fix: fixed yml files as per the yml-lint rules (#71)

Co-authored-by: Vishwajit Nagulkar <[email protected]>

Author: Tanveer143s

.github/dependabot.yml

@@ -1,30 +1,32 @@
+---
 version: 2
 updates:
   - package-ecosystem: 'github-actions'
     # Workflow files stored in the
     # default location of `.github/workflows`
-    directory: '/' # Location of package manifests
+    directory: '/'  # Location of package manifests
     schedule:
       interval: 'weekly'
       day: 'sunday'
       time: '09:00'
       timezone: 'America/Toronto'
     open-pull-requests-limit: 3
     assignees:
-    - "clouddrove-ci"
+      - "clouddrove-ci"
     reviewers:
-    - "d4kverma"
-    - "anmolnagpal"
+      - "d4kverma"
+      - "anmolnagpal"
   - package-ecosystem: 'terraform'
-    directory: '*' # Location of package manifests
+    directory: '*'  #  Location of package manifests
     schedule:
       interval: 'weekly'
       day: 'sunday'
       time: '09:00'
       timezone: 'America/Toronto'
     open-pull-requests-limit: 3
     assignees:
-    - "clouddrove-ci"
+      - "clouddrove-ci"
     reviewers:
-    - "d4kverma"
-    - "anmolnagpal"
+      - "d4kverma"
+      - "anmolnagpal"
+...

.github/workflows/auto_assignee.yml

@@ -1,17 +1,17 @@
+---
 name: Assignees
 
 on:
   workflow_call:
     inputs:
-        assignees:
-            description: 'A list of assignees(GitHub user name) to be added to PR'
-            required: true
-            type: string
-    
+      assignees:
+        description: 'A list of assignees(GitHub user name) to be added to PR'
+        required: true
+        type: string
     secrets:
-        GITHUB:
-            description: 'Your GitHub token for authentication.'
-            required: true
+      GITHUB:
+        description: 'Your GitHub token for authentication.'
+        required: true
 
 jobs:
   assign:
@@ -20,4 +20,5 @@ jobs:
       - uses: wow-actions/auto-assign@v3
         with:
           GITHUB_TOKEN: ${{ secrets.GITHUB }}
-          assignees: ${{ inputs.assignees }}
+          assignees: ${{ inputs.assignees }}
+...

.github/workflows/changelog.yml

@@ -1,3 +1,4 @@
+---
 name: CHANGELOG
 
 on:
@@ -9,7 +10,7 @@ on:
     secrets:
       GITHUB:
         required: true
-        description: 'PAT of the user to run the jobs.'  
+        description: 'PAT of the user to run the jobs.'
 
 jobs:
   create_changelog:
@@ -45,8 +46,9 @@ jobs:
         uses: stefanzweifel/git-auto-commit-action@v4
         with:
           branch: ${{ inputs.branch}}
-          commit_user_name: clouddrove-ci # defaults to "github-actions[bot]"
-          commit_user_email: [email protected] # defaults to "41898282+github-actions[bot]@users.noreply.github.com"
+          commit_user_name: clouddrove-ci  #  defaults to "github-actions[bot]"
+          commit_user_email: [email protected]  #  defaults to "41898282+github-actions[bot]@users.noreply.github.com"
           commit_author: CloudDrove CI <[email protected]>
           commit_message: 'docs: update CHANGELOG.md for ${{ github.ref_name }}'
           file_pattern: CHANGELOG.md
+...

.github/workflows/checkov.yml

@@ -1,37 +1,38 @@
+---
 name: checkov
 # Controls when the workflow will run
 on:
-  # Triggers the workflow on worflow call request events. 
+  # Triggers the workflow on worflow call request events.
   workflow_call:
     inputs:
-     directory:
+      directory:
         required: true
         type: string
-     continue_on_error:
+      continue_on_error:
         required: true
         type: string
         default: 'true'
-     var_file:
+      var_file:
         required: false
         type: string
-    
+
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
   # This workflow contains a single job called "scan"
   scan:
     permissions:
-      contents: read # for actions/checkout to fetch code
-      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
-      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
-      
+      contents: read  # for actions/checkout to fetch code
+      security-events: write  # - for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read  # - only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+
     # The type of runner that the job will run on
     runs-on: ubuntu-latest
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so follow-up steps can access it
       - uses: actions/checkout@v3
-      
+
       - name: Checkov GitHub Action
         if: ${{ inputs.continue_on_error == 'true' }}
         uses: bridgecrewio/checkov-action@v12
@@ -42,7 +43,7 @@ jobs:
           soft_fail: true
           directory: ${{ inputs.directory}}
           var_file: ${{ inputs.var_file}}
-      
+
       - name: Checkov GitHub Action
         if: ${{ inputs.continue_on_error == 'false' }}
         uses: bridgecrewio/checkov-action@v12
@@ -52,15 +53,15 @@ jobs:
           output_file_path: console,results.sarif
           directory: ${{ inputs.directory}}
           var_file: ${{ inputs.var_file}}
-      
-        
+
       - name: Upload SARIF file
         uses: github/codeql-action/upload-sarif@v2
         # Results are generated only on a success or failure
-        # this is required since GitHub by default won't run the next step
-        # when the previous one has failed. Security checks that do not pass will 'fail'.
+        # This is required since GitHub by default won't run the next step
+        # when the previous one has failed. Security checks that do not pass will 'fail'
         # An alternative is to add `continue-on-error: true` to the previous step
-        # Or 'soft_fail: true' to checkov.
+        # Or 'soft_fail: true' to checkov
         if: success() || failure()
         with:
           sarif_file: results.sarif
+...

.github/workflows/docker-scanner.yml

@@ -1,3 +1,4 @@
+---
 name: docker-scanner
 
 on:
@@ -28,19 +29,19 @@ jobs:
         uses: docker/build-push-action@v4
         with:
           push: false
-          load: true # Export to Docker Engine rather than pushing to a registry
+          load: true  #  Export to Docker Engine rather than pushing to a registry
           tags: ${{ github.sha }}
           platforms: linux/amd64
-      
+
       - name: Docker Scan with trivy (non-blocking)
         uses: aquasecurity/trivy-action@master
         env:
           tags: ${{ github.sha }}
         with:
-         image-ref: ${{ github.sha }}
-         exit-code: 0
-         format: 'sarif'
-         output: 'trivy-results.sarif'
+          image-ref: ${{ github.sha }}
+          exit-code: 0
+          format: 'sarif'
+          output: 'trivy-results.sarif'
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2
@@ -50,8 +51,8 @@ jobs:
       - name: Docker Scan with trivy (blocking)
         uses: aquasecurity/trivy-action@master
         with:
-         image-ref: ${{ github.sha }}
-         format: table 
-         exit-code: 1
-        #  severity: 'HIGH,CRITICAL'
-         severity: ${{ inputs.severity}}
+          image-ref: ${{ github.sha }}
+          format: table
+          exit-code: 1
+          severity: ${{ inputs.severity}}
+...

.github/workflows/docker.yml

@@ -1,3 +1,4 @@
+---
 name: docker-build-push
 
 on:
@@ -18,7 +19,6 @@ on:
       IMAGE_TAG:
         required: true
         type: string
-      
     secrets:
       AWS_ACCESS_KEY_ID:
         description: 'aws access keys'
@@ -53,7 +53,7 @@ jobs:
         if: ${{ inputs.registry == 'DOCKERHUB' }}
         env:
           IMAGE_TAG: ${{ inputs.IMAGE_TAG }}
-          images: ${{ inputs.images }}  
+          images: ${{ inputs.images }}
         run: |
           docker build -t $images:$IMAGE_TAG .
           docker push $images:$IMAGE_TAG
@@ -75,7 +75,6 @@ jobs:
         env:
           ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
           ECR_REPOSITORY: ${{ inputs.ECR_REPOSITORY }}
-#           IMAGE_TAG: ${{ github.run_number }}
           IMAGE_TAG: ${{ inputs.IMAGE_TAG }}
         run: |
           docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
@@ -93,7 +92,6 @@ jobs:
         run: |
           docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
           docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-          
           docker build -t $images:$IMAGE_TAG .
           docker push $images:$IMAGE_TAG
-          
+...

.github/workflows/readme.yml

@@ -1,52 +1,46 @@
-name: 'Create README.md file'
+---
+name: Create README.md file
 on:
-  workflow_call:
-
+  workflow_call: null
 jobs:
   readme-create:
-    name: 'readme-create'
+    name: readme-create
     runs-on: ubuntu-latest
     steps:
-      - name: 'Checkout'
+      - name: Checkout
         uses: actions/checkout@master
-
-      - name: 'Set up Python 3.7'
+      - name: Set up Python 3.7
         uses: actions/setup-python@v4
         with:
-          python-version: '3.x'
-
-      - name: 'create readme'
-        uses: 'clouddrove/[email protected]'
+          python-version: 3.x
+      - name: create readme
+        uses: clouddrove/[email protected]
         with:
-          actions_subcommand: 'readme'
-          github_token: '${{ secrets.GITHUB }}'
+          actions_subcommand: readme
+          github_token: ${{ secrets.GITHUB }}
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-
-      - name: 'pre-commit check errors'
+      - name: pre-commit check errors
         uses: pre-commit/[email protected]
         continue-on-error: true
-
-      - name: 'pre-commit fix erros'
+      - name: pre-commit fix erros
         uses: pre-commit/[email protected]
         continue-on-error: true
-
-      - name: 'push readme'
-        uses: 'clouddrove/[email protected]'
+      - name: push readme
+        uses: clouddrove/[email protected]
         continue-on-error: true
         with:
-          actions_subcommand: 'push'
+          actions_subcommand: push
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: 'Slack Notification'
+      - name: Slack Notification
         uses: clouddrove/action-slack@v2
         with:
           status: ${{ job.status }}
           fields: repo,author
-          author_name: 'CloudDrove'
+          author_name: CloudDrove
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required
-          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }}
         if: always()
+...

.github/workflows/sst_workflow.yml

@@ -1,3 +1,4 @@
+---
 name: Shared Workflow - SST Deploy
 
 on:
@@ -23,15 +24,15 @@ on:
         default: ""
         type: string
       yarn-cache:
-        description: 'Cache required or not for yarn install' 
+        description: 'Cache required or not for yarn install'
         type: string
         default: false
       deploy:
-        description: 'Default deploy otherwise run diff command to detect changes in stacks' 
+        description: 'Default deploy otherwise run diff command to detect changes in stacks'
         type: string
         default: true
       self-hosted:
-        description: 'Deploy stack with github self hosted runner or not' 
+        description: 'Deploy stack with github self hosted runner or not'
         type: string
         default: true
 
@@ -108,10 +109,10 @@ jobs:
           SLUG_BRANCH_NAME=$(echo "${BRANCH_NAME}" | sed 's/[^[:alnum:]]/-/g' | tr -s '-' | tr A-Z a-z)
           echo "SLUG_BRANCH_NAME=${SLUG_BRANCH_NAME}"
           echo "GITHUB_HEAD_REF_SLUG=${SLUG_BRANCH_NAME}" >> $GITHUB_ENV
-          
+
       - name: check diffrence in deployed and local stacks
         if: ${{ inputs.deploy != 'true' }}
-        run:  yarn sst diff --stage ${{ inputs.app-env }}
+        run: yarn sst diff --stage ${{ inputs.app-env }}
 
       - name: Deploy and get API endpoint
         if: ${{ inputs.deploy == 'true' && ((github.event.action == 'opened' && inputs.preview == 'true') || (github.event.action == 'synchronize' && inputs.preview == 'true') || (github.event.pull_request.merged == true && inputs.preview == 'false' && inputs.app-env == 'staging') || (inputs.app-env == 'production' && startsWith(github.ref, 'refs/tags/v'))) }}
@@ -143,3 +144,4 @@ jobs:
         with:
           token: ${{ secrets.token }}
           environment: ${{ github.head_ref }}
+...