Problem
`actionlint` is failing on `main` because of shellcheck errors embedded in
`.github/workflows/cd.yml`. This is currently blocking PR #307
(`docs(ai): add ai-prompts-runbook`) and any other PR that runs the
`lint-verify (PR1 gate)` check, since that gate runs the same actionlint
pass.
Confirmed pre-existing on `main` — not introduced by recent PRs.
Failing checks
- `actionlint` — fail
- `lint-verify (PR1 gate)` — fail (runs the same actionlint pass)
Example failing run:
https://github.com/alexandervazquez98/next-gen/actions/runs/27911454955
Shellcheck errors
`.github/workflows/cd.yml:146:9` — style (low priority)
```
SC2129:style:15:3: Consider using { cmd1; cmd2; } >> file
instead of individual redirects
```
Style suggestion, not a parse error. Safe to fix opportunistically.
`.github/workflows/cd.yml:234:9` — real shell parse errors (must fix)
```
SC1009:info:11:13: The mentioned syntax error was in this parameter expansion
SC1073:error:11:71: Couldn't parse this single quoted string. Fix to allow more checks.
SC1072:error:48:1: Expected end of single quoted string. Fix any mentioned problems and try again.
```
The `run:` block on line 234 contains a single-quoted string that
shellcheck cannot parse. Likely cause: an unbalanced quote or a heredoc
inside a single-quoted shell block. The runtime may or may not be affected
depending on how the GitHub Actions runner interprets it, but actionlint
treats it as a hard failure and blocks merges.
Impact
Suggested fix
Surgical PR that touches only `.github/workflows/cd.yml`:
- Inspect lines 146 and 234 in context (read the surrounding `run:` block).
- For 146: replace sequential redirects with the `{ cmd; } >> file` form
(style fix).
- For 234: locate the malformed single-quoted string and either:
- escape it correctly for shell inside YAML, or
- restructure the `run:` block to avoid embedded quotes
(e.g. move the script to a separate file under `scripts/` and
`run: bash scripts/.sh`).
- Re-run actionlint locally to confirm a clean pass.
Optional follow-up: add a `pre-commit` hook or a CI step that runs
`actionlint` on every PR targeting `.github/workflows/` to catch
regressions early.
Reproduction
```bash
Locally
./actionlint -color
Or via the workflow
gh workflow run actionlint.yml --ref
```
Related
Problem
`actionlint` is failing on `main` because of shellcheck errors embedded in
`.github/workflows/cd.yml`. This is currently blocking PR #307
(`docs(ai): add ai-prompts-runbook`) and any other PR that runs the
`lint-verify (PR1 gate)` check, since that gate runs the same actionlint
pass.
Confirmed pre-existing on `main` — not introduced by recent PRs.
Failing checks
Example failing run:
https://github.com/alexandervazquez98/next-gen/actions/runs/27911454955
Shellcheck errors
`.github/workflows/cd.yml:146:9` — style (low priority)
```
SC2129:style:15:3: Consider using { cmd1; cmd2; } >> file
instead of individual redirects
```
Style suggestion, not a parse error. Safe to fix opportunistically.
`.github/workflows/cd.yml:234:9` — real shell parse errors (must fix)
```
SC1009:info:11:13: The mentioned syntax error was in this parameter expansion
SC1073:error:11:71: Couldn't parse this single quoted string. Fix to allow more checks.
SC1072:error:48:1: Expected end of single quoted string. Fix any mentioned problems and try again.
```
The `run:` block on line 234 contains a single-quoted string that
shellcheck cannot parse. Likely cause: an unbalanced quote or a heredoc
inside a single-quoted shell block. The runtime may or may not be affected
depending on how the GitHub Actions runner interprets it, but actionlint
treats it as a hard failure and blocks merges.
Impact
`lint-verify (PR1 gate)` to pass.
Suggested fix
Surgical PR that touches only `.github/workflows/cd.yml`:
(style fix).
(e.g. move the script to a separate file under `scripts/` and
`run: bash scripts/.sh`).
Optional follow-up: add a `pre-commit` hook or a CI step that runs
`actionlint` on every PR targeting `.github/workflows/` to catch
regressions early.
Reproduction
```bash
Locally
./actionlint -color
Or via the workflow
gh workflow run actionlint.yml --ref
```
Related