From c10517b863469f048deffcf643dc84b584871b32 Mon Sep 17 00:00:00 2001 From: Max Ghenis Date: Mon, 27 Apr 2026 20:43:59 -0400 Subject: [PATCH] Update GitHub Actions for Node 24 runtime --- .github/workflows/deploy-staged.yml | 67 ++++++++++---------- .github/workflows/pr.yml | 19 +++--- .github/workflows/update-versioning.yml | 7 +- .github/workflows/weekly-update.yaml | 6 +- changelog.d/update-actions-node24.changed.md | 1 + 5 files changed, 49 insertions(+), 51 deletions(-) create mode 100644 changelog.d/update-actions-node24.changed.md diff --git a/.github/workflows/deploy-staged.yml b/.github/workflows/deploy-staged.yml index 6635cb1b..a771aca1 100644 --- a/.github/workflows/deploy-staged.yml +++ b/.github/workflows/deploy-staged.yml @@ -13,7 +13,6 @@ on: type: boolean env: - ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true PROJECT_ID: policyengine-household-api REGION: us-central1 IMAGE_NAME: us-central1-docker.pkg.dev/policyengine-household-api/policyengine-household-api/policyengine-household-api @@ -36,19 +35,21 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v6 with: python-version: ${{ env.PYTHON_VERSION }} + - name: Authenticate to Google Cloud + uses: google-github-actions/auth@v3 + with: + credentials_json: ${{ secrets.GCP_SA_KEY }} - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v2 + uses: google-github-actions/setup-gcloud@v3 with: project_id: ${{ env.PROJECT_ID }} - service_account_key: ${{ secrets.GCP_SA_KEY }} - export_default_credentials: true - name: Install dependencies run: make install @@ -85,22 +86,18 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 - + uses: actions/checkout@v6 - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v2 + uses: google-github-actions/auth@v3 with: credentials_json: ${{ secrets.GCP_SA_KEY }} - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v2 + uses: google-github-actions/setup-gcloud@v3 with: project_id: ${{ env.PROJECT_ID }} - service_account_key: ${{ secrets.GCP_SA_KEY }} - export_default_credentials: true - name: Log in to Google Artifact Registry - uses: docker/login-action@v2 + uses: docker/login-action@v4 with: registry: us-central1-docker.pkg.dev username: _json_key @@ -108,18 +105,18 @@ jobs: - name: Log in to GitHub Container Registry if: github.event_name == 'push' && github.ref == 'refs/heads/main' - uses: docker/login-action@v2 + uses: docker/login-action@v4 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Extract deploy image metadata id: deploy-meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@v6 with: images: ${{ env.IMAGE_NAME }} tags: | @@ -128,7 +125,7 @@ jobs: - name: Extract GHCR image metadata id: ghcr-meta if: github.event_name == 'push' && github.ref == 'refs/heads/main' - uses: docker/metadata-action@v5 + uses: docker/metadata-action@v6 with: images: ghcr.io/${{ github.repository }} tags: | @@ -136,7 +133,7 @@ jobs: type=raw,value=latest - name: Build and push Docker image - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v7 with: context: . file: ./gcp/policyengine_household_api/Dockerfile.production @@ -174,10 +171,10 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v2 + uses: google-github-actions/auth@v3 with: credentials_json: ${{ secrets.GCP_SA_KEY }} @@ -214,15 +211,15 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ env.PYTHON_VERSION }} - name: Install uv - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@v8.1.0 with: version: "0.8.5" @@ -256,10 +253,10 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v2 + uses: google-github-actions/auth@v3 with: credentials_json: ${{ secrets.GCP_SA_KEY }} @@ -285,10 +282,10 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v2 + uses: google-github-actions/auth@v3 with: credentials_json: ${{ secrets.GCP_SA_KEY }} @@ -315,10 +312,10 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v2 + uses: google-github-actions/auth@v3 with: credentials_json: ${{ secrets.GCP_SA_KEY }} @@ -362,15 +359,15 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ env.PYTHON_VERSION }} - name: Install uv - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@v8.1.0 with: version: "0.8.5" @@ -393,12 +390,12 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ env.PYTHON_VERSION }} diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index dfb24808..b719d3ec 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -3,7 +3,6 @@ name: Pull request on: pull_request env: - ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true PROJECT_ID: policyengine-household-api PYTHON_VERSION: "3.12" @@ -16,10 +15,10 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: ${{ env.PYTHON_VERSION }} - name: Install Ruff @@ -30,7 +29,7 @@ jobs: name: Check changelog fragment runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - name: Check changelog fragment exists @@ -40,17 +39,19 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ env.PYTHON_VERSION }} + - name: Authenticate to Google Cloud + uses: google-github-actions/auth@v3 + with: + credentials_json: ${{ secrets.GCP_SA_KEY }} - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v0 + uses: google-github-actions/setup-gcloud@v3 with: project_id: ${{ env.PROJECT_ID }} - service_account_key: ${{ secrets.GCP_SA_KEY }} - export_default_credentials: true - name: Install dependencies run: make install - name: Run tests without auth diff --git a/.github/workflows/update-versioning.yml b/.github/workflows/update-versioning.yml index e576ca21..9744c774 100644 --- a/.github/workflows/update-versioning.yml +++ b/.github/workflows/update-versioning.yml @@ -5,7 +5,6 @@ on: branches: [ main ] env: - ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true REGION: us-central1 SERVICE_NAME: policyengine-household-api IMAGE_NAME: gcr.io/policyengine-household-api/policyengine-household-api @@ -25,16 +24,16 @@ jobs: app-id: ${{ secrets.APP_ID }} private-key: ${{ secrets.APP_PRIVATE_KEY }} - name: Checkout repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: main token: ${{ steps.app-token.outputs.token }} - name: Install uv - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@v8.1.0 with: version: "0.8.5" - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: "3.12" - name: Sync dependencies diff --git a/.github/workflows/weekly-update.yaml b/.github/workflows/weekly-update.yaml index e925c7c7..118c1be6 100644 --- a/.github/workflows/weekly-update.yaml +++ b/.github/workflows/weekly-update.yaml @@ -21,18 +21,18 @@ jobs: private-key: ${{ secrets.APP_PRIVATE_KEY }} - name: Checkout repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: main token: ${{ steps.app-token.outputs.token }} - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: "3.12" - name: Install uv - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@v8.1.0 with: version: "0.8.5" diff --git a/changelog.d/update-actions-node24.changed.md b/changelog.d/update-actions-node24.changed.md new file mode 100644 index 00000000..b0038fe3 --- /dev/null +++ b/changelog.d/update-actions-node24.changed.md @@ -0,0 +1 @@ +Updated GitHub Actions workflows for Node 24-compatible action runtimes.