diff --git a/README.md b/README.md index 5bf2a8d10..750107acb 100644 --- a/README.md +++ b/README.md @@ -52,7 +52,7 @@ jobs: **actionlint reports 7 errors:** ``` -test.yaml:3:5: unexpected key "branch" for "push" section. expected one of "branches", "branches-ignore", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] +test.yaml:3:5: unexpected key "branch" for "push" section. expected one of "branches", "branches-ignore", "if", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] | 3 | branch: main | ^~~~~~~ diff --git a/ast.go b/ast.go index bfd86df5f..0d12b36fa 100644 --- a/ast.go +++ b/ast.go @@ -137,6 +137,8 @@ type WebhookEvent struct { // Types is list of types of the webhook event. Only the types enumerated here will trigger // the workflow. Types []*String + // If is `if` filter. This value is nil when it is omitted. + If *String // Branches is 'branches' filter. This value is nil when it is omitted. Branches *WebhookEventFilter // BranchesIgnore is 'branches-ignore' filter. This value is nil when it is omitted. diff --git a/docs/checks.md b/docs/checks.md index dda5cbc42..03e0b348c 100644 --- a/docs/checks.md +++ b/docs/checks.md @@ -1161,7 +1161,7 @@ jobs: Output: ``` -test.yaml:4:5: unexpected key "branch" for "push" section. expected one of "branches", "branches-ignore", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] +test.yaml:4:5: unexpected key "branch" for "push" section. expected one of "branches", "branches-ignore", "if", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] | 4 | branch: foo | ^~~~~~~ diff --git a/parse.go b/parse.go index 989b02f0e..af07ff585 100644 --- a/parse.go +++ b/parse.go @@ -434,6 +434,8 @@ func (p *parser) parseWebhookEvent(name *String, n *yaml.Node) *WebhookEvent { ret.Branches = p.parseWebhookEventFilter(kv.key, kv.val) case "branches-ignore": ret.BranchesIgnore = p.parseWebhookEventFilter(kv.key, kv.val) + case "if": + ret.If = p.parseString(kv.val, false) case "tags": ret.Tags = p.parseWebhookEventFilter(kv.key, kv.val) case "tags-ignore": @@ -449,6 +451,7 @@ func (p *parser) parseWebhookEvent(name *String, n *yaml.Node) *WebhookEvent { "types", "branches", "branches-ignore", + "if", "tags", "tags-ignore", "paths", diff --git a/testdata/err/case_sensitive_keys.out b/testdata/err/case_sensitive_keys.out index e91d27297..f72a77233 100644 --- a/testdata/err/case_sensitive_keys.out +++ b/testdata/err/case_sensitive_keys.out @@ -5,7 +5,7 @@ test.yaml:11:5: expected "types" key for "repository_dispatch" section but got " test.yaml:15:9: unexpected key "DESCRIPTION" for "inputs at workflow_call event" section. expected one of "default", "description", "required", "type" [syntax-check] test.yaml:19:9: unexpected key "DESCRIPTION" for "secrets" section. expected one of "description", "required" [syntax-check] test.yaml:22:9: unexpected key "DESCRIPTION" for "outputs at workflow_call event" section. expected one of "description", "value" [syntax-check] -test.yaml:25:5: unexpected key "BRANCHES" for "push" section. expected one of "branches", "branches-ignore", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] +test.yaml:25:5: unexpected key "BRANCHES" for "push" section. expected one of "branches", "branches-ignore", "if", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] test.yaml:28:3: expected "run" key for "defaults" section but got "RUN" [syntax-check] test.yaml:30:5: unexpected key "SHELL" for "run" section. expected one of "shell", "working-directory" [syntax-check] test.yaml:33:3: unexpected key "GROUP" for "concurrency" section. expected one of "cancel-in-progress", "group" [syntax-check] diff --git a/testdata/err/unexpected_keys.out b/testdata/err/unexpected_keys.out index 7b6f017db..186972cd5 100644 --- a/testdata/err/unexpected_keys.out +++ b/testdata/err/unexpected_keys.out @@ -1,7 +1,7 @@ test.yaml:3:5: expected "inputs" key for "workflow_dispatch" section but got "invalid_key" [syntax-check] test.yaml:6:9: unexpected key "invalid_key" for "inputs" section. expected one of "default", "description", "required" [syntax-check] test.yaml:8:5: expected "types" key for "repository_dispatch" section but got "invalid_key" [syntax-check] -test.yaml:10:5: unexpected key "invalid_key" for "push" section. expected one of "branches", "branches-ignore", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] +test.yaml:10:5: unexpected key "invalid_key" for "push" section. expected one of "branches", "branches-ignore", "if", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] test.yaml:15:9: unexpected key "invalid_key" for "inputs at workflow_call event" section. expected one of "default", "description", "required", "type" [syntax-check] test.yaml:18:9: unexpected key "invalid_key" for "secrets" section. expected one of "description", "required" [syntax-check] test.yaml:22:9: unexpected key "invalid_key" for "outputs at workflow_call event" section. expected one of "description", "value" [syntax-check] diff --git a/testdata/examples/main.out b/testdata/examples/main.out index 49bf607f2..64f04b202 100644 --- a/testdata/examples/main.out +++ b/testdata/examples/main.out @@ -1,4 +1,4 @@ -test.yaml:3:5: unexpected key "branch" for "push" section. expected one of "branches", "branches-ignore", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] +test.yaml:3:5: unexpected key "branch" for "push" section. expected one of "branches", "branches-ignore", "if", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] test.yaml:5:11: character '\' is invalid for branch and tag names. only special characters [, ?, +, *, \ ! can be escaped with \. see `man git-check-ref-format` for more details. note that regular expression is unavailable. note: filter pattern syntax is explained at https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet [glob] /test\.yaml:10:28: label "linux-latest" is unknown\. available labels are .+\. if it is a custom label for self-hosted runner, set list of labels in actionlint\.yaml config file \[runner-label\]/ test.yaml:13:41: "github.event.head_commit.message" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details [expression] diff --git a/testdata/examples/webhook_checks.out b/testdata/examples/webhook_checks.out index 8c8035efc..61d9466ee 100644 --- a/testdata/examples/webhook_checks.out +++ b/testdata/examples/webhook_checks.out @@ -1,4 +1,4 @@ -test.yaml:4:5: unexpected key "branch" for "push" section. expected one of "branches", "branches-ignore", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] +test.yaml:4:5: unexpected key "branch" for "push" section. expected one of "branches", "branches-ignore", "if", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" [syntax-check] test.yaml:7:5: both "paths" and "paths-ignore" filters cannot be used for the same event "push". note: use '!' to negate patterns [events] test.yaml:10:12: invalid activity type "created" for "issues" Webhook event. available types are "assigned", "closed", "deleted", "demilestoned", "edited", "labeled", "locked", "milestoned", "opened", "pinned", "reopened", "transferred", "unassigned", "unlabeled", "unlocked", "unpinned" [events] test.yaml:13:5: "tags" filter is not available for release event. it is only for push event [events] diff --git a/testdata/format/test.json b/testdata/format/test.json index c6d9949e3..208bc31d5 100644 --- a/testdata/format/test.json +++ b/testdata/format/test.json @@ -1 +1 @@ -[{"message":"unexpected key \"branch\" for \"push\" section. expected one of \"branches\", \"branches-ignore\", \"paths\", \"paths-ignore\", \"tags\", \"tags-ignore\", \"types\", \"workflows\"","filepath":"testdata/format/test.yaml","line":3,"column":5,"kind":"syntax-check","snippet":" branch: main\n ^~~~~~~","end_column":11},{"message":"label \"linux-latest\" is unknown. available labels are \"windows-latest\", \"windows-2022\", \"windows-2019\", \"windows-2016\", \"ubuntu-latest\", \"ubuntu-22.04\", \"ubuntu-20.04\", \"ubuntu-18.04\", \"macos-latest\", \"macos-latest-xl\", \"macos-13-xl\", \"macos-13\", \"macos-13.0\", \"macos-12-xl\", \"macos-12\", \"macos-12.0\", \"macos-11\", \"macos-11.0\", \"macos-10.15\", \"self-hosted\", \"x64\", \"arm\", \"arm64\", \"linux\", \"macos\", \"windows\". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file","filepath":"testdata/format/test.yaml","line":6,"column":14,"kind":"runner-label","snippet":" runs-on: linux-latest\n ^~~~~~~~~~~~","end_column":25}] +[{"message":"unexpected key \"branch\" for \"push\" section. expected one of \"branches\", \"branches-ignore\", \"if\", \"paths\", \"paths-ignore\", \"tags\", \"tags-ignore\", \"types\", \"workflows\"","filepath":"testdata/format/test.yaml","line":3,"column":5,"kind":"syntax-check","snippet":" branch: main\n ^~~~~~~","end_column":11},{"message":"label \"linux-latest\" is unknown. available labels are \"windows-latest\", \"windows-2022\", \"windows-2019\", \"windows-2016\", \"ubuntu-latest\", \"ubuntu-22.04\", \"ubuntu-20.04\", \"ubuntu-18.04\", \"macos-latest\", \"macos-latest-xl\", \"macos-13-xl\", \"macos-13\", \"macos-13.0\", \"macos-12-xl\", \"macos-12\", \"macos-12.0\", \"macos-11\", \"macos-11.0\", \"macos-10.15\", \"self-hosted\", \"x64\", \"arm\", \"arm64\", \"linux\", \"macos\", \"windows\". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file","filepath":"testdata/format/test.yaml","line":6,"column":14,"kind":"runner-label","snippet":" runs-on: linux-latest\n ^~~~~~~~~~~~","end_column":25}] diff --git a/testdata/format/test.jsonl b/testdata/format/test.jsonl index c3ae89152..b92acf01c 100644 --- a/testdata/format/test.jsonl +++ b/testdata/format/test.jsonl @@ -1,2 +1,2 @@ -{"message":"unexpected key \"branch\" for \"push\" section. expected one of \"branches\", \"branches-ignore\", \"paths\", \"paths-ignore\", \"tags\", \"tags-ignore\", \"types\", \"workflows\"","filepath":"testdata/format/test.yaml","line":3,"column":5,"kind":"syntax-check","snippet":" branch: main\n ^~~~~~~","end_column":11} +{"message":"unexpected key \"branch\" for \"push\" section. expected one of \"branches\", \"branches-ignore\", \"if\", \"paths\", \"paths-ignore\", \"tags\", \"tags-ignore\", \"types\", \"workflows\"","filepath":"testdata/format/test.yaml","line":3,"column":5,"kind":"syntax-check","snippet":" branch: main\n ^~~~~~~","end_column":11} {"message":"label \"linux-latest\" is unknown. available labels are \"windows-latest\", \"windows-2022\", \"windows-2019\", \"windows-2016\", \"ubuntu-latest\", \"ubuntu-22.04\", \"ubuntu-20.04\", \"ubuntu-18.04\", \"macos-latest\", \"macos-latest-xl\", \"macos-13-xl\", \"macos-13\", \"macos-13.0\", \"macos-12-xl\", \"macos-12\", \"macos-12.0\", \"macos-11\", \"macos-11.0\", \"macos-10.15\", \"self-hosted\", \"x64\", \"arm\", \"arm64\", \"linux\", \"macos\", \"windows\". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file","filepath":"testdata/format/test.yaml","line":6,"column":14,"kind":"runner-label","snippet":" runs-on: linux-latest\n ^~~~~~~~~~~~","end_column":25} diff --git a/testdata/format/test.md b/testdata/format/test.md index 71782da60..010e039ba 100644 --- a/testdata/format/test.md +++ b/testdata/format/test.md @@ -1,6 +1,6 @@ ### Error at line 3, col 5 of `testdata/format/test.yaml` -unexpected key "branch" for "push" section. expected one of "branches", "branches-ignore", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" +unexpected key "branch" for "push" section. expected one of "branches", "branches-ignore", "if", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows" ``` branch: main diff --git a/testdata/format/test.sarif b/testdata/format/test.sarif index 0c26d06cc..95a2440a8 100644 --- a/testdata/format/test.sarif +++ b/testdata/format/test.sarif @@ -256,7 +256,7 @@ { "ruleId": "syntax-check", "message": { - "text": "unexpected key \"branch\" for \"push\" section. expected one of \"branches\", \"branches-ignore\", \"paths\", \"paths-ignore\", \"tags\", \"tags-ignore\", \"types\", \"workflows\"" + "text": "unexpected key \"branch\" for \"push\" section. expected one of \"branches\", \"branches-ignore\", \"if\", \"paths\", \"paths-ignore\", \"tags\", \"tags-ignore\", \"types\", \"workflows\"" }, "locations": [ { diff --git a/testdata/ok/github_events_if.yaml b/testdata/ok/github_events_if.yaml new file mode 100644 index 000000000..e69679487 --- /dev/null +++ b/testdata/ok/github_events_if.yaml @@ -0,0 +1,75 @@ +on: + branch_protection_rule: + if: true + check_run: + if: true + check_suite: + if: true + create: + if: true + delete: + if: true + deployment: + if: true + deployment_status: + if: true + discussion: + if: true + discussion_comment: + if: true + fork: + if: true + gollum: + if: true + issues: + if: true + issue_comment: + if: true + label: + if: true + merge_group: + if: true + milestone: + if: true + page_build: + if: true + project: + if: true + project_card: + if: true + project_column: + if: true + public: + if: true + pull_request: + if: true + pull_request_review: + if: true + pull_request_review_comment: + if: true + pull_request_target: + if: true + push: + if: true + registry_package: + if: true + release: + if: true + repository_dispatch: + if: true + status: + if: true + watch: + if: true + workflow_dispatch: + if: true + workflow_run: + types: [completed] + if: true + workflows: [foo] + +jobs: + hello: + runs-on: ubuntu-latest + steps: + - run: echo 'hello'