Skip to content

Add a simple dependabot config#377

Merged
k8s-ci-robot merged 2 commits into
kubernetes-sigs:mainfrom
npinaeva:action-update
Apr 21, 2026
Merged

Add a simple dependabot config#377
k8s-ci-robot merged 2 commits into
kubernetes-sigs:mainfrom
npinaeva:action-update

Conversation

@npinaeva
Copy link
Copy Markdown
Member

@npinaeva npinaeva commented Apr 21, 2026

Out github actions haven't been updated for a while, trying to fix failures like https://github.com/kubernetes-sigs/network-policy-api/actions/runs/24527049130/job/71855392642?pr=376

@npinaeva
Add a simple dependabot config
0c16aed 
Signed-off-by: Nadia Pinaeva <n.m.pinaeva@gmail.com>
@netlify
Copy link
Copy Markdown

netlify Bot commented Apr 21, 2026
edited
Loading

Deploy Preview for kubernetes-sigs-network-policy-api ready!

Name Link
🔨 Latest commit 3778017
🔍 Latest deploy log https://app.netlify.com/projects/kubernetes-sigs-network-policy-api/deploys/69e77d1f41fa4a00083dfc28
😎 Deploy Preview https://deploy-preview-377--kubernetes-sigs-network-policy-api.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. approved Indicates a PR has been approved by an approver from all required OWNERS files. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Apr 21, 2026
@npinaeva
Update actions manually and hope the bot will help in the future
3778017 
Signed-off-by: Nadia Pinaeva <n.m.pinaeva@gmail.com>
tssurya
tssurya reviewed Apr 21, 2026
View reviewed changes
Comment thread .github/workflows/conformance.yml
steps:
- name: Check out code
uses: actions/checkout@v2
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
Copy link
Copy Markdown
Contributor

@tssurya tssurya Apr 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what's with the hash? instead of doing "v5" directly?

Copy link
Copy Markdown
Member Author

@npinaeva npinaeva Apr 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the failure is Error: The actions actions/checkout@v2 and actions/upload-artifact@v4 are not allowed in kubernetes-sigs/network-policy-api because all actions must be pinned to a full-length commit SHA.
so I both updated the versions and switched to using hashes

Copy link
Copy Markdown
Member

@rikatz rikatz Apr 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a new enforcement on the Kubernetes org now to use hashes on github actions

Copy link
Copy Markdown
Contributor

@tssurya tssurya Apr 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah I see thanks @rikatz !

tssurya
tssurya approved these changes Apr 21, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@tssurya tssurya left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Apr 21, 2026
@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented Apr 21, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: npinaeva, tssurya

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot merged commit 949f4bc into kubernetes-sigs:main Apr 21, 2026
13 checks passed
@npinaeva npinaeva deleted the action-update branch April 21, 2026 16:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tssurya tssurya tssurya approved these changes

@aojea aojea Awaiting requested review from aojea

@danwinship danwinship Awaiting requested review from danwinship

+1 more reviewer

@rikatz rikatz rikatz left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@tssurya tssurya

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@npinaeva @k8s-ci-robot @tssurya @rikatz