chore: add actionlint and zizmor linters #19459
Conversation
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
There was a problem hiding this comment.
Pull Request Overview
This PR adds two GitHub Actions linters (actionlint and zizmor) to improve security and quality of GitHub workflow files. The changes include creating a wrapper script for the zizmor Docker image, updating the Makefile to include the new linters, and fixing all linting errors across multiple workflow files.
- Adds actionlint linter for GitHub Actions workflows
- Adds zizmor linter (Docker-based) for GitHub Actions security scanning
- Fixes shell quoting, environment variable usage, and other linting issues throughout workflow files
Reviewed Changes
Copilot reviewed 20 out of 20 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| scripts/zizmor.sh | New wrapper script for running zizmor linter via Docker |
| Makefile | Adds actionlint and zizmor lint targets to the build system |
| .github/workflows/*.yaml | Fixes shell quoting, variable substitution, and security issues |
| .github/actions/*/action.yaml | Updates action definitions to fix quoting and variable usage |
| docs/tutorials/testing-templates.md | Fixes shell quoting in code example |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| .PHONY: lint/actions | ||
|
|
||
| lint/actions/actionlint: | ||
| go run github.com/rhysd/actionlint/cmd/actionlint@v1.7.7 |
There was a problem hiding this comment.
Pinning version in Makefile makes it difficult to upgrade, as Dpendabot doesn't detect them.
Uh oh!
There was an error while loading. Please reload this page.