a2ml-validate-action/action.yml at main · hyperpolymath/a2ml-validate-action · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# SPDX-License-Identifier: MPL-2.0
# Copyright (c) 2026 Jonathan D.A. Jewell (hyperpolymath) <j.d.a.jewell@open.ac.uk>
#
# action.yml — Validate A2ML Manifests GitHub Action
# Scans repository for .a2ml files and validates structure, required fields,
# SPDX headers, and attestation blocks.

name: 'Validate A2ML Manifests'
description: >-
  Scan and validate .a2ml manifest files in your repository.
  Checks for required fields (agent-id/pedigree name, version),
  SPDX headers, and attestation block structure.
author: 'Jonathan D.A. Jewell'

branding:
  icon: 'shield'
  color: 'blue'

inputs:
  path:
    description: >-
      Directory path to scan for .a2ml files.
      Defaults to the repository root.
    required: false
    default: '.'
  strict:
    description: >-
      When true, warnings are promoted to errors and the action
      will fail on any validation issue. Defaults to false.
    required: false
    default: 'false'
  paths-ignore:
    description: >-
      Newline-separated path fragments to skip. Each line is matched as a
      substring against the file's path. Defaults to common vendored /
      training-corpus / fixture patterns so consumers don't have to repeat
      this carve-out in every repo. Pass an empty string to disable.
      Pattern follows hyperpolymath/hypatia#243 — validators that scan
      content patterns must distinguish a target file from a fixture /
      vendored / training-corpus file that legitimately contains the
      pattern being checked.
    required: false
    default: |
      vendor/
      vendored/
      verified-container-spec/
      .audittraining/
      integration/fixtures/
      test/fixtures/
      tests/fixtures/

outputs:
  files-scanned:
    description: 'Number of .a2ml files scanned'
    value: ${{ steps.validate.outputs.files_scanned }}
  errors:
    description: 'Number of validation errors found'
    value: ${{ steps.validate.outputs.errors }}
  warnings:
    description: 'Number of validation warnings found'
    value: ${{ steps.validate.outputs.warnings }}

runs:
  using: 'composite'
  steps:
    - name: Validate A2ML manifests
      id: validate
      shell: bash
      env:
        INPUT_PATH: ${{ inputs.path }}
        INPUT_STRICT: ${{ inputs.strict }}
        INPUT_PATHS_IGNORE: ${{ inputs.paths-ignore }}
      run: |
        "${GITHUB_ACTION_PATH}/validate-a2ml.sh"