shellcheck is an invaluable tool for validating shell (typically Bash) scripts. When working with a codified CI
environment like AWS's CodeBuild, the shell script is defined inside a YAML list (YAML sequence). You can still
run shellcheck, by parsing the YAML file with a tool like yq and piping the output to shellcheck:
yq '.phases.build.commands[]' < buildspec.yaml | shellcheck -
Note: shellcheck assumes that everything is a single file, which would execute consecutively in the same
shell, but CodeBuild executes each string (line) in a new shell, copying exports only. So things like set