Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pin GitHub Actions dependencies #5860

Merged
merged 1 commit into from
Aug 18, 2024

Conversation

harshitasao
Copy link
Contributor

Which problem is this PR solving?

fixed the pinned dependencies issue reported by scorecard.
Part of #5815

Description of the changes

  • pinned the github actions by hash.

How was this change tested?

Checklist

Sorry, something went wrong.

Signed-off-by: harshitasao <harshitasao@gmail.com>
@yurishkuro yurishkuro changed the title fix: fixed the pinned dependencies issue Pin GitHub Actions dependencies Aug 18, 2024
@yurishkuro yurishkuro added the changelog:ci Change related to continuous integration / testing label Aug 18, 2024
@yurishkuro yurishkuro enabled auto-merge (squash) August 18, 2024 04:15
Copy link

codecov bot commented Aug 18, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 96.79%. Comparing base (34a8aa5) to head (7c7f259).
Report is 1 commits behind head on main.

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #5860   +/-   ##
=======================================
  Coverage   96.79%   96.79%           
=======================================
  Files         342      342           
  Lines       16523    16523           
=======================================
  Hits        15994    15994           
  Misses        341      341           
  Partials      188      188           
Flag Coverage Δ
badger_v1 8.05% <ø> (ø)
badger_v2 1.81% <ø> (ø)
cassandra-3.x-v1 16.61% <ø> (ø)
cassandra-3.x-v2 1.74% <ø> (ø)
cassandra-4.x-v1 16.61% <ø> (ø)
cassandra-4.x-v2 1.74% <ø> (ø)
elasticsearch-6.x-v1 18.77% <ø> (-0.02%) ⬇️
elasticsearch-7.x-v1 18.84% <ø> (+0.01%) ⬆️
elasticsearch-8.x-v1 19.03% <ø> (+0.01%) ⬆️
elasticsearch-8.x-v2 1.80% <ø> (ø)
grpc_v1 9.51% <ø> (-0.02%) ⬇️
grpc_v2 7.14% <ø> (+0.01%) ⬆️
kafka-v1 9.74% <ø> (ø)
kafka-v2 1.81% <ø> (ø)
memory_v2 1.81% <ø> (ø)
opensearch-1.x-v1 18.88% <ø> (ø)
opensearch-2.x-v1 18.89% <ø> (ø)
opensearch-2.x-v2 1.81% <ø> (+0.01%) ⬆️
unittests 95.27% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@yurishkuro yurishkuro merged commit 0dd2b23 into jaegertracing:main Aug 18, 2024
45 of 46 checks passed
JaredTan95 pushed a commit to JaredTan95/jaeger that referenced this pull request Aug 28, 2024

Unverified

This commit is not signed, but one or more authors requires that any commit attributed to them is signed.
## Which problem is this PR solving?
fixed the pinned dependencies issue reported by
[scorecard](https://scorecard.dev/viewer/?uri=github.com/jaegertracing/jaeger).
Part of  jaegertracing#5815

## Description of the changes
- pinned the github actions by hash.

## How was this change tested?
-

## Checklist
- [X] I have read
https://github.com/jaegertracing/jaeger/blob/master/CONTRIBUTING_GUIDELINES.md
- [X] I have signed all commits
- [ ] I have added unit tests for the new functionality
- [ ] I have run lint and test steps successfully
  - for `jaeger`: `make lint test`
  - for `jaeger-ui`: `yarn lint` and `yarn test`

Signed-off-by: harshitasao <harshitasao@gmail.com>
Signed-off-by: Jared Tan <jian.tan@daocloud.io>
codeboten referenced this pull request in open-telemetry/opentelemetry-collector-contrib Sep 25, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
…35259)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/jaegertracing/jaeger](https://redirect.github.com/jaegertracing/jaeger)
| `v1.60.0` -> `v1.61.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fjaegertracing%2fjaeger/v1.61.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fjaegertracing%2fjaeger/v1.61.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fjaegertracing%2fjaeger/v1.60.0/v1.61.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fjaegertracing%2fjaeger/v1.60.0/v1.61.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>jaegertracing/jaeger
(github.com/jaegertracing/jaeger)</summary>

###
[`v1.61.0`](https://redirect.github.com/jaegertracing/jaeger/releases/tag/v1.61.0):
/ v2.0.0-rc1

[Compare
Source](https://redirect.github.com/jaegertracing/jaeger/compare/v1.60.0...v1.61.0)

##### Backend Changes

This release contains an official pre-release candidate of Jaeger v2, as
binary and Docker image `jaeger`.

##### ⛔ Breaking Changes

- Remove support for cassandra 3.x and add cassandra 5.x
([@&#8203;mahadzaryab1](https://redirect.github.com/mahadzaryab1) in
[#&#8203;5962](https://redirect.github.com/jaegertracing/jaeger/pull/5962))

##### 🐞 Bug fixes, Minor Improvements

- Fix: the 'tagtype' in es jaeger-span mapping tags.properties should be
'type' ([@&#8203;chinaran](https://redirect.github.com/chinaran) in
[#&#8203;5980](https://redirect.github.com/jaegertracing/jaeger/pull/5980))
- Add readme for adaptive sampling
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5955](https://redirect.github.com/jaegertracing/jaeger/pull/5955))
- \[adaptive sampling] clean-up after previous refactoring
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5954](https://redirect.github.com/jaegertracing/jaeger/pull/5954))
- \[adaptive processor] remove redundant function
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5953](https://redirect.github.com/jaegertracing/jaeger/pull/5953))
- \[jaeger-v2] consolidate options and namespaceconfig for badger
storage
([@&#8203;mahadzaryab1](https://redirect.github.com/mahadzaryab1) in
[#&#8203;5937](https://redirect.github.com/jaegertracing/jaeger/pull/5937))
- Remove unused "namespace" field from badger config
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5929](https://redirect.github.com/jaegertracing/jaeger/pull/5929))
- Simplify bundling of ui assets
([@&#8203;mahadzaryab1](https://redirect.github.com/mahadzaryab1) in
[#&#8203;5917](https://redirect.github.com/jaegertracing/jaeger/pull/5917))
- Clean up grpc storage config
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5877](https://redirect.github.com/jaegertracing/jaeger/pull/5877))
- Add script to replace apache headers with spdx
([@&#8203;thecaffeinedev](https://redirect.github.com/thecaffeinedev) in
[#&#8203;5808](https://redirect.github.com/jaegertracing/jaeger/pull/5808))
- Add copyright/license headers to script files
([@&#8203;Zen-cronic](https://redirect.github.com/Zen-cronic) in
[#&#8203;5829](https://redirect.github.com/jaegertracing/jaeger/pull/5829))
- Clearer output from lint scripts
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5820](https://redirect.github.com/jaegertracing/jaeger/pull/5820))

##### 🚧 Experimental Features

- \[jaeger-v2] add validation and comments to badger storage config
([@&#8203;mahadzaryab1](https://redirect.github.com/mahadzaryab1) in
[#&#8203;5927](https://redirect.github.com/jaegertracing/jaeger/pull/5927))
- \[jaeger-v2] add validation and comments to memory storage config
([@&#8203;mahadzaryab1](https://redirect.github.com/mahadzaryab1) in
[#&#8203;5925](https://redirect.github.com/jaegertracing/jaeger/pull/5925))
- Support tail based sampling processor from otel collector extension
([@&#8203;mahadzaryab1](https://redirect.github.com/mahadzaryab1) in
[#&#8203;5878](https://redirect.github.com/jaegertracing/jaeger/pull/5878))
- \[v2] configure health check extension for all configs
([@&#8203;Wise-Wizard](https://redirect.github.com/Wise-Wizard) in
[#&#8203;5861](https://redirect.github.com/jaegertracing/jaeger/pull/5861))
- \[v2] add legacy formats into e2e kafka integration tests
([@&#8203;joeyyy09](https://redirect.github.com/joeyyy09) in
[#&#8203;5824](https://redirect.github.com/jaegertracing/jaeger/pull/5824))
- \[v2] configure healthcheck extension
([@&#8203;Wise-Wizard](https://redirect.github.com/Wise-Wizard) in
[#&#8203;5831](https://redirect.github.com/jaegertracing/jaeger/pull/5831))
- Added \_total suffix to otel counter metrics.
([@&#8203;Wise-Wizard](https://redirect.github.com/Wise-Wizard) in
[#&#8203;5810](https://redirect.github.com/jaegertracing/jaeger/pull/5810))

##### 👷 CI Improvements

- Release v2 cleanup 3
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5984](https://redirect.github.com/jaegertracing/jaeger/pull/5984))
- Replace loopvar linter
([@&#8203;anishbista60](https://redirect.github.com/anishbista60) in
[#&#8203;5976](https://redirect.github.com/jaegertracing/jaeger/pull/5976))
- Stop using v1 and v1.x tags for docker images
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5956](https://redirect.github.com/jaegertracing/jaeger/pull/5956))
- V2 repease prep
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5932](https://redirect.github.com/jaegertracing/jaeger/pull/5932))
- Normalize build-binaries targets
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5924](https://redirect.github.com/jaegertracing/jaeger/pull/5924))
- Fix integration test log dumping for storage backends
([@&#8203;mahadzaryab1](https://redirect.github.com/mahadzaryab1) in
[#&#8203;5915](https://redirect.github.com/jaegertracing/jaeger/pull/5915))
- Add jaeger-v2 binary as new release artifact
([@&#8203;renovate-bot](https://redirect.github.com/renovate-bot) in
[#&#8203;5893](https://redirect.github.com/jaegertracing/jaeger/pull/5893))
- \[ci] add support for v2 tags during build
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5890](https://redirect.github.com/jaegertracing/jaeger/pull/5890))
- Add hardcoded db password and username to cassandra integration test
([@&#8203;Ali-Alnosairi](https://redirect.github.com/Ali-Alnosairi) in
[#&#8203;5805](https://redirect.github.com/jaegertracing/jaeger/pull/5805))
- Define contents permissions on "dependabot validate" workflow
([@&#8203;mmorel-35](https://redirect.github.com/mmorel-35) in
[#&#8203;5874](https://redirect.github.com/jaegertracing/jaeger/pull/5874))
- \[fix] print kafka logs on test failure
([@&#8203;joeyyy09](https://redirect.github.com/joeyyy09) in
[#&#8203;5873](https://redirect.github.com/jaegertracing/jaeger/pull/5873))
- Pin github actions dependencies
([@&#8203;harshitasao](https://redirect.github.com/harshitasao) in
[#&#8203;5860](https://redirect.github.com/jaegertracing/jaeger/pull/5860))
- Add go.mod for docker debug image
([@&#8203;hellspawn679](https://redirect.github.com/hellspawn679) in
[#&#8203;5852](https://redirect.github.com/jaegertracing/jaeger/pull/5852))
- Enable lint rule: redefines-builtin-id
([@&#8203;ZXYxc](https://redirect.github.com/ZXYxc) in
[#&#8203;5791](https://redirect.github.com/jaegertracing/jaeger/pull/5791))
- Require manual go version updates for patch versions
([@&#8203;wasup-yash](https://redirect.github.com/wasup-yash) in
[#&#8203;5848](https://redirect.github.com/jaegertracing/jaeger/pull/5848))
- Clean up obselete 'version' tag from docker-compose files
([@&#8203;vvs-personalstash](https://redirect.github.com/vvs-personalstash)
in
[#&#8203;5826](https://redirect.github.com/jaegertracing/jaeger/pull/5826))
- Update expected codecov flags count to 19
([@&#8203;yurishkuro](https://redirect.github.com/yurishkuro) in
[#&#8203;5811](https://redirect.github.com/jaegertracing/jaeger/pull/5811))

##### 📊 UI Changes

Dependencies upgrades only.

##### 👏👏👏 New Contributors

- [@&#8203;Nabil-Salah](https://redirect.github.com/Nabil-Salah) made
their first contribution in
[https://github.com/jaegertracing/jaeger/pull/5806](https://redirect.github.com/jaegertracing/jaeger/pull/5806)
-
[@&#8203;vvs-personalstash](https://redirect.github.com/vvs-personalstash)
made their first contribution in
[https://github.com/jaegertracing/jaeger/pull/5826](https://redirect.github.com/jaegertracing/jaeger/pull/5826)
- [@&#8203;Zen-cronic](https://redirect.github.com/Zen-cronic) made
their first contribution in
[https://github.com/jaegertracing/jaeger/pull/5821](https://redirect.github.com/jaegertracing/jaeger/pull/5821)
- [@&#8203;thecaffeinedev](https://redirect.github.com/thecaffeinedev)
made their first contribution in
[https://github.com/jaegertracing/jaeger/pull/5808](https://redirect.github.com/jaegertracing/jaeger/pull/5808)
- [@&#8203;wasup-yash](https://redirect.github.com/wasup-yash) made
their first contribution in
[https://github.com/jaegertracing/jaeger/pull/5848](https://redirect.github.com/jaegertracing/jaeger/pull/5848)
- [@&#8203;ZXYxc](https://redirect.github.com/ZXYxc) made their first
contribution in
[https://github.com/jaegertracing/jaeger/pull/5791](https://redirect.github.com/jaegertracing/jaeger/pull/5791)
- [@&#8203;harshitasao](https://redirect.github.com/harshitasao) made
their first contribution in
[https://github.com/jaegertracing/jaeger/pull/5860](https://redirect.github.com/jaegertracing/jaeger/pull/5860)
- [@&#8203;Ali-Alnosairi](https://redirect.github.com/Ali-Alnosairi)
made their first contribution in
[https://github.com/jaegertracing/jaeger/pull/5805](https://redirect.github.com/jaegertracing/jaeger/pull/5805)
- [@&#8203;chinaran](https://redirect.github.com/chinaran) made their
first contribution in
[https://github.com/jaegertracing/jaeger/pull/5891](https://redirect.github.com/jaegertracing/jaeger/pull/5891)
- [@&#8203;mahadzaryab1](https://redirect.github.com/mahadzaryab1) made
their first contribution in
[https://github.com/jaegertracing/jaeger/pull/5878](https://redirect.github.com/jaegertracing/jaeger/pull/5878)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/open-telemetry/opentelemetry-collector-contrib).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC44MC4wIiwidXBkYXRlZEluVmVyIjoiMzguODAuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIiwicmVub3ZhdGVib3QiXX0=-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
changelog:ci Change related to continuous integration / testing
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants