Skip to content

feat(naoru-ai): add naoru AI failure diagnosis to core build/deploy workflows #233

feat(naoru-ai): add naoru AI failure diagnosis to core build/deploy workflows

feat(naoru-ai): add naoru AI failure diagnosis to core build/deploy workflows #233

Triggered via pull request June 29, 2026 09:12
Status Success
Total duration 43s
Artifacts

ci.yml

on: pull_request
✅ Validate YAML Syntax
12s
✅ Validate YAML Syntax
🧹 Lint YAML Files
8s
🧹 Lint YAML Files
🔍 Validate Workflow Structure
3s
🔍 Validate Workflow Structure
🔒 Security Scan
32s
🔒 Security Scan
📚 Validate Documentation
6s
📚 Validate Documentation
🏷️ Validate Naming Conventions
4s
🏷️ Validate Naming Conventions
🔍 Actionlint
12s
🔍 Actionlint
📝 Generate Documentation Index
📝 Generate Documentation Index
⚠️ Check Deprecated Actions
5s
⚠️ Check Deprecated Actions
🔐 Validate Permissions
6s
🔐 Validate Permissions
📊 CI Summary
4s
📊 CI Summary
🩺 Diagnose failure (naoru)
0s
🩺 Diagnose failure (naoru)
Fit to window
Zoom out
Zoom in

Annotations

21 errors, 10 warnings, and 1 notice
🧹 Lint YAML Files
Process completed with exit code 1.
🔍 Actionlint: .github/workflows/infracost.yml#L10
[actionlint] reported by reviewdog 🐶 input "working-directory" of workflow_call event has the default value "./", but it is also required. if an input is marked as required, its default value will never be used [events] Raw Output: e:.github/workflows/infracost.yml:10:18: input "working-directory" of workflow_call event has the default value "./", but it is also required. if an input is marked as required, its default value will never be used [events]
🔍 Actionlint: .github/workflows/helm-smurf.yml#L270
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2129:style:1:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects [shellcheck] Raw Output: e:.github/workflows/helm-smurf.yml:270:9: shellcheck reported issue in this script: SC2129:style:1:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects [shellcheck]
🔍 Actionlint: .github/workflows/helm-smurf.yml#L257
[actionlint] reported by reviewdog 🐶 property "build_role" is not defined in object type {actions_runner_debug: string; actions_step_debug: string; aws_access_key_id: string; aws_secret_access_key: string; aws_session_token: string; aws_set_parameters: string; gcp_service_account: string; gcp_service_account_key: string; gcp_wip: string; github_token: string; google_credentials: string} [expression] Raw Output: e:.github/workflows/helm-smurf.yml:257:31: property "build_role" is not defined in object type {actions_runner_debug: string; actions_step_debug: string; aws_access_key_id: string; aws_secret_access_key: string; aws_session_token: string; aws_set_parameters: string; gcp_service_account: string; gcp_service_account_key: string; gcp_wip: string; github_token: string; google_credentials: string} [expression]
🔍 Actionlint: .github/workflows/helm-smurf.yml#L198
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2129:style:1:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects [shellcheck] Raw Output: e:.github/workflows/helm-smurf.yml:198:9: shellcheck reported issue in this script: SC2129:style:1:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects [shellcheck]
🔍 Actionlint: .github/workflows/helm-smurf.yml#L185
[actionlint] reported by reviewdog 🐶 property "build_role" is not defined in object type {actions_runner_debug: string; actions_step_debug: string; aws_access_key_id: string; aws_secret_access_key: string; aws_session_token: string; aws_set_parameters: string; gcp_service_account: string; gcp_service_account_key: string; gcp_wip: string; github_token: string; google_credentials: string} [expression] Raw Output: e:.github/workflows/helm-smurf.yml:185:31: property "build_role" is not defined in object type {actions_runner_debug: string; actions_step_debug: string; aws_access_key_id: string; aws_secret_access_key: string; aws_session_token: string; aws_set_parameters: string; gcp_service_account: string; gcp_service_account_key: string; gcp_wip: string; github_token: string; google_credentials: string} [expression]
🔍 Actionlint: .github/workflows/gcp-prowler.yml#L108
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2145:error:2:24: Argument mixes string and array. Use * or separate argument [shellcheck] Raw Output: e:.github/workflows/gcp-prowler.yml:108:9: shellcheck reported issue in this script: SC2145:error:2:24: Argument mixes string and array. Use * or separate argument [shellcheck]
🔍 Actionlint: .github/workflows/gcp-prowler.yml#L10
[actionlint] reported by reviewdog 🐶 input "cloud_provider" of workflow_call event has the default value "gcp", but it is also required. if an input is marked as required, its default value will never be used [events] Raw Output: e:.github/workflows/gcp-prowler.yml:10:18: input "cloud_provider" of workflow_call event has the default value "gcp", but it is also required. if an input is marked as required, its default value will never be used [events]
🔍 Actionlint: .github/workflows/docker-smurf.yml#L203
[actionlint] reported by reviewdog 🐶 property "build_role" is not defined in object type {actions_runner_debug: string; actions_step_debug: string; aws_access_key_id: string; aws_secret_access_key: string; aws_session_token: string; aws_set_parameters: string; gcp_service_account: string; gcp_service_account_key: string; gcp_wip: string; github_token: string; google_credentials: string} [expression] Raw Output: e:.github/workflows/docker-smurf.yml:203:31: property "build_role" is not defined in object type {actions_runner_debug: string; actions_step_debug: string; aws_access_key_id: string; aws_secret_access_key: string; aws_session_token: string; aws_set_parameters: string; gcp_service_account: string; gcp_service_account_key: string; gcp_wip: string; github_token: string; google_credentials: string} [expression]
🔍 Actionlint
reviewdog: Too many results (annotations) in diff. You may miss some annotations due to GitHub limitation for annotation created by logging command. Please check GitHub Actions log console to see all results. Limitation: - 10 warning annotations and 10 error annotations per step - 50 annotations per job (sum of annotations from all the steps) - 50 annotations per run (separate from the job annotations, these annotations aren't created by users) Source: https://github.com/orgs/community/discussions/26680#discussioncomment-3252835
🔍 Actionlint: .github/workflows/aws-prowler.yml#L10
[actionlint] reported by reviewdog 🐶 input "cloud_provider" of workflow_call event has the default value "aws", but it is also required. if an input is marked as required, its default value will never be used [events] Raw Output: e:.github/workflows/aws-prowler.yml:10:18: input "cloud_provider" of workflow_call event has the default value "aws", but it is also required. if an input is marked as required, its default value will never be used [events]
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
🔒 Security Scan
CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
🔒 Security Scan
CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
🔒 Security Scan
CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
🔍 Actionlint: .github/workflows/docker-smurf.yml#L156
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2215:warning:2:1: This flag is used as a command name. Bad line break or missing [ .. ]? [shellcheck] Raw Output: w:.github/workflows/docker-smurf.yml:156:9: shellcheck reported issue in this script: SC2215:warning:2:1: This flag is used as a command name. Bad line break or missing [ .. ]? [shellcheck]
🔍 Actionlint: .github/workflows/docker-smurf.yml#L149
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2215:warning:2:1: This flag is used as a command name. Bad line break or missing [ .. ]? [shellcheck] Raw Output: w:.github/workflows/docker-smurf.yml:149:9: shellcheck reported issue in this script: SC2215:warning:2:1: This flag is used as a command name. Bad line break or missing [ .. ]? [shellcheck]
🔍 Actionlint: .github/workflows/docker-scout.yml#L71
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2086:info:1:25: Double quote to prevent globbing and word splitting [shellcheck] Raw Output: i:.github/workflows/docker-scout.yml:71:9: shellcheck reported issue in this script: SC2086:info:1:25: Double quote to prevent globbing and word splitting [shellcheck]
🔍 Actionlint: .github/workflows/docker-scout.yml#L71
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2086:info:1:17: Double quote to prevent globbing and word splitting [shellcheck] Raw Output: i:.github/workflows/docker-scout.yml:71:9: shellcheck reported issue in this script: SC2086:info:1:17: Double quote to prevent globbing and word splitting [shellcheck]
🔍 Actionlint: .github/workflows/cloudrun-rollback.yml#L57
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2086:info:6:30: Double quote to prevent globbing and word splitting [shellcheck] Raw Output: i:.github/workflows/cloudrun-rollback.yml:57:9: shellcheck reported issue in this script: SC2086:info:6:30: Double quote to prevent globbing and word splitting [shellcheck]
🔍 Actionlint: .github/workflows/aws-prowler.yml#L146
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2086:info:3:94: Double quote to prevent globbing and word splitting [shellcheck] Raw Output: i:.github/workflows/aws-prowler.yml:146:9: shellcheck reported issue in this script: SC2086:info:3:94: Double quote to prevent globbing and word splitting [shellcheck]
🔍 Actionlint: .github/workflows/aws-prowler.yml#L146
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2086:info:3:88: Double quote to prevent globbing and word splitting [shellcheck] Raw Output: i:.github/workflows/aws-prowler.yml:146:9: shellcheck reported issue in this script: SC2086:info:3:88: Double quote to prevent globbing and word splitting [shellcheck]
🔍 Actionlint: .github/workflows/aws-prowler.yml#L119
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2155:warning:1:8: Declare and assign separately to avoid masking return values [shellcheck] Raw Output: w:.github/workflows/aws-prowler.yml:119:9: shellcheck reported issue in this script: SC2155:warning:1:8: Declare and assign separately to avoid masking return values [shellcheck]
🔍 Actionlint: .github/workflows/aws-prowler.yml#L119
[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2086:info:13:8: Double quote to prevent globbing and word splitting [shellcheck] Raw Output: i:.github/workflows/aws-prowler.yml:119:9: shellcheck reported issue in this script: SC2086:info:13:8: Double quote to prevent globbing and word splitting [shellcheck]
🔍 Actionlint
Input 'fail_on_error' has been deprecated with message: Deprecated, use `fail_level` instead.
GitHub API token
Consider setting a GITHUB_TOKEN to prevent GitHub api rate limits