chore: update remaining workflow files

Signed-off-by: Ben Selwyn-Smith <[email protected]>

.github/workflows/_build.yaml

@@ -9,7 +9,7 @@
 #
 # Even though we run the build in a matrix to check against different platforms, due to a known
 # limitation of reusable workflows that do not support setting strategy property from the caller
-# workflow, we only generate artifacts for ubuntu-latest and Python 3.11, which can be used to
+# workflow, we only generate artifacts for ubuntu-22.04 and Python 3.11, which can be used to
 # create a release. For details see:
 #
 # https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations
@@ -148,4 +148,4 @@ jobs:
       artifact-sha256: ${{ needs.build.outputs.artifacts-sha256 }}
       # TODO: use ${{ env.ARTIFACT_OS }} and ${{ env.ARTIFACT_PYTHON }}
       # when this issue is addressed: https://github.com/actions/runner/issues/2394.
-      artifact-name: artifact-ubuntu-latest-python-3.11
+      artifact-name: artifact-ubuntu-22.04-python-3.11

.github/workflows/_deploy-github-pages.yaml

@@ -1,4 +1,4 @@
-# Copyright (c) 2023 - 2023, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2023 - 2025, Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
 
 # This workflow deploys the documentations to GitHub Pages.
@@ -26,7 +26,7 @@ jobs:
     environment:
       name: github-pages
       url: ${{ steps.deployment.outputs.page_url }}
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
 
     - name: Check out repository

.github/workflows/_generate-rebase.yaml

@@ -1,4 +1,4 @@
-# Copyright (c) 2023 - 2023, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2023 - 2025, Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
 
 # Automatically rebase one staging branch on top of main after a new package version was published.
@@ -32,7 +32,7 @@ permissions:
 
 jobs:
   rebase:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
 
     - name: Check out repository

.github/workflows/_release-notifications.yaml

@@ -1,4 +1,4 @@
-# Copyright (c) 2022 - 2022, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
 
 # Send a Slack release notification. Instructions to set up Slack to receive
@@ -27,7 +27,7 @@ permissions: {}
 jobs:
   slack:
     name: Slack release notification
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
 
     - name: Notify via Slack

.github/workflows/build_base_image.yaml

@@ -1,4 +1,4 @@
-# Copyright (c) 2023 - 2023, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2023 - 2025, Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
 
 # This workflow builds the base Docker image. The base image will be pushed to ghcr.io.
@@ -13,7 +13,7 @@ permissions:
 jobs:
   build-base-image:
     name: Build base image
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     permissions:
       packages: write # To push the base Docker image.
     steps:

.github/workflows/dependabot-automerge.yaml

@@ -1,4 +1,4 @@
-# Copyright (c) 2022 - 2022, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
 
 # Automatically merge Dependabot PRs upon approval by leaving
@@ -15,7 +15,7 @@ permissions:
 jobs:
   comment:
     if: ${{ github.event.review.state == 'approved' && github.event.pull_request.user.login == 'dependabot[bot]' }}
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
     - name: Merge Dependabot PR
       run: gh pr comment --body "@dependabot squash and merge" "$PR_URL"

.github/workflows/pr-conventional-commits.yaml

@@ -1,4 +1,4 @@
-# Copyright (c) 2022 - 2024, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
 
 # This workflow lints the PR's title and commits. It uses the commitizen
@@ -21,7 +21,7 @@ permissions:
 
 jobs:
   conventional-commits:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
 
     - name: Check out repository

.github/workflows/release.yaml

@@ -1,4 +1,4 @@
-# Copyright (c) 2022 - 2023, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
 
 # We run checks on pushing to the specified branches.
@@ -13,7 +13,7 @@ on:
 permissions:
   contents: read
 env:
-  ARTIFACT_NAME: artifact-ubuntu-latest-python-3.11
+  ARTIFACT_NAME: artifact-ubuntu-22.04-python-3.11
   # This is the username and email for the user who commits and pushes the release
   # commit. In an organisation that should be a dedicated devops account.
   USER_NAME: behnazh-w
@@ -33,7 +33,7 @@ jobs:
   bump:
     needs: check
     if: github.ref == 'refs/heads/main'
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     permissions:
       contents: write
     steps:
@@ -108,7 +108,7 @@ jobs:
       release-url: ${{ steps.release-info.outputs.release-url }}
       image-name: ${{ steps.push-docker.outputs.image-name }}
       image-digest: ${{ steps.push-docker.outputs.image-digest }}
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     permissions:
       contents: write # To publish release notes.
       packages: write # To push the Docker image.
@@ -299,7 +299,7 @@ jobs:
   # publish_provenance:
   #   needs: [release, provenance]
   #   name: Publish provenance
-  #   runs-on: ubuntu-latest
+  #   runs-on: ubuntu-22.04
   #   permissions:
   #     contents: write # To publish release notes.
   #   steps:
@@ -331,7 +331,7 @@ jobs:
     with:
       # TODO: use ${{ env.ARTIFACT_NAME }} when this issue is addressed:
       # https://github.com/actions/runner/issues/2394.
-      artifact-name: artifact-ubuntu-latest-python-3.11
+      artifact-name: artifact-ubuntu-22.04-python-3.11
       artifact-sha256: ${{ needs.build.outputs.artifacts-sha256 }}
 
   # Send out release notifications after the Release was published on GitHub.

.github/workflows/scorecards-analysis.yaml

@@ -1,4 +1,4 @@
-# Copyright (c) 2022 - 2023, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
 
 # Run Scorecard for this repository to further check and harden software and process.
@@ -18,7 +18,7 @@ permissions: read-all
 jobs:
   analysis:
     name: Scorecards analysis
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     permissions:
       # Needed to upload the results to code-scanning dashboard.
       security-events: write