From c6a38a4d37ef8838c215a11546fd138102c5a28e Mon Sep 17 00:00:00 2001 From: MatthewPopat-NHS Date: Thu, 12 Feb 2026 09:56:01 +0000 Subject: [PATCH] Updated actionlint to allow for yaml anchors --- .github/workflows/quality-checks.yml | 89 +++++++--------------------- .tool-versions | 2 +- 2 files changed, 23 insertions(+), 68 deletions(-) diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index 1e0e2b7..faef2de 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -44,7 +44,8 @@ jobs: java-version: "21" distribution: "corretto" - - name: Checkout code + - &checkout + name: Checkout code uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: ref: ${{ env.BRANCH_NAME }} @@ -83,28 +84,29 @@ jobs: git-secrets --scan-history . # using git commit sha for version of action to ensure we have stable version - - name: Install asdf + - &install_asdf + name: Install asdf uses: asdf-vm/actions/setup@b7bcd026f18772e44fe1026d729e1611cc435d47 with: asdf_version: ${{ inputs.asdfVersion }} - - name: Cache asdf + - &cache_asdf + name: Cache asdf uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb with: - path: | - ~/.asdf + path: ~/.asdf key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }}-${{ inputs.asdfVersion }} - restore-keys: | - ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }}-${{ inputs.asdfVersion }} - - name: Install asdf dependencies in .tool-versions + - &install_asdf_deps + name: Install asdf dependencies in .tool-versions uses: asdf-vm/actions/install@b7bcd026f18772e44fe1026d729e1611cc435d47 with: asdf_version: ${{ inputs.asdfVersion }} env: PYTHON_CONFIGURE_OPTS: --enable-shared - - name: Reinstall poetry + - &reinstall_poetry + name: Reinstall poetry if: ${{ inputs.reinstall_poetry }} run: | poetry_tool_version=$(cat .tool-versions | grep poetry) @@ -112,20 +114,20 @@ jobs: asdf uninstall poetry "$poetry_version" asdf install poetry - - name: Setting up .npmrc + - &setup_npmrc + name: Setting up .npmrc env: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | echo "//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN}" >> ~/.npmrc echo "@nhsdigital:registry=https://npm.pkg.github.com" >> ~/.npmrc - - name: Cache npm dependencies + - &cache_npm + name: Cache npm dependencies uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb with: path: ./node_modules key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} - restore-keys: | - ${{ runner.os }}-node- - name: make install run: | @@ -233,9 +235,6 @@ jobs: - name: Run code lint run: make lint - - name: actionlint - uses: raven-actions/actionlint@e01d1ea33dd6a5ed517d95b4c0c357560ac6f518 - - name: Run ShellCheck uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 with: @@ -510,41 +509,11 @@ jobs: IaC-validation: runs-on: ubuntu-22.04 steps: - - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - with: - ref: ${{ env.BRANCH_NAME }} - fetch-depth: 0 - - # using git commit sha for version of action to ensure we have stable version - - name: Install asdf - uses: asdf-vm/actions/setup@b7bcd026f18772e44fe1026d729e1611cc435d47 - with: - asdf_version: ${{ inputs.asdfVersion }} - - - name: Cache asdf - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb - with: - path: | - ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }}-${{ inputs.asdfVersion }} - restore-keys: | - ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }}-${{ inputs.asdfVersion }} - - - name: Install asdf dependencies in .tool-versions - uses: asdf-vm/actions/install@b7bcd026f18772e44fe1026d729e1611cc435d47 - with: - asdf_version: ${{ inputs.asdfVersion }} - env: - PYTHON_CONFIGURE_OPTS: --enable-shared - - - name: Reinstall poetry - if: ${{ inputs.reinstall_poetry }} - run: | - poetry_tool_version=$(cat .tool-versions | grep poetry) - poetry_version=${poetry_tool_version//"poetry "} - asdf uninstall poetry "$poetry_version" - asdf install poetry + - *checkout + - *install_asdf + - *cache_asdf + - *install_asdf_deps + - *reinstall_poetry - name: Check for SAM templates id: check_sam_templates @@ -598,22 +567,8 @@ jobs: cfn-lint -I "cloudformation/**/*.y*ml" 2>&1 | awk '/Run scan/ { print } /^[EW][0-9]/ { print; getline; print }' cfn-lint -I "SAMtemplates/**/*.y*ml" 2>&1 | awk '/Run scan/ { print } /^[EW][0-9]/ { print; getline; print }' - - name: Cache npm dependencies - if: steps.check_cdk.outputs.cdk_exists == 'true' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb - with: - path: ~/.npm - key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} - restore-keys: | - ${{ runner.os }}-node- - - - name: Setting up .npmrc - if: steps.check_cdk.outputs.cdk_exists == 'true' - env: - NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - echo "//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN}" >> ~/.npmrc - echo "@nhsdigital:registry=https://npm.pkg.github.com" >> ~/.npmrc + - *cache_npm + - *setup_npmrc - name: make install NodeJS if: steps.check_cdk.outputs.cdk_exists == 'true' diff --git a/.tool-versions b/.tool-versions index f5e815c..8605e6e 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1,5 +1,5 @@ nodejs 24.12.0 -actionlint 1.7.8 +actionlint 1.7.10 shellcheck 0.11.0 python 3.14.2 poetry 2.2.1