ci: update github-automation ref to fix unpinned actions/checkout in call_jira_sync.yml#912
Merged
dkropachev merged 1 commit intoMay 29, 2026
Conversation
The reusable workflow main_pr_events_jira_sync.yml in scylladb/github-automation used actions/checkout@v4 (a tag ref), which violates the scylladb org policy requiring all actions to be pinned to full commit SHAs. This caused every PR targeting scylla-4.x to fail with: Error: The action actions/checkout@v4 is not allowed in scylladb/java-driver because all actions must be pinned to a full-length commit SHA. Update the pinned SHA to ef3a6238c30003cbab9a339c32e5112f6889a197 which pins actions/checkout to 34e114876b0b11c390a56381ad16ebd13914f8d5 (v4.3.1). Fixes: scylladb#911 Upstream fix: scylladb/github-automation#192
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (1)
📝 WalkthroughWalkthroughThe pull request updates Comment |
dkropachev
approved these changes
May 29, 2026
This was referenced May 29, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Update the pinned commit reference in
call_jira_sync.ymlto a version ofscylladb/github-automationthat pinsactions/checkoutto a full commit SHA.Why
Every PR targeting
scylla-4.xwas failing with:The
scylladborg policy requires all actions to be pinned to a full 40-character commit SHA. This policy is enforced even inside externally-called reusable workflows. The reusable workflowmain_pr_events_jira_sync.ymlat the previously pinned commit (7b9848eb…) usedactions/checkout@v4, which triggered the policy check.The new commit (
ef3a6238…) contains the fix: scylladb/github-automation#192.Notes
scylla-4.xonly (scylla-3.xhas nocall_jira_sync.yml)Closes: #911