Skip to content

Support skipping workflow validation #3240

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Support skipping workflow validation #3240

wants to merge 5 commits into from
+159 −30

Conversation

@mbg
Copy link
Member

@mbg mbg commented Oct 27, 2025
edited
Loading

For internal use, we have CodeQL workflows that we know are valid and don't require validation on every run. This PR changes workflow validation so that it is always skipped for dynamic workflows. It also adds an environment variable which allows us to skip workflow validation.

This PR also slightly refactors the check into a function in workflow.ts and adds test coverage.

Risk assessment

For internal use only. Please select the risk level of this change:

  • Low risk: Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only.

Which use cases does this change impact?

  • Advanced setup - Impacts users who have custom workflows.
  • Default setup - Impacts users who use default setup.
  • Code Scanning - Impacts Code Scanning (i.e. analysis-kinds: code-scanning).
  • Code Quality - Impacts Code Quality (i.e. analysis-kinds: code-quality).
  • GHES - Impacts GitHub Enterprise Server.

How did/will you validate this change?

  • Unit tests - I am depending on unit test coverage (i.e. tests in .test.ts files).
  • End-to-end tests - I am depending on PR checks (i.e. tests in pr-checks).

If something goes wrong after this change is released, what are the mitigation and rollback strategies?

  • Rollback - Change can only be disabled by rolling back the release or releasing a new version with a fix.

How will you know if something goes wrong after this change is released?

  • Telemetry - I rely on existing telemetry or have made changes to the telemetry.
    • Dashboards - I will watch relevant dashboards for issues after the release. Consider whether this requires this change to be released at a particular time rather than as part of a regular release.
    • Alerts - New or existing monitors will trip if something goes wrong with this change.

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Consider adding a changelog entry for this change.
  • Confirm the readme and docs have been updated if necessary.

@mbg mbg requested a review from henrymercer October 27, 2025 15:59
@mbg mbg requested a review from a team as a code owner October 27, 2025 15:59
Copilot AI review requested due to automatic review settings October 27, 2025 15:59
@github-actions github-actions bot added the size/S Should be easy to review label Oct 27, 2025
Copilot AI reviewed Oct 27, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces an environment variable to skip workflow validation for internal use cases where workflows are known to be valid. The main changes include:

  1. Refactored workflow validation check into a dedicated checkWorkflow function in init.ts
  2. Added SKIP_WORKFLOW_VALIDATION environment variable to control validation
  3. Added comprehensive test coverage for the new function

Reviewed Changes

Copilot reviewed 9 out of 10 changed files in this pull request and generated no comments.

Show a summary per file
File Description
src/init.ts Added checkWorkflow function wrapping validation logic with environment variable check
src/init-action.ts Replaced inline workflow validation with call to new checkWorkflow function
src/environment.ts Added SKIP_WORKFLOW_VALIDATION enum entry with documentation
src/init.test.ts Added three test cases covering validation, error logging, and skip scenarios
lib/*.js Generated JavaScript code from TypeScript sources (auto-generated)

henrymercer
henrymercer reviewed Oct 27, 2025
View reviewed changes
@github-actions github-actions bot added size/M Should be of average difficulty to review and removed size/S Should be easy to review labels Oct 27, 2025
henrymercer
henrymercer reviewed Oct 27, 2025
View reviewed changes
@mbg mbg force-pushed the mbg/allow-skip-workflow-validation branch from 0fd49a1 to 52cec41 Compare October 27, 2025 17:02
@mbg mbg changed the title Add environment variable to skip workflow validation Support skipping workflow validation Oct 27, 2025
@mbg mbg requested a review from henrymercer October 27, 2025 17:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@henrymercer henrymercer henrymercer approved these changes

Assignees

No one assigned

Labels

size/M Should be of average difficulty to review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mbg @henrymercer