Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add check to look for updates to Github actions being used #9251

Merged
merged 1 commit into from
Dec 16, 2024

Conversation

carlsonp
Copy link
Contributor

@carlsonp carlsonp commented Jan 3, 2023

What this PR does / why we need it:

This adds a file that will automatically check daily the various Github Actions used to see if there are updates to the actions themselves.

Will be no-op on docs and codebase.

Which issue(s) this PR closes: None

Special notes for your reviewer:

Suggestions on how to test this:

Does this PR introduce a user interface change? If mockups are available, please link/include them here:

Is there a release notes update needed for this change?:

Additional documentation:

@pdurbin pdurbin added the Size: 3 A percentage of a sprint. 2.1 hours. label Feb 28, 2024
@scolapasta
Copy link
Contributor

If you are still interested in this PR, can you please merge and resolve any merge conflicts with the latest from develop? If so, we can prioritize reviewing and QAing the changes. If we don’t hear from you by May 22, 2024, we’ll go ahead and close this PR (it can always be reopened after that date, if there is still interest).

@carlsonp carlsonp force-pushed the dependabot-github-actions branch from 7f6a4c1 to 6d0adf5 Compare April 26, 2024 04:11
@carlsonp
Copy link
Contributor Author

Rebased onto develop branch

@pdurbin
Copy link
Member

pdurbin commented Oct 10, 2024

This is the same as #10917 except for the check interval.

@bencomp
Copy link
Contributor

bencomp commented Oct 10, 2024

Oops! I closed my duplicate PR.

I do think that checking for updated Actions every day is more often than necessary. It's a gut feeling though.

This can be marked to close #10916.

@cmbz cmbz added the FY25 Sprint 11 FY25 Sprint 11 (2024-11-20 - 2024-12-04) label Nov 22, 2024
Copy link
Member

@pdurbin pdurbin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I reviewed https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot and this PR is still up-to-date with the recommendations there.

The only difference is that this PR says "daily" instead of "weekly". @bencomp indicated daily might be to often but I'm ok with trying it. We can always change it later.

As with other PRs that affect GitHub Actions this is probably another example where we just merge it and see if we're happy with the result. That is, we can revert if necessary.

Approved!

@ofahimIQSS ofahimIQSS self-assigned this Dec 4, 2024
@cmbz cmbz added the FY25 Sprint 12 FY25 Sprint 12 (2024-12-04 - 2024-12-18) label Dec 5, 2024
@ofahimIQSS ofahimIQSS merged commit ec4c888 into IQSS:develop Dec 16, 2024
1 of 2 checks passed
@ofahimIQSS ofahimIQSS removed their assignment Dec 16, 2024
@ofahimIQSS
Copy link
Contributor

Merging PR

@pdurbin pdurbin added this to the 6.6 milestone Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
FY25 Sprint 11 FY25 Sprint 11 (2024-11-20 - 2024-12-04) FY25 Sprint 12 FY25 Sprint 12 (2024-12-04 - 2024-12-18) Size: 3 A percentage of a sprint. 2.1 hours. Type: Feature a feature request
Projects
Status: Done 🧹
Development

Successfully merging this pull request may close these issues.

6 participants