From 6a1457d1e2dbee50677ff2610ac2ea7b2f1dad1c Mon Sep 17 00:00:00 2001 From: Marcos Pereira <3464445+marcospgp@users.noreply.github.com> Date: Fri, 14 Apr 2023 23:02:17 +0100 Subject: [PATCH 1/7] Update manual.yml --- automation/manual.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automation/manual.yml b/automation/manual.yml index 4a7131e..faabdec 100644 --- a/automation/manual.yml +++ b/automation/manual.yml @@ -27,4 +27,4 @@ jobs: steps: # Runs a single command using the runners shell - name: Send greeting - run: echo "Hello ${{ github.event.inputs.name }}" \ No newline at end of file + run: echo "Hello ${{ inputs.name }}" From 73f69c4600dd494bc6311ba2c4c2e362e25fde2f Mon Sep 17 00:00:00 2001 From: Aditya Sharad <6874315+adityasharad@users.noreply.github.com> Date: Mon, 17 Apr 2023 12:06:44 -0700 Subject: [PATCH 2/7] CodeQL: Run on macOS by default if the target language is Swift CodeQL Swift analysis is best supported on macOS. In preparation for CodeQL supporting Swift analysis in beta, adjust the CodeQL starter workflow template to run the `swift` matrix job on `macos-latest`, and all other matrix jobs on `ubuntu-latest`. This does not affect the matrix itself. --- code-scanning/codeql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/code-scanning/codeql.yml b/code-scanning/codeql.yml index f0c3beb..bd394ae 100644 --- a/code-scanning/codeql.yml +++ b/code-scanning/codeql.yml @@ -23,7 +23,7 @@ on: jobs: analyze: name: Analyze - runs-on: ubuntu-latest + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} permissions: actions: read contents: read @@ -51,7 +51,7 @@ jobs: # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. - # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs # queries: security-extended,security-and-quality From 1c781c4e6aa4c2db08b9133b742b4f35871e150e Mon Sep 17 00:00:00 2001 From: "James M. Greene" Date: Tue, 18 Apr 2023 11:20:09 -0500 Subject: [PATCH 3/7] Add data type to workflow_dispatch inputs --- automation/manual.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/automation/manual.yml b/automation/manual.yml index faabdec..11b2e35 100644 --- a/automation/manual.yml +++ b/automation/manual.yml @@ -15,6 +15,8 @@ on: default: 'World' # Input has to be provided for the workflow to run required: true + # The data type of the input + type: string # A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: From d4482bb5829c32e2d0803b022eebc6f0280c4649 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Apr 2023 20:55:06 +0000 Subject: [PATCH 4/7] Bump actions/stale from 7 to 8 Bumps [actions/stale](https://github.com/actions/stale) from 7 to 8. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v7...v8) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 0cae015..ecdf037 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/stale@v7 + - uses: actions/stale@v8 with: stale-issue-message: 'This issue has become stale and will be closed automatically within a period of time. Sorry about that.' stale-pr-message: 'This pull request has become stale and will be closed automatically within a period of time. Sorry about that.' From d841affe4c5e9554c36059bf0b297818f4778a16 Mon Sep 17 00:00:00 2001 From: Trevor Blanarik Date: Mon, 24 Apr 2023 15:53:48 +0000 Subject: [PATCH 5/7] corrects the syntax for so that the array is inline --- deployments/azure-functions-app-container.yml | 3 +-- deployments/azure-functions-app-dotnet.yml | 3 +-- deployments/azure-functions-app-java-gradle.yml | 3 +-- deployments/azure-functions-app-java.yml | 3 +-- deployments/azure-functions-app-nodejs.yml | 3 +-- deployments/azure-functions-app-powershell.yml | 3 +-- deployments/azure-functions-app-python.yml | 3 +-- 7 files changed, 7 insertions(+), 14 deletions(-) diff --git a/deployments/azure-functions-app-container.yml b/deployments/azure-functions-app-container.yml index 7b438be..1173b95 100644 --- a/deployments/azure-functions-app-container.yml +++ b/deployments/azure-functions-app-container.yml @@ -21,8 +21,7 @@ name: Deploy container to Azure Functions App on: push: - branches: - - [$default-branch] + branches: [$default-branch] permissions: contents: read diff --git a/deployments/azure-functions-app-dotnet.yml b/deployments/azure-functions-app-dotnet.yml index 8b2c23b..824614e 100644 --- a/deployments/azure-functions-app-dotnet.yml +++ b/deployments/azure-functions-app-dotnet.yml @@ -20,8 +20,7 @@ name: Deploy DotNet project to Azure Function App on: push: - branches: - - [$default-branch] + branches: [$default-branch] env: AZURE_FUNCTIONAPP_NAME: 'your-app-name' # set this to your function app name on Azure diff --git a/deployments/azure-functions-app-java-gradle.yml b/deployments/azure-functions-app-java-gradle.yml index 69f6343..36c50b8 100644 --- a/deployments/azure-functions-app-java-gradle.yml +++ b/deployments/azure-functions-app-java-gradle.yml @@ -20,8 +20,7 @@ name: Deploy Gradle Java project to Azure Function App on: push: - branches: - - [$default-branch] + branches: [$default-branch] permissions: contents: read diff --git a/deployments/azure-functions-app-java.yml b/deployments/azure-functions-app-java.yml index 0774544..5608328 100644 --- a/deployments/azure-functions-app-java.yml +++ b/deployments/azure-functions-app-java.yml @@ -20,8 +20,7 @@ name: Deploy Java project to Azure Function App on: push: - branches: - - [$default-branch] + branches: [$default-branch] env: AZURE_FUNCTIONAPP_NAME: 'your-app-name' # set this to your function app name on Azure diff --git a/deployments/azure-functions-app-nodejs.yml b/deployments/azure-functions-app-nodejs.yml index b8033f0..916f396 100644 --- a/deployments/azure-functions-app-nodejs.yml +++ b/deployments/azure-functions-app-nodejs.yml @@ -22,8 +22,7 @@ name: Deploy Node.js project to Azure Function App on: push: - branches: - - [$default-branch] + branches: [$default-branch] env: AZURE_FUNCTIONAPP_NAME: 'your-app-name' # set this to your function app name on Azure diff --git a/deployments/azure-functions-app-powershell.yml b/deployments/azure-functions-app-powershell.yml index 505b5af..5d62316 100644 --- a/deployments/azure-functions-app-powershell.yml +++ b/deployments/azure-functions-app-powershell.yml @@ -20,8 +20,7 @@ name: Deploy PowerShell project to Azure Function App on: push: - branches: - - [$default-branch] + branches: [$default-branch] env: AZURE_FUNCTIONAPP_NAME: 'your-app-name' # set this to your function app name on Azure diff --git a/deployments/azure-functions-app-python.yml b/deployments/azure-functions-app-python.yml index 0220227..6452a18 100644 --- a/deployments/azure-functions-app-python.yml +++ b/deployments/azure-functions-app-python.yml @@ -20,8 +20,7 @@ name: Deploy Python project to Azure Function App on: push: - branches: - - [$default-branch] + branches: [$default-branch] env: AZURE_FUNCTIONAPP_NAME: 'your-app-name' # set this to your function app name on Azure From b015c848b62afa863d3f5607a61b1604ee66ebea Mon Sep 17 00:00:00 2001 From: Aditya Sharad <6874315+adityasharad@users.noreply.github.com> Date: Mon, 22 May 2023 10:10:15 -0700 Subject: [PATCH 6/7] CodeQL: Reduce job timeout to 2h if the target language is Swift Some projects observed intermittent build timeouts with Swift. In case this happens, and our CodeQL-level mitigations do not prevent the problem, we want to avoid using up 6h of the customer's billed macOS Actions minutes (which is the default timeout), so we suggest a reduced timeout of 2h. This value is chosen to accommodate the total job time (build + CodeQL extraction + CodeQL analysis) we expect for large Swift projects. We may choose to adjust it in future. --- code-scanning/codeql.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/code-scanning/codeql.yml b/code-scanning/codeql.yml index bd394ae..e901a24 100644 --- a/code-scanning/codeql.yml +++ b/code-scanning/codeql.yml @@ -24,6 +24,7 @@ jobs: analyze: name: Analyze runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} permissions: actions: read contents: read From ee518ae76c27a9700e06499dd8f8c1c99d6d0316 Mon Sep 17 00:00:00 2001 From: Beth Brennan <34719884+elbrenn@users.noreply.github.com> Date: Wed, 31 May 2023 13:38:11 -0400 Subject: [PATCH 7/7] Update CODEOWNERS --- CODEOWNERS | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 0a7c0a5..a47bd5b 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,4 +1,4 @@ -* @actions/starter-workflows +* @actions/actions-workflow-development-reviewers -/code-scanning/ @actions/advanced-security-code-scanning @actions/starter-workflows -/pages/ @actions/pages @actions/starter-workflows +/code-scanning/ @actions/advanced-security-code-scanning @actions/actions-workflow-development-reviewers +/pages/ @actions/pages @actions/actions-workflow-development-reviewers