Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Pin actions to hashes TDE-934 #758

Merged
merged 1 commit into from
Nov 27, 2023
Merged

feat: Pin actions to hashes TDE-934 #758

merged 1 commit into from
Nov 27, 2023

Conversation

l0b0
Copy link
Contributor

@l0b0 l0b0 commented Nov 15, 2023

Motivation

Make sure we run specific versions of actions, rather than moving tags.

Modification

Done with pin-github-action https://github.com/mheap/pin-github-action 1.8.0 using npx pin-github-action .github/workflows/*.yml.

Dependabot should support updating in the same fashion dependabot/dependabot-core#8277 (comment).

Checklist

If not applicable, provide explanation of why.

  • Tests updated (N/A)
  • Docs updated (N/A)
  • Issue linked in Title

@l0b0 l0b0 requested review from a team as code owners November 15, 2023 21:14
@l0b0
feat: Pin actions to hashes
5315d92 
Done with pin-github-action <https://github.com/mheap/pin-github-action>
1.8.0 using `npx pin-github-action .github/workflows/*.yml`.

Dependabot should support updating in the same fashion
<dependabot/dependabot-core#8277 (comment)>.
@l0b0 l0b0 marked this pull request as draft November 16, 2023 01:02
@amfage amfage self-requested a review November 22, 2023 00:12
@l0b0 l0b0 marked this pull request as ready for review November 22, 2023 00:12
@l0b0 l0b0 enabled auto-merge November 22, 2023 00:12
@l0b0 l0b0 added this pull request to the merge queue Nov 27, 2023
Merged via the queue into master with commit cd7d938 Nov 27, 2023
2 checks passed
@l0b0 l0b0 deleted the feat/pin-actions branch November 27, 2023 21:27
This was referenced Nov 27, 2023
Closed
Merged
github-merge-queue bot pushed a commit that referenced this pull request Nov 30, 2023
@github-actions
chore(master): release 2.17.0 (#781)
b4cd1da 
🤖 I have created a release *beep* *boop*
---


##
[2.17.0](v2.16.0...v2.17.0)
(2023-11-29)


### Features

* lint resolution TDE-938
([#747](#747))
([b4b8512](b4b8512))
* Lint workflows using actionlint TDE-919
([#742](#742))
([8c458b4](8c458b4))
* Pin actions to hashes TDE-934
([#758](#758))
([cd7d938](cd7d938))


### Bug Fixes

* GitHub PAT for Argo Workflows Pull Requests TDE-940
([#768](#768))
([392371f](392371f))
* Run code under test TDE-968
([#779](#779))
([9d4563f](9d4563f))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paulfouquet paulfouquet paulfouquet approved these changes

@blacha blacha Awaiting requested review from blacha blacha is a code owner automatically assigned from linz/li-topo-data-engineering

@MDavidson17 MDavidson17 Awaiting requested review from MDavidson17 MDavidson17 is a code owner automatically assigned from linz/li-topo-data-engineering

@amfage amfage Awaiting requested review from amfage

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@l0b0 @amfage @paulfouquet