feat(CI): add a GitHub Action to lint the YAML (#1060)

- add a `.yamllint` config file
- lint some YAML

.github/dependabot.yml

@@ -10,12 +10,12 @@ updates:
     schedule:
       interval: "daily"
 
-  - package-ecosystem: "npm" # See documentation for possible values
-    directory: "/" # Location of package manifests
+  - package-ecosystem: "npm"  # See documentation for possible values
+    directory: "/"  # Location of package manifests
     schedule:
       interval: "daily"
 
-  - package-ecosystem: "gomod" # See documentation for possible values
-    directory: "/" # Location of package manifests
+  - package-ecosystem: "gomod"  # See documentation for possible values
+    directory: "/"  # Location of package manifests
     schedule:
       interval: "daily"

.github/workflows/codeql-analysis.yml

@@ -13,10 +13,10 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [ master ]
+    branches: [master]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ master ]
+    branches: [master]
   schedule:
     - cron: '18 23 * * 0'
 
@@ -28,40 +28,40 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'go', 'javascript' ]
+        language: ['go', 'javascript']
         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
         # Learn more:
         # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
+      - name: Checkout repository
+        uses: actions/checkout@v2
 
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v1
 
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
 
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
 
-    #- run: |
-    #   make bootstrap
-    #   make release
+      # - run: |
+      #    make bootstrap
+      #    make release
 
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1

.github/workflows/gitleaks.yml

@@ -14,12 +14,12 @@ jobs:
   gitleaks:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
-      with:
-        fetch-depth: '1'
-    - name: wget
-      uses: wei/wget@v1.1.1
-      with:
-        args: -O .gitleaks.toml https://raw.githubusercontent.com/ycjcl868/gitleaks/master/.gitleaks.toml
-    - name: gitleaks-action
-      uses: zricethezav/gitleaks-action@master
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: '1'
+      - name: wget
+        uses: wei/wget@v1.1.1
+        with:
+          args: -O .gitleaks.toml https://raw.githubusercontent.com/ycjcl868/gitleaks/master/.gitleaks.toml
+      - name: gitleaks-action
+        uses: zricethezav/gitleaks-action@master

.github/workflows/lint.yml

@@ -14,3 +14,10 @@ jobs:
           node-version: '12.x'
       - run: npm install -g markdownlint-cli@0.25.0
       - run: markdownlint '**/*.md' --ignore node_modules
+  yamllint:
+    name: 🍏 YAML
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: 🧹 YAML Lint
+        uses: ibiqlik/action-yamllint@v3

.github/workflows/markdown-link-checker.yml

@@ -6,9 +6,9 @@ jobs:
   markdown-link-check:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@master
-    - uses: gaurav-nelson/github-action-markdown-link-check@v1
-      with:
-        use-quiet-mode: 'yes'
-        use-verbose-mode: 'yes'
-        check-modified-files-only: 'yes'
+      - uses: actions/checkout@master
+      - uses: gaurav-nelson/github-action-markdown-link-check@v1
+        with:
+          use-quiet-mode: 'yes'
+          use-verbose-mode: 'yes'
+          check-modified-files-only: 'yes'

.yamllint

@@ -0,0 +1,8 @@
+---
+
+extends: default
+
+rules:
+  document-start: false
+  line-length: false
+  truthy: false

api/conf/conf.yaml

@@ -22,8 +22,8 @@ conf:
   etcd:
     endpoints:          # supports defining multiple etcd host addresses for an etcd cluster
       - 127.0.0.1:2379
-
-                        # etcd basic auth info
+                          # yamllint disable rule:comments-indentation
+                          # etcd basic auth info
     # username: "root"    # ignore etcd username if not enable etcd auth
     # password: "123456"  # ignore etcd password if not enable etcd auth
   log:
@@ -43,7 +43,7 @@ authentication:
                         # NOTE: Highly recommended to modify this value to protect `manager api`.
                         # if it's default value, when `manager api` start , it will generate a random string to replace it.
   expire_time: 3600     # jwt token expire time, in second
-  users:
+  users:                # yamllint enable rule:comments-indentation
     - username: admin   # username and password for login `manager api`
       password: admin
     - username: user

api/test/docker-deploy/docker-compose.yaml

@@ -62,5 +62,5 @@ networks:
     ipam:
       driver: default
       config:
-      -
-        subnet: 172.16.238.0/24
+        -
+          subnet: 172.16.238.0/24

api/test/docker/apisix_config.yaml

@@ -18,26 +18,26 @@
 # in this file. For example if you want to specify the etcd address:
 #
 etcd:
-    host:
-      - "http://172.16.238.10:2379"
-      - "http://172.16.238.11:2379"
-      - "http://172.16.238.12:2379"
+  host:
+    - "http://172.16.238.10:2379"
+    - "http://172.16.238.11:2379"
+    - "http://172.16.238.12:2379"
 
 apisix:
   admin_key:
     -
-      name: "admin"
-      key: edd1c9f034335f136f87ad84b625c8f1 # using fixed API token has security risk, please
-                                            # update it when you deploy to production environment
-      role: admin
+      name: "admin"                          # yamllint disable rule:comments-indentation
+      key: edd1c9f034335f136f87ad84b625c8f1  # using fixed API token has security risk, please
+                                             # update it when you deploy to production environment
+      role: admin                            # yamllint enable rule:comments-indentation
 
-  allow_admin:                  # http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
+  allow_admin:               # http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
     - 0.0.0.0/0              # If we don't set any IP list, then any IP access is allowed by default.
 
   ssl:
-      enable: true
-      ssl_cert: "/usr/local/apisix/certs/apisix.crt"
-      ssl_cert_key: "/usr/local/apisix/certs/apisix.key"
+    enable: true
+    ssl_cert: "/usr/local/apisix/certs/apisix.crt"
+    ssl_cert_key: "/usr/local/apisix/certs/apisix.key"
 
 nginx_config:
   error_log_level: "debug"

api/test/docker/docker-compose.yaml

@@ -203,5 +203,5 @@ networks:
     ipam:
       driver: default
       config:
-      -
-        subnet: 172.16.238.0/24
+        -
+          subnet: 172.16.238.0/24

api/test/docker/manager-api-conf.yaml

@@ -26,7 +26,7 @@ conf:
       - 172.16.238.11:2379
       - 172.16.238.12:2379
   log:
-    error_log:
+    error_log:                     # yamllint disable rule:comments-indentation
       level: warn                  # supports levels, lower to higher: debug, info, warn, error, panic, fatal
       file_path: logs/error.log    # supports relative path, absolute path, standard output
                                    # such as: logs/error.log, /tmp/logs/error.log, /dev/stdout, /dev/stderr
@@ -35,9 +35,8 @@ authentication:
                              # *NOTE*: Highly recommended to modify this value to protect `manager api`.
                              # if it's default value, when `manager api` start , it will generate a random string to replace it.
   expire_time: 3600          # jwt token expire time, in second
-  users:
+  users:                     # yamllint enable rule:comments-indentation
     - username: admin        # username and password for login `manager api`
       password: admin
     - username: user
       password: user
-