Skip to content

πŸ› Fix GitHub Actions workflow bugs and typos #6865

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
philipbalinov merged 2 commits into from
Mar 27, 2026
Merged

πŸ› Fix GitHub Actions workflow bugs and typos #6865

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
01528aa
πŸ› Fix GitHub Actions workflow bugs and typos
tas50 Mar 9, 2026
d247a2c
🧹 Remove pull_request trigger from pr-test-lint.yml
tas50 Mar 19, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/pr-test-lint.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ jobs:

- name: Set provider env
run: echo "PROVIDERS_PATH=${PWD}/.providers" >> $GITHUB_ENV
- name: Display Provider PAth
- name: Display Provider Path
run: echo $PROVIDERS_PATH

- name: Test mql
Expand Down Expand Up @@ -128,7 +128,7 @@ jobs:

- name: Set provider env
run: echo "PROVIDERS_PATH=${PWD}/.providers" >> $GITHUB_ENV
- name: Display Provider PAth
- name: Display Provider Path
run: echo $PROVIDERS_PATH

- name: Test mql CLI and Providers
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/providers.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,10 +94,10 @@ jobs:
- name: Build List
run: |
echo "=== Providers detected:"
echo ${{ steps.providers.outputs.providers }}
echo '${{ steps.providers.outputs.providers }}'
Copy link
Copy Markdown

@mondoo-code-review mondoo-code-review bot Mar 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟑 warning β€” Good fix. Quoting the expression with single quotes prevents shell word-splitting and glob expansion on the output, which also mitigates a potential script injection vector if the output contained attacker-controlled content. Correct as-is.


echo "=== Providers select to build:"
echo ${{ steps.providers.outputs.build_list }}
echo "=== Providers selected to build:"
echo '${{ steps.providers.outputs.build_list }}'

provider-build:
name: "${{ matrix.provider }}"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release-providers.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
# https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#push-using-ssh-deploy-keys
# tl;dr:
# The GITHUB_TOKEN is limited when creating PRs from a workflow
# becasue of that we use a ssh key for which the limitations do not apply
# because of that we use a ssh key for which the limitations do not apply
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
Expand Down
5 changes: 3 additions & 2 deletions .github/workflows/reusable-lint-providers.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,12 +35,13 @@ jobs:
- name: Run golangci-lint on all providers
env:
ONLY_NEW_ISSUES: ${{ inputs.only-new-issues }}
BASE_SHA: ${{ github.event.pull_request.base.sha }}
Copy link
Copy Markdown

@mondoo-code-review mondoo-code-review bot Mar 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

πŸ”΄ critical β€” Good catch β€” BASE_SHA was referenced in the script but never set as an environment variable. This fix is correct and necessary for the --new-from-rev logic to work at all.

run: |
failed=""
extra_args=""
if [ "$ONLY_NEW_ISSUES" = "true" ] && [ -n "${BASE_SHA}" ]; then
git fetch origin "${BASE_SHA}"
extra_args="--new-from-rev=${BASE_SHA}"
git fetch origin "${BASE_SHA}" --depth=1
extra_args="--new-from-rev=${BASE_SHA}"
fi
for provider in providers/*/; do
# Skip providers without go.mod (they are part of the main module)
Expand Down
Loading