This is an automated email from the ASF dual-hosted git repository.
vy pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/logging-log4j-kotlin.git
The following commit(s) were added to refs/heads/main by this push:
new e89b0f3 Switch `logging-parent` refs in CI from hashes to tags
e89b0f3 is described below
commit e89b0f3c8bb41361c7f016b6696e714c01488f04
Author: Volkan Yazıcı <[email protected]>
AuthorDate: Thu Dec 21 13:45:21 2023 +0100
Switch `logging-parent` refs in CI from hashes to tags
dependabot is not able to update `logging-parent` GHA
workflow references that use hashes[1][2].
Switching to tags is safe, since `rel/`-prefixed tags are
protected by INFRA.
[1] dependabot/dependabot-core#8654
[2] dependabot/dependabot-core#6269
---
.github/workflows/build.yaml | 9 +++------
.github/workflows/merge-dependabot.yaml | 4 ++--
2 files changed, 5 insertions(+), 8 deletions(-)
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index c185a2a..9cff039 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -38,14 +38,14 @@ jobs:
build:
if: github.actor != 'dependabot[bot]'
- uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@rel/10.5.0
with:
site-enabled: true
deploy-snapshot:
needs: build
if: github.repository == 'apache/logging-log4j-kotlin' && github.ref_name
== 'main'
- uses:
apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@rel/10.5.0
# Secrets for deployments
secrets:
NEXUS_USER: ${{ secrets.NEXUS_USER }}
@@ -54,7 +54,7 @@ jobs:
deploy-release:
needs: build
if: github.repository == 'apache/logging-log4j-kotlin' &&
startsWith(github.ref_name, 'release/')
- uses:
apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@rel/10.5.0
# Secrets for deployments
secrets:
GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
@@ -67,7 +67,4 @@ jobs:
contents: write
with:
project-id: log4j-kotlin
- distribution-attachment-filepath-pattern: |-
- '^.*/target/log4j-api-kotlin-'${PROJECT_VERSION}'\\.jar$'
- distribution-attachment-count: 1
site-enabled: true
diff --git a/.github/workflows/merge-dependabot.yaml
b/.github/workflows/merge-dependabot.yaml
index ab601c9..02f090e 100644
--- a/.github/workflows/merge-dependabot.yaml
+++ b/.github/workflows/merge-dependabot.yaml
@@ -30,11 +30,11 @@ jobs:
build:
if: github.repository == 'apache/logging-log4j-kotlin' &&
github.event_name == 'pull_request_target' && github.actor == 'dependabot[bot]'
- uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@rel/10.5.0
merge-dependabot:
needs: build
- uses:
apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/10.5.0
permissions:
contents: write # to push
changelog commits
pull-requests: write # to close
the PR
