From db72acad8845c7ff45a495790a8940c06204cf17 Mon Sep 17 00:00:00 2001 From: Ben Selwyn-Smith Date: Fri, 17 Jan 2025 12:26:44 +1000 Subject: [PATCH 1/2] fix: set problem workflows' OS to ubuntu 22.04 Signed-off-by: Ben Selwyn-Smith --- .github/workflows/_build.yaml | 6 +++--- .github/workflows/_build_docker.yaml | 4 ++-- .github/workflows/codeql-analysis.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/_build.yaml b/.github/workflows/_build.yaml index b850ca7e6..538017403 100644 --- a/.github/workflows/_build.yaml +++ b/.github/workflows/_build.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2022 - 2023, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. # This is a trusted builder implemented as a reusable workflow that can be called by other @@ -32,7 +32,7 @@ on: permissions: contents: read env: - ARTIFACT_OS: ubuntu-latest # The default OS for release. + ARTIFACT_OS: ubuntu-22.04 # The default OS for release. ARTIFACT_PYTHON: '3.11' # The default Python version for release. PACKAGE_PATH: src/macaron # The relative Python package path to the repo. @@ -47,7 +47,7 @@ jobs: matrix: # It is recommended to pin a Runner version specifically: # https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners - os: [ubuntu-latest] + os: [ubuntu-22.04] python: ['3.11'] steps: diff --git a/.github/workflows/_build_docker.yaml b/.github/workflows/_build_docker.yaml index bd0d618e3..d15f79460 100644 --- a/.github/workflows/_build_docker.yaml +++ b/.github/workflows/_build_docker.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2023 - 2024, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2023 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. # This is a reuseable workflow to build and test the Docker image. Note that this workflow does not @@ -21,7 +21,7 @@ permissions: jobs: build-docker: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: packages: read steps: diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml index 8aded2f51..7788407bf 100644 --- a/.github/workflows/codeql-analysis.yaml +++ b/.github/workflows/codeql-analysis.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2022 - 2023, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. # Run CodeQL over the package. For more configuration options see codeql/codeql-config.yaml @@ -22,7 +22,7 @@ permissions: jobs: analyze: name: Analyze - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: actions: read contents: read From 3d2e8cd161dc31a23f48316c6c3f55ec240e9e21 Mon Sep 17 00:00:00 2001 From: Ben Selwyn-Smith Date: Fri, 17 Jan 2025 12:34:20 +1000 Subject: [PATCH 2/2] chore: update remaining workflow files Signed-off-by: Ben Selwyn-Smith --- .github/workflows/_build.yaml | 4 ++-- .github/workflows/_deploy-github-pages.yaml | 4 ++-- .github/workflows/_generate-rebase.yaml | 4 ++-- .github/workflows/_release-notifications.yaml | 4 ++-- .github/workflows/build_base_image.yaml | 4 ++-- .github/workflows/dependabot-automerge.yaml | 4 ++-- .github/workflows/pr-conventional-commits.yaml | 4 ++-- .github/workflows/release.yaml | 12 ++++++------ .github/workflows/scorecards-analysis.yaml | 4 ++-- 9 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/_build.yaml b/.github/workflows/_build.yaml index 538017403..fc8c82478 100644 --- a/.github/workflows/_build.yaml +++ b/.github/workflows/_build.yaml @@ -9,7 +9,7 @@ # # Even though we run the build in a matrix to check against different platforms, due to a known # limitation of reusable workflows that do not support setting strategy property from the caller -# workflow, we only generate artifacts for ubuntu-latest and Python 3.11, which can be used to +# workflow, we only generate artifacts for ubuntu-22.04 and Python 3.11, which can be used to # create a release. For details see: # # https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations @@ -148,4 +148,4 @@ jobs: artifact-sha256: ${{ needs.build.outputs.artifacts-sha256 }} # TODO: use ${{ env.ARTIFACT_OS }} and ${{ env.ARTIFACT_PYTHON }} # when this issue is addressed: https://github.com/actions/runner/issues/2394. - artifact-name: artifact-ubuntu-latest-python-3.11 + artifact-name: artifact-ubuntu-22.04-python-3.11 diff --git a/.github/workflows/_deploy-github-pages.yaml b/.github/workflows/_deploy-github-pages.yaml index 7e6c397fd..6e003c4c4 100644 --- a/.github/workflows/_deploy-github-pages.yaml +++ b/.github/workflows/_deploy-github-pages.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2023 - 2023, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2023 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. # This workflow deploys the documentations to GitHub Pages. @@ -26,7 +26,7 @@ jobs: environment: name: github-pages url: ${{ steps.deployment.outputs.page_url }} - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Check out repository diff --git a/.github/workflows/_generate-rebase.yaml b/.github/workflows/_generate-rebase.yaml index db1f7ab1e..576e288f8 100644 --- a/.github/workflows/_generate-rebase.yaml +++ b/.github/workflows/_generate-rebase.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2023 - 2023, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2023 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. # Automatically rebase one staging branch on top of main after a new package version was published. @@ -32,7 +32,7 @@ permissions: jobs: rebase: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Check out repository diff --git a/.github/workflows/_release-notifications.yaml b/.github/workflows/_release-notifications.yaml index 246f6bc2c..7b441fbb0 100644 --- a/.github/workflows/_release-notifications.yaml +++ b/.github/workflows/_release-notifications.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2022 - 2022, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. # Send a Slack release notification. Instructions to set up Slack to receive @@ -27,7 +27,7 @@ permissions: {} jobs: slack: name: Slack release notification - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Notify via Slack diff --git a/.github/workflows/build_base_image.yaml b/.github/workflows/build_base_image.yaml index dc26377e2..ac6371434 100644 --- a/.github/workflows/build_base_image.yaml +++ b/.github/workflows/build_base_image.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2023 - 2023, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2023 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. # This workflow builds the base Docker image. The base image will be pushed to ghcr.io. @@ -13,7 +13,7 @@ permissions: jobs: build-base-image: name: Build base image - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: packages: write # To push the base Docker image. steps: diff --git a/.github/workflows/dependabot-automerge.yaml b/.github/workflows/dependabot-automerge.yaml index 045c3cca4..e9ec71269 100644 --- a/.github/workflows/dependabot-automerge.yaml +++ b/.github/workflows/dependabot-automerge.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2022 - 2022, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. # Automatically merge Dependabot PRs upon approval by leaving @@ -15,7 +15,7 @@ permissions: jobs: comment: if: ${{ github.event.review.state == 'approved' && github.event.pull_request.user.login == 'dependabot[bot]' }} - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Merge Dependabot PR run: gh pr comment --body "@dependabot squash and merge" "$PR_URL" diff --git a/.github/workflows/pr-conventional-commits.yaml b/.github/workflows/pr-conventional-commits.yaml index 6ab02f2a1..70d166b6b 100644 --- a/.github/workflows/pr-conventional-commits.yaml +++ b/.github/workflows/pr-conventional-commits.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2022 - 2024, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. # This workflow lints the PR's title and commits. It uses the commitizen @@ -21,7 +21,7 @@ permissions: jobs: conventional-commits: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Check out repository diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a4c2e285d..ea3f22e43 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2022 - 2023, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. # We run checks on pushing to the specified branches. @@ -13,7 +13,7 @@ on: permissions: contents: read env: - ARTIFACT_NAME: artifact-ubuntu-latest-python-3.11 + ARTIFACT_NAME: artifact-ubuntu-22.04-python-3.11 # This is the username and email for the user who commits and pushes the release # commit. In an organisation that should be a dedicated devops account. USER_NAME: behnazh-w @@ -33,7 +33,7 @@ jobs: bump: needs: check if: github.ref == 'refs/heads/main' - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: contents: write steps: @@ -108,7 +108,7 @@ jobs: release-url: ${{ steps.release-info.outputs.release-url }} image-name: ${{ steps.push-docker.outputs.image-name }} image-digest: ${{ steps.push-docker.outputs.image-digest }} - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: contents: write # To publish release notes. packages: write # To push the Docker image. @@ -299,7 +299,7 @@ jobs: # publish_provenance: # needs: [release, provenance] # name: Publish provenance - # runs-on: ubuntu-latest + # runs-on: ubuntu-22.04 # permissions: # contents: write # To publish release notes. # steps: @@ -331,7 +331,7 @@ jobs: with: # TODO: use ${{ env.ARTIFACT_NAME }} when this issue is addressed: # https://github.com/actions/runner/issues/2394. - artifact-name: artifact-ubuntu-latest-python-3.11 + artifact-name: artifact-ubuntu-22.04-python-3.11 artifact-sha256: ${{ needs.build.outputs.artifacts-sha256 }} # Send out release notifications after the Release was published on GitHub. diff --git a/.github/workflows/scorecards-analysis.yaml b/.github/workflows/scorecards-analysis.yaml index 406a08499..5a407ba2a 100644 --- a/.github/workflows/scorecards-analysis.yaml +++ b/.github/workflows/scorecards-analysis.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2022 - 2023, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022 - 2025, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. # Run Scorecard for this repository to further check and harden software and process. @@ -18,7 +18,7 @@ permissions: read-all jobs: analysis: name: Scorecards analysis - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: # Needed to upload the results to code-scanning dashboard. security-events: write