Skip to content

Fix Copilot setup validation job by resolving workflow yamllint errors#1053

Merged
Bryan-Roe merged 6 commits into
mainfrom
copilot/fix-github-actions-job-failure
Jul 11, 2026
Merged

Fix Copilot setup validation job by resolving workflow yamllint errors#1053
Bryan-Roe merged 6 commits into
mainfrom
copilot/fix-github-actions-job-failure

Conversation

Copilot AI commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

The failing “Validate Copilot setup files & linters” job was caused by yamllint hard errors across multiple workflow files (indentation, EOF newline, trailing whitespace, and excess blank lines). This PR applies targeted YAML-only corrections and adds focused regression coverage to prevent recurrence.

  • Root cause remediation (workflow formatting errors)

    • Removed extra blank lines before permissions in code-coverage.yml.
    • Corrected with: block indentation for egress-policy in three dataset-integrity.yml jobs.
    • Added missing trailing newlines in:
      • github_workflows_autofix-pr.yml
      • github_workflows_validate-workflows.yml
    • Fixed ossar.yml YAML style/structure issues:
      • normalized branch list spacing (["main"])
      • corrected steps list indentation.
    • Removed trailing whitespace in summary.yml.
  • Regression coverage

    • Added tests/test_workflow_yamllint_regressions.py to lock in the exact failure patterns:
      • no triple-blank-line sequence before permissions in code-coverage.yml
      • required with/egress-policy indentation pattern in dataset-integrity.yml
      • EOF newline presence for the two workflow validation/autofix files
      • ossar.yml trigger/steps structure validity
      • no trailing whitespace in summary.yml
# tests/test_workflow_yamllint_regressions.py
bad_indent = "with:\n                egress-policy: audit"   # 16 spaces
good_indent = "with:\n                  egress-policy: audit" # 18 spaces
assert bad_indent not in content
assert content.count(good_indent) == 3

Copilot AI review requested due to automatic review settings July 11, 2026 19:46

Copilot AI commented Jul 11, 2026

Copy link
Copy Markdown
Contributor Author

@Bryan-Roe Unfortunately, I hit an error while trying to use the custom Copilot setup steps configured for this repository and had to close this PR. The error I am seeing is:

no `copilot-setup-steps` job found in your `copilot-setup-steps.yml` workflow file. Please ensure you have a single job named `copilot-setup-steps`. For more details, see https://gh.io/copilot/actions-setup-steps

Once you or someone with the necessary access fixes the problem, please unassign and then reassign issue #0 to me and I'll retry. Thanks!

Copilot AI removed the request for review from Copilot July 11, 2026 19:46
@stepsecurity-app

Copy link
Copy Markdown
Contributor

Security Policy Alert: Harden Runner Policy Violation

This workflow run has been blocked by StepSecurity's Harden Runner policy.

This workflow run was blocked because one or more jobs are missing the Harden-Runner action, or it is not properly configured, which can introduce agent-bypass risk.

Jobs not protected by Harden Runner:

  • .github/workflows/dependabot-fetch-metadata.yml::dependabot

Update the affected jobs so Harden Runner is initialized before any other action or command runs.

For more information, see StepSecurity's Harden Runner documentation.

@stepsecurity-app

Copy link
Copy Markdown
Contributor

Security Policy Alert: Harden Runner Policy Violation

This workflow run has been blocked by StepSecurity's Harden Runner policy.

This workflow run was blocked because one or more jobs are missing the Harden-Runner action, or it is not properly configured, which can introduce agent-bypass risk.

Jobs not protected by Harden Runner:

  • .github/workflows/dependabot-auto-approve.yml::dependabot

Update the affected jobs so Harden Runner is initialized before any other action or command runs.

For more information, see StepSecurity's Harden Runner documentation.

Copilot AI requested review from Copilot and removed request for Copilot July 11, 2026 19:50
Copilot AI requested review from Copilot and removed request for Copilot July 11, 2026 19:50
Copilot AI requested review from Copilot and removed request for Copilot July 11, 2026 19:53
Copilot AI requested review from Copilot and removed request for Copilot July 11, 2026 19:54
Copilot AI changed the title [WIP] Fix failing GitHub Actions job for Copilot setup files Fix Copilot setup validation job by resolving workflow yamllint errors Jul 11, 2026
Copilot AI requested a review from Bryan-Roe July 11, 2026 19:55
@Bryan-Roe Bryan-Roe marked this pull request as ready for review July 11, 2026 20:02
Copilot AI review requested due to automatic review settings July 11, 2026 20:02

Copilot AI commented Jul 11, 2026

Copy link
Copy Markdown
Contributor Author

@Bryan-Roe Thanks for sending me some feedback. Unfortunately, I hit an error while trying to use the custom Copilot setup steps configured for this repository. The error I am seeing is:

no `copilot-setup-steps` job found in your `copilot-setup-steps.yml` workflow file. Please ensure you have a single job named `copilot-setup-steps`. For more details, see https://gh.io/copilot/actions-setup-steps

Once you or someone with the necessary access fixes the problem, please let me know in a comment and I'll try again. Thanks!

Signed-off-by: Bryan <74067792+Bryan-Roe@users.noreply.github.com>
@Bryan-Roe Bryan-Roe merged commit 9c6c255 into main Jul 11, 2026
46 of 73 checks passed
@Bryan-Roe Bryan-Roe deleted the copilot/fix-github-actions-job-failure branch July 11, 2026 20:03

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes yamllint failures blocking Copilot setup validation.

Changes:

  • Corrects YAML indentation and whitespace across six workflows.
  • Adds focused workflow-format regression tests.
  • One OSSAR regression test does not detect the original formatting errors.

Reviewed changes

Copilot reviewed 2 out of 4 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
.github/workflows/code-coverage.yml Removes excess blank lines.
.github/workflows/dataset-integrity.yml Corrects egress-policy indentation.
.github/workflows/github_workflows_autofix-pr.yml Adds EOF newline.
.github/workflows/github_workflows_validate-workflows.yml Adds EOF newline.
.github/workflows/ossar.yml Corrects OSSAR comment indentation.
.github/workflows/summary.yml Removes trailing whitespace.
tests/test_workflow_yamllint_regressions.py Adds formatting regression coverage.

Comment on lines +48 to +50
assert triggers["push"]["branches"] == ["main"]
assert triggers["pull_request"]["branches"] == ["main"]
assert steps[0]["name"] == "Checkout repository"
@github-actions

github-actions Bot commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

🔐 CodeQL — Open Alerts on this PR

Severity Count
medium 57
high 95
error 109
warning 85
note 701

Copilot Autofix suggestions (if enabled) appear as inline review comments on the affected lines.
See the full list in the Security tab.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants