Right Jacopo,
BTW, the issues related with this thread are no longer a problem.
I was unsure when I sent this message.
Jacques
Le 23/03/2026 à 11:09, Jacopo Cappellato a écrit :
Jacques,
Your last message is off topic for this thread.
Jacopo
On Mon, Mar 23, 2026 at 10:55 AM Jacques Le Roux via dev <
[email protected]> wrote:
I too revert premature commits with
https://github.com/apache/ofbiz-framework/commit/25ea53048daded167aadb4986c6f1db588e42fc5
I expected that it would fix the issue Gaetan has at
https://github.com/apache/ofbiz-framework/pull/917
It fixed one, but there is still a problem.
I noticed that at top of the failing build
https://github.com/apache/ofbiz-framework/actions/runs/23334471276/job/67872799757?pr=917
I see " Running Gradle on Java 22" but I guess it's another issue
Since the error is
* What went wrong:
Execution failed for task ':compileJava'.
> error: invalid source release: 21
I think the answer is in Eugen Stan's comment
https://github.com/apache/ofbiz-framework/pull/917#issuecomment-3493565728
I'm looking at it
Jacques
Le 23/03/2026 à 10:32, Jacopo Cappellato a écrit :
I have now fixed our CI/CD workflows, including Docker image builds.
Jacopo
On Sun, Mar 22, 2026 at 7:05 PM Jacques Le Roux via dev <
[email protected]> wrote:
Hi Jacopo,
I have created https://issues.apache.org/jira/browse/OFBIZ-13375 as a
task related to that
Jacques
Le 22/03/2026 à 11:27, Jacopo Cappellato a écrit :
Thank you Daniel.
All, I have tried to debug and better understand the situation.
This should be the list of all the actions currently allowed by Infra:
1) All the actions from the following namespaces are automatically
allowed:
apache/*
github/*
actions/*
2) All the actions explicitly listed in this file are also allowed:
https://github.com/apache/infrastructure-actions/blob/main/actions.yml
Since ofbiz-framework is using actions from step-security/*, that are
not
allowed by the above rules, our CI/CD pipeline is currently broken.
My question is: do we really need to leverage step-security/* actions?
When
did we decide to onboard these external actions from Step Security? I
assume we could configure our workflows to use the subset of actions
that
are used by the other ASF projects, and this would be my preference.
Alternatively, I think we should ask Infra to review for approval the
Step
Security actions we need.
Jacopo
On Sat, Mar 21, 2026 at 11:28 AM Daniel Watford <[email protected]>
wrote:
Apache INFRA recently disabled a number of GitHub Actions. I can't
find a
link to the email in archives, but an announcement was sent to
[email protected] yesterday at 21:00 (according to my mail
client)
The message stated that to request GHA be allowed we must submit a
request
to the approval process:
https://github.com/apache/infrastructure-actions?tab=readme-ov-file#adding-a-new-version-to-the-allow-list
On Sat, 21 Mar 2026 at 08:58, Jacques Le Roux via dev <
[email protected]>
wrote:
I still don't stand understand why we get this error on GH trunk
actions
*Error* <
https://github.com/apache/ofbiz-framework/actions/runs/23375921548/workflow
The action
step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142
is
not allowed in apache/ofbiz-framework because all actions must be
from a repository owned by your enterprise, created by GitHub, or
match
one of the patterns:
1Password/load-secrets-action@13f58eec611f8e5db52ec16247f58c508398f3e6
,
1Password/load-secrets-action@8d0d610af187e78a2772c2d18d627f4c52d3fbfb
,
1Password/load-secrets-action@dafbe7cb03502b260e2b2893c753c352eee545bf
,
AdoptOpenJDK/install-jdk@*, BobAnkh/auto-generate-changelog@*,
DavidAnson/markdownlint-cli2-action@07035fd053f7be764496c0f8d8f9f41f98305101
,
DavidAnson/markdownlint-cli2-action@30a0e04f1870d58f8d717450cc6134995f993c63
,
EnricoMi/publish-unit-test-result-action@*,
JamesIves/github-pages-deploy-action@4a3abc783e1a24aeb44c16e869ad83caf6b4cc23
,
JamesIves/github-pages-deploy-action@d92aa235d04922e8f08b40ce78cc5442fcfbfa2f
,
Jimver/cuda-toolkit@6008063726ffe3309d1b22e413d9e88fed91a2f2,
Jimver/cuda-toolkit@b6fc3a9f3f15256d9d94ffe1254f9c5a2565...
Show less
It seems that reverting pushes related to Java 21, ie those of this
morning
https://github.com/apache/ofbiz-framework/commits/trunk/
should clear the situation.
Maybe we need to change others location (from java 17 to 21) in our
GH
related code
Or, reading the error above, have an Infra agreement to move to 21
If nobody has a better idea, I'll revert for now.
Jacques
Le 21/03/2026 à 09:36, Jacques Le Roux via dev a écrit :
Hi Jacopo,
I'll have a look very soon.
Jacques
Le 21/03/2026 à 08:53, Jacopo Cappellato a écrit :
Hi all,
Dependabot has created five pull requests to bump various libraries
used by
GitHub Actions for CI/CD:
https://github.com/apache/ofbiz-framework/pull/1000
https://github.com/apache/ofbiz-framework/pull/1001
https://github.com/apache/ofbiz-framework/pull/1002
https://github.com/apache/ofbiz-framework/pull/1003
https://github.com/apache/ofbiz-framework/pull/1003
Should we upgrade and merge these PRs?
Jacopo
--
Daniel Watford
