Fix ::set-output deprecation messages #127
Conversation
scan-apk/action.yaml
Outdated
| @@ -70,7 +70,7 @@ runs: | |||
| tag: localhost:1234/apk-scan | |||
|
|
|||
| - id: grype-scan | |||
| uses: anchore/scan-action@ecfd0e98932e57ea8f68f29c4f418fc41a8194db | |||
| uses: anchore/scan-action@24fd7c9060f3c96848dd1929fac8d796fb5ae4b4 | |||
There was a problem hiding this comment.
This change seems unrelated to the rest of the PR?
There was a problem hiding this comment.
Yes, it seems unrelated but without this minor bump v3.2.5 -> v3.3.6 not all ::set-ouput warnings go away, because used inside actual pinned version of anchore/scan-action. Maybe a different version can be selected, I have chosen this cause it's the last one released and surely in there ::set-output warnings are fixed
Let me know if you prefer to remove this change and bumps it in a separated PR or if ok, I have to cite the reason behind this bump briefly in the commit msg
|
@imjasonh anyone on the chainguard team who is available to review and merge this PR? |
scan-apk/action.yaml
Outdated
| @@ -70,7 +70,7 @@ runs: | |||
| tag: localhost:1234/apk-scan | |||
|
|
|||
| - id: grype-scan | |||
| uses: anchore/scan-action@ecfd0e98932e57ea8f68f29c4f418fc41a8194db | |||
| uses: anchore/scan-action@24fd7c9060f3c96848dd1929fac8d796fb5ae4b4 | |||
There was a problem hiding this comment.
can you add the version tag that this git hash is pointing to? will make easier for the next time
Signed-off-by: andros21 <andrea.ros21@murena.io>
|
@cpanato The PR now seems to be ready. |
| @@ -135,10 +135,12 @@ runs: | |||
| --network host \ | |||
| -v $PWD:${{ github.workspace }} \ | |||
| -v /tmp:/tmp \ | |||
| -v $GITHUB_OUTPUT:$GITHUB_OUTPUT \ | |||
There was a problem hiding this comment.
looking at it again, is this required?
| --workdir ${{ github.workspace }} \ | ||
| -e "GITHUB_ACTOR=${{ inputs.repository_owner }}" \ | ||
| -e "GITHUB_TOKEN=${{ inputs.token }}" \ | ||
| -e "REPOSITORY=${{ inputs.repository }}" \ | ||
| -e "GITHUB_OUTPUT=$GITHUB_OUTPUT" \ |
There was a problem hiding this comment.
Not strictly required, both are required if digest output (line 180) is done inside the docker run command. An alternative way could be something like this andros21@1597f1f. If ok, I can update it
No description provided.