act 0.2.66 Error: workflow is not valid. 'spelling.yml': Line: 112 Column 5: Failed to match job-factory: Line: 119 Column 9: Unknown Function Call success

[jsoref]

Bug report info

act version:            0.2.66
GOOS:                   darwin
GOARCH:                 arm64
NumCPU:                 10
Docker host:            DOCKER_HOST environment variable is not set
Sockets found:
    /var/run/docker.sock
Config files:           
    /Users/jsoref/.actrc:
        #-P ubuntu-latest=node:12.20.1-buster-slim
        #-P ubuntu-20.04=node:12.20.1-buster-slim
        #-P ubuntu-18.04=node:12.20.1-buster-slim
        -P ubuntu-latest=catthehacker/ubuntu:act-latest
        -P ubuntu-22.04=catthehacker/ubuntu:act-22.04
        -P ubuntu-20.04=catthehacker/ubuntu:act-20.04
        -P ubuntu-18.04=catthehacker/ubuntu:act-18.04
        -P ubuntu-16.04=catthehacker/ubuntu:act-16.04
        -P self-hosted=catthehacker/ubuntu:act-latest
        -P ubuntu-latest-4cpu=ubuntu:act-latest
        -P ubuntu-latest-8cpu=ubuntu:act-latest
        --use-new-action-cache
Build info:
    Go version:            go1.23.0
    Module path:           command-line-arguments
    Main version:          
    Main path:             
    Main checksum:         
    Build settings:
        -buildmode:           exe
        -compiler:            gc
        -ldflags:             -X main.version=0.2.66
        DefaultGODEBUG:       asynctimerchan=1,gotypesalias=0,httplaxcontentlength=1,httpmuxgo121=1,httpservecontentkeepheaders=1,tls10server=1,tls3des=1,tlskyber=0,tlsrsakex=1,tlsunsafeekm=1,winreadlinkvolume=0,winsymlink=0,x509keypairleaf=0,x509negativeserial=1
        CGO_ENABLED:          1
        CGO_CFLAGS:           
        CGO_CPPFLAGS:         
        CGO_CXXFLAGS:         
        CGO_LDFLAGS:          
        GOARCH:               arm64
        GOOS:                 darwin
        GOARM64:              v8.0
Docker Engine:
    Engine version:        26.1.3
    Engine runtime:        runc
    Cgroup version:        2
    Cgroup driver:         cgroupfs
    Storage driver:        overlay2
    Registry URI:          https://index.docker.io/v1/
    OS:                    Alpine Linux v3.20
    OS type:               linux
    OS version:            3.20.2
    OS arch:               aarch64
    OS kernel:             6.6.41-0-virt
    OS CPU:                2
    OS memory:             1906 MB
    Security options:
        name=seccomp,profile=builtin
        name=cgroupns

Command used with act

/opt/homebrew/bin/act -l -v

Describe issue

Historically, I'd get this output:

% act -l
INFO[0000] Using docker host 'unix:///var/run/docker.sock', and daemon socket 'unix:///var/run/docker.sock'
WARN  ⚠ You are using Apple M-series chip and you have not specified container architecture, you might encounter issues while running act. If so, try running it with '--container-architecture linux/amd64'. ⚠
Stage  Job ID        Job name        Workflow name   Workflow file  Events
0      update        Update PR       Check Spelling  spelling.yml   push,pull_request_target,issue_comment
0      spelling      Check Spelling  Check Spelling  spelling.yml   push,pull_request_target,issue_comment
1      comment-push  Report (Push)   Check Spelling  spelling.yml   push,pull_request_target,issue_comment
1      comment-pr    Report (PR)     Check Spelling  spelling.yml   pull_request_target,issue_comment,push

Link to GitHub repository

https://github.com/check-spelling/spell-check-this/tree/0a3288fa36998de2eb46db1e43a134b3acf33e64

Workflow content

name: Check Spelling

# Comment management is handled through a secondary job, for details see:
# https://github.com/check-spelling/check-spelling/wiki/Feature%3A-Restricted-Permissions
#
# `jobs.comment-push` runs when a push is made to a repository and the `jobs.spelling` job needs to make a comment
#   (in odd cases, it might actually run just to collapse a comment, but that's fairly rare)
#   it needs `contents: write` in order to add a comment.
#
# `jobs.comment-pr` runs when a pull_request is made to a repository and the `jobs.spelling` job needs to make a comment
#   or collapse a comment (in the case where it had previously made a comment and now no longer needs to show a comment)
#   it needs `pull-requests: write` in order to manipulate those comments.

# Updating pull request branches is managed via comment handling.
# For details, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-expect-list
#
# These elements work together to make it happen:
#
# `on.issue_comment`
#   This event listens to comments by users asking to update the metadata.
#
# `jobs.update`
#   This job runs in response to an issue_comment and will push a new commit
#   to update the spelling metadata.
#
# `with.experimental_apply_changes_via_bot`
#   Tells the action to support and generate messages that enable it
#   to make a commit to update the spelling metadata.
#
# `with.ssh_key`
#   In order to trigger workflows when the commit is made, you can provide a
#   secret (typically, a write-enabled github deploy key).
#
#   For background, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-with-deploy-key

# SARIF reporting
#
# Access to SARIF reports is generally restricted (by GitHub) to members of the repository.
#
# Requires enabling `security-events: write`
# and configuring the action with `use_sarif: 1`
#
#   For information on the feature, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-SARIF-output

# Minimal workflow structure:
#
# on:
#   push:
#     ...
#   pull_request_target:
#     ...
# jobs:
#   # you only want the spelling job, all others should be omitted
#   spelling:
#     # remove `security-events: write` and `use_sarif: 1`
#     # remove `experimental_apply_changes_via_bot: 1`
#     ... otherwise adjust the `with:` as you wish

on:
  push:
    branches:
      - "**"
    tags-ignore:
      - "**"
  pull_request_target:
    branches:
      - "**"
    types:
      - "opened"
      - "reopened"
      - "synchronize"
  issue_comment:
    types:
      - "created"

jobs:
  spelling:
    name: Check Spelling
    permissions:
      contents: read
      pull-requests: read
      actions: read
      security-events: write
    outputs:
      followup: ${{ steps.spelling.outputs.followup }}
    runs-on: ubuntu-latest
    if: ${{ contains(github.event_name, 'pull_request') || github.event_name == 'push' }}
    concurrency:
      group: spelling-${{ github.event.pull_request.number || github.ref }}
      # note: If you use only_check_changed_files, you do not want cancel-in-progress
      cancel-in-progress: true
    steps:
      - name: check-spelling
        id: spelling
        uses: check-spelling/check-spelling@prerelease
        with:
          suppress_push_for_open_pull_request: ${{ github.actor != 'dependabot[bot]' && 1 }}
          checkout: true
          check_file_names: 1
          spell_check_this: check-spelling/spell-check-this@prerelease
          post_comment: 0
          use_magic_file: 1
          report-timing: 1
          warnings: bad-regex,binary-file,deprecated-feature,ignored-expect-variant,large-file,limited-references,no-newline-at-eof,noisy-file,non-alpha-in-dictionary,token-is-substring,unexpected-line-ending,whitespace-in-dictionary,minified-file,unsupported-configuration,no-files-to-check,unclosed-block-ignore-begin,unclosed-block-ignore-end
          experimental_apply_changes_via_bot: 1
          use_sarif: ${{ (!github.event.pull_request || (github.event.pull_request.head.repo.full_name == github.repository)) && 1 }}
          extra_dictionary_limit: 20
          extra_dictionaries: |
            cspell:software-terms/dict/softwareTerms.txt

  comment-push:
    name: Report (Push)
    # If your workflow isn't running on push, you can remove this job
    runs-on: ubuntu-latest
    needs: spelling
    permissions:
      actions: read
      contents: write
    if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name == 'push'
    steps:
      - name: comment
        uses: check-spelling/check-spelling@prerelease
        with:
          checkout: true
          spell_check_this: check-spelling/spell-check-this@prerelease
          task: ${{ needs.spelling.outputs.followup }}

  comment-pr:
    name: Report (PR)
    # If you workflow isn't running on pull_request*, you can remove this job
    runs-on: ubuntu-latest
    needs: spelling
    permissions:
      actions: read
      contents: read
      pull-requests: write
    if: (success() || failure()) && needs.spelling.outputs.followup && contains(github.event_name, 'pull_request')
    steps:
      - name: comment
        uses: check-spelling/check-spelling@prerelease
        with:
          checkout: true
          spell_check_this: check-spelling/spell-check-this@prerelease
          task: ${{ needs.spelling.outputs.followup }}
          experimental_apply_changes_via_bot: 1

  update:
    name: Update PR
    permissions:
      contents: write
      pull-requests: write
      actions: read
    runs-on: ubuntu-latest
    if: ${{
      github.event_name == 'issue_comment' &&
      github.event.issue.pull_request &&
      contains(github.event.comment.body, '@check-spelling-bot apply') &&
      contains(github.event.comment.body, 'https://')
      }}
    concurrency:
      group: spelling-update-${{ github.event.issue.number }}
      cancel-in-progress: false
    steps:
      - name: apply spelling updates
        uses: check-spelling/check-spelling@prerelease
        with:
          experimental_apply_changes_via_bot: 1
          checkout: true
          ssh_key: "${{ secrets.CHECK_SPELLING }}"

Relevant log output

DEBU[0000] Handling container host and socket
DEBU[0000] Defaulting container socket to DOCKER_HOST
INFO[0000] Using docker host 'unix:///var/run/docker.sock', and daemon socket 'unix:///var/run/docker.sock'
WARN  ⚠ You are using Apple M-series chip and you have not specified container architecture, you might encounter issues while running act. If so, try running it with '--container-architecture linux/amd64'. ⚠
DEBU[0000] Loading environment from /Users/jsoref/code/spelling-org/spell-check-this/.env
DEBU[0000] Loading action inputs from /Users/jsoref/code/spelling-org/spell-check-this/.input
DEBU[0000] Conditional GET for notices etag=01d15b77-16bd-46ee-bef4-5ddba1fba3f7
DEBU[0000] Loading secrets from /Users/jsoref/code/spelling-org/spell-check-this/.secrets
DEBU[0000] Loading vars from /Users/jsoref/code/spelling-org/spell-check-this/.vars
DEBU[0000] Evaluated matrix inclusions: map[]
DEBU[0000] Loading workflows from '/Users/jsoref/code/spelling-org/spell-check-this/.github/workflows'
DEBU[0000] Loading workflows recursively
DEBU[0000] Found workflow 'spelling.yml' in '/Users/jsoref/code/spelling-org/spell-check-this/.github/workflows/spelling.yml'
DEBU[0000] Reading workflow '/Users/jsoref/code/spelling-org/spell-check-this/.github/workflows/spelling.yml'
Error: workflow is not valid. 'spelling.yml': Line: 112 Column 5: Failed to match job-factory: Line: 119 Column 9: Unknown Function Call success
Unknown Function Call failure
Line: 112 Column 5: Failed to match workflow-job: Line: 114 Column 5: Unknown Property runs-on
Line: 119 Column 9: Unknown Function Call success
Unknown Function Call failure
Line: 120 Column 5: Unknown Property steps
Line: 129 Column 5: Failed to match job-factory: Line: 137 Column 9: Unknown Function Call success
Unknown Function Call failure
Line: 129 Column 5: Failed to match workflow-job: Line: 131 Column 5: Unknown Property runs-on
Line: 137 Column 9: Unknown Function Call success
Unknown Function Call failure
Line: 138 Column 5: Unknown Property steps

Additional information

No response

[ChristopherHX]

Tbh. I expected such issues to land before the 9th September.

I wonder if this is accepted, when you use ${{ success() }} via explicit expressions.

Seems like a lack of CI test material for this case

I will look into this tomorrow.

[jsoref]

I have my own self-build of act in my path and thus the brew auto update didn't give me the failure ...

[jsoref]

I'd encourage you to just add spell-check-this to the CI test material 😉.

[jsoref]

Note, the error reporting is lousy.

Error: workflow is not valid. 'spelling.yml': Line: 112 Column 5: Failed to match job-factory: Line: 119 Column 9: Unknown Function Call success

Here's line 112: https://github.com/check-spelling/spell-check-this/blob/0a3288fa36998de2eb46db1e43a134b3acf33e64/.github/workflows/spelling.yml#L112

name: Report (Push)

Line: 119 Column 9: Unknown Function Call success https://github.com/check-spelling/spell-check-this/blob/0a3288fa36998de2eb46db1e43a134b3acf33e64/.github/workflows/spelling.yml#L119 if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name == 'push' That's apparently the problem.

[jsoref]

https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsif

When you use expressions in an if conditional, you can, optionally, omit the ${{ }} expression syntax because GitHub Actions automatically evaluates the if conditional as an expression. However, this exception does not apply everywhere.

[jsoref]

Wrapping ${{ ... }} doesn't help. The only thing I can do is to remove the success() and failure() bits

[ChristopherHX]

Note, the error reporting is lousy

Yes I know, the goal was error reporting not pretty error reporting.

I thoughtback then that I fixed the parsing problem for special functions.

However it could be that I only fixed hashfiles

https://github.com/nektos/act/blob/d8b6f618d9bf00231c491c76c980371eb57f6de3/pkg/schema/workflow_schema.json#L1514

My validation code might be just unable to parse the success(0,MAX) and excludes those functions.

hashfiles is defined as (0,255)

[ChristopherHX]

Hmm job step if is ok, because it also uses 255 not MAX, seems like I didn't inspect the whole schema file from GitHub Employees for additional aliases.

I used scan with integer placeholder

[brianjmurrell]

What's the (end-user) solution here? Roll back to v0.2.65?

[ChristopherHX]

Roll back to v0.2.65?

Yes, but know this isn't easy for some package managers.

[ChristopherHX]

I created a fix now.

[ChristopherHX]

Created https://github.com/nektos/act/releases/tag/v0.2.67

Please tell me if you find other validation issues

[jsoref]

Well, I've set up a cron job to try running act daily against spell-check-this and check-spelling: https://github.com/check-spelling-sandbox/act-use-spell-check-this/actions/runs/10801275723/job/29961096172

I haven't hit validation issues, but I've hit:

• 2451

• https://github.com/nektos/act-docs/issues/28
  • I added a workaround for something which is probably related to this: https://github.com/jsoref/check-spelling/blob/7f334703740a727a9a19693df6303e1a8abc5c31/unknown-words.sh#L1951-L1956

I don't see anything else that's obviously broken at this time, although that pair is frustrating in that it makes it hard to validate other things.

[ChristopherHX]

I haven't hit validation issues, but I've hit:

My resources for investing time into nektos/act are exhausted, my internship semester throttled the time I invest into open source.

[amyb-asu]

Hi I'm getting a different workflow is not valid for my workflow. It was working on 0.2.65 but it is not working on 0.2.66 or 0.2.67

I'm assuming it is a similar issue as it was introduced at the same time. However the fix #2446 does not fix my issue and my runs are still failing.

Error: workflow is not valid. 'component-test.yaml': Line: 6 Column 3: Failed to match on-string-strict: Line: 4 Column 3: Failed to match branch-protection-rule-string: Line: 6 Column 3: Expected a scalar got mapping  

Here is the start of my action, where it fails to parse the workflow_dispatch

name: "Test Changes to a Single Component"
run-name: "[${{ inputs.component }}]  | @${{ inputs.push_author != '' && inputs.push_author || github.actor }}"
on:
  workflow_dispatch:
    inputs:
      component:
        description: 'The component to test'
        required: true
        type: string
      push_author:
        description: 'Author of the push'
        required: false
        default: ''
        type: string
[TRUNCATED]

[jsoref]

@amyb-asu: please open a new ticket.