The workflow is not valid. .github/workflows/Main Workflow.yml (Line: 22, Col: 22):

Sudipta_Saha · August 31, 2020, 8:23am

Hello,
I added Main Workflow.yml file into my git repo and tried to run this file but it throws error like

Unexpected symbol: '2e4ce68d4e3feec97e992821e6391166943f4d49’
|GitHub Actions/ Main Workflow
Invalid workflow file
The workflow is not valid. .github/workflows/Main Workflow.yml (Line: 22, Col: 22): Unexpected symbol: ‘<hash_value>’. Located at position 9 within expression: secrets.<hash_value>|

My codes are below
sonar-scanner.properties

#Configure here general information about the environment, such as SonarQube server connection details for example
#No information about specific project should appear here
#----- Default SonarQube server
sonar.host.url=https://sonarcloud.io/
#----- Default source code encoding
#sonar.sourceEncoding=UTF-8
sonar.organization=sahasudipta
sonar.projectKey=005e9d8a-15fe-46a2-8f4d-a4c706e4d732
#sonar.projectKey=ruko
sonar.projectName=Toolsdemo
sonar.projectVersion=1.0
sonar.sources=https://github.com/sahasudipta/Toolsdemo
sonar.sourceEncoding=UTF-8

AND

on:
push:
branches:
- master
pull_request:
types: [opened, synchronize, reopened]
name: Main Workflow
jobs:
sonarcloud:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@v1.3
env:
GITHUB_TOKEN: {{ secrets.d7c0952be1e24f019c97548bcc56a0f1057181e9 }} SONAR_TOKEN: {{ secrets.2e4ce68d4e3feec97e992821e6391166943f4d49 }}

What am I doing wrong? I tried to run this workflow many times but same result . Please help

Peeter_Piegaze · September 1, 2020, 2:19pm

Hello Sudipta,

In the env section, it looks like you have combined the GitHub secrets syntax with the literal values of your tokens.

You should define the secrets GITHUB_TOKEN and SONAR_TOKEN to hold the literal values and then use the variable substitution syntax like this:

env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

See here, here, and here, for more details.

Alternatively, you could use the literal tokens directly in your YML file, like this:

env:
  GITHUB_TOKEN: d7c0952be1e24f019c97548bcc56a0f1057181e9
  SONAR_TOKEN: 2e4ce68d4e3feec97e992821e6391166943f4d49

But this is not good practice and should be avoided.

cagoscra · May 26, 2022, 8:23pm

Given that use the literal tokens directly, what is the correct way to use

$ {{ secrets.GITHUB_TOKEN }}

format?

I’m new in yaml format, and barely understand it.

Topic		Replies	Views
Unexpected symbol: '2e4ce68d4e3feec97e992821e6391166943f4d49' SonarQube Cloud scanner , github-actions	1	428	September 22, 2020
Issue while using uses: sonarsource/sonarcloud-github-action@master SonarQube Cloud github-actions	7	472	December 11, 2024
The format of the analysis property sonar.token= is invalid SonarQube Cloud dotnet	5	1311	February 29, 2024
Github Action CI Build Fail with set the SONAR_TOKEN env variable SonarQube Cloud sonarqube-cloud	25	11385	July 12, 2022
GitHub Actions setup confirmation SonarQube Cloud scanner , github-actions , sonarqube-cloud	1	142	July 3, 2024

The workflow is not valid. .github/workflows/Main Workflow.yml (Line: 22, Col: 22):

Related topics