AWK 'FS="-" {
  i=3
  tmpMachineName= "mach_"$2
  while ( i <= NF){
    tmpMachineName=tmpMachineName"-"$i;
    i++;
  }
  print(tmpMachineName);
}`

Multi-line document markers

Note that this limitation is no longer applicable to Shell ≥ 1.0.10.

When a document marker is in a multi-line string, the Shell extension will not be able detect that it is in a string, for example:

some_multiline_string="a;b;c;d;\
e;f;g;h;\
x;y;z<<;strong text"

In both of these cases, the file will be skipped and logs will contain the warning: “File Skipped”.