This is an automated email from the ASF dual-hosted git repository.
vy pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/logging-log4j-jmx-gui.git
The following commit(s) were added to refs/heads/main by this push:
new d63adf1 Switch `logging-parent` refs in CI to tags
d63adf1 is described below
commit d63adf16ac5d9f763beeaa39932866ec83ee8172
Author: Volkan Yazıcı <[email protected]>
AuthorDate: Thu Dec 21 13:50:15 2023 +0100
Switch `logging-parent` refs in CI to tags
dependabot is not able to update `logging-parent` GHA
workflow references that use hashes[1][2].
Switching to tags is safe, since `rel/`-prefixed tags are
protected by INFRA.
[1] dependabot/dependabot-core#8654
[2] dependabot/dependabot-core#6269
---
.github/workflows/build.yaml | 6 +++---
.github/workflows/codeql-analysis.yml | 2 +-
.github/workflows/merge-dependabot.yaml | 4 ++--
.github/workflows/scorecards-analysis.yml | 2 +-
4 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index e170457..9eefb14 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -44,12 +44,12 @@ jobs:
build:
if: github.actor != 'dependabot[bot]'
- uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@rel/10.5.0
deploy-snapshot:
needs: build
if: github.repository == 'apache/logging-log4j-jmx-gui' && github.ref ==
'refs/heads/main'
- uses:
apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@rel/10.5.0
# Secrets for deployments
secrets:
NEXUS_USER: ${{ secrets.NEXUS_USER }}
@@ -58,7 +58,7 @@ jobs:
deploy-release:
needs: build
if: github.repository == 'apache/logging-log4j-jmx-gui' &&
startsWith(github.ref_name, 'release/')
- uses:
apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@rel/10.5.0
# Secrets for deployments
secrets:
GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
diff --git a/.github/workflows/codeql-analysis.yml
b/.github/workflows/codeql-analysis.yml
index 031e60d..e6bb117 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -31,7 +31,7 @@ permissions: read-all
jobs:
analyze:
- uses:
apache/logging-parent/.github/workflows/codeql-analysis-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/codeql-analysis-reusable.yaml@rel/10.5.0
# Permissions required to publish Security Alerts
permissions:
actions: read
diff --git a/.github/workflows/merge-dependabot.yaml
b/.github/workflows/merge-dependabot.yaml
index 8c87dde..c2bdab2 100644
--- a/.github/workflows/merge-dependabot.yaml
+++ b/.github/workflows/merge-dependabot.yaml
@@ -30,11 +30,11 @@ jobs:
build:
if: github.repository == 'apache/logging-log4j-jmx-gui' &&
github.event_name == 'pull_request_target' && github.actor == 'dependabot[bot]'
- uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/build-reusable.yaml@rel/10.5.0
merge-dependabot:
needs: build
- uses:
apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/10.5.0
permissions:
contents: write # to push
changelog commits
pull-requests: write # to close
the PR
diff --git a/.github/workflows/scorecards-analysis.yml
b/.github/workflows/scorecards-analysis.yml
index 56e5ca6..c98f615 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -29,7 +29,7 @@ permissions: read-all
jobs:
analysis:
- uses:
apache/logging-parent/.github/workflows/scorecards-analysis-reusable.yaml@e45457c683302242be5e8e7c3c33edf8f0e0ec0e
# 10.4.0
+ uses:
apache/logging-parent/.github/workflows/scorecards-analysis-reusable.yaml@rel/10.5.0
permissions:
# Needed to upload the results to the code-scanning dashboard.
security-events: write
