fix(ci): fix actionlint CI failure and test.yml SHA corruption

[YiWang24]

Summary

Fixes two issues found in CI:

1. actionlint false positives in ci-self-test

Root cause: The actionlint job vends .openci/ from a pinned SHA via resolve-openci. When the top-level workflow files (e.g., reusable-ci.yml) contain newer action input names than what exists in the older vendored composite actions, actionlint reports "input not defined" errors.

Fix: Remove the resolve-openci vendoring step from the actionlint job. Actionlint only needs to check the current source files — the vendored .openci/ at a different SHA introduces false positives.

2. test.yml text corruption

Root cause: An earlier version of bump-self-sha.sh used awk '{print $NF}' to extract the old SHA from manifest.yml. On the line YiAgent/OpenCI: "sha" # resolve-openci bootstrap, awk extracted bootstrap instead of the SHA. The perl substitution then replaced bootstrap with the full 40-char SHA 34a93579..., corrupting bootstrapping into 34a93579...ping in 4 locations.

Fix: Restored the original text in all comments, descriptions, and step names.

Files Changed

• .github/workflows/reusable-self-test.yml — Remove resolve-openci from actionlint job
• .github/workflows/test.yml — Fix 4 corrupted text instances

---

^{Need help on this PR? Tag @codesmith with what you need. Autofix is disabled.}

Summary by CodeRabbit

• Chores
  • Updated CI/CD workflow configurations for improved efficiency and consistency.

Greptile Summary

This PR fixes two CI regressions: actionlint false positives caused by vendoring .openci/ at a mismatched SHA, and text corruption in test.yml where a faulty awk extraction in bump-self-sha.sh mangled the word "bootstrapping" into a SHA fragment across four locations. All workflow files are also updated to the new self-reference SHA (0fc8c78).

• reusable-self-test.yml: Removes the resolve-openci vendoring step from the actionlint job so actionlint only sees current source files, eliminating false "input not defined" errors from stale composite actions.
• test.yml: Restores four occurrences of self-bootstrapping that were corrupted by the SHA-bump script extracting bootstrap (the comment word) instead of the actual SHA value.
• All caller workflows + manifest.yml: Consistent SHA bump from 119c3eab to 0fc8c78.

Confidence Score: 5/5

Safe to merge — both fixes are targeted and correct, with no logic changes to production paths.

The actionlint fix correctly removes a step that was injecting stale composite actions into a linting context, and the text restoration in test.yml is a straightforward revert of script-induced corruption. All SHA bumps are internally consistent. The only residual item is the dead .openci/.github/actionlint.yaml branch in the config-file check, which was already flagged in a previous review comment — it causes no runtime failure, just unreachable code.

.github/workflows/reusable-self-test.yml — the actionlint config-file check still has a branch that references .openci/.github/actionlint.yaml, which can never be true now that the resolve-openci step has been removed from that job.

Important Files Changed

Filename	Overview
.github/workflows/reusable-self-test.yml	Removes resolve-openci step from actionlint job to eliminate false positives; SHA bumped in remaining jobs. The .openci/.github/actionlint.yaml branch in the config-file check is now permanently unreachable dead code.
.github/workflows/test.yml	Restores 4 corrupted "bootstrapping" strings that were mangled into a SHA hash by a faulty awk extraction in bump-self-sha.sh.
manifest.yml	Updates the pinned YiAgent/OpenCI self-reference SHA from 119c3ea to 0fc8c78, consistent with all other workflow SHA bumps in this PR.
.github/workflows/reusable-ci.yml	SHA bump only — all 8 resolve-openci action references updated from 119c3ea to 0fc8c78; no logic changes.
.github/workflows/reusable-pr.yml	SHA bump only — 3 resolve-openci action references updated from 119c3ea to 0fc8c78; no logic changes.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[actionlint job] --> B[Checkout source]
    B --> C{Before this PR}
    C -->|resolve-openci step| D[Vendor .openci/ at pinned SHA]
    D --> E[Run actionlint]
    E --> F[❌ False positives: input not defined\nfor actions at older SHA]

    B --> G{After this PR}
    G --> H[Run actionlint directly on source]
    H --> I{Config file?}
    I -->|.openci/.github/actionlint.yaml| J[⚠️ Dead branch — .openci/ never populated]
    I -->|.github/actionlint.yaml| K[✅ Use repo config]
    I -->|neither| L[✅ Run with defaults]

Loading

Comments Outside Diff (1)

1. .github/workflows/reusable-self-test.yml, line 83-88 (link)

   After removing the resolve-openci step, the .openci/ directory is never populated in the actionlint job, so the first branch of this config-file check is permanently dead. Actionlint will always fall through to .github/actionlint.yaml. If the repo's actionlint config lives only in .openci/.github/actionlint.yaml in the vendored tree (not in .github/actionlint.yaml), it will be silently skipped. Dropping the unreachable first branch makes the intent explicit.

_{Reviews (3): Last reviewed commit: "chore: sync all SHA references via bump-..." | Re-trigger Greptile}

[qodo-code-review]

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR streamlines CI workflows by removing an unnecessary OpenCI resolve/checkout step from the reusable actionlint job and standardizes self-bootstrapping identifier terminology across the test workflow's comments, input descriptions, and step labels.

Changes

Workflow maintenance and labeling

Layer / File(s)	Summary
Remove OpenCI resolve step from actionlint job .github/workflows/reusable-self-test.yml	The "Resolve OpenCI ref and checkout" step was removed from the actionlint job; execution now flows directly from actions/checkout to actionlint installation and execution.
Update self-bootstrapping identifier strings .github/workflows/test.yml	Self-bootstrapping identifier terminology was updated in the file header comment, the run-live-e2e input description, and the corresponding live E2E step name.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• YiAgent/OpenCI#34: This PR updates test workflow labels to match the self-bootstrapping terminology introduced in PR #34.
• YiAgent/OpenCI#149: Both PRs modify the reusable workflow's OpenCI resolve/checkout behavior; this PR removes the "Resolve OpenCI ref and checkout" step that was addressed in PR #149.

Suggested labels

area:ci

Poem

🐰 A workflow refined with care and grace,
One step removed from its old place,
New names align where bootstraps spring,
Cleaner pipelines for everything!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately reflects both main changes: removing the resolve-openci step that caused actionlint false positives and fixing the text corruption caused by the SHA substitution.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/actionlint-sha-corruption

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openbot-dev]

Fix corrupted "self-bootstrapping" strings and remove unused resolve-openci step from self-test workflow; clean and straightforward PR.

[openbot-dev]

PR updates pinned workflow refs and fixes corrupted "self-34a93579…ping" → "self-bootstrapping" text in test.yml; no functional issues found.

[openbot-dev]

Bump OpenCI reusable workflow and action refs from 119c3ea to 0fc8c78, fix corrupted "self-34a93579…ping" text back to "self-bootstrapping", and remove a redundant resolve-openci step in the actionlint self-test job.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[YiWang24]

Superseded by a cleaner branch. Recreating...