From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Tue, 8 Feb 2022 17:34:10 +0000 (+0000)
Subject: ci: validate actions and fix actionlint warnings
X-Git-Tag: v251-rc1~324
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=10139b4e3c345250dbfc0236475e116a5b76a54d;p=thirdparty%2Fsystemd.git

ci: validate actions and fix actionlint warnings

some actions like Coverity and CFLite aren't run on every PR so to make
sure they are more or less fine when they are changed it makes sense to
at least check them with superlinter/actionlint: https://github.com/rhysd/actionlint

The following warnings were fixed along the way:
```
.github/workflows/mkosi.yml:55:7: shellcheck reported issue in this script: SC2086:info:6:14: Double quote to prevent globbing and word splitting [shellcheck]
   |
55 |       run: |
   |       ^~~~
.github/workflows/mkosi.yml:55:7: shellcheck reported issue in this script: SC2046:warning:6:40: Quote this to prevent word splitting [shellcheck]
   |
55 |       run: |
   |       ^~~~
.github/workflows/mkosi.yml:55:7: shellcheck reported issue in this script: SC2006:style:6:40: Use $(...) notation instead of legacy backticked `...` [shellcheck]
   |
55 |       run: |
   |       ^~~~
```
```
.github/workflows/coverity.yml:31:9: shellcheck reported issue in this script: SC2086:info:1:93: Double quote to prevent globbing and word splitting [shellcheck]
   |
31 |         run: echo "COVERITY_SCAN_NOTIFICATION_EMAIL=$(git log -1 ${{ github.sha }} --pretty=\"%aE\")" >> $GITHUB_ENV
   |         ^~~~
```
---

diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
index a164d16fbf0..46b2863080f 100644
--- a/.github/workflows/coverity.yml
+++ b/.github/workflows/coverity.yml
@@ -28,7 +28,7 @@ jobs:
         uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
       # https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable
       - name: Set the $COVERITY_SCAN_NOTIFICATION_EMAIL env variable
-        run: echo "COVERITY_SCAN_NOTIFICATION_EMAIL=$(git log -1 ${{ github.sha }} --pretty=\"%aE\")" >> $GITHUB_ENV
+        run: echo "COVERITY_SCAN_NOTIFICATION_EMAIL=$(git log -1 ${{ github.sha }} --pretty=\"%aE\")" >> "$GITHUB_ENV"
       - name: Install Coverity tools
         run: tools/get-coverity.sh
       # Reuse the setup phase of the unit test script to avoid code duplication
diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml
index 4d72a9829f3..14b3343796c 100644
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@@ -44,3 +44,4 @@ jobs:
           MULTI_STATUS: true
           VALIDATE_ALL_CODEBASE: false
           VALIDATE_BASH: true
+          VALIDATE_GITHUB_ACTIONS: true
diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml
index 966e364f713..daf009a3b11 100644
--- a/.github/workflows/mkosi.yml
+++ b/.github/workflows/mkosi.yml
@@ -58,7 +58,7 @@ jobs:
         sudo apt build-dep systemd
         meson build
         ninja -C build
-        sudo ln -svf $PWD/build/systemd-nspawn `which systemd-nspawn`
+        sudo ln -svf "$PWD/build/systemd-nspawn" "$(which systemd-nspawn)"
         systemd-nspawn --version
 
     - name: Build ${{ matrix.distro }}