From 4e22df02faf8dee4a160bb8b81bec1c9418e2e01 Mon Sep 17 00:00:00 2001 From: Harsh Shandilya Date: Fri, 23 Oct 2020 15:03:45 +0530 Subject: Update GitHub Actions workflows (#1169) * github: switch all actions to their latest versions and pin by SHA1 hash Signed-off-by: Harsh Shandilya * github: switch back to peter-evans/create-pull-request for creating pull requests Signed-off-by: Harsh Shandilya --- .github/workflows/deploy_snapshot.yml | 4 ++-- .github/workflows/draft_new_release.yml | 24 +++++++++++----------- .github/workflows/pull_request.yml | 10 ++++----- .github/workflows/release.yml | 28 +++++++++++++------------- .github/workflows/update_publicsuffix_data.yml | 24 +++++++++------------- .github/workflows/validate_wrapper.yml | 4 ++-- 6 files changed, 45 insertions(+), 49 deletions(-) diff --git a/.github/workflows/deploy_snapshot.yml b/.github/workflows/deploy_snapshot.yml index 272a0738..f8ad28d4 100644 --- a/.github/workflows/deploy_snapshot.yml +++ b/.github/workflows/deploy_snapshot.yml @@ -10,7 +10,7 @@ jobs: if: "!contains(github.event.head_commit.message, '[ci skip]')" steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@c952173edf28a2bd22e1a4926590c1ac39630461 - name: Decrypt secrets run: scripts/signing-setup.sh "$ENCRYPT_KEY" @@ -21,7 +21,7 @@ jobs: run: mkdir -p ~/.gradle ; cp .github/ci-gradle.properties ~/.gradle/gradle.properties - name: Build release app - uses: burrunan/gradle-cache-action@v1 + uses: burrunan/gradle-cache-action@03c71a8ba93d670980695505f48f49daf43704a6 env: SNAPSHOT: "true" with: diff --git a/.github/workflows/draft_new_release.yml b/.github/workflows/draft_new_release.yml index 914e6182..305d5807 100644 --- a/.github/workflows/draft_new_release.yml +++ b/.github/workflows/draft_new_release.yml @@ -9,32 +9,32 @@ jobs: name: "Draft a new release" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@c952173edf28a2bd22e1a4926590c1ac39630461 with: ref: 'release' - name: Extract version from milestone run: | VERSION="${{ github.event.milestone.title }}" - echo "RELEASE_VERSION=$VERSION" >> $GITHUB_ENV - - - name: Create release branch - run: git checkout -b release-${{ env.RELEASE_VERSION }} + echo "RELEASE_VERSION=${VERSION/v/}" >> $GITHUB_ENV - name: Update changelog uses: thomaseizinger/keep-a-changelog-new-release@1.1.0 with: - version: v${{ env.RELEASE_VERSION }} + version: ${{ env.RELEASE_VERSION }} - name: Initialize git config and commit changes run: | git config user.name "GitHub Actions" git config user.email noreply@github.com - git commit -am "Prepare release $RELEASE_VERSION" - name: Create Pull Request - uses: repo-sync/pull-request@v2 + uses: peter-evans/create-pull-request@c7f493a8000b8aeb17a1332e326ba76b57cb83eb with: - source_branch: release-${{ env.RELEASE_VERSION }} - destination_branch: release - pr_title: Release ${{ env.RELEASE_VERSION }} - github_token: ${{ secrets.GITHUB_TOKEN }} + author: GitHub Actions + base: release + body: This is an automated pull request to bump the changelog for the v${{ env.RELEASE_VERSION }} release. + branch: release-${{ env.RELEASE_VERSION }} + commit-message: "CHANGELOG: bump for ${{ env.RELEASE_VERSION }}" + draft: true + title: Release v${{ env.RELEASE_VERSION }} + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index ec128f18..945f1681 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Check if relevant files have changed - uses: actions/github-script@0.9.0 + uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9 id: service-changed with: result-encoding: string @@ -27,7 +27,7 @@ jobs: - name: Checkout repository if: ${{ steps.service-changed.outputs.result == 'true' }} - uses: actions/checkout@v2 + uses: actions/checkout@c952173edf28a2bd22e1a4926590c1ac39630461 - name: Copy CI gradle.properties if: ${{ steps.service-changed.outputs.result == 'true' }} @@ -35,13 +35,13 @@ jobs: - name: Run unit tests if: ${{ steps.service-changed.outputs.result == 'true' }} - uses: burrunan/gradle-cache-action@v1 + uses: burrunan/gradle-cache-action@03c71a8ba93d670980695505f48f49daf43704a6 with: arguments: apiCheck testFreeDebug lintFreeDebug - name: Run instrumentation tests if: ${{ steps.service-changed.outputs.result == 'true' }} - uses: reactivecircus/android-emulator-runner@v2.11.0 + uses: reactivecircus/android-emulator-runner@07b0366e7b93d87f3d00b3e78d9033f04009b347 with: api-level: ${{ matrix.api-level }} target: default @@ -53,7 +53,7 @@ jobs: - name: (Fail-only) upload test report if: failure() - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@27bce4eee761b5bc643f46a8dfb41b430c8d05f6 with: name: Test report path: app/build/reports diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8a8a3244..68065b7f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@c952173edf28a2bd22e1a4926590c1ac39630461 - name: Decrypt secrets run: scripts/signing-setup.sh "$ENCRYPT_KEY" @@ -21,24 +21,24 @@ jobs: run: mkdir -p ~/.gradle ; cp .github/ci-gradle.properties ~/.gradle/gradle.properties - name: Build release binaries - uses: burrunan/gradle-cache-action@v1 + uses: burrunan/gradle-cache-action@03c71a8ba93d670980695505f48f49daf43704a6 with: arguments: :app:assembleFreeRelease :app:assembleNonFreeRelease :app:bundleNonFreeRelease - name: Upload non-free release APK - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@27bce4eee761b5bc643f46a8dfb41b430c8d05f6 with: name: APS Non-Free Release APK path: app/build/outputs/apk/nonFree/release/app-nonFree-release.apk - name: Upload non-free release Bundle - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@27bce4eee761b5bc643f46a8dfb41b430c8d05f6 with: name: APS Non-Free Release Bundle path: app/build/outputs/bundle/nonFreeRelease/app-nonFree-release.aab - name: Upload free release APK - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@27bce4eee761b5bc643f46a8dfb41b430c8d05f6 with: name: APS Free Release APK path: app/build/outputs/apk/free/release/app-free-release.apk @@ -53,36 +53,36 @@ jobs: needs: build steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@c952173edf28a2bd22e1a4926590c1ac39630461 - name: Get Non-Free Release APK - uses: actions/download-artifact@v2 + uses: actions/download-artifact@f60857ee283b759efd0a9bf31b1b24a2d9c7e5cd with: name: APS Non-Free Release APK path: artifacts/nonFree - name: Get Non-Free Bundle - uses: actions/download-artifact@v2 + uses: actions/download-artifact@f60857ee283b759efd0a9bf31b1b24a2d9c7e5cd with: name: APS Non-Free Release Bundle path: artifacts/nonFree - name: Get Free Release APK - uses: actions/download-artifact@v2 + uses: actions/download-artifact@f60857ee283b759efd0a9bf31b1b24a2d9c7e5cd with: name: APS Free Release APK path: artifacts/free - name: Get Changelog Entry id: changelog_reader - uses: mindsers/changelog-reader-action@v1.1.0 + uses: mindsers/changelog-reader-action@30552f0e948002519ff6b36ffbf889ef4da47246 with: version: ${{ github.ref }} path: ./CHANGELOG.md - name: Create Release id: create_release - uses: actions/create-release@v1 + uses: actions/create-release@c38d3a140cc22e67e265c5d5b6b4888d1f02533f env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -97,7 +97,7 @@ jobs: run: echo ::set-output name=VERSION::${GITHUB_REF#refs/tags/} - name: Upload Non-Free Release Apk - uses: actions/upload-release-asset@v1 + uses: actions/upload-release-asset@e9f0662bdf9868f4aac644f0eedc2b56567fdba8 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -107,7 +107,7 @@ jobs: asset_content_type: application/vnd.android.package-archive - name: Upload Non-Free Release Bundle - uses: actions/upload-release-asset@v1 + uses: actions/upload-release-asset@e9f0662bdf9868f4aac644f0eedc2b56567fdba8 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -117,7 +117,7 @@ jobs: asset_content_type: application/octet-stream - name: Upload Free Release Apk - uses: actions/upload-release-asset@v1 + uses: actions/upload-release-asset@e9f0662bdf9868f4aac644f0eedc2b56567fdba8 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/update_publicsuffix_data.yml b/.github/workflows/update_publicsuffix_data.yml index e0e09f86..00a26361 100644 --- a/.github/workflows/update_publicsuffix_data.yml +++ b/.github/workflows/update_publicsuffix_data.yml @@ -8,13 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 - - - name: Initialize git config - run: | - git config user.name "GitHub Actions" - git config user.email noreply@github.com - git checkout -b bot/update-psl + uses: actions/checkout@c952173edf28a2bd22e1a4926590c1ac39630461 - name: Download new publicsuffix data run: curl -L https://github.com/mozilla-mobile/android-components/raw/master/components/lib/publicsuffixlist/src/main/assets/publicsuffixes -o autofill-parser/src/main/assets/publicsuffixes @@ -23,13 +17,15 @@ jobs: run: if [[ $(git diff --binary --stat) != '' ]]; then echo "UPDATED=true" >> $GITHUB_ENV; fi - name: Create Pull Request - uses: repo-sync/pull-request@v2 + uses: peter-evans/create-pull-request@c7f493a8000b8aeb17a1332e326ba76b57cb83eb if: env.UPDATED == 'true' with: - source_branch: bot/update-psl - destination_branch: develop - pr_title: "Update Public Suffix List data" - pr_body: "This is an automated pull request to update the publicsuffixes file to the latest copy from Mozilla" assignees: msfjarvis - pr_label: PSL - github_token: ${{ secrets.GITHUB_TOKEN }} + author: GitHub Actions + base: develop + body: This is an automated pull request to update the publicsuffixes file to the latest copy from Mozilla + branch: bot/update-psl + commit-message: "autofill-parser: update publicsuffixes file" + labels: PSL + title: Update Public Suffix List data + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/validate_wrapper.yml b/.github/workflows/validate_wrapper.yml index 8781750e..e7dc89c2 100644 --- a/.github/workflows/validate_wrapper.yml +++ b/.github/workflows/validate_wrapper.yml @@ -12,5 +12,5 @@ jobs: name: "Wrapper validation" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: gradle/wrapper-validation-action@v1.0.3 + - uses: actions/checkout@c952173edf28a2bd22e1a4926590c1ac39630461 + - uses: gradle/wrapper-validation-action@2a9956c214b2b4b63544570479c926e7a121218e -- cgit v1.2.3