Advanced Bash Scripting: Mastering Shell Features for Automation
Learn advanced Bash scripting with arrays, process substitution, strict mode, ShellCheck, and parameter expansion for safer automation.
Advanced Bash Scripting: Mastering Shell Features for Automation
Bash scripting gets harder when your script grows from a few commands into real automation. You need safer variable handling, cleaner input and output, and fewer temporary files.
This guide covers advanced Bash scripting features you can use in deployment scripts, log checks, and maintenance jobs. The goal is not clever shell code. It is code you can rerun, debug, and hand to another engineer.
1. Use Bash Arrays for Real Lists
Arrays let you store multiple values without splitting strings by spaces. That matters when file names, service names, or user input contain spaces.
Indexed Arrays
Indexed arrays are the most common type, where elements are accessed using a numeric index starting from 0.
Example:
# Initialize an indexed array
COLORS=("red" "green" "blue" "yellow")
# Accessing elements
echo "The second color is: ${COLORS[1]}"
# Adding an element
COLORS+=( "purple" )
# Printing all elements
echo "All colors: ${COLORS[@]}"
Common array operations:
| Operation | Syntax | Description |
|---|---|---|
| Get Element Count | ${#ARRAY[@]} |
Returns the total number of elements. |
| Get Length of Specific Element | ${#ARRAY[index]} |
Returns the length of the string at a specific index. |
| Iteration | for item in "${ARRAY[@]}" |
Standard loop structure for processing all elements. |
Always quote array expansions with "${ARRAY[@]}". That keeps "/var/log/my app.log" as one argument instead of two.
Associative Arrays
Associative arrays work like small key-value maps. They require Bash 4 or later, so check your target systems if you support older macOS hosts.
You must declare an associative array with -A:
# Declare as associative array
declare -A CONFIG_MAP
# Assign key-value pairs
CONFIG_MAP["port"]=8080
CONFIG_MAP["hostname"]="localhost"
CONFIG_MAP["timeout"]=30
# Accessing values
echo "Port set to: ${CONFIG_MAP["port"]}"
# Iterating over keys
for key in "${!CONFIG_MAP[@]}"; do
echo "Key: $key, Value: ${CONFIG_MAP[$key]}"
done
2. Use Process Substitution Instead of Temp Files
Process substitution, written as <(command) or >(command), lets a command treat another command's output like a file. It is useful when a tool expects file paths but your data comes from commands.
When It Helps
For example, say you need to compare two generated service lists. diff expects file paths, but you do not need to write those lists to /tmp.
Without process substitution:
# Inefficient and messy
output1=$(command_a)
echo "$output1" > /tmp/temp1.txt
output2=$(command_b)
echo "$output2" > /tmp/temp2.txt
diff /tmp/temp1.txt /tmp/temp2.txt
rm /tmp/temp1.txt /tmp/temp2.txt
Cleaner Direct Comparison
Process substitution gives diff temporary file descriptors and keeps your script simpler.
With process substitution:
# Clean, one-line comparison
diff <(command_a) <(command_b)
This pattern works well with comm, diff, and tools that need multiple file inputs.
Syntax Variations:
<(command)passes command output to a reader.>(command)sends written output into another command.
3. Add Strict Mode and ShellCheck
Advanced Bash scripting should fail loudly when something unexpected happens. Strict mode helps you catch missing variables and broken pipelines before they cause silent damage.
Essential Strict Mode Options
Most automation scripts should start with:
set -euo pipefail
-e: Exit when a command fails.-u: Treat unset variables as errors.-o pipefail: Fail a pipeline if any command in the pipeline fails.
Example:
# Without pipefail, this can look successful because wc exits cleanly
cat file.log | grep successful_pattern | wc -l
# With set -o pipefail, grep failure makes the pipeline fail.
Use ShellCheck
ShellCheck catches quoting mistakes, unsafe expansions, unreachable code, and common portability issues.
Run it before committing a script:
shellcheck your_script.sh
When ShellCheck asks you to quote a variable or use "${array[@]}", treat that as a real bug unless you have a clear reason to ignore it.
4. Capture Output Carefully
Command substitution with $() is useful, but it can hide failures or mix output streams if you use it casually.
Capturing Both STDOUT and STDERR
When you want to log everything from a command, capture both standard output and standard error:
# Capture both stdout and stderr into the VARIABLE
VARIABLE=$(command_that_might_fail 2>&1)
# Discard both stdout and stderr when you only need the exit code
command_that_might_fail &> /dev/null
Parameter Expansion for Inline Cleanup
Parameter expansion can clean strings without spawning sed or awk for simple cases.
${variable%pattern}removes the shortest matching suffix.${variable%%pattern}removes the longest matching suffix.${variable#pattern}removes the shortest matching prefix.${variable##pattern}removes the longest matching prefix.
Example:
FILE="report.log.bak"
# Remove the shortest suffix matching .bak
CLEAN_NAME=${FILE%.bak}
echo $CLEAN_NAME # Output: report.log
# Remove all suffixes matching *.bak (only removes .bak here)
CLEAN_NAME_LONG=${FILE%%.*}
echo $CLEAN_NAME_LONG # Output: report
When to Get Help
Ask a more experienced shell user to review your script when it deletes files, changes production services, handles secrets, or runs from CI. Bash is powerful, but a small quoting mistake can affect every file that matches a pattern.
Takeaway
Use arrays for real lists, process substitution for file-like command output, set -euo pipefail for safer failures, and ShellCheck for fast feedback. Those habits make advanced Bash scripting easier to maintain and much less surprising during automation runs.