This is an automated email from the ASF dual-hosted git repository. kaxilnaik pushed a commit to branch v1-10-test in repository https://gitbox.apache.org/repos/asf/airflow.git
commit 7d12723d70e757a6c388552267ae50f42d123c76 Author: Jarek Potiuk <[email protected]> AuthorDate: Sun Dec 27 17:13:50 2020 +0100 Switch to Apache-owned GitHub actions (#13327) There was a change in Policy of ASF that only "Made by GitHub" actions and actions residing in Apache-owned repositories are allowed to be used for ASF projects. This was in response to a security incident. More details: Policy: * https://infra.apache.org/github-actions-secrets.html Discussion [email protected]: * https://lists.apache.org/thread.html/r435c45dfc28ec74e28314aa9db8a216a2b45ff7f27b15932035d3f65%40%3Cbuilds.apache.org%3E Discussion [email protected]: * https://lists.apache.org/thread.html/r900f8f9a874006ed8121bdc901a0d1acccbb340882c1f94dad61a5e9%40%3Cusers.infra.apache.org%3E (cherry picked from commit c6d66cd15fe85d3bca357c9e60ac8434b843e5d6) --- .github/workflows/build-images-workflow-run.yml | 22 +++++++++++----------- .github/workflows/ci.yml | 4 ++-- .../workflows/label_when_reviewed_workflow_run.yml | 14 +++++++------- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/build-images-workflow-run.yml b/.github/workflows/build-images-workflow-run.yml index ee9c48c..778ff54 100644 --- a/.github/workflows/build-images-workflow-run.yml +++ b/.github/workflows/build-images-workflow-run.yml @@ -57,13 +57,13 @@ jobs: buildImages: ${{ steps.build-images.outputs.buildImages }} steps: - name: "Get information about the original trigger of the run" - uses: potiuk/get-workflow-origin@588cc14f9f1cdf1b8be3db816855e96422204fec # v1_3 + uses: apache/airflow-get-workflow-origin@588cc14f9f1cdf1b8be3db816855e96422204fec # v1_3 id: source-run-info with: token: ${{ secrets.GITHUB_TOKEN }} sourceRunId: ${{ github.event.workflow_run.id }} - name: "Cancel duplicated 'CI Build' runs" - uses: potiuk/cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 + uses: apache/airflow-cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 with: token: ${{ secrets.GITHUB_TOKEN }} cancelMode: allDuplicates @@ -80,7 +80,7 @@ jobs: # trick ¯\_(ツ)_/¯. We name the build-info job appropriately # and then we try to find and cancel all the jobs with the same Event + Repo + Branch as the # current Event/Repo/Branch combination. - uses: potiuk/cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 + uses: apache/airflow-cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 with: cancelMode: namedJobs token: ${{ secrets.GITHUB_TOKEN }} @@ -96,7 +96,7 @@ jobs: # We also produce list of canceled "CI Build' runs as output, so that we # can cancel all the matching "Build Images" workflow runs in the two following steps. # Yeah. Adding to the complexity ¯\_(ツ)_/¯. - uses: potiuk/cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 + uses: apache/airflow-cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 id: cancel-failed with: token: ${{ secrets.GITHUB_TOKEN }} @@ -129,14 +129,14 @@ jobs: # it to cancel any jobs that have matching names containing Source Run Id: # followed by one of the run ids. Yes I know it's super complex ¯\_(ツ)_/¯. if: env.BUILD_IMAGES == 'true' && steps.cancel-failed.outputs.cancelledRuns != '[]' - uses: potiuk/cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 + uses: apache/airflow-cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 with: cancelMode: namedJobs token: ${{ secrets.GITHUB_TOKEN }} notifyPRCancel: true jobNameRegexps: ${{ steps.extract-cancelled-failed-runs.outputs.matching-regexp }} - name: "Cancel duplicated 'CodeQL' runs" - uses: potiuk/cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 + uses: apache/airflow-cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 id: cancel with: token: ${{ secrets.GITHUB_TOKEN }} @@ -156,7 +156,7 @@ jobs: # trick ¯\_(ツ)_/¯. We name the build-info job appropriately and then we try to match # all the jobs with the same Event + Repo + Branch match and cancel all the duplicates for those # This might cancel own run, so this is the last step in the job - uses: potiuk/cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 + uses: apache/airflow-cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 with: cancelMode: allDuplicatedNamedJobs token: ${{ secrets.GITHUB_TOKEN }} @@ -302,7 +302,7 @@ jobs: echo "::set-output name=proceed::false" fi - name: Initiate Github Checks for Building image - uses: LouisBrunner/checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 # v1.1.0 + uses: apache/airflow-checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 # v1.1.0 id: build-image-check with: token: ${{ secrets.GITHUB_TOKEN }} @@ -356,7 +356,7 @@ jobs: run: ./scripts/ci/images/ci_push_production_images.sh if: matrix.image-type == 'PROD' && steps.defaults.outputs.proceed == 'true' - name: Update Github Checks for Building image with status - uses: LouisBrunner/checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 # v1.1.0 + uses: apache/airflow-checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 # v1.1.0 if: always() && steps.defaults.outputs.proceed == 'true' with: token: ${{ secrets.GITHUB_TOKEN }} @@ -378,7 +378,7 @@ jobs: needs: [build-images] steps: - name: "Canceling the 'CI Build' source workflow in case of failure!" - uses: potiuk/cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 + uses: apache/airflow-cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 with: token: ${{ secrets.GITHUB_TOKEN }} cancelMode: self @@ -393,7 +393,7 @@ jobs: needs: [build-images] steps: - name: "Canceling the 'CI Build' source workflow in case of failure!" - uses: potiuk/cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 + uses: apache/airflow-cancel-workflow-runs@953e057dc81d3458935a18d1184c386b0f6b5738 # v4_7 with: token: ${{ secrets.GITHUB_TOKEN }} cancelMode: self diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a449d2c..1b337a3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -99,7 +99,7 @@ jobs: pullRequestLabels: ${{ steps.source-run-info.outputs.pullRequestLabels }} steps: - name: "Get information about the PR" - uses: potiuk/get-workflow-origin@588cc14f9f1cdf1b8be3db816855e96422204fec # v1_3 + uses: apache/airflow-get-workflow-origin@588cc14f9f1cdf1b8be3db816855e96422204fec # v1_3 id: source-run-info with: token: ${{ secrets.GITHUB_TOKEN }} @@ -882,7 +882,7 @@ jobs: - name: "Commit changed constraint files for ${{needs.build-info.outputs.pythonVersions}}" run: ./scripts/ci/constraints/ci_commit_constraints.sh - name: "Push changes" - uses: ad-m/github-push-action@40bf560936a8022e68a3c00e7d2abefaf01305a6 # v0.6.0 + uses: apache/airflow-github-push-action@40bf560936a8022e68a3c00e7d2abefaf01305a6 # v0.6.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} branch: ${{ steps.constraints-branch.outputs.branch }} diff --git a/.github/workflows/label_when_reviewed_workflow_run.yml b/.github/workflows/label_when_reviewed_workflow_run.yml index e47d774..d66472b 100644 --- a/.github/workflows/label_when_reviewed_workflow_run.yml +++ b/.github/workflows/label_when_reviewed_workflow_run.yml @@ -30,13 +30,13 @@ jobs: labelSet: ${{ steps.label-when-reviewed.outputs.labelSet }} steps: - name: "Get information about the original trigger of the run" - uses: potiuk/get-workflow-origin@588cc14f9f1cdf1b8be3db816855e96422204fec # v1_3 + uses: apache/airflow-get-workflow-origin@588cc14f9f1cdf1b8be3db816855e96422204fec # v1_3 id: source-run-info with: token: ${{ secrets.GITHUB_TOKEN }} sourceRunId: ${{ github.event.workflow_run.id }} - name: Initiate Selective Build check - uses: LouisBrunner/checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 # v1.1.0 + uses: apache/airflow-checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 # v1.1.0 id: selective-build-check with: token: ${{ secrets.GITHUB_TOKEN }} @@ -86,7 +86,7 @@ jobs: ./scripts/ci/selective_ci_checks.sh fi - name: "Label when approved by committers for PRs that require full tests" - uses: TobKed/label-when-approved-action@4c5190fec5661e98d83f50bbd4ef9ebb48bd1194 # v1.3 + uses: apache/airflow-label-when-approved@4c5190fec5661e98d83f50bbd4ef9ebb48bd1194 # v1.3 id: label-full-test-prs-when-approved-by-commiters if: > steps.selective-checks.outputs.run-tests == 'true' && @@ -102,7 +102,7 @@ jobs: If they don't merge it quickly - please rebase it to the latest master at your convenience, or amend the last commit of the PR, and push it with --force-with-lease. - name: "Initiate GitHub Check forcing rerun of SH ${{ github.event.pull_request.head.sha }}" - uses: LouisBrunner/checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 # v1.1.0 + uses: apache/airflow-checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 # v1.1.0 id: full-test-check if: steps.label-full-test-prs-when-approved-by-commiters.outputs.labelSet == 'true' with: @@ -117,7 +117,7 @@ jobs: [the run](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}) "} - name: "Label when approved by committers for PRs that do not require full tests" - uses: TobKed/label-when-approved-action@4c5190fec5661e98d83f50bbd4ef9ebb48bd1194 # v1.3 + uses: apache/airflow-label-when-approved@4c5190fec5661e98d83f50bbd4ef9ebb48bd1194 # v1.3 id: label-simple-test-prs-when-approved-by-commiters if: > steps.selective-checks.outputs.run-tests == 'true' && @@ -134,7 +134,7 @@ jobs: 'full tests needed'. Then you should rebase to the latest master or amend the last commit of the PR, and push it with --force-with-lease. - name: "Label when approved by committers for PRs that do not require tests at all" - uses: TobKed/label-when-approved-action@4c5190fec5661e98d83f50bbd4ef9ebb48bd1194 # v1.3 + uses: apache/airflow-label-when-approved@4c5190fec5661e98d83f50bbd4ef9ebb48bd1194 # v1.3 id: label-no-test-prs-when-approved-by-commiters if: steps.selective-checks.outputs.run-tests != 'true' with: @@ -148,7 +148,7 @@ jobs: needed and add the 'full tests needed' label. Then you should rebase it to the latest master or amend the last commit of the PR, and push it with --force-with-lease. - name: Update Selective Build check - uses: LouisBrunner/checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 # v1.1.0 + uses: apache/airflow-checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 # v1.1.0 if: always() with: token: ${{ secrets.GITHUB_TOKEN }}
