From ace1db3693c3b02d0ab06f48c58e346f234b2b36 Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Sun, 25 Oct 2020 17:34:16 -0400 Subject: [PATCH 1/4] chore: Upgrade actions/script to v3.0.0 --- .github/allowed-actions.js | 5 +---- .github/workflows/first-responder-docs-content.yml | 4 ++-- .github/workflows/send-eng-issues-to-backlog.yml | 2 +- .github/workflows/start-new-engineering-pr-workflow.yml | 2 +- .github/workflows/translations.yml | 4 ++-- .github/workflows/triage-issue-comments.yml | 2 +- 6 files changed, 8 insertions(+), 11 deletions(-) diff --git a/.github/allowed-actions.js b/.github/allowed-actions.js index 8f08371ea1b7..275e4c7a4c6f 100644 --- a/.github/allowed-actions.js +++ b/.github/allowed-actions.js @@ -7,10 +7,7 @@ module.exports = [ 'actions/cache@70655ec8323daeeaa7ef06d7c56e1b9191396cbe', 'actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16', 'actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675', - 'actions/github-script@5d03ada4b0a753e9460b312e61cc4f8fdeacf163', - 'actions/github-script@6e5ee1dc1cb3740e5e5e76ad668e3f526edbfe45', - 'actions/github-script@44b873bc975058192f5279ebe7579496381f575d', - 'actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9', + 'actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9', //actions/script@v3.0.0 'actions/labeler@5f867a63be70efff62b767459b009290364495eb', 'actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d', 'actions/setup-ruby@5f29a1cd8dfebf420691c4c9a0e832e2fae5a526', diff --git a/.github/workflows/first-responder-docs-content.yml b/.github/workflows/first-responder-docs-content.yml index 944368dafca3..59b584026573 100644 --- a/.github/workflows/first-responder-docs-content.yml +++ b/.github/workflows/first-responder-docs-content.yml @@ -11,7 +11,7 @@ jobs: steps: - name: Check if the event originated from a team member - uses: actions/github-script@44b873bc975058192f5279ebe7579496381f575d + uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9 id: set-result with: github-token: ${{secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES}} @@ -58,7 +58,7 @@ jobs: steps: - name: Remove card from project - uses: actions/github-script@44b873bc975058192f5279ebe7579496381f575d + uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9 with: github-token: ${{secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES}} result-encoding: string diff --git a/.github/workflows/send-eng-issues-to-backlog.yml b/.github/workflows/send-eng-issues-to-backlog.yml index ce93bc12b272..9c51f298779e 100644 --- a/.github/workflows/send-eng-issues-to-backlog.yml +++ b/.github/workflows/send-eng-issues-to-backlog.yml @@ -12,7 +12,7 @@ jobs: steps: - name: Add issues with engineering label to project board if: contains(github.event.issue.labels.*.name, 'engineering') || contains(github.event.issue.labels.*.name, 'design') || contains(github.event.issue.labels.*.name, 'Design') - uses: actions/github-script@44b873bc975058192f5279ebe7579496381f575d + uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9 with: github-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }} script: | diff --git a/.github/workflows/start-new-engineering-pr-workflow.yml b/.github/workflows/start-new-engineering-pr-workflow.yml index 752db59a85e5..e223ee53ae59 100644 --- a/.github/workflows/start-new-engineering-pr-workflow.yml +++ b/.github/workflows/start-new-engineering-pr-workflow.yml @@ -12,7 +12,7 @@ jobs: DRAFT_COLUMN_ID: 10095775 REGULAR_COLUMN_ID: 10095779 steps: - - uses: actions/github-script@44b873bc975058192f5279ebe7579496381f575d + - uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9 continue-on-error: true with: github-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }} diff --git a/.github/workflows/translations.yml b/.github/workflows/translations.yml index 8aed68eb3bc9..e6af49e61ce4 100644 --- a/.github/workflows/translations.yml +++ b/.github/workflows/translations.yml @@ -24,7 +24,7 @@ jobs: branch: translations - if: ${{ steps.pr.outputs.number }} name: Check if already labeled - uses: actions/github-script@5d03ada4b0a753e9460b312e61cc4f8fdeacf163 + uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9 id: has-label with: script: | @@ -44,7 +44,7 @@ jobs: number: ${{ steps.pr.outputs.number }} - if: ${{ !steps.has-label.outputs.result }} name: Add automerge label - uses: actions/github-script@5d03ada4b0a753e9460b312e61cc4f8fdeacf163 + uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/triage-issue-comments.yml b/.github/workflows/triage-issue-comments.yml index 75c8dd5bd93a..af382533d587 100644 --- a/.github/workflows/triage-issue-comments.yml +++ b/.github/workflows/triage-issue-comments.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Check if the event originated from a team member - uses: actions/github-script@6e5ee1dc1cb3740e5e5e76ad668e3f526edbfe45 + uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9 id: is-internal-contributor with: github-token: ${{secrets.GITHUB_TOKEN}} From 849c10162ef31d47f4680716c00e264f9841f3ab Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Sun, 25 Oct 2020 17:36:45 -0400 Subject: [PATCH 2/4] chore: Add not on actions/checkout version --- .github/allowed-actions.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/allowed-actions.js b/.github/allowed-actions.js index 275e4c7a4c6f..78f0408de761 100644 --- a/.github/allowed-actions.js +++ b/.github/allowed-actions.js @@ -6,7 +6,7 @@ module.exports = [ 'actions/cache@70655ec8323daeeaa7ef06d7c56e1b9191396cbe', 'actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16', - 'actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675', + 'actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675', //actions/checkout@v2.3.3 'actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9', //actions/script@v3.0.0 'actions/labeler@5f867a63be70efff62b767459b009290364495eb', 'actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d', From ace073eefc84dd1032bf5cb53bc524aa3b4fcac6 Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Sun, 25 Oct 2020 17:40:06 -0400 Subject: [PATCH 3/4] chore: Upgrade to actions/cache@v2.1.2 --- .github/allowed-actions.js | 3 +-- .github/workflows/dry-run-sync-algolia-search-indices.yml | 2 +- .github/workflows/sync-algolia-search-indices.yml | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/allowed-actions.js b/.github/allowed-actions.js index 78f0408de761..2f0a64aff843 100644 --- a/.github/allowed-actions.js +++ b/.github/allowed-actions.js @@ -4,8 +4,7 @@ // can be added it this list. module.exports = [ - 'actions/cache@70655ec8323daeeaa7ef06d7c56e1b9191396cbe', - 'actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16', + 'actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16', //actions/cache@v2.1.2 'actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675', //actions/checkout@v2.3.3 'actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9', //actions/script@v3.0.0 'actions/labeler@5f867a63be70efff62b767459b009290364495eb', diff --git a/.github/workflows/dry-run-sync-algolia-search-indices.yml b/.github/workflows/dry-run-sync-algolia-search-indices.yml index fdad8832ee2f..8df28714494c 100644 --- a/.github/workflows/dry-run-sync-algolia-search-indices.yml +++ b/.github/workflows/dry-run-sync-algolia-search-indices.yml @@ -15,7 +15,7 @@ jobs: with: node-version: 14.x - name: cache node modules - uses: actions/cache@70655ec8323daeeaa7ef06d7c56e1b9191396cbe + uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} diff --git a/.github/workflows/sync-algolia-search-indices.yml b/.github/workflows/sync-algolia-search-indices.yml index 9df5a5a4fe34..d5b094c77c7c 100644 --- a/.github/workflows/sync-algolia-search-indices.yml +++ b/.github/workflows/sync-algolia-search-indices.yml @@ -18,7 +18,7 @@ jobs: with: node-version: 14.x - name: cache node modules - uses: actions/cache@70655ec8323daeeaa7ef06d7c56e1b9191396cbe + uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} From a236027041b8b65099bba0f27375cc0d59a53786 Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Sun, 25 Oct 2020 17:44:07 -0400 Subject: [PATCH 4/4] chore: Add notes for actions/* hashes --- .github/allowed-actions.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/allowed-actions.js b/.github/allowed-actions.js index 2f0a64aff843..e53a6a82ba39 100644 --- a/.github/allowed-actions.js +++ b/.github/allowed-actions.js @@ -7,10 +7,10 @@ module.exports = [ 'actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16', //actions/cache@v2.1.2 'actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675', //actions/checkout@v2.3.3 'actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9', //actions/script@v3.0.0 - 'actions/labeler@5f867a63be70efff62b767459b009290364495eb', - 'actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d', - 'actions/setup-ruby@5f29a1cd8dfebf420691c4c9a0e832e2fae5a526', - 'actions/stale@44f9eae0adddf72dbf3eedfacc999f70afcec1a8', + 'actions/labeler@5f867a63be70efff62b767459b009290364495eb', //actions/labeler@v2.2.0 + 'actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d', //actions/setup-node@v1.4.4 + 'actions/setup-ruby@5f29a1cd8dfebf420691c4c9a0e832e2fae5a526', //actions/setup-ruby@v1.1.2 + 'actions/stale@44f9eae0adddf72dbf3eedfacc999f70afcec1a8', //actions/stale@v3.0.12 'crowdin/github-action@fd9429dd63d6c0f8a8cb4b93ad8076990bd6e688', 'dawidd6/action-delete-branch@47743101a121ad657031e6704086271ca81b1911', 'docker://chinthakagodawita/autoupdate-action:v1',