From 2cb8192c5da385a9c267b91f045228581aa43314 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Fri, 29 Apr 2022 10:01:23 +0530 Subject: [PATCH 01/52] Adds the comment --- data/reusables/actions/actions-use-sha-pinning.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 data/reusables/actions/actions-use-sha-pinning.md diff --git a/data/reusables/actions/actions-use-sha-pinning.md b/data/reusables/actions/actions-use-sha-pinning.md new file mode 100644 index 0000000000..e392448971 --- /dev/null +++ b/data/reusables/actions/actions-use-sha-pinning.md @@ -0,0 +1 @@ +# GitHub recommends pinning actions to a commit SHA. To get a newer version, you will need to update the SHA. You can also reference a tag or branch, but the action may change without warning. From 535677f5ee033959075becbb28c4e245f86be166 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Mon, 2 May 2022 14:04:44 +0530 Subject: [PATCH 02/52] Update Ruby automation for SHA Pinning --- .../automating-builds-and-tests/building-and-testing-ruby.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/content/actions/automating-builds-and-tests/building-and-testing-ruby.md b/content/actions/automating-builds-and-tests/building-and-testing-ruby.md index 6d9083874a..2215134058 100644 --- a/content/actions/automating-builds-and-tests/building-and-testing-ruby.md +++ b/content/actions/automating-builds-and-tests/building-and-testing-ruby.md @@ -100,6 +100,7 @@ Each version of Ruby specified in the `ruby-version` array creates a job that ru The full updated workflow with a matrix strategy could look like this: ```yaml +{% data reusables.actions.actions-use-sha-pinning %} {% data reusables.actions.actions-not-certified-by-github-comment %} name: Ruby CI @@ -200,6 +201,7 @@ steps: The following example matrix tests all stable releases and head versions of MRI, JRuby and TruffleRuby on Ubuntu and macOS. ```yaml +{% data reusables.actions.actions-use-sha-pinning %} {% data reusables.actions.actions-not-certified-by-github-comment %} name: Matrix Testing @@ -233,6 +235,7 @@ jobs: The following example installs `rubocop` and uses it to lint all files. For more information, see [RuboCop](https://github.com/rubocop-hq/rubocop). You can [configure Rubocop](https://docs.rubocop.org/rubocop/configuration.html) to decide on the specific linting rules. ```yaml +{% data reusables.actions.actions-use-sha-pinning %} {% data reusables.actions.actions-not-certified-by-github-comment %} name: Linting @@ -259,6 +262,7 @@ You can configure your workflow to publish your Ruby package to any package regi You can store any access tokens or credentials needed to publish your package using repository secrets. The following example creates and publishes a package to `GitHub Package Registry` and `RubyGems`. ```yaml +{% data reusables.actions.actions-use-sha-pinning %} {% data reusables.actions.actions-not-certified-by-github-comment %} name: Ruby Gem From 02eb65e880c85583b0f5b8ae210b5cbc3edcd22d Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Mon, 2 May 2022 14:08:16 +0530 Subject: [PATCH 03/52] Update Swift docs for SHA Pinning --- .../automating-builds-and-tests/building-and-testing-swift.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/content/actions/automating-builds-and-tests/building-and-testing-swift.md b/content/actions/automating-builds-and-tests/building-and-testing-swift.md index b40251f299..357a07253f 100644 --- a/content/actions/automating-builds-and-tests/building-and-testing-swift.md +++ b/content/actions/automating-builds-and-tests/building-and-testing-swift.md @@ -69,6 +69,8 @@ You can configure your job to use multiple versions of Swift in a matrix. ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning %} + name: Swift From e4e72999b291b1a5e7df2cce51dba753f2ce6bfa Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Mon, 2 May 2022 14:15:43 +0530 Subject: [PATCH 04/52] =?UTF-8?q?Ruby=20quickfix=20:=20Not-certified=20?= =?UTF-8?q?=F0=9F=92=AC=20should=20be=20at=20top?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../building-and-testing-ruby.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/content/actions/automating-builds-and-tests/building-and-testing-ruby.md b/content/actions/automating-builds-and-tests/building-and-testing-ruby.md index 2215134058..cc894b3f85 100644 --- a/content/actions/automating-builds-and-tests/building-and-testing-ruby.md +++ b/content/actions/automating-builds-and-tests/building-and-testing-ruby.md @@ -37,6 +37,7 @@ To get started quickly, add the starter workflow to the `.github/workflows` dire ```yaml {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Ruby @@ -100,8 +101,8 @@ Each version of Ruby specified in the `ruby-version` array creates a job that ru The full updated workflow with a matrix strategy could look like this: ```yaml -{% data reusables.actions.actions-use-sha-pinning %} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Ruby CI @@ -201,8 +202,8 @@ steps: The following example matrix tests all stable releases and head versions of MRI, JRuby and TruffleRuby on Ubuntu and macOS. ```yaml -{% data reusables.actions.actions-use-sha-pinning %} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Matrix Testing @@ -235,8 +236,8 @@ jobs: The following example installs `rubocop` and uses it to lint all files. For more information, see [RuboCop](https://github.com/rubocop-hq/rubocop). You can [configure Rubocop](https://docs.rubocop.org/rubocop/configuration.html) to decide on the specific linting rules. ```yaml -{% data reusables.actions.actions-use-sha-pinning %} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Linting @@ -262,8 +263,8 @@ You can configure your workflow to publish your Ruby package to any package regi You can store any access tokens or credentials needed to publish your package using repository secrets. The following example creates and publishes a package to `GitHub Package Registry` and `RubyGems`. ```yaml -{% data reusables.actions.actions-use-sha-pinning %} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Ruby Gem From 4e505af4626f85a6bcac49f8ce0f582b8d7c8c67 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Mon, 2 May 2022 14:18:19 +0530 Subject: [PATCH 05/52] Rename reusable --- ...ions-use-sha-pinning.md => actions-use-sha-pinning-comment.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename data/reusables/actions/{actions-use-sha-pinning.md => actions-use-sha-pinning-comment.md} (100%) diff --git a/data/reusables/actions/actions-use-sha-pinning.md b/data/reusables/actions/actions-use-sha-pinning-comment.md similarity index 100% rename from data/reusables/actions/actions-use-sha-pinning.md rename to data/reusables/actions/actions-use-sha-pinning-comment.md From 5121248fda21e42a9b32cd4f39f60c0cbafa481f Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Mon, 2 May 2022 14:19:11 +0530 Subject: [PATCH 06/52] Renamed reusable fix --- .../automating-builds-and-tests/building-and-testing-swift.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/actions/automating-builds-and-tests/building-and-testing-swift.md b/content/actions/automating-builds-and-tests/building-and-testing-swift.md index 357a07253f..d584370a77 100644 --- a/content/actions/automating-builds-and-tests/building-and-testing-swift.md +++ b/content/actions/automating-builds-and-tests/building-and-testing-swift.md @@ -69,7 +69,7 @@ You can configure your job to use multiple versions of Swift in a matrix. ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} -{% data reusables.actions.actions-use-sha-pinning %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Swift From 88c4d7651725aa250ceb378329b7bd7fe6e0d82c Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Mon, 2 May 2022 14:32:04 +0530 Subject: [PATCH 07/52] Fix things --- .../automating-builds-and-tests/building-and-testing-swift.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/automating-builds-and-tests/building-and-testing-swift.md b/content/actions/automating-builds-and-tests/building-and-testing-swift.md index d584370a77..50baeaf9ce 100644 --- a/content/actions/automating-builds-and-tests/building-and-testing-swift.md +++ b/content/actions/automating-builds-and-tests/building-and-testing-swift.md @@ -68,6 +68,7 @@ The examples below demonstrate using the `fwal/setup-swift` action. You can configure your job to use multiple versions of Swift in a matrix. ```yaml{:copy} + {% data reusables.actions.actions-not-certified-by-github-comment %} {% data reusables.actions.actions-use-sha-pinning-comment %} From 1b5be0e82c43f97029bb85e24b1c1f645e67ace9 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 08:41:54 +0530 Subject: [PATCH 08/52] Add SHA Pinning Comment --- .../building-and-testing-java-with-gradle.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/automating-builds-and-tests/building-and-testing-java-with-gradle.md b/content/actions/automating-builds-and-tests/building-and-testing-java-with-gradle.md index e697d8e659..cb90b0abe2 100644 --- a/content/actions/automating-builds-and-tests/building-and-testing-java-with-gradle.md +++ b/content/actions/automating-builds-and-tests/building-and-testing-java-with-gradle.md @@ -50,6 +50,7 @@ You can also add this workflow manually by creating a new file in the `.github/w ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Java CI From dc9b5191e53c58ed7fdcabf37e507a0e866c0642 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 08:53:22 +0530 Subject: [PATCH 09/52] Add SHA Pinning Comment --- .../automating-builds-and-tests/building-and-testing-python.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/automating-builds-and-tests/building-and-testing-python.md b/content/actions/automating-builds-and-tests/building-and-testing-python.md index 63863b31d1..d9cedac6fb 100644 --- a/content/actions/automating-builds-and-tests/building-and-testing-python.md +++ b/content/actions/automating-builds-and-tests/building-and-testing-python.md @@ -377,6 +377,7 @@ For this example, you will need to create two [PyPI API tokens](https://pypi.org ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Upload Python Package From 05a9ea1ebba5fabd78dbbb0cb4c8d2dbf7750290 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 09:05:15 +0530 Subject: [PATCH 10/52] Add SHA Pinning recommendation --- .../scheduling-issue-creation.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md index eb41b3c838..7896bb0a36 100644 --- a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md +++ b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md @@ -31,6 +31,7 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is ```yaml{:copy} {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Weekly Team Sync on: From 9f0b8bc8705e2ebc55f158ca6dceeaa08568d08d Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 09:07:02 +0530 Subject: [PATCH 11/52] Add SHA Pinning recommendation --- ...ing-a-label-when-a-card-is-added-to-a-project-board-column.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md index d28c687f5a..ae26f88702 100644 --- a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md +++ b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md @@ -33,6 +33,7 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l ```yaml{:copy} {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Remove labels on: From 5c03c2e18c7c0dfee4797478948a4a9e04095080 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 09:16:22 +0530 Subject: [PATCH 12/52] Fix things --- ...g-a-label-when-a-card-is-added-to-a-project-board-column.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md index ae26f88702..7b9b9dfff4 100644 --- a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md +++ b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md @@ -32,7 +32,8 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l 4. Copy the following YAML contents into your workflow file. ```yaml{:copy} -{% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} + +{% data reusables.actions.actions-not-certified-by-github-comment %} {% data reusables.actions.actions-use-sha-pinning-comment %} name: Remove labels From 1a73d5c6f1d625f71d9b477e726b0d1d2881e6be Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 09:27:42 +0530 Subject: [PATCH 13/52] Quickfix --- ...label-when-a-card-is-added-to-a-project-board-column.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md index 7b9b9dfff4..71e1062526 100644 --- a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md +++ b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md @@ -30,9 +30,7 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l 2. Choose a project that belongs to the repository. This workflow cannot be used with projects that belong to users or organizations. You can use an existing project, or you can create a new project. For more information about creating a project, see "[Creating a project board](/github/managing-your-work-on-github/creating-a-project-board)." 3. {% data reusables.actions.make-workflow-file %} 4. Copy the following YAML contents into your workflow file. - - ```yaml{:copy} - +```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} {% data reusables.actions.actions-use-sha-pinning-comment %} @@ -54,8 +52,7 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l with: remove-labels: "needs review" repo-token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} - ``` - +``` 5. Customize the parameters in your workflow file: - In `github.event.project_card.column_id == '12345678'`, replace `12345678` with the ID of the column where you want to un-label issues and pull requests that are moved there. From fb97bc92b1df4f1f0a2d702162502985540bd5cf Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 09:35:27 +0530 Subject: [PATCH 14/52] Fix again --- ...ing-a-label-when-a-card-is-added-to-a-project-board-column.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md index 71e1062526..5c796d26f8 100644 --- a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md +++ b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md @@ -53,6 +53,7 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l remove-labels: "needs review" repo-token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} ``` + 5. Customize the parameters in your workflow file: - In `github.event.project_card.column_id == '12345678'`, replace `12345678` with the ID of the column where you want to un-label issues and pull requests that are moved there. From 838ca4b3943bc7a8ba5a8c54528d2ce4113bf6e7 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 09:37:39 +0530 Subject: [PATCH 15/52] Quickfix --- .../scheduling-issue-creation.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md index 7896bb0a36..e13d08c07c 100644 --- a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md +++ b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md @@ -29,8 +29,8 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is 2. {% data reusables.actions.make-workflow-file %} 3. Copy the following YAML contents into your workflow file. - ```yaml{:copy} -{% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} +```yaml{:copy} +{% data reusables.actions.actions-not-certified-by-github-comment %} {% data reusables.actions.actions-use-sha-pinning-comment %} name: Weekly Team Sync @@ -67,7 +67,7 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is close-previous: false env: GITHUB_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} - ``` +``` 4. Customize the parameters in your workflow file: - Change the value for `on.schedule` to dictate when you want this workflow to run. In the example above, the workflow will run every Monday at 7:20 UTC. For more information about scheduled workflows, see "[Scheduled events](/actions/reference/events-that-trigger-workflows#scheduled-events)." From bf51f3c15fce0ee1ab505e477595cb901d0eb41a Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 14:41:17 +0530 Subject: [PATCH 16/52] Fix again --- .../scheduling-issue-creation.md | 68 +++++++++---------- 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md index e13d08c07c..782581e7eb 100644 --- a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md +++ b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md @@ -29,45 +29,45 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is 2. {% data reusables.actions.make-workflow-file %} 3. Copy the following YAML contents into your workflow file. -```yaml{:copy} -{% data reusables.actions.actions-not-certified-by-github-comment %} -{% data reusables.actions.actions-use-sha-pinning-comment %} + ```yaml{:copy} + {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} - name: Weekly Team Sync - on: - schedule: - - cron: 20 07 * * 1 + name: Weekly Team Sync + on: + schedule: + - cron: 20 07 * * 1 - jobs: - create_issue: - name: Create team sync issue - runs-on: ubuntu-latest{% ifversion fpt or ghes > 3.1 or ghae or ghec %} - permissions: - issues: write{% endif %} - steps: - - name: Create team sync issue - uses: imjohnbo/issue-bot@3daae12aa54d38685d7ff8459fc8a2aee8cea98b - with: - assignees: "monalisa, doctocat, hubot" - labels: "weekly sync, docs-team" - title: "Team sync" - body: | - ### Agenda + jobs: + create_issue: + name: Create team sync issue + runs-on: ubuntu-latest{% ifversion fpt or ghes > 3.1 or ghae or ghec %} + permissions: + issues: write{% endif %} + steps: + - name: Create team sync issue + uses: imjohnbo/issue-bot@3daae12aa54d38685d7ff8459fc8a2aee8cea98b + with: + assignees: "monalisa, doctocat, hubot" + labels: "weekly sync, docs-team" + title: "Team sync" + body: | + ### Agenda - - [ ] Start the recording - - [ ] Check-ins - - [ ] Discussion points - - [ ] Post the recording + - [ ] Start the recording + - [ ] Check-ins + - [ ] Discussion points + - [ ] Post the recording - ### Discussion Points - Add things to discuss below + ### Discussion Points + Add things to discuss below - - [Work this week](https://github.com/orgs/github/projects/3) - pinned: false - close-previous: false - env: - GITHUB_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} -``` + - [Work this week](https://github.com/orgs/github/projects/3) + pinned: false + close-previous: false + env: + GITHUB_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} + ``` 4. Customize the parameters in your workflow file: - Change the value for `on.schedule` to dictate when you want this workflow to run. In the example above, the workflow will run every Monday at 7:20 UTC. For more information about scheduled workflows, see "[Scheduled events](/actions/reference/events-that-trigger-workflows#scheduled-events)." From b3dac5b02f276588dd0b15de9fbcb84b36cb1142 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 14:49:50 +0530 Subject: [PATCH 17/52] Trying again --- .../scheduling-issue-creation.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md index 782581e7eb..e8cd366d49 100644 --- a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md +++ b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md @@ -29,7 +29,7 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is 2. {% data reusables.actions.make-workflow-file %} 3. Copy the following YAML contents into your workflow file. - ```yaml{:copy} + ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} {% data reusables.actions.actions-use-sha-pinning-comment %} @@ -67,7 +67,7 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is close-previous: false env: GITHUB_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} - ``` + ``` 4. Customize the parameters in your workflow file: - Change the value for `on.schedule` to dictate when you want this workflow to run. In the example above, the workflow will run every Monday at 7:20 UTC. For more information about scheduled workflows, see "[Scheduled events](/actions/reference/events-that-trigger-workflows#scheduled-events)." From c8574ecf35809bbd392ce645da089584e512637e Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 14:58:44 +0530 Subject: [PATCH 18/52] Retry --- .../scheduling-issue-creation.md | 68 +++++++++---------- 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md index e8cd366d49..65f913449c 100644 --- a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md +++ b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md @@ -29,45 +29,45 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is 2. {% data reusables.actions.make-workflow-file %} 3. Copy the following YAML contents into your workflow file. - ```yaml{:copy} - {% data reusables.actions.actions-not-certified-by-github-comment %} - {% data reusables.actions.actions-use-sha-pinning-comment %} + ```yaml{:copy} + {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} - name: Weekly Team Sync - on: - schedule: - - cron: 20 07 * * 1 + name: Weekly Team Sync + on: + schedule: + - cron: 20 07 * * 1 - jobs: - create_issue: - name: Create team sync issue - runs-on: ubuntu-latest{% ifversion fpt or ghes > 3.1 or ghae or ghec %} - permissions: - issues: write{% endif %} - steps: - - name: Create team sync issue - uses: imjohnbo/issue-bot@3daae12aa54d38685d7ff8459fc8a2aee8cea98b - with: - assignees: "monalisa, doctocat, hubot" - labels: "weekly sync, docs-team" - title: "Team sync" - body: | - ### Agenda + jobs: + create_issue: + name: Create team sync issue + runs-on: ubuntu-latest{% ifversion fpt or ghes > 3.1 or ghae or ghec %} + permissions: + issues: write{% endif %} + steps: + - name: Create team sync issue + uses: imjohnbo/issue-bot@3daae12aa54d38685d7ff8459fc8a2aee8cea98b + with: + assignees: "monalisa, doctocat, hubot" + labels: "weekly sync, docs-team" + title: "Team sync" + body: | + ### Agenda - - [ ] Start the recording - - [ ] Check-ins - - [ ] Discussion points - - [ ] Post the recording + - [ ] Start the recording + - [ ] Check-ins + - [ ] Discussion points + - [ ] Post the recording - ### Discussion Points - Add things to discuss below + ### Discussion Points + Add things to discuss below - - [Work this week](https://github.com/orgs/github/projects/3) - pinned: false - close-previous: false - env: - GITHUB_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} - ``` + - [Work this week](https://github.com/orgs/github/projects/3) + pinned: false + close-previous: false + env: + GITHUB_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} + ``` 4. Customize the parameters in your workflow file: - Change the value for `on.schedule` to dictate when you want this workflow to run. In the example above, the workflow will run every Monday at 7:20 UTC. For more information about scheduled workflows, see "[Scheduled events](/actions/reference/events-that-trigger-workflows#scheduled-events)." From f25c65dd46560477bd1d4d1529547175b343a767 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 15:13:18 +0530 Subject: [PATCH 19/52] Probably fixed finally --- .../scheduling-issue-creation.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md index 65f913449c..558a5dd5fa 100644 --- a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md +++ b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md @@ -29,10 +29,10 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is 2. {% data reusables.actions.make-workflow-file %} 3. Copy the following YAML contents into your workflow file. - ```yaml{:copy} + ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} - {% data reusables.actions.actions-use-sha-pinning-comment %} - + {% data reusables.actions.actions-use-sha-pinning-comment + name: Weekly Team Sync on: schedule: @@ -67,7 +67,7 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is close-previous: false env: GITHUB_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} - ``` + ``` 4. Customize the parameters in your workflow file: - Change the value for `on.schedule` to dictate when you want this workflow to run. In the example above, the workflow will run every Monday at 7:20 UTC. For more information about scheduled workflows, see "[Scheduled events](/actions/reference/events-that-trigger-workflows#scheduled-events)." From 896ba1dd72c68af9f644403b5ffe3bbd085390e0 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 15:29:49 +0530 Subject: [PATCH 20/52] Fix missing `}` --- .../scheduling-issue-creation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md index 558a5dd5fa..85a842c104 100644 --- a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md +++ b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md @@ -31,7 +31,7 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} - {% data reusables.actions.actions-use-sha-pinning-comment + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Weekly Team Sync on: From 069afc6ff8120e3c4a20213f458bdb2a3fff20a9 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 15:43:28 +0530 Subject: [PATCH 21/52] Use `indented_data_reference` --- .../scheduling-issue-creation.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md index 85a842c104..529378830a 100644 --- a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md +++ b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md @@ -30,8 +30,8 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is 3. Copy the following YAML contents into your workflow file. ```yaml{:copy} - {% data reusables.actions.actions-not-certified-by-github-comment %} - {% data reusables.actions.actions-use-sha-pinning-comment %} + {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} + {% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} name: Weekly Team Sync on: From c4a7a32024c1b089c0d534c0d2b1bcea5452c0e9 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 16:53:31 +0530 Subject: [PATCH 22/52] Use `indented_data_reference` --- ...abel-when-a-card-is-added-to-a-project-board-column.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md index 5c796d26f8..8ab46ddbff 100644 --- a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md +++ b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md @@ -30,9 +30,9 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l 2. Choose a project that belongs to the repository. This workflow cannot be used with projects that belong to users or organizations. You can use an existing project, or you can create a new project. For more information about creating a project, see "[Creating a project board](/github/managing-your-work-on-github/creating-a-project-board)." 3. {% data reusables.actions.make-workflow-file %} 4. Copy the following YAML contents into your workflow file. -```yaml{:copy} -{% data reusables.actions.actions-not-certified-by-github-comment %} -{% data reusables.actions.actions-use-sha-pinning-comment %} + ```yaml{:copy} +{% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} +{% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} name: Remove labels on: @@ -52,7 +52,7 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l with: remove-labels: "needs review" repo-token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} -``` + ``` 5. Customize the parameters in your workflow file: - In `github.event.project_card.column_id == '12345678'`, replace `12345678` with the ID of the column where you want to un-label issues and pull requests that are moved there. From 559f0ab32d8a01f1cae49589a6ac5d8cc6b5e2a8 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 16:54:40 +0530 Subject: [PATCH 23/52] Fix spacing --- .../scheduling-issue-creation.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md index 529378830a..954173a9da 100644 --- a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md +++ b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md @@ -30,8 +30,8 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is 3. Copy the following YAML contents into your workflow file. ```yaml{:copy} - {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} - {% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} +{% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} +{% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} name: Weekly Team Sync on: From 725fe5153950221b583632894b31464a6b19fe30 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 17:01:52 +0530 Subject: [PATCH 24/52] Fix numbering --- ...card-is-added-to-a-project-board-column.md | 40 +++++++++---------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md index 8ab46ddbff..a6bd7c1eef 100644 --- a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md +++ b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md @@ -31,27 +31,27 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l 3. {% data reusables.actions.make-workflow-file %} 4. Copy the following YAML contents into your workflow file. ```yaml{:copy} -{% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} -{% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} + {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} + {% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} - name: Remove labels - on: - project_card: - types: - - moved - jobs: - remove_labels: - if: github.event.project_card.column_id == '12345678' - runs-on: ubuntu-latest{% ifversion fpt or ghes > 3.1 or ghae or ghec %} - permissions: - issues: write - pull-requests: write{% endif %} - steps: - - name: remove labels - uses: andymckay/labeler@5c59dabdfd4dd5bd9c6e6d255b01b9d764af4414 - with: - remove-labels: "needs review" - repo-token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} + name: Remove labels + on: + project_card: + types: + - moved + jobs: + remove_labels: + if: github.event.project_card.column_id == '12345678' + runs-on: ubuntu-latest{% ifversion fpt or ghes > 3.1 or ghae or ghec %} + permissions: + issues: write + pull-requests: write{% endif %} + steps: + - name: remove labels + uses: andymckay/labeler@5c59dabdfd4dd5bd9c6e6d255b01b9d764af4414 + with: + remove-labels: "needs review" + repo-token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} ``` 5. Customize the parameters in your workflow file: From d8352e29d455bb25ea181c42b9796f952e9a8c61 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 20:20:38 +0530 Subject: [PATCH 25/52] Fix spacing --- ...-a-label-when-a-card-is-added-to-a-project-board-column.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md index a6bd7c1eef..a2abc1720d 100644 --- a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md +++ b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md @@ -31,8 +31,8 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l 3. {% data reusables.actions.make-workflow-file %} 4. Copy the following YAML contents into your workflow file. ```yaml{:copy} - {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} - {% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} +{% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} +{% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} name: Remove labels on: From 02c4c3fd9bb758e0f07a02ebe89399cc2b496dc9 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 21:22:45 +0530 Subject: [PATCH 26/52] Add line breaks --- data/reusables/actions/actions-use-sha-pinning-comment.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/data/reusables/actions/actions-use-sha-pinning-comment.md b/data/reusables/actions/actions-use-sha-pinning-comment.md index e392448971..b3a3c95421 100644 --- a/data/reusables/actions/actions-use-sha-pinning-comment.md +++ b/data/reusables/actions/actions-use-sha-pinning-comment.md @@ -1 +1,3 @@ -# GitHub recommends pinning actions to a commit SHA. To get a newer version, you will need to update the SHA. You can also reference a tag or branch, but the action may change without warning. +# GitHub recommends pinning actions to a commit SHA. +# To get a newer version, you will need to update the SHA. +# You can also reference a tag or branch, but the action may change without warning. From 4637e43a32c467f1bf9c9178bec6d1748ea7d508 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 21:54:23 +0530 Subject: [PATCH 27/52] Add SHA Pinning Comment --- .../moving-assigned-issues-on-project-boards.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/managing-issues-and-pull-requests/moving-assigned-issues-on-project-boards.md b/content/actions/managing-issues-and-pull-requests/moving-assigned-issues-on-project-boards.md index 9dd033ac14..125dc6fd3e 100644 --- a/content/actions/managing-issues-and-pull-requests/moving-assigned-issues-on-project-boards.md +++ b/content/actions/managing-issues-and-pull-requests/moving-assigned-issues-on-project-boards.md @@ -33,6 +33,7 @@ In the tutorial, you will first make a workflow file that uses the [`alex-page/g ```yaml{:copy} {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} +{% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} name: Move assigned card on: From 58ed9ad2f4ad8fea5c95d3d323c66ffa9ccb4b91 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Tue, 3 May 2022 21:56:09 +0530 Subject: [PATCH 28/52] Add SHA Pinning Comment --- .../commenting-on-an-issue-when-a-label-is-added.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/managing-issues-and-pull-requests/commenting-on-an-issue-when-a-label-is-added.md b/content/actions/managing-issues-and-pull-requests/commenting-on-an-issue-when-a-label-is-added.md index 43f42b40ce..a3f30c56df 100644 --- a/content/actions/managing-issues-and-pull-requests/commenting-on-an-issue-when-a-label-is-added.md +++ b/content/actions/managing-issues-and-pull-requests/commenting-on-an-issue-when-a-label-is-added.md @@ -32,6 +32,7 @@ In the tutorial, you will first make a workflow file that uses the [`peter-evans ```yaml{:copy} {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} +{% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} name: Add comment on: From 17373630e37826bf5ce873c394011d8c26543fb0 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Wed, 4 May 2022 08:55:09 +0530 Subject: [PATCH 29/52] Add SHA Pinning recommendation --- .../managing-issues-and-pull-requests/adding-labels-to-issues.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/managing-issues-and-pull-requests/adding-labels-to-issues.md b/content/actions/managing-issues-and-pull-requests/adding-labels-to-issues.md index 20a2edd4b6..365606400a 100644 --- a/content/actions/managing-issues-and-pull-requests/adding-labels-to-issues.md +++ b/content/actions/managing-issues-and-pull-requests/adding-labels-to-issues.md @@ -31,6 +31,7 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l ```yaml{:copy} {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} +{% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} name: Label issues on: From 917256356eb78f56ade48528f89657572476ae1d Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Wed, 4 May 2022 11:51:42 +0530 Subject: [PATCH 30/52] Add SHA Pinning Comment --- .../publishing-java-packages-with-gradle.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/content/actions/publishing-packages/publishing-java-packages-with-gradle.md b/content/actions/publishing-packages/publishing-java-packages-with-gradle.md index ac5b7467d8..5873582d41 100644 --- a/content/actions/publishing-packages/publishing-java-packages-with-gradle.md +++ b/content/actions/publishing-packages/publishing-java-packages-with-gradle.md @@ -78,6 +78,7 @@ With this configuration, you can create a workflow that publishes your package t ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish package to the Maven Central Repository on: @@ -147,6 +148,7 @@ With this configuration, you can create a workflow that publishes your package t ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish package to GitHub Packages on: @@ -225,6 +227,7 @@ With this configuration, you can create a workflow that publishes your package t ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish package to the Maven Central Repository and GitHub Packages on: From acaadad0a92156b1b2f36a699c0fee0c7c9c1f44 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Wed, 4 May 2022 11:57:00 +0530 Subject: [PATCH 31/52] Add SHA Pinning Comment --- .../actions/publishing-packages/publishing-docker-images.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/content/actions/publishing-packages/publishing-docker-images.md b/content/actions/publishing-packages/publishing-docker-images.md index 615c8d608c..410faa8587 100644 --- a/content/actions/publishing-packages/publishing-docker-images.md +++ b/content/actions/publishing-packages/publishing-docker-images.md @@ -68,6 +68,7 @@ The `build-push-action` options required for Docker Hub are: ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish Docker image @@ -136,6 +137,7 @@ The above workflow is triggered by a push to the "release" branch. It checks out {% else %} ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish Docker image @@ -181,6 +183,7 @@ The following example workflow uses the steps from the previous sections ("[Publ ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish Docker image From b8b97ded2cc7138febda94d568dc70b3c03a51ac Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Wed, 4 May 2022 12:11:46 +0530 Subject: [PATCH 32/52] Fix things --- .../publishing-java-packages-with-gradle.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/content/actions/publishing-packages/publishing-java-packages-with-gradle.md b/content/actions/publishing-packages/publishing-java-packages-with-gradle.md index 5873582d41..aaad1c585e 100644 --- a/content/actions/publishing-packages/publishing-java-packages-with-gradle.md +++ b/content/actions/publishing-packages/publishing-java-packages-with-gradle.md @@ -77,6 +77,7 @@ publishing { With this configuration, you can create a workflow that publishes your package to the Maven Central Repository by running the `gradle publish` command. In the deploy step, you’ll need to set environment variables for the username and password or token that you use to authenticate to the Maven repository. For more information, see "[Creating and using encrypted secrets](/github/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)." ```yaml{:copy} + {% data reusables.actions.actions-not-certified-by-github-comment %} {% data reusables.actions.actions-use-sha-pinning-comment %} @@ -147,6 +148,7 @@ publishing { With this configuration, you can create a workflow that publishes your package to {% data variables.product.prodname_registry %} by running the `gradle publish` command. ```yaml{:copy} + {% data reusables.actions.actions-not-certified-by-github-comment %} {% data reusables.actions.actions-use-sha-pinning-comment %} @@ -226,6 +228,7 @@ publishing { With this configuration, you can create a workflow that publishes your package to both the Maven Central Repository and {% data variables.product.prodname_registry %} by running the `gradle publish` command. ```yaml{:copy} + {% data reusables.actions.actions-not-certified-by-github-comment %} {% data reusables.actions.actions-use-sha-pinning-comment %} From 580c22c5fcb87b199d820b9a5c27bc0cc3819e24 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Wed, 4 May 2022 18:36:54 +0530 Subject: [PATCH 33/52] Fix things --- content/actions/publishing-packages/publishing-docker-images.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/publishing-packages/publishing-docker-images.md b/content/actions/publishing-packages/publishing-docker-images.md index 410faa8587..e4734b8352 100644 --- a/content/actions/publishing-packages/publishing-docker-images.md +++ b/content/actions/publishing-packages/publishing-docker-images.md @@ -135,6 +135,7 @@ The `build-push-action` options required for {% data variables.product.prodname_ The above workflow is triggered by a push to the "release" branch. It checks out the GitHub repository, and uses the `login-action` to log in to the {% data variables.product.prodname_container_registry %}. It then extracts labels and tags for the Docker image. Finally, it uses the `build-push-action` action to build the image and publish it on the {% data variables.product.prodname_container_registry %}. {% else %} + ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} {% data reusables.actions.actions-use-sha-pinning-comment %} From 76a624a06c912ea09ba168dda1cb622a247f0aab Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Wed, 4 May 2022 19:01:43 +0530 Subject: [PATCH 34/52] Update publishing-docker-images.md --- content/actions/publishing-packages/publishing-docker-images.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/publishing-packages/publishing-docker-images.md b/content/actions/publishing-packages/publishing-docker-images.md index e4734b8352..9eb657550f 100644 --- a/content/actions/publishing-packages/publishing-docker-images.md +++ b/content/actions/publishing-packages/publishing-docker-images.md @@ -137,6 +137,7 @@ The above workflow is triggered by a push to the "release" branch. It checks out {% else %} ```yaml{:copy} + {% data reusables.actions.actions-not-certified-by-github-comment %} {% data reusables.actions.actions-use-sha-pinning-comment %} From f387090248c2ba107086a6c829cde60cc1ec2f08 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Wed, 4 May 2022 19:10:22 +0530 Subject: [PATCH 35/52] Update publishing-docker-images.md --- content/actions/publishing-packages/publishing-docker-images.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/actions/publishing-packages/publishing-docker-images.md b/content/actions/publishing-packages/publishing-docker-images.md index 9eb657550f..e4734b8352 100644 --- a/content/actions/publishing-packages/publishing-docker-images.md +++ b/content/actions/publishing-packages/publishing-docker-images.md @@ -137,7 +137,6 @@ The above workflow is triggered by a push to the "release" branch. It checks out {% else %} ```yaml{:copy} - {% data reusables.actions.actions-not-certified-by-github-comment %} {% data reusables.actions.actions-use-sha-pinning-comment %} From 63422916b3bf21c50170a7818ed783aca90f7ab0 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Wed, 4 May 2022 19:24:56 +0530 Subject: [PATCH 36/52] Update publishing-docker-images.md --- content/actions/publishing-packages/publishing-docker-images.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/publishing-packages/publishing-docker-images.md b/content/actions/publishing-packages/publishing-docker-images.md index e4734b8352..1e25bdc9d1 100644 --- a/content/actions/publishing-packages/publishing-docker-images.md +++ b/content/actions/publishing-packages/publishing-docker-images.md @@ -138,6 +138,7 @@ The above workflow is triggered by a push to the "release" branch. It checks out ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish Docker image From 7ab4dde9747fec9cd7acc70dac61ac2cba660e9b Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Wed, 4 May 2022 19:34:49 +0530 Subject: [PATCH 37/52] Revert changes --- content/actions/publishing-packages/publishing-docker-images.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/actions/publishing-packages/publishing-docker-images.md b/content/actions/publishing-packages/publishing-docker-images.md index 1e25bdc9d1..e4734b8352 100644 --- a/content/actions/publishing-packages/publishing-docker-images.md +++ b/content/actions/publishing-packages/publishing-docker-images.md @@ -138,7 +138,6 @@ The above workflow is triggered by a push to the "release" branch. It checks out ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} - {% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish Docker image From e84d9711793f5c6dcb5fddc7f0466ad4f5a844ab Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Wed, 4 May 2022 19:44:31 +0530 Subject: [PATCH 38/52] Add SHA Pinning Comment --- data/reusables/package_registry/publish-docker-image.md | 1 + 1 file changed, 1 insertion(+) diff --git a/data/reusables/package_registry/publish-docker-image.md b/data/reusables/package_registry/publish-docker-image.md index 96fb2620a9..de70c20915 100644 --- a/data/reusables/package_registry/publish-docker-image.md +++ b/data/reusables/package_registry/publish-docker-image.md @@ -1,5 +1,6 @@ ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Create and publish a Docker image From d8a97d65b0d11c3d4699f8aacb63cc14ae571b50 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 10:01:09 +0530 Subject: [PATCH 39/52] Add SHA Pinning recommendation --- ...blishing-and-installing-a-package-with-github-actions.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/content/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions.md b/content/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions.md index 7fcf4bb332..116a53a628 100644 --- a/content/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions.md +++ b/content/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions.md @@ -89,10 +89,12 @@ Create a new workflow file in your repository (such as `.github/workflows/deploy {% data reusables.package_registry.publish-docker-image %} {% else %} -```yaml{:copy} -name: Create and publish a Docker image +```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} + +name: Create and publish a Docker image on: push: From 57a2690481247cf9c9dc469f123a829321f99591 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 21:46:53 +0530 Subject: [PATCH 40/52] Add SHA Pinning recommendation --- .../deploying-to-google-kubernetes-engine.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md index 2a3740bcdc..d5ba68acab 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md @@ -136,6 +136,7 @@ Under the `env` key, change the value of `GKE_CLUSTER` to the name of your clust ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and Deploy to GKE From 0893c952437d43dd9a9feddc80af0b7ad6dafdd1 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 21:49:03 +0530 Subject: [PATCH 41/52] Add SHA Pinning recommendation --- .../deploying-to-amazon-elastic-container-service.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md index ec59bd47d0..c5385d8b2e 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md @@ -92,6 +92,7 @@ Ensure that you provide your own values for all the variables in the `env` key o ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Deploy to Amazon ECS From 8dd7c52f78053b1c202bc691e7f7032de6d05567 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 21:51:07 +0530 Subject: [PATCH 42/52] Add SHA Pinning recommendation --- .../deploying-to-azure/deploying-docker-to-azure-app-service.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-docker-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-docker-to-azure-app-service.md index 1bfc09a785..9baf1b6ce0 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-docker-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-docker-to-azure-app-service.md @@ -80,6 +80,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy a container to an Azure Web App From 828156edbdb1db5841f919554bc70aba6dc5440d Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 21:52:17 +0530 Subject: [PATCH 43/52] Add SHA Pinning recommendation --- .../deploying-to-azure/deploying-java-to-azure-app-service.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-java-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-java-to-azure-app-service.md index 96baa6b730..fef8ef80a1 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-java-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-java-to-azure-app-service.md @@ -66,6 +66,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy JAR app to Azure Web App From e0706285875af4a52e3090d2782917f7ad3101a1 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 21:53:11 +0530 Subject: [PATCH 44/52] Add SHA Pinning recommendation --- .../deploying-to-azure/deploying-net-to-azure-app-service.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-net-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-net-to-azure-app-service.md index c434e8b8fe..a4bcb001b2 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-net-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-net-to-azure-app-service.md @@ -65,6 +65,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy ASP.Net Core app to an Azure Web App From ee0bb14c91ea427d0265332d09c2029f68192487 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 21:55:15 +0530 Subject: [PATCH 45/52] Add SHA Pinning recommendation --- .../deploying-to-azure/deploying-nodejs-to-azure-app-service.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service.md index b8820ec1a3..20f3398075 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service.md @@ -71,6 +71,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} on: push: From 9b6fb0448541a68c0313a7b1833fc25c0234f779 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 21:57:10 +0530 Subject: [PATCH 46/52] Add SHA Pinning recommendation --- .../deploying-to-azure/deploying-php-to-azure-app-service.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-php-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-php-to-azure-app-service.md index 6ccb8ac76a..19cb790c44 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-php-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-php-to-azure-app-service.md @@ -65,6 +65,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy PHP app to Azure Web App From 1de6ffc1e7d3faedda09b8799eb4c04f58b71e1f Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 21:59:43 +0530 Subject: [PATCH 47/52] Add SHA Pinning recommendation --- .../deploying-to-azure/deploying-python-to-azure-app-service.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-python-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-python-to-azure-app-service.md index a1a04e1b87..80775eac48 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-python-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-python-to-azure-app-service.md @@ -68,6 +68,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy Python app to Azure Web App From c7a802bcfd86141cc23e52e6fc52811a06d0c043 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 22:01:03 +0530 Subject: [PATCH 48/52] Add SHA Pinning recommendation --- .../deploying-to-azure/deploying-to-azure-kubernetes-service.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-kubernetes-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-kubernetes-service.md index f7a16d3c8e..06965e7e66 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-kubernetes-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-kubernetes-service.md @@ -54,6 +54,7 @@ This workflow uses the `helm` render engine for the [`azure/k8s-bake` action](ht ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy to Azure Kubernetes Service From 3b4e699edc47fbc4ee75159d7ed86b78f6c0f4f1 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 22:02:12 +0530 Subject: [PATCH 49/52] Add SHA Pinning recommendation --- .../deploying-to-azure/deploying-to-azure-static-web-app.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-static-web-app.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-static-web-app.md index 02ca615443..408fd8c059 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-static-web-app.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-static-web-app.md @@ -53,6 +53,7 @@ For more information about these values, see "[Build configuration for Azure Sta ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Deploy web app to Azure Static Web Apps From ee7e34b8fc32594149d48bfc36d23fb389aba96b Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Thu, 5 May 2022 22:05:08 +0530 Subject: [PATCH 50/52] Add SHA Pinning recommendation --- .../migrating-from-circleci-to-github-actions.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/actions/migrating-to-github-actions/migrating-from-circleci-to-github-actions.md b/content/actions/migrating-to-github-actions/migrating-from-circleci-to-github-actions.md index 576e0f706e..9699e28e6e 100644 --- a/content/actions/migrating-to-github-actions/migrating-from-circleci-to-github-actions.md +++ b/content/actions/migrating-to-github-actions/migrating-from-circleci-to-github-actions.md @@ -402,6 +402,7 @@ workflows: ```yaml {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Containers From dd9e5df35329d122469aafc5504712d70917aa60 Mon Sep 17 00:00:00 2001 From: PSJ <51746608+thispsj@users.noreply.github.com> Date: Fri, 6 May 2022 07:03:59 +0530 Subject: [PATCH 51/52] Add SHA Pinning Comment --- .../automating-projects.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/issues/trying-out-the-new-projects-experience/automating-projects.md b/content/issues/trying-out-the-new-projects-experience/automating-projects.md index b61a062376..a5806f0357 100644 --- a/content/issues/trying-out-the-new-projects-experience/automating-projects.md +++ b/content/issues/trying-out-the-new-projects-experience/automating-projects.md @@ -63,6 +63,7 @@ For more information about other changes you can make to your project through th ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} +{% data reusables.actions.actions-use-sha-pinning-comment %} name: Add PR to project on: From 33410f42ad4a407e0845f9696932ebe4a280d877 Mon Sep 17 00:00:00 2001 From: Sarah Edwards Date: Thu, 21 Jul 2022 12:58:45 -0700 Subject: [PATCH 52/52] Apply suggestions from code review --- .../building-and-testing-java-with-gradle.md | 1 + .../building-and-testing-python.md | 1 + .../building-and-testing-ruby.md | 5 +++ .../building-and-testing-swift.md | 1 + ...ing-to-amazon-elastic-container-service.md | 1 + .../deploying-docker-to-azure-app-service.md | 1 + .../deploying-java-to-azure-app-service.md | 1 + .../deploying-net-to-azure-app-service.md | 1 + .../deploying-nodejs-to-azure-app-service.md | 1 + .../deploying-php-to-azure-app-service.md | 1 + .../deploying-python-to-azure-app-service.md | 1 + .../deploying-to-azure-kubernetes-service.md | 1 + .../deploying-to-azure-static-web-app.md | 1 + .../deploying-to-google-kubernetes-engine.md | 1 + .../adding-labels-to-issues.md | 1 + ...nting-on-an-issue-when-a-label-is-added.md | 1 + ...oving-assigned-issues-on-project-boards.md | 1 + ...card-is-added-to-a-project-board-column.md | 37 ++++++++++--------- .../scheduling-issue-creation.md | 1 + ...grating-from-circleci-to-github-actions.md | 1 + .../publishing-docker-images.md | 3 ++ .../publishing-java-packages-with-gradle.md | 3 ++ .../automating-projects.md | 1 + ...nstalling-a-package-with-github-actions.md | 1 + .../package_registry/publish-docker-image.md | 1 + 25 files changed, 51 insertions(+), 18 deletions(-) diff --git a/content/actions/automating-builds-and-tests/building-and-testing-java-with-gradle.md b/content/actions/automating-builds-and-tests/building-and-testing-java-with-gradle.md index 4c6822ae15..dcec304828 100644 --- a/content/actions/automating-builds-and-tests/building-and-testing-java-with-gradle.md +++ b/content/actions/automating-builds-and-tests/building-and-testing-java-with-gradle.md @@ -50,6 +50,7 @@ You can also add this workflow manually by creating a new file in the `.github/w ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Java CI diff --git a/content/actions/automating-builds-and-tests/building-and-testing-python.md b/content/actions/automating-builds-and-tests/building-and-testing-python.md index aec534eeba..daea7df895 100644 --- a/content/actions/automating-builds-and-tests/building-and-testing-python.md +++ b/content/actions/automating-builds-and-tests/building-and-testing-python.md @@ -379,6 +379,7 @@ For this example, you will need to create two [PyPI API tokens](https://pypi.org ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Upload Python Package diff --git a/content/actions/automating-builds-and-tests/building-and-testing-ruby.md b/content/actions/automating-builds-and-tests/building-and-testing-ruby.md index b33d6006d2..a6e1210494 100644 --- a/content/actions/automating-builds-and-tests/building-and-testing-ruby.md +++ b/content/actions/automating-builds-and-tests/building-and-testing-ruby.md @@ -37,6 +37,7 @@ To get started quickly, add the starter workflow to the `.github/workflows` dire ```yaml {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Ruby @@ -102,6 +103,7 @@ The full updated workflow with a matrix strategy could look like this: ```yaml {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Ruby CI @@ -207,6 +209,7 @@ The following example matrix tests all stable releases and head versions of MRI, ```yaml {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Matrix Testing @@ -241,6 +244,7 @@ The following example installs `rubocop` and uses it to lint all files. For more ```yaml {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Linting @@ -268,6 +272,7 @@ You can store any access tokens or credentials needed to publish your package us ```yaml {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Ruby Gem diff --git a/content/actions/automating-builds-and-tests/building-and-testing-swift.md b/content/actions/automating-builds-and-tests/building-and-testing-swift.md index 50baeaf9ce..3b59e1444d 100644 --- a/content/actions/automating-builds-and-tests/building-and-testing-swift.md +++ b/content/actions/automating-builds-and-tests/building-and-testing-swift.md @@ -70,6 +70,7 @@ You can configure your job to use multiple versions of Swift in a matrix. ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md index 68cbac629b..84cdd1d133 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md @@ -92,6 +92,7 @@ Ensure that you provide your own values for all the variables in the `env` key o ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Deploy to Amazon ECS diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-docker-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-docker-to-azure-app-service.md index 24909448f4..644462cbed 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-docker-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-docker-to-azure-app-service.md @@ -80,6 +80,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy a container to an Azure Web App diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-java-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-java-to-azure-app-service.md index 468d3c2493..b422a8616e 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-java-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-java-to-azure-app-service.md @@ -66,6 +66,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy JAR app to Azure Web App diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-net-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-net-to-azure-app-service.md index d6923e5dda..c73baa565f 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-net-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-net-to-azure-app-service.md @@ -65,6 +65,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy ASP.Net Core app to an Azure Web App diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service.md index 0920c98805..62f375ae5f 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service.md @@ -71,6 +71,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} on: diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-php-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-php-to-azure-app-service.md index 5624ee1d9d..1d78d3472f 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-php-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-php-to-azure-app-service.md @@ -65,6 +65,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy PHP app to Azure Web App diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-python-to-azure-app-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-python-to-azure-app-service.md index af8a2fde2e..f6df68d09d 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-python-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-python-to-azure-app-service.md @@ -68,6 +68,7 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy Python app to Azure Web App diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-kubernetes-service.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-kubernetes-service.md index 1adc9f1404..11adc9d61f 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-kubernetes-service.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-kubernetes-service.md @@ -54,6 +54,7 @@ This workflow uses the `helm` render engine for the [`azure/k8s-bake` action](ht ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and deploy to Azure Kubernetes Service diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-static-web-app.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-static-web-app.md index 6780b98721..c2bb5f20d2 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-static-web-app.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-static-web-app.md @@ -53,6 +53,7 @@ For more information about these values, see "[Build configuration for Azure Sta ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Deploy web app to Azure Static Web Apps diff --git a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md index 28293fcbf1..2670c978ea 100644 --- a/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md +++ b/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md @@ -136,6 +136,7 @@ Under the `env` key, change the value of `GKE_CLUSTER` to the name of your clust ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Build and Deploy to GKE diff --git a/content/actions/managing-issues-and-pull-requests/adding-labels-to-issues.md b/content/actions/managing-issues-and-pull-requests/adding-labels-to-issues.md index 365606400a..a790c87f8b 100644 --- a/content/actions/managing-issues-and-pull-requests/adding-labels-to-issues.md +++ b/content/actions/managing-issues-and-pull-requests/adding-labels-to-issues.md @@ -31,6 +31,7 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l ```yaml{:copy} {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} + {% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} name: Label issues diff --git a/content/actions/managing-issues-and-pull-requests/commenting-on-an-issue-when-a-label-is-added.md b/content/actions/managing-issues-and-pull-requests/commenting-on-an-issue-when-a-label-is-added.md index a3f30c56df..70f3d76032 100644 --- a/content/actions/managing-issues-and-pull-requests/commenting-on-an-issue-when-a-label-is-added.md +++ b/content/actions/managing-issues-and-pull-requests/commenting-on-an-issue-when-a-label-is-added.md @@ -32,6 +32,7 @@ In the tutorial, you will first make a workflow file that uses the [`peter-evans ```yaml{:copy} {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} + {% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} name: Add comment diff --git a/content/actions/managing-issues-and-pull-requests/moving-assigned-issues-on-project-boards.md b/content/actions/managing-issues-and-pull-requests/moving-assigned-issues-on-project-boards.md index 125dc6fd3e..bd7a9e6115 100644 --- a/content/actions/managing-issues-and-pull-requests/moving-assigned-issues-on-project-boards.md +++ b/content/actions/managing-issues-and-pull-requests/moving-assigned-issues-on-project-boards.md @@ -33,6 +33,7 @@ In the tutorial, you will first make a workflow file that uses the [`alex-page/g ```yaml{:copy} {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} + {% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} name: Move assigned card diff --git a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md index a2abc1720d..77e62b686a 100644 --- a/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md +++ b/content/actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column.md @@ -32,26 +32,27 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l 4. Copy the following YAML contents into your workflow file. ```yaml{:copy} {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} + {% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} - name: Remove labels - on: - project_card: - types: - - moved - jobs: - remove_labels: - if: github.event.project_card.column_id == '12345678' - runs-on: ubuntu-latest{% ifversion fpt or ghes > 3.1 or ghae or ghec %} - permissions: - issues: write - pull-requests: write{% endif %} - steps: - - name: remove labels - uses: andymckay/labeler@5c59dabdfd4dd5bd9c6e6d255b01b9d764af4414 - with: - remove-labels: "needs review" - repo-token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} + name: Remove labels + on: + project_card: + types: + - moved + jobs: + remove_labels: + if: github.event.project_card.column_id == '12345678' + runs-on: ubuntu-latest{% ifversion fpt or ghes > 3.1 or ghae or ghec %} + permissions: + issues: write + pull-requests: write{% endif %} + steps: + - name: remove labels + uses: andymckay/labeler@5c59dabdfd4dd5bd9c6e6d255b01b9d764af4414 + with: + remove-labels: "needs review" + repo-token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %} ``` 5. Customize the parameters in your workflow file: diff --git a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md index 954173a9da..47593bfe0f 100644 --- a/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md +++ b/content/actions/managing-issues-and-pull-requests/scheduling-issue-creation.md @@ -31,6 +31,7 @@ In the tutorial, you will first make a workflow file that uses the [`imjohnbo/is ```yaml{:copy} {% indented_data_reference reusables.actions.actions-not-certified-by-github-comment spaces=4 %} + {% indented_data_reference reusables.actions.actions-use-sha-pinning-comment spaces=4 %} name: Weekly Team Sync diff --git a/content/actions/migrating-to-github-actions/migrating-from-circleci-to-github-actions.md b/content/actions/migrating-to-github-actions/migrating-from-circleci-to-github-actions.md index 0cb8064d1d..c4dc650097 100644 --- a/content/actions/migrating-to-github-actions/migrating-from-circleci-to-github-actions.md +++ b/content/actions/migrating-to-github-actions/migrating-from-circleci-to-github-actions.md @@ -408,6 +408,7 @@ workflows: ```yaml {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Containers diff --git a/content/actions/publishing-packages/publishing-docker-images.md b/content/actions/publishing-packages/publishing-docker-images.md index 4b9e7abcdf..e4bca65948 100644 --- a/content/actions/publishing-packages/publishing-docker-images.md +++ b/content/actions/publishing-packages/publishing-docker-images.md @@ -68,6 +68,7 @@ The `build-push-action` options required for Docker Hub are: ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish Docker image @@ -146,6 +147,7 @@ The above workflow is triggered by a push to the "release" branch. It checks out ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish Docker image @@ -196,6 +198,7 @@ The following example workflow uses the steps from the previous sections ("[Publ ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish Docker image diff --git a/content/actions/publishing-packages/publishing-java-packages-with-gradle.md b/content/actions/publishing-packages/publishing-java-packages-with-gradle.md index aaad1c585e..7dd77bd976 100644 --- a/content/actions/publishing-packages/publishing-java-packages-with-gradle.md +++ b/content/actions/publishing-packages/publishing-java-packages-with-gradle.md @@ -79,6 +79,7 @@ With this configuration, you can create a workflow that publishes your package t ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish package to the Maven Central Repository @@ -150,6 +151,7 @@ With this configuration, you can create a workflow that publishes your package t ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish package to GitHub Packages @@ -230,6 +232,7 @@ With this configuration, you can create a workflow that publishes your package t ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Publish package to the Maven Central Repository and GitHub Packages diff --git a/content/issues/trying-out-the-new-projects-experience/automating-projects.md b/content/issues/trying-out-the-new-projects-experience/automating-projects.md index a5806f0357..d7e26d0bc8 100644 --- a/content/issues/trying-out-the-new-projects-experience/automating-projects.md +++ b/content/issues/trying-out-the-new-projects-experience/automating-projects.md @@ -63,6 +63,7 @@ For more information about other changes you can make to your project through th ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Add PR to project diff --git a/content/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions.md b/content/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions.md index 116a53a628..0c7b4792ff 100644 --- a/content/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions.md +++ b/content/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions.md @@ -92,6 +92,7 @@ Create a new workflow file in your repository (such as `.github/workflows/deploy ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Create and publish a Docker image diff --git a/data/reusables/package_registry/publish-docker-image.md b/data/reusables/package_registry/publish-docker-image.md index b03d93abce..a0a12f644b 100644 --- a/data/reusables/package_registry/publish-docker-image.md +++ b/data/reusables/package_registry/publish-docker-image.md @@ -1,5 +1,6 @@ ```yaml{:copy} {% data reusables.actions.actions-not-certified-by-github-comment %} + {% data reusables.actions.actions-use-sha-pinning-comment %} name: Create and publish a Docker image