AEA-3622 Actionlint issues fixed.

NHSDigital · Jan 24, 2024 · 4fce6be · 4fce6be
1 parent 417349b
commit 4fce6be
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 9 deletions.
diff --git a/.github/workflows/dependabot_auto_approve_and_merge.yml b/.github/workflows/dependabot_auto_approve_and_merge.yml
@@ -23,21 +23,21 @@ jobs:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
       - name: Approve patch and minor updates
         if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch' || steps.dependabot-metadata.outputs.update-type == 'version-update:semver-minor'}}
-        run: gh pr review $PR_URL --approve -b "I'm **approving** this pull request because **it includes a patch or minor update**"
+        run: gh pr review "$PR_URL" --approve -b "I'm **approving** this pull request because **it includes a patch or minor update**"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
           GITHUB_TOKEN: ${{ steps.get_app_token.outputs.token }}
       - name: Approve major updates of development dependencies
         if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-major' && steps.dependabot-metadata.outputs.dependency-type == 'direct:development'}}
-        run: gh pr review $PR_URL --approve -b "I'm **approving** this pull request because **it includes a major update of a dependency used only in development**"
+        run: gh pr review "$PR_URL" --approve -b "I'm **approving** this pull request because **it includes a major update of a dependency used only in development**"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
           GITHUB_TOKEN: ${{ steps.get_app_token.outputs.token }}
       - name: Comment on major updates of non-development dependencies
         if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-major' && steps.dependabot-metadata.outputs.dependency-type == 'direct:production'}}
         run: |
-          gh pr comment $PR_URL --body "I'm **not approving** this PR because **it includes a major update of a dependency used in production**"
-          gh pr edit $PR_URL --add-label "requires-manual-qa"
+          gh pr comment "$PR_URL" --body "I'm **not approving** this PR because **it includes a major update of a dependency used in production**"
+          gh pr edit "$PR_URL" --add-label "requires-manual-qa"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
           GITHUB_TOKEN: ${{ steps.get_app_token.outputs.token }}

diff --git a/.github/workflows/pr-link.yml b/.github/workflows/pr-link.yml
@@ -5,14 +5,18 @@ on:
 jobs:
   link-ticket:
     runs-on: ubuntu-latest
+    env:
+      REF: ${{ github.event.pull_request.head.ref }}
     steps:
       - name: Check ticket name conforms to requirements
-        run: echo ${{ github.event.pull_request.head.ref }} | grep -i -E -q "(aea-[0-9]+)|(apm-[0-9]+)|(apmspii-[0-9]+)|(adz-[0-9]+)|(amb-[0-9]+)|(dependabot\/)"
+        run: echo "$REF" | grep -i -E -q "(aea-[0-9]+)|(apm-[0-9]+)|(apmspii-[0-9]+)|(adz-[0-9]+)|(amb-[0-9]+)|(dependabot\/)"
         continue-on-error: true
 
       - name: Grab ticket name
         if: contains(github.event.pull_request.head.ref, 'aea-') || contains(github.event.pull_request.head.ref, 'AEA-') || contains(github.event.pull_request.head.ref, 'apm-') || contains(github.event.pull_request.head.ref, 'APM-') || contains(github.event.pull_request.head.ref, 'apmspii-') || contains(github.event.pull_request.head.ref, 'APMSPII-') || contains(github.event.pull_request.head.ref, 'adz-') || contains(github.event.pull_request.head.ref, 'ADZ-') || contains(github.event.pull_request.head.ref, 'amb-') || contains(github.event.pull_request.head.ref, 'AMB-')
-        run: echo ::set-env name=TICKET_NAME::$(echo ${{ github.event.pull_request.head.ref }} | grep -i -o '\(aea-[0-9]\+\)\|\(apm-[0-9]\+\)\|\(apmspii-[0-9]\+\)\|\(adz-[0-9]\+\)|\(amb-[0-9]\+\)' | tr '[:lower:]' '[:upper:]')
+        run: |
+          # shellcheck disable=SC2046
+          echo name=TICKET_NAME::$(echo "$REF" | grep -i -o '\(aea-[0-9]\+\)\|\(apm-[0-9]\+\)\|\(apmspii-[0-9]\+\)\|\(adz-[0-9]\+\)|\(amb-[0-9]\+\)' | tr '[:lower:]' '[:upper:]') >> "$GITHUB_ENV"
         continue-on-error: true
         env:
           ACTIONS_ALLOW_UNSECURE_COMMANDS: true

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -53,11 +53,11 @@ jobs:
           make install-python
 
       - name: Set SPEC_VERSION env var for merges to main
-        run: echo "SPEC_VERSION=$(poetry run python scripts/calculate_version.py)" >> $GITHUB_ENV
+        run: echo "SPEC_VERSION=$(poetry run python scripts/calculate_version.py)" >> "$GITHUB_ENV"
         if: github.ref == 'refs/heads/main'
 
       - name: Set SPEC_VERSION env var for tags
-        run: echo "SPEC_VERSION=${{  github.ref_name }}" >> $GITHUB_ENV
+        run: echo "SPEC_VERSION=${{  github.ref_name }}" >> "$GITHUB_ENV"
         if: github.ref != 'refs/heads/main'
 
       - name: Download build artifact
@@ -88,4 +88,4 @@ jobs:
 
       - name: output SPEC_VERSION
         id: output_spec_version
-        run: echo SPEC_VERSION=${{ env.SPEC_VERSION }} >> $GITHUB_OUTPUT
+        run: echo SPEC_VERSION=${{ env.SPEC_VERSION }} >> "$GITHUB_OUTPUT"