actions: Run YAML formatter over all workflow files

.github/workflows/build-board-list.yml

@@ -4,8 +4,8 @@ run-name: Update board list at armbian/os - Pushed commit "${{ github.event.push
 on:
   push:
     paths:
-      - 'config/boards/*.*'
-    branches: [ main ]
+      - "config/boards/*.*"
+    branches: [main]
 
 jobs:
   update-board-list-dispatch:

.github/workflows/build-train.yml

@@ -4,9 +4,9 @@ run-name: Run build train - Pushed commit "${{ github.event.push.head_commit.mes
 on:
   push:
     branches:
-      - 'main'
+      - "main"
     paths:
-      - 'config/*.config'
+      - "config/*.config"
 
 jobs:
   build-train-dispatch:

.github/workflows/labels-from-yml.yml

@@ -5,27 +5,28 @@ on:
   workflow_dispatch:
   push:
     branches:
-      - 'main'
+      - "main"
     paths:
-      - '.github/labels.yml'
+      - ".github/labels.yml"
   pull_request:
     paths:
-      - '.github/labels.yml'
+      - ".github/labels.yml"
 
 jobs:
   labeler:
     permissions:
-      contents: read  # for actions/labeler to determine modified files
-      pull-requests: write  # for actions/labeler to add labels to PRs
+      contents: read # for actions/labeler to determine modified files
+      pull-requests: write # for actions/labeler to add labels to PRs
       issues: write # for actions/labeler to add labels to issues
+
     if: ${{ github.repository_owner == 'Armbian' }}
     runs-on: ubuntu-latest
+
     steps:
-      -
-        name: Checkout
+      - name: Checkout
         uses: actions/checkout@v4
-      -
-        name: Run Labeler
+
+      - name: Run Labeler
         uses: crazy-max/ghaction-github-labeler@v5
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/open-jira-ticket.yml

@@ -8,6 +8,7 @@ jobs:
   sync:
     name: Sync Items
     runs-on: ubuntu-latest
+
     steps:
       - name: Sync
         uses: igorpecovnik/github-action-issue-to-jira@master

.github/workflows/pr-auto-labeler.yml

@@ -5,28 +5,27 @@ run-name: 'Set labels - PR #${{ github.event.pull_request.number }} ("${{ github
 #
 
 on:
-- pull_request_target
+  - pull_request_target
 
 jobs:
-
   label-category:
     permissions:
-      contents: read  # for actions/labeler to determine modified files
-      pull-requests: write  # for actions/labeler to add labels to PRs
+      contents: read # for actions/labeler to determine modified files
+      pull-requests: write # for actions/labeler to add labels to PRs
 
     name: "Category labels"
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/labeler@v5
-      with:
-        repo-token: "${{ secrets.GITHUB_TOKEN }}"
+      - uses: actions/checkout@v4
+      - uses: actions/labeler@v5
+        with:
+          repo-token: "${{ secrets.GITHUB_TOKEN }}"
 
   label-size:
     permissions:
-      contents: read  # for pascalgn/size-label-action to determine modified files
-      pull-requests: write  # for pascalgn/size-label-action to add labels to PRs
+      contents: read # for pascalgn/size-label-action to determine modified files
+      pull-requests: write # for pascalgn/size-label-action to add labels to PRs
 
     name: "Size label"
     runs-on: ubuntu-latest

.github/workflows/pr-build-artifacts.yml

@@ -10,7 +10,6 @@ on:
     types: [opened, reopened, synchronize, labeled]
 
 jobs:
-
   Check:
     permissions:
       pull-requests: read
@@ -21,17 +20,15 @@ jobs:
     outputs:
       member: ${{ steps.checkUserMember.outputs.isTeamMember }}
     steps:
-
-      -  uses: tspascoal/get-user-teams-membership@v3
-         id: checkUserMember
-         with:
-           username: ${{ github.actor }}
-           organization: armbian
-           team: "Release manager"
-           GITHUB_TOKEN: ${{ secrets.ORG_MEMBERS }}
+      - uses: tspascoal/get-user-teams-membership@v3
+        id: checkUserMember
+        with:
+          username: ${{ github.actor }}
+          organization: armbian
+          team: "Release manager"
+          GITHUB_TOKEN: ${{ secrets.ORG_MEMBERS }}
 
   Compile:
-
     needs: Check
     name: Generate artifacts
     concurrency:

.github/workflows/pr-kernel-security-analysis.yml

@@ -21,36 +21,34 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-
   Analysis:
-
     name: Check kernel security options
     runs-on: ubuntu-latest
     if: ${{ github.repository_owner == 'Armbian' }}
-    steps:
 
-       - name: Checkout repository
-         uses: actions/checkout@v4
-         with:
-           fetch-depth: 0
-
-       - name: Get changed files
-         id: changed-files
-         uses: tj-actions/changed-files@v44
-
-       - name: Checkout repository
-         uses: actions/checkout@v4
-         with:
-           repository: a13xp0p0v/kconfig-hardened-check
-           path: kconfig-hardened-check
-
-       - name: Check kernel config for security issues
-         # Run kernel-hardening-checker for each kernel config file excluding RISC-V configs, since they are not supported yet.
-         # See https://github.com/a13xp0p0v/kernel-hardening-checker/issues/56
-         # sed explanation: 1) Put spaces in front of every line 2) replace colored output with emojis since GitHub Actions job summaries don't support colored output
-         run: |
-           for file in ${{ steps.changed-files.outputs.all_changed_files }}; do
-               if [[ "${file}" = config/kernel/*.config && ! $(head -n 10 "${file}" | grep -q "riscv") ]]; then
-                   kconfig-hardened-check/bin/kernel-hardening-checker -m show_fail -c $file | sed 's/^/     /; s/\x1b\[32m/✅ /; s/\x1b\[31m/❌ /; s/\x1b\[0m//' >> $GITHUB_STEP_SUMMARY
-               fi
-           done
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Get changed files
+        id: changed-files
+        uses: tj-actions/changed-files@v44
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          repository: a13xp0p0v/kconfig-hardened-check
+          path: kconfig-hardened-check
+
+      - name: Check kernel config for security issues
+        # Run kernel-hardening-checker for each kernel config file excluding RISC-V configs, since they are not supported yet.
+        # See https://github.com/a13xp0p0v/kernel-hardening-checker/issues/56
+        # sed explanation: 1) Put spaces in front of every line 2) replace colored output with emojis since GitHub Actions job summaries don't support colored output
+        run: |
+          for file in ${{ steps.changed-files.outputs.all_changed_files }}; do
+              if [[ "${file}" = config/kernel/*.config && ! $(head -n 10 "${file}" | grep -q "riscv") ]]; then
+                  kconfig-hardened-check/bin/kernel-hardening-checker -m show_fail -c $file | sed 's/^/     /; s/\x1b\[32m/✅ /; s/\x1b\[31m/❌ /; s/\x1b\[0m//' >> $GITHUB_STEP_SUMMARY
+              fi
+          done

.github/workflows/pr-lint-scripts.yml

@@ -17,45 +17,43 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-
   Shellcheck:
-
     name: Shell script analysis
     runs-on: ubuntu-latest
     if: ${{ github.repository_owner == 'Armbian' }}
-    steps:
 
-       - name: Checkout repository
-         uses: actions/checkout@v4
-         with:
-           fetch-depth: 2
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 2
 
-       - name: Get changed files
-         id: changed-files
-         uses: tj-actions/changed-files@v44
+      - name: Get changed files
+        id: changed-files
+        uses: tj-actions/changed-files@v44
 
-       - name: List all changed files
-         run: |
+      - name: List all changed files
+        run: |
 
-           # Use framework internal mechanism for checking `lib` and `extensions` code only one file is passed,
-           # and source's are followed, thus the whole project is "understood" by shellcheck.
-           # For example, when checking individual files, one variable might be thought "unused" because it
-           # is only used in another file, which does not happen when done properly.
+          # Use framework internal mechanism for checking `lib` and `extensions` code only one file is passed,
+          # and source's are followed, thus the whole project is "understood" by shellcheck.
+          # For example, when checking individual files, one variable might be thought "unused" because it
+          # is only used in another file, which does not happen when done properly.
 
-           bash lib/tools/shellcheck.sh
+          bash lib/tools/shellcheck.sh
 
-           ret=0
+          ret=0
 
-           for file in ${{ steps.changed-files.outputs.all_changed_files }}; do
+          for file in ${{ steps.changed-files.outputs.all_changed_files }}; do
 
-               if [[ ! "${file}" =~ lib/|extensions/|.py|.service|.rules|.network|.netdev ]]; then
-                   if grep -qE "^#\!/.*bash" $file; then
+              if [[ ! "${file}" =~ lib/|extensions/|.py|.service|.rules|.network|.netdev ]]; then
+                  if grep -qE "^#\!/.*bash" $file; then
 
-                       shellcheck --severity=error $file || ret=$?
+                      shellcheck --severity=error $file || ret=$?
 
-                   fi
-               fi
+                  fi
+              fi
 
-           done
+          done
 
-           exit $ret
+          exit $ret

.github/workflows/rebase.yml

@@ -4,26 +4,27 @@ run-name: Check comment for `/rebase`
 # If you comment "/rebase" to the PR this Action will rebase the PR
 #
 
-
 on:
   issue_comment:
     types: [created]
 
 jobs:
   rebase:
     permissions:
-      contents: write  # for cirrus-actions/rebase to push code to rebase
-      pull-requests: read  # for cirrus-actions/rebase to get info about PR
+      contents: write # for cirrus-actions/rebase to push code to rebase
+      pull-requests: read # for cirrus-actions/rebase to get info about PR
 
     name: Rebase
     if: github.event.issue.pull_request != '' && contains(github.event.comment.body, '/rebase')
     runs-on: ubuntu-latest
+
     steps:
-      - name: Checkout the latest code
+      - name: Checkout repository
         uses: actions/checkout@v4
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           fetch-depth: 0 # otherwise, you will fail to push refs to dest repo
+
       - name: Automatic Rebase
         uses: cirrus-actions/[email protected]
         env:

.github/workflows/scorecard.yml

@@ -6,9 +6,9 @@ on:
   branch_protection_rule:
   schedule:
     # Weekly on Saturdays.
-    - cron: '30 1 * * 6'
+    - cron: "30 1 * * 6"
   push:
-    branches: [ main ]
+    branches: [main]
 
 # Declare default permissions as read only.
 permissions: read-all
@@ -44,8 +44,8 @@ jobs:
           repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
 
           # Publish the results for public repositories to enable scorecard badges. For more details, see
-          # https://github.com/ossf/scorecard-action#publishing-results. 
-          # For private repositories, `publish_results` will automatically be set to `false`, regardless 
+          # https://github.com/ossf/scorecard-action#publishing-results.
+          # For private repositories, `publish_results` will automatically be set to `false`, regardless
           # of the value entered here.
           publish_results: true