Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update GH actions w/ comments documenting current action version #492

Closed
JohnStrunk opened this issue Oct 31, 2022 · 0 comments · Fixed by #600
Closed

Update GH actions w/ comments documenting current action version #492

JohnStrunk opened this issue Oct 31, 2022 · 0 comments · Fixed by #600
Labels
enhancement New feature or request good first issue Good for newcomers

Comments

@JohnStrunk
Copy link
Member

Describe the feature you'd like to have.
We have set the SHA hash for all our GH actions according to best practice. Unfortunately, this obscures which version (vX.Y.Z) we are using. dependabot has recently added a feature where it will update a version number in a comment when it bumps the SHA.

We should add version comments so that dependabot will start updating them. Example:
https://github.com/dependabot/dependabot-core/blob/b4112ce4639d7eed1e3b2e0792eb7533f7cb125f/github_actions/spec/fixtures/workflow_files/pinned_sources_version_comments.yml#L7

What is the value to the end user? (why is it a priority?)

How will we know we have a good solution? (acceptance criteria)

Additional context
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers
Projects
VolSync project tracking
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Annotate gh action versions w/ their tag JohnStrunk/volsync
1 participant
@JohnStrunk