In my workflow I have an error in which I am specified to use the SHA, but I can't solve this problem even looking at the documentation
actions/checkout#v3 marketplace
My workflow
name: Pull Request (Opened)
on:
pull_request:
types: [opened]
jobs:
security_hardening:
name: Check security hardening
runs-on: ubuntu-latest
steps:
- name: Clone the repository
uses: actions/checkout#v3
- name: Ensure SHA pinned actions
uses: zgosalvez/github-actions-ensure-sha-pinned-actions#6ca5574367befbc9efdb2fa25978084159c5902d
assign_author:
name: Assign Author to the Pull Request
needs: security_hardening
runs-on: ubuntu-latest
steps:
- name: Assign Author
uses: technote-space/assign-author#v1.6.0
pr-labeler:
name: Label the PR based on the branch
needs: security_hardening
runs-on: ubuntu-latest
steps:
- name: PR Labeler
uses: TimonVS/pr-labeler-action#v3.1.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
The Error
Error: actions/checkout#v3 is not pinned to a full length commit SHA.
Related
I have a non-gradle root project which should launch child gh action, but can’t figure out how to. File child.yml should generate apk artifact, since android/ dir is app directory.
Project structure:
root
|
--- .github/workflows/root.yml
--- android/
|
___ .github/actions/apk/child.yml
Closest I get was running a yaml on root level:
root.yml
name: use my action
on:
push:
branches:
- ci_test
jobs:
#Build job
test_build:
runs-on: ubuntu-latest
steps:
- name: Checkout the code
uses: actions/checkout#v2
- uses: ./android/.github/actions/apk
child.yml
name: Build of dev branch
on:
push:
branches:
- develop
jobs:
#Build job
build:
runs-on: ubuntu-latest
steps:
- name: Checkout the code
uses: actions/checkout#v2
- uses: actions/cache#v2
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('**/gradle/wrapper/gradle-wrapper.properties') }}-${{ hashFiles('**/buildSrc/**/*.kt') }}
- name: Set up JDK 11
uses: actions/setup-java#v1
with:
java-version: '11'
- name: Change wrapper permissions
run: chmod +x ./gradlew
- name: Build the app
run: ./gradlew assembleDebug
- name: Upload apk
uses: actions/upload-artifact#v2
with:
name: debug apk
path: ./app/build/outputs/apk/debug/app-debug.apk
But I get an error with doubled "/my-root-dir/my-root-dir"
Can't find 'action.yml', 'action.yaml' or 'Dockerfile' under '/home/runner/work/my-root-dir/my-root-dir/android/.github/actions/child.yaml'. Did you forget to run actions/checkout before running your local action?
Trying to make a CI pipeline that will bump root package.json and tag repo using a machine user access token, then have another workflow that triggers to make releases.
But currently, the release workflow never seems to fire.
Linke to a example repo https://github.com/labithiotis/ci-tag-release
I've noticed my PAT in github says it's never been used.
version.yml
name: Versioning
on:
workflow_run:
workflows: [CI]
branches: [main]
types:
- completed
jobs:
versioning:
if: ${{ github.event.workflow_run.conclusion == 'success' }}
name: Increment Versions
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: Increment API version
uses: phips28/gh-action-bump-version#master
env:
GITHUB_TOKEN: ${{ secrets.HAL_PAT }}
with:
tag-prefix: v
release.yml
name: Release
on:
push:
tags: ['v*']
jobs:
release:
name: Release Builds
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout#v2
- run: yarn
- run: yarn wsrun -p #kernel/plugin.main -m build
- name: Release Builds
uses: marvinpinto/action-automatic-releases#latest
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
prerelease: false
files: *
I have 3 commits in a pull request that I want to merge to my master branch,1 each for chore, fix and feat. I always want it to increase the minor version regardless of the commit order. Below is my changelog and release tag action. How can I make sure that when my pull request is merge to master its able to bump the version accordingly. Any help will be appreciated, thanks in advance
on:
push:
branches:
- master
jobs:
release:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout#v2
- name: conventional changelog action
id: changelog
uses: TriPSs/conventional-changelog-action#latest
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: create release
uses: softprops/action-gh-release#v1
if: ${{steps.changelog.outputs.skipped == 'false'}}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.changelog.outputs.tag }}
name: ${{ steps.changelog.outputs.tag }}
body: ${{steps.changelog.outputs.clean_changelog}}
draft: false
prerelease: false
I would like to set up github action which
calls nuget and caches it
builds solution
runs unit tests
I managed to get the second and third step is working but it's now a problem to combine following first step.
- name: Cache Nuget
- uses: actions/cache#v1
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj') }}
restore-keys: |
${{ runner.os }}-nuget-
I tried to put that after - uses: actions/checkout#v2 but It throws following error.
every step must define a `uses` or `run` key
...
steps:
- uses: actions/checkout#v2
- name: Cache Nuget
- uses: actions/cache#v1
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj') }}
restore-keys: |
${{ runner.os }}-nuget-
- name: Setup .NET
uses: actions/setup-dotnet#v1
...
What am I doing wrong?
Thanks for help.
Here's the full config.
name: Build and Tests
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: Cache Nuget
- uses: actions/cache#v1
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj') }}
restore-keys: |
${{ runner.os }}-nuget-
- name: Setup .NET
uses: actions/setup-dotnet#v1
with:
dotnet-version: 5.0.x
- name: Restore dependencies
run: dotnet restore
- name: Build
run: dotnet build --configuration Release --no-restore
- name: Run Tests
run: dotnet test --configuration Release --no-build --verbosity minimal /p:CollectCoverage=true /p:CoverletOutput=TestResults/ /p:CoverletOutputFormat=lcov
- name: Publish coverage report to coveralls.io
uses: coverallsapp/github-action#master
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
path-to-lcov: Tests/App.Tests/TestResults/coverage.info
Your formatting is off. Use the dash only on the first line, like so:
- uses: actions/checkout#v2
- name: Cache Nuget
uses: actions/cache#v1
If you also prefix the last line with a dash (-), then GitHub thinks the name is a separate step and it doesn't know what to do with it. Not using a dash, however, means the uses belongs to the same step as name.
I got this action which publishes to gh-pages successfully :
name: Deployment
on:
push:
branches:
- master
jobs:
deploy:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [12.x]
steps:
- uses: actions/checkout#v1
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node#v1
with:
node-version: ${{ matrix.node-version }}
- name: Install Packages
run: npm install
- name: Build page
run: npm run build
- name: Deploy to gh-pages
uses: peaceiris/actions-gh-pages#v3
with:
deploy_key: ${{ secrets.ACTIONS_DEPLOY_KEY }}
publish_dir: ./build
I added second action
name: S3Publish
on:
push:
branches:
- gh-pages
... but it never triggers
We can also put .github directory including your second workflow to the gh-pages branch.
- name: Deploy
uses: peaceiris/actions-gh-pages#v3
with:
deploy_key: ${{ secrets.ACTIONS_DEPLOY_KEY }} # Recommended
personal_token: ${{ secrets.PERSONAL_TOKEN }} # An alternative
# github_token: ${{ secrets.GITHUB_TOKEN }} # Dot not use this token for this case.
exclude_assets: ''
Set exclude_assets to empty for including the .github directory to deployment assets.
For more details, see the latest README: How to trigger gh-pages branch changes via another action - Stack Overflow