From 96ad71c0ddf98c4f2d29c33ac11fe2e4ec9fcb5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D0=BB=D0=B5=D0=BA=D1=81=D0=B0=D0=BD=D0=B4=D1=8A?= =?UTF-8?q?=D1=80=20=D0=9A=D1=83=D1=80=D1=82=D0=B0=D0=BA=D0=BE=D0=B2?= Date: Thu, 29 Feb 2024 14:16:33 +0200 Subject: [PATCH 1/2] Switch license check action to use Maven 3.9.6 --- .github/workflows/mavenLicenseCheck.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mavenLicenseCheck.yml b/.github/workflows/mavenLicenseCheck.yml index c538f30..1b4dbb8 100644 --- a/.github/workflows/mavenLicenseCheck.yml +++ b/.github/workflows/mavenLicenseCheck.yml @@ -38,7 +38,7 @@ on: description: 'The version of Maven set up to run the license-check build' type: string required: false - default: '3.9.2' + default: '3.9.6' secrets: gitlabAPIToken: description: 'The authentication token (scope: api) from gitlab.eclipse.org of the calling repository. Only required if license vetting is requested' From 1573940092c3890ce2064e466922aedac0658c54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D0=BB=D0=B5=D0=BA=D1=81=D0=B0=D0=BD=D0=B4=D1=8A?= =?UTF-8?q?=D1=80=20=D0=9A=D1=83=D1=80=D1=82=D0=B0=D0=BA=D0=BE=D0=B2?= Date: Thu, 29 Feb 2024 14:20:00 +0200 Subject: [PATCH 2/2] Update GH actions used in the shared one Every usage prints ``` call-license-check / check-licenses Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/setup-java@v3, actions/cache@v3, stCarolas/setup-maven@v4.5. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/. ``` Let's try to be more user friendly. --- .github/workflows/mavenLicenseCheck.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/mavenLicenseCheck.yml b/.github/workflows/mavenLicenseCheck.yml index 1b4dbb8..f7b76ea 100644 --- a/.github/workflows/mavenLicenseCheck.yml +++ b/.github/workflows/mavenLicenseCheck.yml @@ -67,7 +67,7 @@ jobs: - name: Process license-vetting request if: env.request-review && (!env.isDependabotPR) - uses: actions/github-script@v6 + uses: actions/github-script@v7 with: script: | const payload = await github.rest.repos.getCollaboratorPermissionLevel({ @@ -89,23 +89,23 @@ jobs: # and for events triggered by PR creation/updates the ref is 'refs/pull//merge'. # So by default only the master-branch would be considered when requesting license-reviews, but we want the PR's state. # Unless the PR is closed, then we want the master-branch, which allows subsequent license review requests. - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # use default ref 'refs/pull//merge' for PR-events and 'refs/heads/master' for comments if the PR is closed if: github.event.issue.pull_request == '' || github.event.issue.state != 'open' with: submodules: ${{ inputs.submodules }} - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: 'refs/pull/${{ github.event.issue.number }}/merge' submodules: ${{ inputs.submodules }} if: github.event.issue.pull_request != '' && github.event.issue.state == 'open' - - uses: actions/setup-java@v3 + - uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' - name: Cache local Maven repository - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ~/.m2/repository # re-cache on changes in the pom and target files @@ -114,7 +114,7 @@ jobs: ${{ runner.os }}-maven- - name: Set up Maven - uses: stCarolas/setup-maven@v4.5 + uses: stCarolas/setup-maven@v5 with: maven-version: ${{ inputs.mavenVersion }} @@ -133,7 +133,7 @@ jobs: - name: Process license check results if: env.request-review - uses: actions/github-script@v6 + uses: actions/github-script@v7 with: script: | const fs = require('fs') @@ -180,7 +180,7 @@ jobs: issue_number: context.issue.number, ...context.repo, body: commentBody }) - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 if: always() && env.request-review with: name: '${{ inputs.projectId }}-license-vetting-summary'