ibiqlik / action-yamllint Goto Github PK

When running this action, this issue is logged:

Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

It seems quite new but the set-output usage should migrate to environment files.

Blog article explaining the change: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

At the moment, it seems the yamllint version is picked by pip (>=1.25.0).

Would you find is acceptable to add an input such as version to the action's arguments so we could make sure CI is as predictable as possible (?)

I could try and pull request for it, if the answer is "Yes."

Thanks.

If config_data contains spaces, e.g. {extends: default, rules: {document-start: disable}} to disable a single rule, entrypoint.sh errors as below due to wordsplitting on the unquoted CONFIG_DATA at:

I was trying to use the action https://github.com/marketplace/actions/get-all-changed-files for the files changed and then using ibiqlik/action-yamllint@log-output but when supplied the output of the action jitterbit/get-changed-files@v1 to the yaml lint it doesn't work.

I used the action previously and it was throwing an exitcode (1) when finding errors with the default parameters for the action.

When I'm running the action at the moment it's not generating an exitcode anymore:

Run ibiqlik/[email protected]
  with:
    strict: true
    format: github
    no_warnings: false
  env:
    tf_version: 1.0.2

======================
= Linting YAML files =
======================
Warning: [truthy] truthy value should be one of [false, true]
Error: [line-length] line too long (86 > 80 characters)
Error: [hyphens] too many spaces after hyphen
Error: syntax error: expected <block end>, but found '<block mapping start>' (syntax)
Warning: [comments-indentation] comment not indented like content

Here is the workflow config:

      - name: "YAML lint"
        uses: ibiqlik/[email protected]
        with:
          strict: true

I tried it with the github and default format, same result.

Hello.

Would it be possible to do a proper tagging for this project please?

Maybe good starting point is here: https://github.com/actions/checkout
They are using versions like:

• v2 -> v2.0.0
• v1 -> v1.2.0
• v1.1.0
• v1.0.0

It would be really handy to use something like v1 instead of specifying the exact version only v0.0.2:

    - uses: ibiqlik/action-yamllint@v1

It will save me from changing the "exact versions" or using "master" when you release new version.

For example this project can be handy for automating the release process: https://github.com/haya14busa/action-update-semver

Thank you...

I'm working on a GitHub bot that helps keep specific files in git repos up to date with an upstream. As part of my automated tests I have a yaml file that contains the current date:

$ cat test-source-1/source.yml
current_time: 'Thu Aug 12 21:18:39 UTC 2021'

When I run yamllint locally, I get exit code 0:

$ yamllint . -f colored
$ echo $?
0

But when GitHub Actions run the yaml lint, it gets a weird error...
https://github.com/sporkfed/test-destination-1/runs/3324387902

github-actions $ 

Run ibiqlik/action-yamllint@v3
  with:
    format: parsable
    strict: false
    no_warnings: false
======================
= Linting YAML files =
======================
Error: logs/refs/remotes/origin/sporkfed/test-source-1/source.yml:1:178: [error] syntax error: found character '\t' that cannot start any token (syntax)
Error: Process completed with exit code 1.

syntax doesn't seem to be a rule I can disable either

You can find all the code to reproduce here: https://github.com/sporkfed/test-destination-1

The errors and warnings output in the GitHub Action don't show which file path they are for, but I have 4 different YAML files in my repo. Is there a way to configure this?

My config: https://github.com/jgstew/jgstew-recipes/blob/main/.github/workflows/yamllint.yaml

name: YAML Lint

on:
  push:
    paths: 
    - "**.yaml"
    - "**.yml"
  pull_request:
    paths:
    - "**.yaml"
    - "**.yml"

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v2
    - name: GitHub YAMLlint
      uses: ibiqlik/action-yamllint@v3

Example output with warnings / errors but no paths: https://github.com/jgstew/jgstew-recipes/actions/runs/636513923

Can we specify multiple configs in a single config_file?
Like we have multiple jobs which are using different configuration and we need to specify those configs in config_file.
That would be awesome if we specify multiple configs in a single file and use them in jobs.
We can specify some thing like this
config_file: .yamllint.yml <key_in_yaml>

or will have some key like
config_key: <key_in_yaml>

I'm trying to validate my yaml with this configuration:

name: Validation
on: [push, pull_request]
jobs:
  tests:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Linting yaml
        uses: ibiqlik/action-yamllint@v3
        with:
          config_data: relaxed

... but I don't get any information about which files. Is this an error? I get the information fine when running locally.

First off, thank you for creating this action. It's amazing how simple and valuable it is to add this to our workflows to keep ourselves accountable.

We are trying to update to the latest version of this action and seeing this:

Run ibiqlik/action-yamllint@v3
  with:
    config_file: .yamllint.yml
    format: github
    strict: false
/__w/_temp/5dd290ab-796c-4f22-9b66-6cb663b9c81b.sh: line 1: /home/runner/work/_actions/ibiqlik/action-yamllint/v3/entrypoint.sh: No such file or directory
Error: Process completed with exit code 127.

This is our configuration.

- name: YAML Lint
  uses: ibiqlik/action-yamllint@v3
  with:
    config_file: .yamllint.yml

Any ideas on what we are missing or doing wrong? 🤞🏼

Hi,

Environment

I use actions on a self-hosted runner environment with containers on an EKS cluster environment.

The error

I encountered the following error:

/__w/_temp/50d0d2e6-824d-4c0b-af54-03b73e83c507.sh: line 2: /runner/_work/_actions/ibiqlik/action-yamllint/v3/entrypoint.sh: No such file or directory
Error: Process completed with exit code 127.

Description of the error

Before that, I ran actions with Github runner Ubuntu-latest and it was fine. However, when running the same workflows on a self-hosted environment with the container, an error will be encountered.

After some investigation and comparison between the two environments, I discovered something different about the action path when the runner uses it.

• Github runner with ubuntu-latest image:

• Self-hosted runner with ubuntu:latest image:

I tried investigating and found that file entrypoint.sh is located in the path /__w/_actions/ibiqlik/action-yamllint/v3/entrypoint.sh instead of /runner/_work/_actions/ibiqlik/action-yamllint/v3/entrypoint.sh as image above.

Error Cause

After researching, I learned that the cause of the file's path is so wrong because the values of the following two variables are different (it was used in file action.yml ):

• github.action_path: return the value /runner/_work/_actions/ibiqlik/action-yamllint/v3/entrypoint.sh with default path is /runner/_work/_actions/.
• GITHUB_ACTION_PATH: return the value /__w/_actions/ibiqlik/action-yamllint/v3/entrypoint.sh with default path is /__w/_actions/.

This bug has been identified on Github Runner actions/runner#716.

Solution

I created a PR about this bug and also added content to the README.md for instructions on using the self-hosted runner environment.

PR link: #34

If you have time, go through it and test on your test environment. Thanks.

It would be great if this action was to report lint errors in the format supported by Github Actions. So that issues showed up as PR annotations.

See https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions#set-an-error-message-error

I couldn't find a way to use the --no-warning as it didn't appear to be supported.

Current available list of commands in latest version:

optional arguments:
  -h, --help            show this help message and exit
  -                     read from standard input
  -c CONFIG_FILE, --config-file CONFIG_FILE
                        path to a custom configuration
  -d CONFIG_DATA, --config-data CONFIG_DATA
                        custom configuration (as YAML source)
  -f {parsable,standard,colored,github,auto}, --format {parsable,standard,colored,github,auto}
                        format for parsing output
  -s, --strict          return non-zero exit code on warnings as well as errors
  --no-warnings         output only error level problems
  -v, --version         show program's version number and exit

See actions/runner-images#1142 (comment)

and adrienverge/yamllint#300

You probably don't need a custom Docket image anymore as yamllint already is installed by default 🤷

I've noticed that the Docker build of this action is failing:

Collecting yamllint>=1.25.0
  Downloading yamllint-1.32.0-py3-none-any.whl (65 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 65.4/65.4 kB 4.4 MB/s eta 0:00:00
Collecting pathspec>=0.5.3 (from yamllint>=1.25.0)
  Downloading pathspec-0.11.1-py3-none-any.whl (29 kB)
Collecting pyyaml (from yamllint>=1.25.0)
  Downloading PyYAML-6.0.tar.gz (124 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 125.0/125.0 kB 9.2 MB/s eta 0:00:00
  Installing build dependencies: started
  Installing build dependencies: finished with status 'done'
  Getting requirements to build wheel: started
  Getting requirements to build wheel: finished with status 'error'
  error: subprocess-exited-with-error
  
  × Getting requirements to build wheel did not run successfully.
  │ exit code: 1

However, it is also possible to install yamllint directly from Alpine packages (current version: 1.31.0-r0), which would shorten the RUN line to just:

RUN apk add --no-cache bash yamllint

This fixes the build. I'd be happy to open a PR if you like.

At https://github.com/step-security/secure-workflows we are building a knowledge-base (KB) of GITHUB_TOKEN permissions needed by different GitHub Actions. When developers try to set minimum token permissions for their workflows, they can use this knowledge-base instead of trying to research permissions needed by each GitHub Action they use.

Below you can see the KB of your GITHUB Action.

name: 'YAML Lint' # ibiqlik/action-yamllint
# GITHUB_TOKEN not used

If you think this information is not accurate, or if in the future your GitHub Action starts using a different set of permissions, please create an issue at https://github.com/step-security/secure-workflows/issues to let us know.

This issue is automatically created by our analysis bot, feel free to close after reading :)

References:

GitHub asks users to define workflow permissions, see https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/ and https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token for securing GitHub workflows against supply-chain attacks.

Setting minimum token permissions is also checked for by Open Source Security Foundation (OpenSSF) Scorecards. Scorecards recommend using https://github.com/step-security/secure-workflows so developers can fix this issue in an easier manner.

It would be nice to have this feature to log all the output in a file which can be easily attached to an email using another Github action. Currently the output is only in the console and no ways to capture it and log into a file. https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#outputs

On this page there is the example: https://github.com/marketplace/actions/yaml-lint

name: Yaml Lint
on: [push]
jobs:
  lintAllTheThings:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v1
    - name: yaml-lint
      uses: ibiqlik/action-yamllint@v3

When I add that to my project, the github action fails with the following error.

$ yamllint .
./.github/workflows/yaml-lint.yml
  1:1       warning  missing document start "---"  (document-start)
  2:1       warning  truthy value should be one of [false, true]  (truthy)
  7:5       error    wrong indentation: expected 6 but found 4  (indentation)

Based on this documentation, it suggests that the key on: is being flagged as a boolean that needs correcting.

file_or_dir in the README has an example with recursive **, but it doesn't actually work.

I have YAML in my repo with templating directives like

spec:
{{ $.Files.Get $rule | indent 2 }}
{{ end }}

How do people work around this?

Running your action with act currently produces:

[ci/helm-lint]   🐳  docker exec cmd=[bash --noprofile --norc -e -o pipefail /var/run/act/workflow/5-composite-yamllint.sh] user= workdir=
| ======================
| = Linting YAML files =
| ======================
| /var/run/act/actions/[email protected]/entrypoint.sh: line 34: yamllint: command not found

This is how I use it:

---
name: ci

on:
  pull_request

jobs:
  helm-lint:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: ibiqlik/[email protected]
        with:
          format: github
          file_or_dir: |
            certmanager
            certmanager-config
            cloudnative-pg
            haproxy-ingress
            postgresql

Run ibiqlik/action-yamllint@master
  with:
    strict: true
    format: colored

======================
= Linting YAML files =
======================
./.git/refs/remotes/origin/optimize-strategy-ac.yml
  1:1       warning  missing document start "---"  (document-start)

./.git/logs/refs/remotes/origin/optimize-strategy-ac.yml
  1:121     warning  line too long (288 > 120 characters)  (line-length)
  1:176     error    syntax error: found character '\t' that cannot start any token (syntax)

Build: 869097594

It seems action is trying to lint files within .git it-self. Can this be disabled by default?