chore(ci): use yaml anchors in checks job for common reused actions by jakedoublev · Pull Request #2900 · opentdf/platform

jakedoublev · 2025-11-12T22:17:59Z

Proposed Changes

If a GHA is used more than 2 times in the checks.yaml workflow, we should use a yaml anchor, now GA in GHA

Checklist

I have added or updated unit tests
I have added or updated integration tests (if appropriate)
I have added or updated documentation

Testing Instructions

github-actions

Remaining comments which cannot be posted as a review comment to avoid GitHub Rate Limit

actionlint

🚫 [actionlint] _{reported by reviewdog 🐶}
specifying action "" in invalid format because ref is missing. available formats are "{owner}/{repo}@{ref}" or "{owner}/{repo}/{path}@{ref}" [action]

platform/.github/workflows/checks.yaml

Line 557 in 9a4da1d

- uses: *actions-checkout

🚫 [actionlint] _{reported by reviewdog 🐶}
expected scalar node for string value but found alias node with "" tag [syntax-check]

platform/.github/workflows/checks.yaml

Line 560 in 9a4da1d

- uses: *actions-setup-go

🚫 [actionlint] _{reported by reviewdog 🐶}
specifying action "" in invalid format because ref is missing. available formats are "{owner}/{repo}@{ref}" or "{owner}/{repo}/{path}@{ref}" [action]

platform/.github/workflows/checks.yaml

Line 560 in 9a4da1d

- uses: *actions-setup-go

github-actions · 2025-11-12T22:18:22Z

.github/workflows/checks.yaml

      contents: read
    name: integration tests
-    runs-on: ubuntu-22.04
+    runs-on: *ubuntu-runner


🚫 [actionlint] _{reported by reviewdog 🐶}
"runs-on" section is alias node but mapping node is expected [syntax-check]

github-actions · 2025-11-12T22:18:22Z

.github/workflows/checks.yaml

      TLS_ENABLED: "true"
    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: *actions-checkout


🚫 [actionlint] _{reported by reviewdog 🐶}
expected scalar node for string value but found alias node with "" tag [syntax-check]

github-actions · 2025-11-12T22:18:22Z

.github/workflows/checks.yaml

      TLS_ENABLED: "true"
    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: *actions-checkout


🚫 [actionlint] _{reported by reviewdog 🐶}
specifying action "" in invalid format because ref is missing. available formats are "{owner}/{repo}@{ref}" or "{owner}/{repo}/{path}@{ref}" [action]

github-actions · 2025-11-12T22:18:23Z

.github/workflows/checks.yaml

        with:
          persist-credentials: false
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: *actions-setup-go


🚫 [actionlint] _{reported by reviewdog 🐶}
expected scalar node for string value but found alias node with "" tag [syntax-check]

github-actions · 2025-11-12T22:18:23Z

.github/workflows/checks.yaml

        with:
          persist-credentials: false
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: *actions-setup-go


🚫 [actionlint] _{reported by reviewdog 🐶}
specifying action "" in invalid format because ref is missing. available formats are "{owner}/{repo}@{ref}" or "{owner}/{repo}/{path}@{ref}" [action]

github-actions · 2025-11-12T22:18:25Z

.github/workflows/checks.yaml

          input: service
          against: "https://github.com/opentdf/platform.git#branch=${{ github.event.pull_request.base.ref || github.base_ref || 'main' }},subdir=service"
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: *actions-setup-go


🚫 [actionlint] _{reported by reviewdog 🐶}
expected scalar node for string value but found alias node with "" tag [syntax-check]

github-actions · 2025-11-12T22:18:25Z

.github/workflows/checks.yaml

          input: service
          against: "https://github.com/opentdf/platform.git#branch=${{ github.event.pull_request.base.ref || github.base_ref || 'main' }},subdir=service"
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: *actions-setup-go


🚫 [actionlint] _{reported by reviewdog 🐶}
specifying action "" in invalid format because ref is missing. available formats are "{owner}/{repo}@{ref}" or "{owner}/{repo}/{path}@{ref}" [action]

github-actions · 2025-11-12T22:18:26Z

.github/workflows/checks.yaml

      - tests-bdd
      - otdfctl-test
-    runs-on: ubuntu-22.04
+    runs-on: *ubuntu-runner


🚫 [actionlint] _{reported by reviewdog 🐶}
"runs-on" section is alias node but mapping node is expected [syntax-check]

github-actions · 2025-11-12T22:18:26Z

.github/workflows/checks.yaml

      contents: read
    name: license check
-    runs-on: ubuntu-22.04
+    runs-on: *ubuntu-runner


🚫 [actionlint] _{reported by reviewdog 🐶}
"runs-on" section is alias node but mapping node is expected [syntax-check]

github-actions · 2025-11-12T22:18:26Z

.github/workflows/checks.yaml

+    runs-on: *ubuntu-runner
    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: *actions-checkout


🚫 [actionlint] _{reported by reviewdog 🐶}
expected scalar node for string value but found alias node with "" tag [syntax-check]

.github/workflows/checks.yaml

          fetch-depth: 0
          persist-credentials: false
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: &actions-setup-go actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0


.github/workflows/checks.yaml

          fetch-depth: 0
          persist-credentials: false
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: &actions-setup-go actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0


.github/workflows/checks.yaml

          fetch-depth: 0
          persist-credentials: false
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: &actions-setup-go actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0


.github/workflows/checks.yaml

          fetch-depth: 0
          persist-credentials: false
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: &actions-setup-go actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0


github-actions · 2025-11-12T22:24:02Z

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	144.22185ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	82.843812ms

Benchmark Statistics

Name	№ Requests	Avg Duration	Min Duration	Max Duration

Bulk Benchmark Results

Metric	Value
Total Decrypts	100
Successful Decrypts	100
Failed Decrypts	0
Total Time	368.638262ms
Throughput	271.27 requests/second

TDF3 Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	37.801046878s
Average Latency	376.150955ms
Throughput	132.27 requests/second

NANOTDF Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	25.872255216s
Average Latency	257.989273ms
Throughput	193.26 requests/second

github-actions · 2025-11-12T22:35:12Z

X-Test Results

opentdf~~platform~~6N03G8.dockerbuild
cukes-report
✅ js-v0.4.34
✅ java-v0.4.34
✅ go-v0.4.34
bats-test-results
✅ js-pull-2900
✅ java-pull-2900
✅ go-pull-2900

chore(ci): use yaml anchors in checks job for common reused actions

9a4da1d

github-actions bot added comp:ci Github Actions Work size/s labels Nov 12, 2025

github-actions bot reviewed Nov 12, 2025

View reviewed changes

github-advanced-security bot found potential problems Nov 12, 2025

View reviewed changes

Conversation

jakedoublev commented Nov 12, 2025

Proposed Changes

Checklist

Testing Instructions

Uh oh!

github-actions bot left a comment

Choose a reason for hiding this comment

Uh oh!

github-actions bot Nov 12, 2025

Choose a reason for hiding this comment

Uh oh!

github-actions bot Nov 12, 2025

Choose a reason for hiding this comment

Uh oh!

github-actions bot Nov 12, 2025

Choose a reason for hiding this comment

Uh oh!

github-actions bot Nov 12, 2025

Choose a reason for hiding this comment

Uh oh!

github-actions bot Nov 12, 2025

Choose a reason for hiding this comment

Uh oh!

github-actions bot Nov 12, 2025

Choose a reason for hiding this comment

Uh oh!

github-actions bot Nov 12, 2025

Choose a reason for hiding this comment

Uh oh!

github-actions bot Nov 12, 2025

Choose a reason for hiding this comment

Uh oh!

github-actions bot Nov 12, 2025

Choose a reason for hiding this comment

Uh oh!

github-actions bot Nov 12, 2025

Choose a reason for hiding this comment

Uh oh!

Check failure

Check failure

Check failure

Check failure

github-actions bot commented Nov 12, 2025

Benchmark authorization.GetDecisions Results:

Benchmark authorization.v2.GetMultiResourceDecision Results:

Benchmark Statistics

Bulk Benchmark Results

TDF3 Benchmark Results:

NANOTDF Benchmark Results:

Uh oh!

github-actions bot commented Nov 12, 2025

X-Test Results

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant