Skip to content

[release/1.7] Backport GitHub actions package updates#9876

Merged
dmcgowan merged 9 commits intocontainerd:release/1.7from
austinvazquez:release-1.7-cherry-pick-github-actions-package-updates
Feb 27, 2024
Merged

[release/1.7] Backport GitHub actions package updates#9876
dmcgowan merged 9 commits intocontainerd:release/1.7from
austinvazquez:release-1.7-cherry-pick-github-actions-package-updates

Conversation

@austinvazquez
Copy link
Copy Markdown
Member

@austinvazquez austinvazquez commented Feb 26, 2024
edited
Loading

Issue

N/A

The GitHub Actions CI for branch release/1.7 is showing some deprecation warnings for GitHub Actions packages which are running on NodeJS 16.

e.g. a recent release/1.7 PR showed 39 annotated warnings just for CI workflow alone.
image

Description

This is a backport for GitHub Actions CI packages to resolve deprecation warnings in release/1.7 branch workflows:

  1. 3ca9528
  2. f6a9c69
  3. 36b12cb
  4. 9133ad8
  5. 4c1ebe3
  6. f9303d0
  7. 97ec26a
  8. 18b0d23 + change to include matrix.os and matrix.enable_cri_sandboxes to test results in CI workflow so artifact upload is unique.
  9. a274439
  • Resolves 39 warnings in CI workflow
  • Resolves 2 warnings in CodeQL workflow
  • Resolves 2 warnings in Nightly workflow
  • Resolves 6 warnings in Release workflow
  • Resolves 1 warning in Fuzz workflow

Testing

Workflows run on PR

Additional context

Resolves GitHub Actions CI workflow NodeJS 16 deprecation warnings in release/1.7 workflows.
See https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20

dependabot bot added 7 commits February 26, 2024 16:53
@dependabot @austinvazquez
build(deps): bump actions/download-artifact from 3 to 4
87f9adb 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 97ec26a)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
@dependabot @austinvazquez
build(deps): bump github/codeql-action from 2 to 3
6875bb1 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](github/codeql-action@v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit f9303d0)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
@dependabot @austinvazquez
build(deps): bump docker/setup-buildx-action from 2 to 3
97763f9 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 4c1ebe3)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
@dependabot @austinvazquez
build(deps): bump actions/upload-artifact from 1 to 3
b96aa40 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v1...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 9133ad8)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
@dependabot @austinvazquez
build(deps): bump actions/setup-go from 3 to 5
22feefa 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v3...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit f6a9c69)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
@dependabot @austinvazquez
build(deps): bump actions/checkout from 3 to 4
2b40a40 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](actions/checkout@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 3ca9528)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
@dependabot @austinvazquez
build(deps): bump crazy-max/ghaction-github-runtime from 2 to 3
e11de77 
Bumps [crazy-max/ghaction-github-runtime](https://github.com/crazy-max/ghaction-github-runtime) from 2 to 3.
- [Release notes](https://github.com/crazy-max/ghaction-github-runtime/releases)
- [Commits](crazy-max/ghaction-github-runtime@v2...v3)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-github-runtime
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 36b12cb)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
@k8s-ci-robot
Copy link
Copy Markdown

k8s-ci-robot commented Feb 26, 2024

Hi @austinvazquez. Thanks for your PR.

I'm waiting for a containerd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@austinvazquez
Copy link
Copy Markdown
Member Author

austinvazquez commented Feb 26, 2024

Taking a look at CI failures. upload-artifacts@v4 made artifact uploads must be unique. Will compare how this was resolved in mainline.

@austinvazquez austinvazquez force-pushed the release-1.7-cherry-pick-github-actions-package-updates branch from 461c3b9 to 625e354 Compare February 26, 2024 20:53
dependabot bot added 2 commits February 26, 2024 21:54
@dependabot @austinvazquez
build(deps): bump actions/upload-artifact from 3 to 4
7929592 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Adds matrix os and sandboxed build to test results upload so artifacts are unique.

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 18b0d23)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
@dependabot @austinvazquez
build(deps): bump golangci/golangci-lint-action from 3 to 4
8d6f0f2 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3 to 4.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@v3...v4)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit a274439)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
@austinvazquez austinvazquez force-pushed the release-1.7-cherry-pick-github-actions-package-updates branch from 625e354 to 8d6f0f2 Compare February 26, 2024 21:54
@austinvazquez austinvazquez marked this pull request as ready for review February 27, 2024 00:24
@dmcgowan dmcgowan merged commit 8d849a2 into containerd:release/1.7 Feb 27, 2024
@austinvazquez austinvazquez deleted the release-1.7-cherry-pick-github-actions-package-updates branch February 27, 2024 16:25
@dmcgowan dmcgowan mentioned this pull request Mar 8, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dmcgowan dmcgowan dmcgowan approved these changes

@mxpv mxpv mxpv approved these changes

Assignees

No one assigned

Labels

needs-ok-to-test size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@austinvazquez @k8s-ci-robot @dmcgowan @mxpv