ci: add README↔action.yaml input/output parity guard

[devantler]

🤖 Generated by the Daily AI Assistant

Fixes #185.

What

Adds a lint-readme-parity CI job that fails if any input/output declared in an action's action.yaml is missing from its README's ## Inputs / ## Outputs table. It emits ::error annotations pointing at the offending action.yaml, and is wired into the CI - Required Checks gate (needs + the aggregate-job-checks result list). The check uses yq (preinstalled on the ubuntu-latest runner image) for the action.yaml side and awk/grep for the README side — no new dependencies, runs on every event with contents: read only.

Parity audit (acceptance criterion: one bullet per action)

I read every action.yaml against its README.md. Result: zero parity drift found — every declared input/output is already documented with matching required/default:

• aggregate-job-checks — job-results, check-name documented; required/default match. ✅
• approve-pr — app-id, app-private-key, pr-number, dry-run all documented. ✅
• cleanup-ghcr-packages — older-than, keep-n-tagged, package, dry-run documented. ✅
• create-issues-from-todos — app-id, app-private-key, project documented. ✅
• enable-auto-merge-on-pr — pr-number, merge-method, dry-run documented. ✅
• login-to-ghcr — github-token documented. ✅
• run-dotnet-tests — app-id, app-private-key, github-token, working-directory documented. ✅
• setup-agent-skills — 5 inputs + output installed-skills documented. ✅
• setup-go-toolchain — go-version, github-token + output go-version documented. ✅
• setup-ksail-cli — no inputs/outputs declared; README correctly omits the tables. ✅
• sync-github-labels — config-file, delete-other-labels documented. ✅
• update-agent-skills — 5 inputs + outputs changed, updated-skills documented. ✅
• upload-coverage — 5 inputs documented; no outputs ("This action has no outputs."). ✅
• upsert-issue — 8 inputs + outputs issue-number and issue-url documented (the issue flagged issue-url as "unknown" — it is in fact already documented). ✅

So the READMEs are already in good shape; the durable value of this PR is the guard that keeps them that way and catches the "silent drift" #185 describes (e.g. a future agents:-style input added to action.yaml without a README row).

Validation

• actionlint .github/workflows/ci.yaml — clean for this change (the two pre-existing code-quality permission-scope warnings at lines 213/629 are unrelated to this job and stem from actionlint's allowlist not yet knowing that scope).
• Parity logic exercised locally against the live READMEs (passes) and against a synthetic action with an undocumented input + output (fails with ::error annotations + non-zero exit).

Notes / trade-offs

• Kept the check inline in ci.yaml (self-contained, matching the repo's job style and the zizmor precedent) rather than introducing a new .github/scripts/ convention.
• Forward-direction only (every action.yaml name must be documented) — it does not flag README rows with no matching action.yaml entry, to avoid false positives on intentionally-documented effective defaults (e.g. cleanup-ghcr-packages package).

[github-code-quality]

Code Coverage Overview

Languages: Go, C#

Go / code-coverage/test

The overall coverage remains at 50%, unchanged from the main branch.

C# / code-coverage/dotnet

The overall coverage remains at 100%, unchanged from the main branch.

---

_{Updated May 31, 2026 01:22 UTC
Code Coverage is in Public Preview. Learn more and provide us with your feedback.}

[Copilot]

Pull request overview

Adds a lint-readme-parity CI job that fails when an input/output declared in any action.yaml is missing from the matching README's ## Inputs / ## Outputs section, and wires it into the required-checks gate. Uses preinstalled yq + awk/grep, no new dependencies.

Changes:

• New lint-readme-parity job iterates */action.yaml, extracts input/output names via yq, and verifies each appears (as `name`) inside the README's ## Inputs / ## Outputs section.
• Adds the new job to the ci-required-checks needs: list and to the aggregate-job-checks result list.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.