Skip to content

action-allowlist-review: bump commit-check/commit-check-action from 2.9.0 to 2.10.0 in /.github/actions/for-dependabot-triggered-reviews #81

action-allowlist-review: bump commit-check/commit-check-action from 2.9.0 to 2.10.0 in /.github/actions/for-dependabot-triggered-reviews

action-allowlist-review: bump commit-check/commit-check-action from 2.9.0 to 2.10.0 in /.github/actions/for-dependabot-triggered-reviews #81

#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
name: Check action tags
on:
workflow_dispatch:
push:
branches:
- main
paths:
- ".github/workflows/check_action_tags.yml"
- ".github/workflows/update.yml"
- ".github/actions/for-dependabot-triggered-reviews/action.yml"
- "actions.yml"
- "approved_patterns.yml"
- "gateway/**"
pull_request:
paths:
- ".github/workflows/check_action_tags.yml"
- ".github/workflows/update.yml"
- ".github/actions/for-dependabot-triggered-reviews/action.yml"
- "actions.yml"
- "approved_patterns.yml"
- "gateway/**"
permissions:
contents: read
# We want workflows on main to run in order to avoid losing data through race conditions
concurrency: "${{ github.ref }}-${{ github.workflow }}"
jobs:
check_action_tags:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
- run: pipx install uv
- name: Update actions.yml and check action tags
# This step is similar to the one in update_actions.yml but also verifies the actions' tags
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: uvx --with ruyaml python gateway/run_action_tags.py