Error: workflow is not valid. 'spellCheck.yaml': Line: 37 Column 3: Failed to match on-string-strict: Line: 37 Column 3: Failed to match branch-protection-rule-string: Line: 37 Column 3: Expected a scalar got mapping

[jsoref]

Bug report info

act version:            0.2.69
GOOS:                   darwin
GOARCH:                 arm64
NumCPU:                 10
Docker host:            DOCKER_HOST environment variable is not set
Sockets found:
    /var/run/docker.sock
Config files:           
    /Users/jsoref/.actrc:
        #-P ubuntu-latest=node:12.20.1-buster-slim
        #-P ubuntu-20.04=node:12.20.1-buster-slim
        #-P ubuntu-18.04=node:12.20.1-buster-slim
        -P ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest
        -P ubuntu-24.04=ghcr.io/catthehacker/ubuntu:act-latest
        -P ubuntu-22.04=ghcr.io/catthehacker/ubuntu:act-22.04
        -P ubuntu-20.04=ghcr.io/catthehacker/ubuntu:act-20.04
        -P self-hosted=catthehacker/ubuntu:act-latest
        -P ubuntu-latest-4cpu=ubuntu:act-latest
        -P ubuntu-latest-8cpu=ubuntu:act-latest
        --use-new-action-cache
Build info:
    Go version:            go1.23.2
    Module path:           command-line-arguments
    Main version:          
    Main path:             
    Main checksum:         
    Build settings:
        -buildmode:           exe
        -compiler:            gc
        -ldflags:             -X main.version=0.2.69
        DefaultGODEBUG:       asynctimerchan=1,gotypesalias=0,httplaxcontentlength=1,httpmuxgo121=1,httpservecontentkeepheaders=1,tls10server=1,tls3des=1,tlskyber=0,tlsrsakex=1,tlsunsafeekm=1,winreadlinkvolume=0,winsymlink=0,x509keypairleaf=0,x509negativeserial=1
        CGO_ENABLED:          1
        CGO_CFLAGS:           
        CGO_CPPFLAGS:         
        CGO_CXXFLAGS:         
        CGO_LDFLAGS:          
        GOARCH:               arm64
        GOOS:                 darwin
        GOARM64:              v8.0
Docker Engine:
    Engine version:        26.1.5
    Engine runtime:        runc
    Cgroup version:        2
    Cgroup driver:         cgroupfs
    Storage driver:        overlay2
    Registry URI:          https://index.docker.io/v1/
    OS:                    Alpine Linux v3.20
    OS type:               linux
    OS version:            3.20.3
    OS arch:               aarch64
    OS kernel:             6.6.51-0-virt
    OS CPU:                2
    OS memory:             1906 MB
    Security options:
        name=seccomp,profile=builtin
        name=cgroupns

Command used with act

act -l

Describe issue

a workflow that github tolerates breaks act -l

Link to GitHub repository

https://github.com/microsoft/winget-dsc/blob/1970b700482b76b6733f0d17efd510cad02a6831/.github/workflows/spellCheck.yaml

Workflow content

name: Spell Checking

# Comment management is handled through a secondary job, for details see:
# https://github.com/check-spelling/check-spelling/wiki/Feature%3A-Restricted-Permissions
#
# `jobs.comment-push` runs when a push is made to a repository and the `jobs.spelling` job needs to make a comment
#   (in odd cases, it might actually run just to collapse a comment, but that's fairly rare)
#   it needs `contents: write` in order to add a comment.
#
# `jobs.comment-pr` runs when a pull_request is made to a repository and the `jobs.spelling` job needs to make a comment
#   or collapse a comment (in the case where it had previously made a comment and now no longer needs to show a comment)
#   it needs `pull-requests: write` in order to manipulate those comments.

# Updating pull request branches is managed via comment handling.
# For details, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-expect-list
#
# These elements work together to make it happen:
#
# `on.issue_comment`
#   This event listens to comments by users asking to update the metadata.
#
# `jobs.update`
#   This job runs in response to an issue_comment and will push a new commit
#   to update the spelling metadata.
#
# `with.experimental_apply_changes_via_bot`
#   Tells the action to support and generate messages that enable it
#   to make a commit to update the spelling metadata.
#
# `with.ssh_key`
#   In order to trigger workflows when the commit is made, you can provide a
#   secret (typically, a write-enabled github deploy key).
#
#   For background, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-with-deploy-key

on:
  push:
    branches:
      - '**'
    tags-ignore:
      - '**'
  pull_request_target:
    branches:
      - '**'
    tags-ignore:
      - '**'
    types:
      - 'opened'
      - 'reopened'
      - 'synchronize'

jobs:
  spelling:
    name: Check Spelling
    permissions:
      contents: read
      pull-requests: read
      actions: read
    outputs:
      followup: ${{ steps.spelling.outputs.followup }}
    runs-on: ubuntu-latest
    if: "contains(github.event_name, 'pull_request') || github.event_name == 'push'"
    concurrency:
      group: spelling-${{ github.event.pull_request.number || github.ref }}
      # note: If you use only_check_changed_files, you do not want cancel-in-progress
      cancel-in-progress: true
    steps:
      - name: check-spelling
        id: spelling
        uses: check-spelling/check-spelling@v0.0.24
        with:
          suppress_push_for_open_pull_request: 1
          checkout: true
          check_file_names: 1
          spell_check_this: check-spelling/spell-check-this@prerelease
          post_comment: 0
          use_magic_file: 1
          extra_dictionary_limit: 10
          extra_dictionaries:
            https://github.com/streetsidesoftware/cspell-dicts/raw/098e323325a389a5d1cebcd7770807b9d11d0a17/dictionaries/software-terms/src/software-terms.txt
            https://raw.githubusercontent.com/streetsidesoftware/cspell-dicts/098e323325a389a5d1cebcd7770807b9d11d0a17/dictionaries/filetypes/src/filetypes.txt
            https://raw.githubusercontent.com/streetsidesoftware/cspell-dicts/098e323325a389a5d1cebcd7770807b9d11d0a17/dictionaries/powershell/src/powershell.txt
            https://raw.githubusercontent.com/streetsidesoftware/cspell-dicts/098e323325a389a5d1cebcd7770807b9d11d0a17/dictionaries/win32/src/generator/win32.txt
            https://github.com/streetsidesoftware/cspell-dicts/raw/098e323325a389a5d1cebcd7770807b9d11d0a17/dictionaries/python/src/common_packages.txt
          check_extra_dictionaries: ''

  comment-push:
    name: Report (Push)
    # If your workflow isn't running on push, you can remove this job
    runs-on: ubuntu-latest
    needs: spelling
    permissions:
      contents: write
    if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name == 'push'
    steps:
      - name: comment
        uses: check-spelling/check-spelling@v0.0.24
        with:
          checkout: true
          spell_check_this: check-spelling/spell-check-this@prerelease
          task: ${{ needs.spelling.outputs.followup }}

  comment-pr:
    name: Report (PR)
    # If you workflow isn't running on pull_request*, you can remove this job
    runs-on: ubuntu-latest
    needs: spelling
    permissions:
      pull-requests: write
    if: (success() || failure()) && needs.spelling.outputs.followup && contains(github.event_name, 'pull_request')
    steps:
      - name: comment
        uses: check-spelling/check-spelling@v0.0.24
        with:
          checkout: true
          spell_check_this: check-spelling/spell-check-this@prerelease
          task: ${{ needs.spelling.outputs.followup }}

Relevant log output

INFO[0000] Using docker host 'unix:///var/run/docker.sock', and daemon socket 'unix:///var/run/docker.sock'
WARN  ⚠ You are using Apple M-series chip and you have not specified container architecture, you might encounter issues while running act. If so, try running it with '--container-architecture linux/amd64'. ⚠
Error: workflow is not valid. 'spellCheck.yaml': Line: 37 Column 3: Failed to match on-string-strict: Line: 37 Column 3: Failed to match branch-protection-rule-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match check-run-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match check-suite-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match create-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match delete-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match deployment-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match deployment-status-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match discussion-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match discussion-comment-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match fork-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match gollum-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match issue-comment-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match issues-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match label-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match merge-group-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match milestone-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match page-build-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match project-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match project-card-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match project-column-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match public-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match pull-request-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match pull-request-comment-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match pull-request-review-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match pull-request-review-comment-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match pull-request-target-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match push-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match registry-package-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match release-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match repository-dispatch-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match schedule-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match status-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match watch-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match workflow-call-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match workflow-dispatch-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match workflow-run-string: Line: 37 Column 3: Expected a scalar got mapping
Line: 37 Column 3: Failed to match on-sequence-strict: Line: 37 Column 3: Expected a sequence got mapping
Line: 37 Column 3: Failed to match on-mapping-strict: Line: 43 Column 5: Failed to match null: Line: 43 Column 5: Expected a scalar got mapping
Line: 43 Column 5: Failed to match pull-request-target-mapping: Line: 45 Column 5: Unknown Property tags-ignore

Additional information

This patch "fixes" the bug:

diff --git a/.github/workflows/spellCheck.yaml b/.github/workflows/spellCheck.yaml
index 5893eb9..78612c1 100644
--- a/.github/workflows/spellCheck.yaml
+++ b/.github/workflows/spellCheck.yaml
@@ -1,54 +1,7 @@
 name: Spell Checking

-# Comment management is handled through a secondary job, for details see:
-# https://github.com/check-spelling/check-spelling/wiki/Feature%3A-Restricted-Permissions
-#
-# `jobs.comment-push` runs when a push is made to a repository and the `jobs.spelling` job needs to make a comment
-#   (in odd cases, it might actually run just to collapse a comment, but that's fairly rare)
-#   it needs `contents: write` in order to add a comment.
-#
-# `jobs.comment-pr` runs when a pull_request is made to a repository and the `jobs.spelling` job needs to make a comment
-#   or collapse a comment (in the case where it had previously made a comment and now no longer needs to show a comment)
-#   it needs `pull-requests: write` in order to manipulate those comments.
-
-# Updating pull request branches is managed via comment handling.
-# For details, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-expect-list
-#
-# These elements work together to make it happen:
-#
-# `on.issue_comment`
-#   This event listens to comments by users asking to update the metadata.
-#
-# `jobs.update`
-#   This job runs in response to an issue_comment and will push a new commit
-#   to update the spelling metadata.
-#
-# `with.experimental_apply_changes_via_bot`
-#   Tells the action to support and generate messages that enable it
-#   to make a commit to update the spelling metadata.
-#
-# `with.ssh_key`
-#   In order to trigger workflows when the commit is made, you can provide a
-#   secret (typically, a write-enabled github deploy key).
-#
-#   For background, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-with-deploy-key
-
 on:
   push:
-    branches:
-      - '**'
-    tags-ignore:
-      - '**'
-  pull_request_target:
-    branches:
-      - '**'
-    tags-ignore:
-      - '**'
-    types:
-      - 'opened'
-      - 'reopened'
-      - 'synchronize'
-
 jobs:
   spelling:
     name: Check Spelling

I'm not sure why, but GitHub doesn't need it.

[ChristopherHX]

Are you shure that tags-ignore: under pull_request_target is no hallucination from your side.

Anyways I used the strict workflow schema, not the permissive one.

Those can be swapped out by removing -strict from the workflow-root string

[jsoref]

Oh, it's definitely a hallucination. I removed it in https://github.com/check-spelling/spell-check-this/commit/d0a68814a49484ead71959bf6b990ff26a45afce, but a bunch of people have older copies of the workflow...

[jsoref]

The error message should explain what's wrong as well as how to tolerate hallucinations. The current output does neither.

[ChristopherHX]

The error message should explain what's wrong

It does this, very very very verbose

contains tags-ignore, that is in pull_request_target

Please refer to

https://github.com/nektos/act/pull/2416#issuecomment-2267580462

I aggreed about schema validation.

Here is my estimate

• remove schema validation 5min
• always use normal valudation instead of strict 5min <------------ fixes your old copy in act, people continue imaging stuff in on mapping
• better errors of oneof schema 24h+ <-------------
• toggle between schema modes, it's hardcoded 5h <--------------

better errors are more work than schemavalidation itself

[jsoref]

I think learning about hallucinations is valuable. I understand I'm asking someone for the more expensive cost, but it is useful.

I think adding a newline and a paragraph would go a long way -- it would push the wall of text out and leave the reader with something to do:

... Line: 37 Column 3: Failed to match on-mapping-strict: Line: 43 Column 5: Failed to match null: Line: 43 Column 5: Expected a scalar got mapping Line: 43 Column 5: Failed to match pull-request-target-mapping: Line: 45 Column 5: Unknown Property tags-ignore

This probably means there is an unsupported key in the workflow. To resolve:

1. Start by reviewing the above for Unknown Property messages and try commenting out the referenced items.
2. Try commenting out sections of the file until the problem is resolved.
3. If the item you've commented out isn't valid according to https://docs.github.com/actions/writing-workflows/workflow-syntax-for-github-actions then you should permanently remove it.
4. If the item you've commented out is valid, then please check for a bug in https://github.com/nektos/act/issues/

[ChristopherHX]

Yes adding such a block after the schema error makes sense. However I would shorten it to a link to docs site, where you can read more details.

In my point of view I would point everyone to install either the GitHub Actions (yes this blames even more) or my upcoming runner.server VSCode extension.

For anyone not wanting to install the ide, vscode.dev is available without login as well

Both show you all schema errors visually. I believe you are aware of the official extension.

I'm working more on different things like vscode extensions like the following key points

• c# parser from GitHub Actions in webassembly or native
• autocomplete
• start jobs via codelens
• support for action.yml
• error shown visually and matching GitHub.com
• act as executor is not planned, it has no server
• github-act-runner would work there as well

Regarding act, once my breaking change pr is in I continue here.

• Currently queuing backlog items for my further plans for act while waiting for code review as my concurrency limit I set for act has been hit
• I don't expect new bigger changes for this year