[
https://issues.apache.org/jira/browse/BEAM-11569?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17259217#comment-17259217
]
Jarek Potiuk commented on BEAM-11569:
-------------------------------------
See
https://lists.apache.org/x/thread.html/r435c45dfc28ec74e28314aa9db8a216a2b45ff7f27b15932035d3f65@%3Cbuilds.apache.org%3E
. This was security incident reaction of Apache infrastructure.
They disabled.rhe actions outside of the apache repositories due to potential
security vulnerabilities. They are still working on more long term solution but
for the moment you have to switch to apache-organisation owned repos.
You can either create your own repository (apache/beam-nnnn ) or use clones i
made for
airflow: https://github.com/apache/airflow-cancel-workflow-runs,
https://github.com/apache/airflow-github-push-action ). Just remember to use
commit SHA for maximum security.
Follow those recommendation from GitHub:
https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions
You need to clone the repositories where e
> Github actions are failing on Beam repo
> ---------------------------------------
>
> Key: BEAM-11569
> URL: https://issues.apache.org/jira/browse/BEAM-11569
> Project: Beam
> Issue Type: Bug
> Components: testing
> Affects Versions: 2.27.0
> Reporter: Ahmet Altay
> Assignee: Pablo Estrada
> Priority: P0
> Time Spent: 10m
> Remaining Estimate: 0h
>
> As a result of https://issues.apache.org/jira/browse/INFRA-21234 github
> actions on Beam repo are failing.
> This is currently blocking 2.27.0 release because building wheel files depend
> on github actions. So far we identified 2 github actions that may need to be
> addressed:
> ad-m/github-push-action
> potiuk/cancel-workflow-runs
> Error looks like https://github.com/apache/beam/actions/runs/458287140
> """
> ad-m/github-push-action@master is not allowed to be used in apache/beam.
> Actions in this workflow must be: created by GitHub, verified in the GitHub
> Marketplace, within a repository owned by apache or match the following:
> apache/, gradle/wrapper-validation-action, gradle/wrapper-validation-action@,
> peter-evans/create-pull-request@, dawidd6/action-download-artifact@,
> scacap/action-surefire-report@*.
> """
> /cc [~potiuk] [~tysonjh]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
