Skip to content

feat(ci): Add comprehensive workflow linting and YAML autofo (#33871) #33872

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
spbolton wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

feat(ci): Add comprehensive workflow linting and YAML autofo (#33871) #33872

spbolton wants to merge 1 commit into from

Conversation

@spbolton
Copy link
Contributor

@spbolton spbolton commented Nov 19, 2025

Description

Implements comprehensive workflow linting with yamllint and actionlint, adds prettier auto-formatting for YAML files, integrates with pre-commit hooks and CI/CD pipeline. Establishes clean formatting baseline for all 55+ workflow files with 47 actionlint issues resolved, including script injection fixes, deprecated action updates, and node16→node20 migration.

Changes

  • [List the main changes made]

Testing

  • [Describe testing approach]

Closes #33871

Issue: Add comprehensive workflow linting and YAML autofo

@spbolton spbolton linked an issue Nov 19, 2025 that may be closed by this pull request
Add comprehensive workflow linting and YAML auto-formatting infrastructure #33871
Closed
1 task
@spbolton spbolton mentioned this pull request Nov 19, 2025
Closed
1 task
@spbolton spbolton marked this pull request as ready for review November 19, 2025 17:51
@spbolton spbolton requested a review from a team as a code owner November 19, 2025 17:51
@spbolton
Copy link
Contributor Author

spbolton commented Nov 19, 2025

Implementation Summary

This PR implements a complete workflow linting infrastructure with auto-formatting capabilities.

🎯 Key Features

1. Linting Infrastructure

  • yamllint for YAML syntax validation (.yamllint config)
  • actionlint for GitHub Actions semantic validation (.github/actionlint.yaml)
  • mise integration for tool management (mise.toml)

2. Auto-Formatting System

  • Prettier for YAML auto-formatting (.prettierrc.yml)
  • Pre-commit hook integration with auto-fix and re-staging
  • Two-tier validation: prettier (auto-fix) → yamllint (validate) → actionlint (semantic)

3. Pre-Commit Hook Enhancements (core-web/.husky/pre-commit)

  • ✅ Auto-format YAML files before validation
  • ✅ Run yamllint and actionlint on staged workflow files
  • ✅ Graceful degradation when tools are missing
  • ✅ Re-stage auto-formatted files automatically
  • ✅ Conditional execution (only when workflow files change)

4. CI/CD Integration

  • ✅ Added workflow-lint job to PR validation (.github/workflows/cicd_1-pr.yml)
  • ✅ Conditional execution based on workflow file changes
  • ✅ Updated change detection filters (.github/filters.yaml)
  • ✅ Updated initialize phase to detect workflow changes

🔧 Workflow Fixes (47 Issues Resolved)

Security Improvements

  • ✅ Fixed script injection vulnerabilities by passing untrusted input through env vars
    • Example: cicd_comp_finalize-phase.yml - moved all github.event.pull_request.* to environment variables

Deprecated Actions Updates

  • actions/checkout@v3@v4 (10+ workflows)
  • actions/setup-python@v4@v5 (4 workflows)
  • aws-actions/configure-aws-credentials@v1@v4 (1 workflow)

Node Runtime Updates

  • ✅ Updated all custom actions from node16 to node20 (4 action files)

Input/Output Fixes

  • ✅ Fixed undefined inputs.disable-semgrep reference in cicd_1-pr.yml
  • ✅ Fixed invalid needs.update-pom reference in cicd_manual_publish-starter.yml
  • ✅ Fixed required: true with default value in issue_comp_release-labeling.yml
  • ✅ Fixed default value not matching options in legacy-release_release-candidate.yml

Formatting Improvements

  • ✅ Removed 76 trailing spaces across all workflows
  • ✅ Normalized spacing after colons and hyphens
  • ✅ Fixed array bracket spacing: [ item ][item]
  • ✅ Formatted all 55 workflow and action files

📊 Current Status

  • 0 actionlint errors (all 47 issues fixed)
  • 0 yamllint errors (all formatting issues resolved)
  • ⚠️ 108 yamllint warnings (acceptable line-length issues for URLs/JSON/bash)

📝 Documentation

Comprehensive Documentation Added

  • docs/core/LINTING_STRATEGY.md (640 lines)

    • Complete linting strategy review across all layers
    • Git hook, frontend, backend, and CI/CD linting analysis
    • Gap analysis and recommendations for backend Java linting
    • Migration strategy for enabling additional linting tools

  • Updated docs/core/CICD_PIPELINE.md (+131 lines)

    • Workflow linting section
    • Running linting locally
    • Pre-commit hook integration
    • Common linting issues and solutions

🧪 Testing

Manual Testing

# Verify linting tools work
mise exec -- yamllint .github/workflows/cicd_1-pr.yml
mise exec -- actionlint .github/workflows/cicd_1-pr.yml

# Test pre-commit hook
git add .github/workflows/test.yml
git commit -m "test"  # Triggers auto-formatting and validation

CI/CD Testing

  • ✅ Workflow lint job added to PR validation
  • ✅ Conditional execution tested with workflow file changes
  • ✅ All existing workflows continue to function

📦 Files Changed

  • 66 files changed
  • 1,512 insertions, 548 deletions

🎁 Benefits

  1. Prevention: Catches workflow errors before merge
  2. Automation: Auto-fixes formatting issues before commit
  3. Consistency: Ensures uniform YAML formatting across project
  4. Speed: Developers get immediate feedback locally
  5. Quality: Reduces manual code review overhead
  6. Security: Detects script injection vulnerabilities
  7. Maintenance: Identifies deprecated actions and patterns

🔗 Related Documentation

Ready for review and merge! 🚀

This establishes a solid foundation for maintaining high-quality GitHub Actions workflows going forward.

@spbolton @claude
feat(cicd): add comprehensive workflow linting and YAML auto-formatting
c594d32 
This commit establishes a complete workflow linting infrastructure with
auto-formatting capabilities to ensure high-quality, consistent GitHub
Actions workflows and prevent syntax errors from being merged.

- Add yamllint for YAML syntax validation (.yamllint config)
- Add actionlint for GitHub Actions semantic validation (.github/actionlint.yaml)
- Add mise.toml configuration for tool management
- Add comprehensive linting strategy documentation (docs/core/LINTING_STRATEGY.md)

- Add .prettierrc.yml for workflow-specific formatting rules
- Integrate prettier auto-formatting into pre-commit hook
- Two-tier validation: prettier (auto-fix) → yamllint (validate)
- Format all 55 workflow and action files to establish clean baseline

- Auto-format YAML files before validation
- Run yamllint and actionlint on staged workflow files
- Graceful degradation when tools are missing
- Re-stage auto-formatted files automatically

- Add workflow-lint job to PR validation (cicd_1-pr.yml)
- Conditional execution based on workflow file changes
- Update change detection filters (.github/filters.yaml)
- Update initialize phase to detect workflow changes

- Fix all script injection vulnerabilities (use env vars for untrusted input)
- Update deprecated actions (checkout@v3→v4, setup-python@v4→v5, etc.)
- Update custom actions from node16 to node20
- Fix undefined inputs and invalid references
- Fix input default values not matching options
- Remove trailing spaces (76 instances)
- Normalize spacing and indentation across all workflows

- Update docs/core/CICD_PIPELINE.md with workflow linting section
- Add docs/core/LINTING_STRATEGY.md (comprehensive 640-line guide)
  - Complete linting strategy review across all layers
  - Git hook, frontend, backend, and CI/CD linting analysis
  - Gap analysis and recommendations for backend Java linting
  - Migration strategy for enabling additional linting tools

✅ 0 actionlint errors (all 47 issues fixed)
✅ 0 yamllint errors (all formatting issues resolved)
⚠️  108 yamllint warnings (acceptable line-length issues for URLs/JSON/bash)

- **Prevention**: Catches workflow errors before merge
- **Automation**: Auto-fixes formatting issues before commit
- **Consistency**: Ensures uniform YAML formatting across project
- **Speed**: Developers get immediate feedback locally
- **Quality**: Reduces manual code review overhead
- **Security**: Detects script injection vulnerabilities
- **Maintenance**: Identifies deprecated actions and patterns

This lays the foundation for preventing workflow syntax errors and
establishes best practices for maintaining GitHub Actions workflows.

🤖 Generated with Claude Code (https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@spbolton spbolton force-pushed the issue-33871-add-comprehensive-workflow-linting-and-yaml-auto branch from 05a6319 to c594d32 Compare November 19, 2025 18:10
@spbolton spbolton marked this pull request as draft December 1, 2025 17:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Doc : Documented dotCMS : Build Team : Platform Platform Team Type : CI/CD

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add comprehensive workflow linting and YAML auto-formatting infrastructure

2 participants

@spbolton