Use Shellcheck on CI for static analysis of Bash scripts

[derekargueta]

Title: Use Shellcheck on CI for static analysis of Bash scripts

Description:
Shellcheck is a shell script analysis tool with numerous flags for atypical or dangerous bash constructs. Shellcheck's Gallery of Bad Code gives examples of what it catches. It's how I identified this minor bash issue in Envoy previously.

Shellcheck is additionally configurable so we can disable flags we don't want at the global level, file level, or line level for one-off exceptions. My team has been using Shellcheck and found it quite helpful. The only downside I know of is that it doesn't have a --fix flag like clang-tidy does.

[derekargueta]

@mattklein123 please assign to me

[phlax]

@mattklein123 im happy to take this

[mattklein123]

Nice! Thanks.