We Keep Coding

Github Actions - Invalid workflow file

I am trying to build CI/CD pipelines using GitHub Actions but unfortunately, I am stuck with an error with the yaml file.
Here is my Yaml file is:
---
name: Build and push python code to gcp with github actions
on:
push:
branches:
- main
jobs:
build_push_grc:
name: Build and push to gcr
runs_on: unbuntu-latest
env:
IMAGE_NAME: learning_cicd
PROJECT_ID: personal-370316
steps:
- name: Checkoutstep
uses: actions/checkout#v2
- uses: google-github-actions/setup-gcloud#master
with:
service_account_key: ${{ secrets.SERVICE_ACCOUNT_KEY}}
project_id: ${{ env.PROJECT_ID }}
export_default_credentials: true
- name: Build Docker Image
run: docker build -t $IMAGE_NAME:latest .
- name: Configure Docker Client
run: |-
gcloud auth configure-docker --quiet
- name: Push Docker Image to Container Registry (GCR)
env:
GIT_TAG: v0.1.0
run: |-
docker tag $IMAGE_NAME:latest gcr.io/$PROJECT_ID/$IMAGE_NAME:latest
docker tag $IMAGE_NAME:latest gcr.io/$PROJECT_ID/$IMAGE_NAME:$GIT_TAG
docker push gcr.io/$PROJECT_ID/$IMAGE_NAME:latest
docker push gcr.io/$PROJECT_ID/$IMAGE_NAME:$GIT_TAG
Here is an error where I am stuck with:
GitHub Actions
/ .github/workflows/gcp.yaml
Invalid workflow file
You have an error in your yaml syntax on line 15
I tried all possible indentations available on the internet but had no luck. I tried Yamllinter but still could not find where the error comes from. Please point me to where I am going wrong.
Thanks.

The runs-on (not runs_on) should have two spaces indentation relative to the job identifier. Also, the OS should be ubuntu-latest.
Then, env should have the same indentation as runs-on or name, the same as steps.
Here is the correct WF:
---
name: Build and push python code to gcp with github actions
on:
push:
branches:
- main
jobs:
build_push_grc:
name: Build and push to gcr
runs-on: ubuntu-latest
env:
IMAGE_NAME: learning_cicd
PROJECT_ID: personal-370316
steps:
- name: Checkoutstep
uses: actions/checkout#v2
- uses: google-github-actions/setup-gcloud#master
with:
service_account_key: ${{ secrets.SERVICE_ACCOUNT_KEY}}
project_id: ${{ env.PROJECT_ID }}
export_default_credentials: true
- name: Build Docker Image
run: docker build -t $IMAGE_NAME:latest .
- name: Configure Docker Client
run: |-
gcloud auth configure-docker --quiet
- name: Push Docker Image to Container Registry (GCR)
env:
GIT_TAG: v0.1.0
run: |-
docker tag $IMAGE_NAME:latest gcr.io/$PROJECT_ID/$IMAGE_NAME:latest
docker tag $IMAGE_NAME:latest gcr.io/$PROJECT_ID/$IMAGE_NAME:$GIT_TAG
docker push gcr.io/$PROJECT_ID/$IMAGE_NAME:latest
docker push gcr.io/$PROJECT_ID/$IMAGE_NAME:$GIT_TAG
I would recommend debugging such issues in the GitHub file edit form (editing the yml file in the .github/workflows directory). It will highlight all the issues regarding the workflow syntax. Demo.

GitHub Actions - Have Checkout action in its own job

I'm trying to configure a workflow in GitHub Actions using a self-hosted runner.
The runner itself has Node installed for the checkout task, but not Python, hence why I'm trying to run the python script inside the specified container. I'm trying to execute a simple Python script from inside the repo, however, when the second job runs inside the container, it cannot find the file main.py.
name: GitHub Actions Test
on:
workflow_dispatch:
inputs:
job:
description: 'checkout and run'
required: true
default: 'checkout-repo'
jobs:
checkout-repo:
runs-on: self-hosted
steps:
- name: Checkout
uses: actions/checkout#v3
run-python:
runs-on: self-hosted
container:
image: <some_python3_docker_image>
credentials:
username: ${{ github.actor }}
password: ${{ secrets.github_token }}
steps:
- run: python3 main.py
Is there any way to make the repo workspace persist between the two jobs?

github `registry_package` event doesn’t trigger

I managed to create two actions on 1 private repository:
The first one builds the image and push the docker image to GitHub
Container Registry
The second one needs to be triggered when newer
image is published to the GitHub container registry and deploy the
image
The issue is that the second one it doesn't get triggered and doesn't run. I use GitHub Repo Token, and I found this that says triggering new workflows should be done using a personal access token. Is this the real issue or there is some workaround? Personally I don't want to put my github token there.
As reference here is the yml code for the fist github action:
name: Build Docker Image
on:
push:
branches:
- feature/ver-64/service-template
workflow_dispatch:
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout#v2
-
name: Docker meta
id: meta
uses: docker/metadata-action#v3
with:
images: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=sha
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action#v1
-
name: Login to Github Container Repository
if: github.event_name != 'pull_request'
uses: docker/login-action#v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action#v2
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
And this is the yml for the second one that needs to be trigered once the first one publish new image to the registry:
name: Deploy to Azure
on:
registry_package:
types: [ published, updated ]
jobs:
debug:
runs-on: ubuntu-latest
steps:
- uses: hmarr/debug-action#v2

GitHub actions prevents triggering more actions. Sort of to protect against infinite loops. Hence why the token used by GitHub Actions has a special flag on it which causes the 2nd workflow not to trigger.
You have a few options:
Use a PAT to push to GitHub Container Registry. (as per the docs)
Have a 2nd stage that depends on the first one in your existing workflow to perform the deployment.
A variation on 2, use a template to extract the deploy logic to a single template, use the same template action in both the workflow that pushes the image as well as the workflow that triggers when an image is pushed

Github actions Error: Input required and not supplied: task-definition

[![enter image description here][2]][2]
on:
push:
branches:
- soubhagya
name: Deploy to Amazon ECS
jobs:
deploy:
name: Deploy
runs-on: ubuntu-latest
environment: production
steps:
- name: Checkout
uses: actions/checkout#v2
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials#v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: af-south-1
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login#v1
- name: Build, tag, and push image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: new-cgafrica-backend
IMAGE_TAG: ${{ github.sha }}
run: |
# Build a docker container and
# push it to ECR so that it can
# be deployed to ECS.
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
- name: Fill in the new image ID in the Amazon ECS task definition
id: cgafrica-new-backend-task
uses: aws-actions/amazon-ecs-render-task-definition#v1
with:
task-definition: task-definition.json
container-name: cgafrica-backend-container
image: ${{ steps.build-image.outputs.image }}
- name: Deploy Amazon ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition#v1
with:
task-definition: ${{ steps.task-def.outputs.task-definition }}
service: cgafrica-backend-service
cluster: cgafrica-backend-cluster
wait-for-service-stability: true
Here is my yaml file code added. Please check
I have shared my task-definition.json and github actions pipeline progress.
But, I am getting some error Input required and not supplied: task-definition
Please let me know what is the issue here

The problem is in the last step - Deploy Amazon ECS task definition
The problematic part is ${{ steps.task-def.outputs.task-definition }} which doesn't refer to an existing step. There is not step with id task-def.
In order to work it should be: ${{ steps.cgafrica-new-backend-task.outputs.task-definition }}
- name: Deploy Amazon ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition#v1
with:
task-definition: ${{ steps.cgafrica-new-backend-task.outputs.task-definition }}
service: cgafrica-backend-service
cluster: cgafrica-backend-cluster
wait-for-service-stability: true

How to set the docker user in Github Actions

The following is my yml file for Github Actions. I want to set the user of the docker to root for the following via the docker options (--user root) . How can I do this via Github Actions?
name: CI
on: [push]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: run zap
uses: docker://sshniro/zap_action
with:
args: zap-baseline.py -t https://www.example.com
Thanks in Advance.

I don't think you can pass docker container arguments when using uses:, but you can set them with job containers.
Try this workflow:
name: ZAP
on: push
jobs:
build:
runs-on: ubuntu-latest
container:
image: owasp/zap2docker-stable
options: --user root
steps:
- uses: actions/checkout#v2
- name: run zap
run: zap-baseline.py -t https://www.example.com
You can find the documentation for the job.<job_id>.container syntax here.