Linter for checking github action yaml syntax
mohzulfikar opened this issue · 9 comments
When I first contributed to this repository, It seems like there was no lint check for the action syntax on this repository as you can see on this PR. When a new contributor submits a PR about modifying action YAML they could write some typos that could make an error in the syntax.
Would it be great if we add a lint check to every action YAML or the modified one so that we could focus more on the code or modified part? Any suggestion about this?
Some additional notes when I do some research about this.
Because we want the linter to check Github action syntax, a simple YAML linter just doesn't work, we need to get the linter that could lint a YAML that has custom rules or syntax in it. One example is v8r which could accept a JSON schema defining the custom rule of the YAML. We could also use the schema that's already available on schema store.
I like the idea of catching syntax errors in our workflows automatically.
actionlint might also be useful for this.
My current solution is to use v8r. I just see the tools, yes seems like we could also use that. Might need some time to compare the linter output and which ones are the best.
We'll probably want a v8r formula first, though, unless there's already a GitHub action that bundles it or something like that. But we probably want something that can be run as part of brew audit and/or brew style.
I see the point, v8r is already part of megalinter. But, because we only need to check the GitHub action syntax, it'll be more worth trying the one tool that specializes in this and has a formula on homebrew like actionlint.
actionlintmight also be useful for this.
I've tested the actionlint, from this issue, it looks like composite action linting is not supported yet by actionlint.
Seems like there's an actionlint action built in reviewdog:
https://github.com/reviewdog/action-actionlint