Files
openclaw/scripts/check-composite-action-input-interpolation.py
2026-02-19 15:27:48 +01:00

82 lines
2.3 KiB
Python

#!/usr/bin/env python3
from __future__ import annotations
import pathlib
import re
import sys
INPUT_INTERPOLATION_RE = re.compile(r"\$\{\{\s*inputs\.")
RUN_LINE_RE = re.compile(r"^(\s*)run:\s*(.*)$")
USING_COMPOSITE_RE = re.compile(r"^\s*using:\s*composite\s*$", re.MULTILINE)
def indentation(line: str) -> int:
return len(line) - len(line.lstrip(" "))
def scan_file(path: pathlib.Path) -> list[tuple[int, str]]:
text = path.read_text(encoding="utf-8")
if not USING_COMPOSITE_RE.search(text):
return []
lines = text.splitlines()
violations: list[tuple[int, str]] = []
line_count = len(lines)
index = 0
while index < line_count:
line = lines[index]
match = RUN_LINE_RE.match(line)
if not match:
index += 1
continue
run_indent = len(match.group(1))
run_value = match.group(2).strip()
line_no = index + 1
if run_value and run_value[0] not in ("|", ">"):
if INPUT_INTERPOLATION_RE.search(run_value):
violations.append((line_no, line.strip()))
index += 1
continue
index += 1
while index < line_count:
script_line = lines[index]
if script_line.strip() == "":
index += 1
continue
if indentation(script_line) <= run_indent:
break
if INPUT_INTERPOLATION_RE.search(script_line):
violations.append((index + 1, script_line.strip()))
index += 1
return violations
def main() -> int:
root = pathlib.Path(".github/actions")
files = sorted(root.rglob("action.y*ml"))
all_violations: list[tuple[pathlib.Path, int, str]] = []
for file_path in files:
for line_no, line in scan_file(file_path):
all_violations.append((file_path, line_no, line))
if all_violations:
print("Disallowed direct inputs interpolation in composite run blocks:")
for file_path, line_no, line in all_violations:
print(f"- {file_path}:{line_no}: {line}")
print("Use env: and reference shell variables instead.")
return 1
print("No direct inputs interpolation found in composite run blocks.")
return 0
if __name__ == "__main__":
sys.exit(main())