This is an automated email from the ASF dual-hosted git repository.
vy pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/logging-log4j-tools.git
The following commit(s) were added to refs/heads/main by this push:
new 675cb96 Switch `logging-parent` refs in CI from hashes to tags
675cb96 is described below
commit 675cb9670d99b169d664c581e62a686b231a7cd0
Author: Volkan Yazıcı <[email protected]>
AuthorDate: Thu Dec 21 13:48:04 2023 +0100
Switch `logging-parent` refs in CI from hashes to tags
dependabot is not able to update `logging-parent` GHA
workflow references that use hashes[1][2].
Switching to tags is safe, since `rel/`-prefixed tags are
protected by INFRA.
[1] dependabot/dependabot-core#8654
[2] dependabot/dependabot-core#6269
---
.github/workflows/build.yaml | 6 +++---
.github/workflows/merge-dependabot.yaml | 4 ++--
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 73c721b..2427d19 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -38,14 +38,14 @@ jobs:
build:
if: github.actor != 'dependabot[bot]'
- uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@rel/10.5.0
with:
site-enabled: true
deploy-snapshot:
needs: build
if: github.repository == 'apache/logging-log4j-tools' && github.ref_name
== 'main'
- uses:
apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@rel/10.5.0
# Secrets for deployments
secrets:
NEXUS_USER: ${{ secrets.NEXUS_USER }}
@@ -54,7 +54,7 @@ jobs:
deploy-release:
needs: build
if: github.repository == 'apache/logging-log4j-tools' &&
startsWith(github.ref_name, 'release/')
- uses:
apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@rel/10.5.0
# Secrets for deployments
secrets:
GPG_SECRET_KEY: ${{ secrets.GPG_SECRET_KEY }}
diff --git a/.github/workflows/merge-dependabot.yaml
b/.github/workflows/merge-dependabot.yaml
index 11b32c4..0363ba6 100644
--- a/.github/workflows/merge-dependabot.yaml
+++ b/.github/workflows/merge-dependabot.yaml
@@ -30,11 +30,11 @@ jobs:
build:
if: github.repository == 'apache/logging-log4j-tools' && github.event_name
== 'pull_request_target' && github.actor == 'dependabot[bot]'
- uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@rel/10.5.0
merge-dependabot:
needs: build
- uses:
apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/10.5.0
permissions:
contents: write # to push changelog
commits
pull-requests: write # to close the PR
