Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace github-action versions with SHAs #429

Merged
merged 2 commits into from
Jul 5, 2024
Merged

Replace github-action versions with SHAs #429

merged 2 commits into from
Jul 5, 2024

Conversation

ericpromislow
Copy link
Contributor

No related issue

@ericpromislow ericpromislow requested a review from a team as a code owner July 3, 2024 19:53
tomleb
tomleb previously approved these changes Jul 4, 2024
View reviewed changes
Copy link
Contributor

@tomleb tomleb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

It's best to add the version number at the end of the line as a comment so that renovate can pick it up as shown here: #431.

One issue is that renovate won't update the comment with the link in it, so that will become stale eventually.

If you have time to add the version number in a comment after all the uses (even those not in this PR) then great, otherwise we'll do it later.

.github/workflows/release.yaml Outdated
@@ -136,7 +136,8 @@ jobs:
secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials password | DOCKER_PASSWORD

- name: Set up QEMU
uses: docker/setup-qemu-action@v3
# https://github.com/docker/setup-qemu-action/commit/5927c834f5b4fdf503fca6f4c7eccda82949e1ee
uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee
uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee # v3.1.0

.github/workflows/release.yaml Outdated
@@ -167,7 +168,8 @@ jobs:
touch "/tmp/digests/${digest#sha256:}"

- name: Upload digest
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3

.github/workflows/release.yaml Outdated
@@ -181,14 +183,16 @@ jobs:
needs: image
steps:
- name: Download digests
uses: actions/download-artifact@v4
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7

.github/workflows/release.yaml Outdated
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.4.0

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I changed the comment to use the releases/tag/VERSION form as well. There were a bunch...

@ericpromislow
GHA: Put the version after the action's SHA.
483a8e0 
And then put the link to the action immediately after the `uses`
statement, and prefer tghe `releases/tag/VERSION` form over others.
@ericpromislow ericpromislow requested review from tomleb and a team July 4, 2024 23:07
@ericpromislow ericpromislow merged commit cdaea73 into rancher:release/v0.5 Jul 5, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MbolotSuse MbolotSuse MbolotSuse approved these changes

@tomleb tomleb tomleb approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ericpromislow @tomleb @MbolotSuse