Skip to content

Add actionlint to CI to catch workflow syntax errors#66

Merged
amcheste merged 1 commit into
developfrom
fix/add-workflow-linting
Apr 4, 2026
Merged

Add actionlint to CI to catch workflow syntax errors#66
amcheste merged 1 commit into
developfrom
fix/add-workflow-linting

Conversation

@amcheste
Copy link
Copy Markdown
Owner

@amcheste amcheste commented Apr 4, 2026

Summary

  • Adds an actionlint step to the Lint job in .github/workflows/validate.yml
  • actionlint statically analyses all workflow YAML files for syntax errors, invalid expressions, and shell mistakes before a PR is merged
  • The built-in shellcheck runner is disabled (-shellcheck=) because shellcheck already runs as a dedicated, more-targeted step; the expression-injection warning is suppressed for internally generated workflow outputs that are not user-controlled

Why

The monthly-dependency-release workflow failed repeatedly with "Invalid workflow file" errors because a heredoc inside a run: block caused GitHub Actions' YAML parser to choke.
The heredoc bug was already fixed on develop (commit c939a9d), but there was no CI gate to prevent the same class of error from recurring on future PRs.
This PR adds that guard.

What is NOT changed

  • The heredoc fix itself is already on develop — this PR only adds the linting step
  • No changes to any install script, Brewfile, or test

Test plan

  • CI passes on this PR (validate workflow runs actionlint clean)
  • Verify the Lint job log shows actionlint output with no errors
  • Confirm shellcheck step still runs independently and also passes

🤖 Generated with Claude Code

@amcheste @claude
ci: add actionlint to validate workflow to catch YAML parse errors early
06c07b8 
The monthly-dependency-release workflow failed repeatedly with "Invalid
workflow file" errors because a heredoc inside a run: block caused GitHub
Actions' YAML parser to choke. The heredoc fix is already on develop
(c939a9d), but there was no CI gate to prevent the same class of error
from recurring.

This adds actionlint to the Lint job so any future workflow YAML issues
are caught on PRs before they reach develop. The shellcheck integration
is disabled since shellcheck already runs as a separate, more targeted step.
The expression-injection warning is suppressed for workflow outputs that
are internally generated (not user-controlled).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@github-actions github-actions Bot added the ci label Apr 4, 2026
@amcheste amcheste self-assigned this Apr 4, 2026
@amcheste amcheste merged commit 727716b into develop Apr 4, 2026
7 checks passed
@amcheste amcheste deleted the fix/add-workflow-linting branch April 4, 2026 16:34
@amcheste-ai-agent amcheste-ai-agent Bot mentioned this pull request May 12, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@amcheste amcheste

Labels

ci

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@amcheste