check-github-workflows fails when run in pre-commit.ci

[flagarde]

Hello,

Thanks for this very nice hook.

I'm using your hook on the .pre-commit-config.yaml file :

# See https://pre-commit.com for more information
# See https://pre-commit.com/hooks.html for more hooks
fail_fast: false

repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
  rev: v4.0.1
  hooks:
    - id: check-added-large-files
      args: ['--maxkb=500']
    - id: check-case-conflict
    - id: check-json
    - id: check-merge-conflict
    - id: check-shebang-scripts-are-executable
    - id: check-symlinks
    - id: check-toml
    - id: check-vcs-permalinks
    - id: check-xml
    - id: check-yaml
    - id: destroyed-symlinks
    - id: detect-private-key
    - id: end-of-file-fixer
    - id: fix-byte-order-marker
    - id: forbid-new-submodules
    - id: mixed-line-ending
      args: ['--fix=lf']
    - id: trailing-whitespace
      args: [--markdown-linebreak-ext=md]

- repo: https://github.com/codespell-project/codespell
  rev: v2.1.0
  hooks:
    - id: codespell # Spellchecker

- repo: https://github.com/Kr4is/cmake-format-precommit.git
  rev: v0.6.14
  hooks:
    - id: cmake-format
      args: ['--config=.cmake-format.yaml']
    - id: cmake-lint
      args: ['--config=.cmake-format.yaml']

- repo: https://github.com/pocc/pre-commit-hooks
  rev: v1.3.4
  hooks:
    - id: clang-format
    - id: clang-tidy
    - id: oclint
    - id: uncrustify
    - id: cppcheck
    - id: cpplint
    - id: include-what-you-use

- repo: https://github.com/sirosen/check-jsonschema
  rev: 0.6.0
  hooks:
    - id: check-github-workflows

- repo: https://github.com/jackdewinter/pymarkdown
  rev: 0.9.2
  hooks:
    - id: pymarkdown
      args: ['--config=.pymarkdown.json','scan']

And the pre-commit action crash with this errors :

Validate GitHub Workflows................................................Failed
- hook id: check-github-workflows
- exit code: 1

Traceback (most recent call last):
  File "/usr/lib/python3.8/urllib/request.py", line 1354, in do_open
    h.request(req.get_method(), req.selector, req.data, headers,
  File "/usr/lib/python3.8/http/client.py", line 1252, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "/usr/lib/python3.8/http/client.py", line 1298, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
  File "/usr/lib/python3.8/http/client.py", line 1247, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "/usr/lib/python3.8/http/client.py", line 1007, in _send_output
    self.send(msg)
  File "/usr/lib/python3.8/http/client.py", line 947, in send
    self.connect()
  File "/usr/lib/python3.8/http/client.py", line 1414, in connect
    super().connect()
  File "/usr/lib/python3.8/http/client.py", line 918, in connect
    self.sock = self._create_connection(
  File "/usr/lib/python3.8/socket.py", line 787, in create_connection
    for res in getaddrinfo(host, port, 0, SOCK_STREAM):
  File "/usr/lib/python3.8/socket.py", line 918, in getaddrinfo
    for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -3] Temporary failure in name resolution

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/pc/clone/Z3_cC7MdQPqRmRExP-ygmA/py_env-python3/bin/check-jsonschema", line 8, in <module>
    sys.exit(main())
  File "/pc/clone/Z3_cC7MdQPqRmRExP-ygmA/py_env-python3/lib/python3.8/site-packages/check_jsonschema/__init__.py", line 15, in main
    checker.run()
  File "/pc/clone/Z3_cC7MdQPqRmRExP-ygmA/py_env-python3/lib/python3.8/site-packages/check_jsonschema/checker.py", line 47, in run
    validator = self.get_validator()
  File "/pc/clone/Z3_cC7MdQPqRmRExP-ygmA/py_env-python3/lib/python3.8/site-packages/check_jsonschema/checker.py", line 40, in get_validator
    return schema_loader.get_validator()
  File "/pc/clone/Z3_cC7MdQPqRmRExP-ygmA/py_env-python3/lib/python3.8/site-packages/check_jsonschema/loaders/schema.py", line 96, in get_validator
    schema = self.reader.read_schema()
  File "/pc/clone/Z3_cC7MdQPqRmRExP-ygmA/py_env-python3/lib/python3.8/site-packages/check_jsonschema/loaders/schema.py", line 53, in read_schema
    with self.downloader.open() as fp:
  File "/usr/lib/python3.8/contextlib.py", line 113, in __enter__
    return next(self.gen)
  File "/pc/clone/Z3_cC7MdQPqRmRExP-ygmA/py_env-python3/lib/python3.8/site-packages/check_jsonschema/cachedownloader.py", line 106, in open
    cached_file = self._download()
  File "/pc/clone/Z3_cC7MdQPqRmRExP-ygmA/py_env-python3/lib/python3.8/site-packages/check_jsonschema/cachedownloader.py", line 92, in _download
    with self._urlopen() as conn:
  File "/usr/lib/python3.8/contextlib.py", line 113, in __enter__
    return next(self.gen)
  File "/pc/clone/Z3_cC7MdQPqRmRExP-ygmA/py_env-python3/lib/python3.8/site-packages/check_jsonschema/cachedownloader.py", line 75, in _urlopen
    with urllib.request.urlopen(self._file_url) as conn:
  File "/usr/lib/python3.8/urllib/request.py", line 222, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python3.8/urllib/request.py", line 525, in open
    response = self._open(req, data)
  File "/usr/lib/python3.8/urllib/request.py", line 542, in _open
    result = self._call_chain(self.handle_open, protocol, protocol +
  File "/usr/lib/python3.8/urllib/request.py", line 502, in _call_chain
    result = func(*args)
  File "/usr/lib/python3.8/urllib/request.py", line 1397, in https_open
    return self.do_open(http.client.HTTPSConnection, req,
  File "/usr/lib/python3.8/urllib/request.py", line 1357, in do_open
    raise URLError(err)
urllib.error.URLError: <urlopen error [Errno -3] Temporary failure in name resolution>

Am I doing something wrong (forgetting some parameters or so) ?

Thanks

[sirosen]

The check-github-workflows hook fetches the latest schema from https://json.schemastore.org/github-workflow. It will always attempt to fetch in case the schema has been updated. The "Temporary failure in name resolution" points at DNS, suggesting that json.schemastore.org wasn't resolving for you.

So I have two questions for you:

• Are you using the hook in an environment where the network was unavailable or restricted? e.g. laptop disconnected from wifi, running within a company intranet, etc
• Does the failure persist, or did it fail once and is working now?

And a workaround:

• If you download the schema from the link above, you can refer to the local path to your schema with --schemafile. The readme documents how to "reimplement" the github workflows hook in this way.

If you commit the schemastore schema to your repo, I believe it would be appropriate to put it in a directory with a copy of the schemastore license.

If that workaround is satisfying for you, I could document it in the readme.

[flagarde]

Thanks for the fast response.

Concerning your questions, I'm using https://pre-commit.ci/ so I don't know if the have some restrictions but it could be the case.

[sirosen]

I looked into the pre-commit.ci issue tracker a bit, and it seems that the system disallows use of the network at runtime. That's reasonable, but it also poses a problem for how I designed check-jsonschema.

I think the best possible solution is for check-jsonschema to bundle versions of the various schemas for supported hooks, and then to use those as a failover in the event that downloads from schemastore fail. I'll need to script out vendorizing these schemas, so that I can easily pull in updates to keep the bundled versions fresh. (I did consider having it pull in the schema at install time, but that's a lot trickier than having a vendored copy included.)

I also want to look into adding some retries for the download step and better logging if it fails and we don't have a failover schema to use, but that can be done later.

[flagarde]

Indeed it makes sense to disallows the use of network at runtime.

The failover would be a very nice feature.

[sirosen]

I've just released version 0.8.0, which adds in builtin schemas, including vendorized copies of the ones for the default hooks, and a behavior to failover to these schemas when downloading fails.

I believe this is sufficient to resolve this issue, so I've closed. But if someone could confirm that the fix works, that would be awesome! Please reopen if 0.8.0 isn't solving this.

[flagarde]

Hi, I have test with 0.8.2 and there is no crash