ongdisheng commented on issue #678: URL: https://github.com/apache/fesod/issues/678#issuecomment-3498883868
> Infrastructure policy requires use of a SHA and not a version tag. > > If you change the action reference to `nwtgck/actions-netlify@4cbaf4c08f1a7bfa537d6113472ef4424e4eb654` it should work. > > Currently approved actions: https://github.com/apache/infrastructure-actions/blob/main/approved_patterns.yml @dave2wave Thank you for pointing this out! I completely missed that the infrastructure policy allows external actions when referenced by SHA instead of version tags. This is much simpler than the submodule approach I was attempting. I'll update the workflow to use the SHA reference. > Thank you for your feedback. I suggest that after we have configured the Netlify secrets, you can add a `.gitmodules` to your PR. We will update our progress here in this issue ASAP. @delei Thank you for looking into the Netlify secrets configuration. Just wondering if I should wait for the secrets to be set up before submitting the PR, or would you prefer I submit it now so it's ready once the configuration is complete? Thanks again to both of you for the guidance! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
