Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
95d8509
updating generated files post 1.42.0 release (#7018)
acornett21 Nov 13, 2025
daa2cd3
Bump ubi9/ubi-minimal from 9.6 to 9.7 in /images/operator-sdk (#7016)
dependabot[bot] Nov 13, 2025
d4adf28
Bump ubi9/ubi-minimal from 9.6 to 9.7 in /images/scorecard-test (#7014)
dependabot[bot] Nov 13, 2025
bea0fcc
Bump ubi9/ubi-minimal from 9.6 to 9.7 in /images/custom-scorecard-tes…
dependabot[bot] Nov 13, 2025
079bf66
adding a readme for the gpg management process (#7019)
acornett21 Nov 13, 2025
d7979db
Bump ubi9/ubi-minimal from 9.6 to 9.7 in /images/helm-operator (#7015)
dependabot[bot] Nov 13, 2025
f905c5b
updating unit test make cmd to add -race flag (#7024)
acornett21 Nov 18, 2025
6483dd5
Bump actions/checkout from 5 to 6 (#7027)
dependabot[bot] Nov 21, 2025
f6829d4
point kuttl docs to github repo, instead of defunct kuttl website (#7…
acornett21 Dec 4, 2025
db1c807
test: update copyright to 2026 (#7053)
PascalBourdier Feb 26, 2026
2e318d5
ci: use golangci-lint v2 (#7029)
PascalBourdier Mar 2, 2026
a63e383
Bump go.opentelemetry.io/otel/sdk from 1.37.0 to 1.40.0 (#7054)
dependabot[bot] Mar 3, 2026
8575496
refactor: follow go fix advice about `any` (#7052)
PascalBourdier Mar 3, 2026
c790107
Bump github.com/docker/cli (#7058)
dependabot[bot] Mar 5, 2026
6d13354
Bump docker/setup-qemu-action from 3 to 4 (#7059)
dependabot[bot] Mar 5, 2026
3768615
Bump docker/login-action from 3 to 4 (#7060)
dependabot[bot] Mar 5, 2026
1cc650e
Bump docker/setup-buildx-action from 3 to 4 (#7061)
dependabot[bot] Mar 6, 2026
fe8a366
Bump docker/build-push-action from 6 to 7 (#7062)
dependabot[bot] Mar 6, 2026
d30cc01
updating go and dependencies to address cve's (#7064)
acornett21 Mar 9, 2026
4f52d1b
Fix typos in documentation (#7034)
oglok Mar 9, 2026
15f34ea
Avoid grace period delay (#7033)
little-engineer-2025 Mar 9, 2026
55498de
Prefer strings.SplitSeq over strings.Split where possible (#7051)
caxu-rh Mar 9, 2026
3d5ab21
Release v1.42.1 (#7066)
acornett21 Mar 9, 2026
0aa9e9b
Merge upstream tag v1.42.1
PillaiManish Mar 17, 2026
074b347
UPSTREAM: <drop>: Update vendor directory
PillaiManish Mar 17, 2026
9de5bfb
UPSTREAM: <carry>: updates golang version from 1.24 to 1.25
PillaiManish Mar 17, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
2 changes: 1 addition & 1 deletion .ci-operator.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
build_root_image:
name: release
namespace: openshift
tag: rhel-9-release-golang-1.24-openshift-4.22
tag: rhel-9-release-golang-1.25-openshift-4.22
116 changes: 116 additions & 0 deletions .ci/gpg/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,116 @@
# SDK GPG Keys

## Current *key*pers

The keys are currently in the hands of [Joe Lanford](https://github.com/joelanford/).

## Transferring keys

In order to transfer the keys to other members of the Operator SDK admins, following the following:

1. get public GPG key from the person(s) you will transfer to
2. import their key into your keyring

```
gpg --import KEY
```

3. verify their identity, is this really their key. Video call can be useful for this.
4. sign their key

```
gpg --sign-key EMAIL-OF-USERS-KEY
```

5. export the SDK public key

```
gpg --export --armor -o 3B2F1481D146238080B346BB052996E2A20B5C7E.pub .asc 3B2F1481D146238080B346BB052996E2A20B5C7
```
6. export the SDK private key

```
gpg --export-secret-key --armor -o 3B2F1481D146238080B346BB052996E2A2 0B5C7E.priv.asc 3B2F1481D146238080B346BB052996E2A20B5C7E
```
7. export the SDK sub key

```
gpg --export-secret-subkeys --armor -o 3B2F1481D146238080B346BB052996 E2A20B5C7E.sub_priv.asc 3B2F1481D146238080B346BB052996E2A20B5C7E
```
Comment on lines +27 to +39

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Fix malformed GPG key IDs in export commands.

The GPG export commands have line-wrapped key IDs that would cause command failures. The key ID 3B2F1481D146238080B346BB052996E2A20B5C7E is split incorrectly across multiple lines with extra spaces and characters inserted.

Lines 28, 33, and 38 need correction.

🔧 Proposed fixes for the malformed commands
 5. export the SDK public key
 

-gpg --export --armor -o 3B2F1481D146238080B346BB052996E2A20B5C7E.pub .asc 3B2F1481D146238080B346BB052996E2A20B5C7
+gpg --export --armor -o 3B2F1481D146238080B346BB052996E2A20B5C7E.pub.asc 3B2F1481D146238080B346BB052996E2A20B5C7E

6. export the SDK private key

-gpg --export-secret-key --armor -o 3B2F1481D146238080B346BB052996E2A2 0B5C7E.priv.asc 3B2F1481D146238080B346BB052996E2A20B5C7E
+gpg --export-secret-key --armor -o 3B2F1481D146238080B346BB052996E2A20B5C7E.priv.asc 3B2F1481D146238080B346BB052996E2A20B5C7E

7. export the SDK sub key

-gpg --export-secret-subkeys --armor -o 3B2F1481D146238080B346BB052996 E2A20B5C7E.sub_priv.asc 3B2F1481D146238080B346BB052996E2A20B5C7E
+gpg --export-secret-subkeys --armor -o 3B2F1481D146238080B346BB052996E2A20B5C7E.sub_priv.asc 3B2F1481D146238080B346BB052996E2A20B5C7E

</details>

<details>
<summary>🧰 Tools</summary>

<details>
<summary>🪛 markdownlint-cli2 (0.21.0)</summary>

[warning] 27-27: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

[warning] 32-32: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

[warning] 37-37: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

</details>

</details>

<details>
<summary>🤖 Prompt for AI Agents</summary>

Verify each finding against the current code and only fix it if needed.

In @.ci/gpg/README.md around lines 27 - 39, Fix the malformed GPG export
commands that have the split/space-inserted key ID by replacing the three
affected lines containing the commands "gpg --export --armor", "gpg
--export-secret-key --armor", and "gpg --export-secret-subkeys --armor" so the
full key ID 3B2F1481D146238080B346BB052996E2A20B5C7E appears contiguous and the
output filenames are concatenated correctly (e.g., .pub.asc, .priv.asc,
.sub_priv.asc) with no stray spaces or broken tokens; update each command to use
the single contiguous key ID and correct output filename syntax.


</details>

<!-- fingerprinting:phantom:triton:puma -->

<!-- This is an auto-generated comment by CodeRabbit -->


8. encrypt each key for the person

```
gpg --encrypt --sign --armor -r EMAIL-OF-USERS-KEY --output 052996E2A20B5C7E.subkey.private.asc.enc 052996E2A20B5C7E.subkey.private.asc
```

9. send them the encrypted key to the user

10. user should be able to decrypt with their key.

## Updating expiration date

There will be a few people that have the keys. Those people should be able to update the expiration date. This won't have to be done until November 8, 2025.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Expiration date appears to be outdated.

The documentation states the expiration update "won't have to be done until November 8, 2025" but this date has already passed. Consider updating this reference or verifying that the key expiration has been extended.

🧰 Tools
🪛 LanguageTool

[style] ~53-~53: Consider using “who” when you are referring to people instead of objects.
Context: ...ration date There will be a few people that have the keys. Those people should be a...

(THAT_WHO)

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.ci/gpg/README.md at line 53, Update the outdated expiration date mentioned
in the sentence "This won't have to be done until November 8, 2025" in the
.ci/gpg/README.md: verify the current GPG key expiration and either replace the
2025 date with the new correct expiration or remove the hardcoded date and add a
note pointing to the authoritative key metadata/location for checking/updating
expirations; ensure the sentence still instructs the key-holders about who can
update the expiration and when to do it.


You will want to update the date of the key:

```
gpg --edit-key (key id)
```

Once you're in the gpg console select the key , there are 2, you need to update both. I just pick a 3 year term.

```
gpg> expire
(follow prompts)
3y
gpg> save
```

You can use whatever term the team wants.

One of the resources I used: [How to change the expiration date of a GPG key](https://www.g-loaded.eu/2010/11/01/change-expiration-date-gpg-key/)

## Sending keys to keyserver

Once you have the keys updated, you should send them to a keyserver. I have a couple examples, not sure if both are needed.

```
gpg --keyserver keyserver.ubuntu.com --send-key 3B2F1481D146238080B346BB052996E2A20B5C7E
gpg --keyserver pgp.mit.edu --send-key 3B2F1481D146238080B346BB052996E2A20B5C7E
```

I *think* you only need to send it to one server, most of the commands in my shell history use `pgp.mit.edu`

## Updating secring.auto.gpg

Once you have the keys updated, you need to regenerate the keyrings that are stored in the [SDK repo](https://github.com/operator-framework/operator-sdk/tree/master/.ci/gpg).

Use the SDK key to sign and encrypt it. You need to use `--local-user` to avoid GPG from using your own key.

```
gpg --cipher-algo AES256 --output secring.auto.gpg --local-user "cncf-operator-sdk@cncf.io" --sign --symmetric 3B2F1481D146238080B346BB052996E2A20B5C7E.sub_priv.asc
```

## Updating pubring.auto

This is the public keyring. It's simply the public key. Export the public key then rename it as `pubring.auto`

```
gpg --export --armor -o 3B2F1481D146238080B346BB052996E2A20B5C7E.pub.asc 3B2F1481D146238080B346BB052996E2A20B5C7E
cp 3B2F1481D146238080B346BB052996E2A20B5C7E.pub.asc pubring.auto
```

## CI usage of keys

The GPG keys are stored in [.ci/gpg](https://github.com/operator-framework/operator-sdk/tree/master/.ci/gpg) of the Operator SDK repo.

In Github settings, there is a `GPG_PASSWORD` environment variable. It is set here in the [Environments](https://github.com/operator-framework/operator-sdk/settings/environments/172302554/edit) tab. You need to be admin.

The `GPG_PASSWORD` has been encrypted and handed to a few people. These people are the keepers of the password.

## Original process

The original keys were setup using the following article.

https://blogs.itemis.com/en/secure-your-travis-ci-releases-part-2-signature-with-openpgp
24 changes: 12 additions & 12 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
outputs:
skip: ${{ steps.check_docs_only.outputs.skip }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0
- id: check_docs_only
Expand All @@ -39,7 +39,7 @@ jobs:
environment: deploy
steps:
- name: checkout
uses: actions/checkout@v5
uses: actions/checkout@v6
with:
fetch-depth: 0

Expand Down Expand Up @@ -77,22 +77,22 @@ jobs:
steps:

- name: set up qemu
uses: docker/setup-qemu-action@v3
uses: docker/setup-qemu-action@v4

- name: set up buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@v4

- name: quay.io login
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
uses: docker/login-action@v4
with:
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
registry: quay.io

# Check out repo before tag step for script.
- name: checkout
uses: actions/checkout@v5
uses: actions/checkout@v6
with:
fetch-depth: 0

Expand All @@ -103,7 +103,7 @@ jobs:
echo tags=$(.github/workflows/get_image_tags.sh "$IMG" "v") >> $GITHUB_OUTPUT

- name: build and push
uses: docker/build-push-action@v6
uses: docker/build-push-action@v7
with:
file: ./images/${{ matrix.id }}/Dockerfile
context: .
Expand All @@ -123,22 +123,22 @@ jobs:
steps:

- name: set up qemu
uses: docker/setup-qemu-action@v3
uses: docker/setup-qemu-action@v4

- name: set up buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@v4

- name: quay.io login
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
uses: docker/login-action@v4
with:
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
registry: quay.io

# Check out repo before tag step for script.
- name: checkout
uses: actions/checkout@v5
uses: actions/checkout@v6
with:
fetch-depth: 0

Expand All @@ -149,7 +149,7 @@ jobs:
echo tags=$(.github/workflows/get_image_tags.sh "$IMG" "scorecard-kuttl/v") >> $GITHUB_OUTPUT

- name: build and push
uses: docker/build-push-action@v6
uses: docker/build-push-action@v7
with:
file: ./images/scorecard-test-kuttl/Dockerfile
context: .
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/freshen-images.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
git_tags: ${{ steps.tags.outputs.git_tags }}
steps:
- name: checkout
uses: actions/checkout@v5
uses: actions/checkout@v6

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify the updated GitHub Action versions exist

echo "Checking actions/checkout@v6..."
gh api repos/actions/checkout/git/refs/tags/v6 --jq '.ref' 2>/dev/null && echo "✓ exists" || echo "✗ not found"

echo "Checking docker/setup-qemu-action@v4..."
gh api repos/docker/setup-qemu-action/git/refs/tags/v4 --jq '.ref' 2>/dev/null && echo "✓ exists" || echo "✗ not found"

echo "Checking docker/setup-buildx-action@v4..."
gh api repos/docker/setup-buildx-action/git/refs/tags/v4 --jq '.ref' 2>/dev/null && echo "✓ exists" || echo "✗ not found"

echo "Checking docker/login-action@v4..."
gh api repos/docker/login-action/git/refs/tags/v4 --jq '.ref' 2>/dev/null && echo "✓ exists" || echo "✗ not found"

Repository: openshift/ocp-release-operator-sdk

Length of output: 722


🌐 Web query:

actions/checkout@v6 GitHub Action latest version

💡 Result:

The latest actions/checkout v6 release is v6.0.2 (tag: v6.0.2). [1]

  • To track the latest v6 minor/patch automatically: uses: actions/checkout@v6 [2]
  • To pin exactly: uses: actions/checkout@v6.0.2 [1]

Sources: [1] [2]


🌐 Web query:

docker/setup-qemu-action@v4 GitHub Action release

💡 Result:

docker/setup-qemu-action@v4 corresponds to the v4.0.0 release, published March 4, 2026 (this is currently the “Latest” release). [1][2]

Key changes in v4.0.0 include: Node 24 as the default runtime (requires GitHub Actions Runner v2.327.1+), migration to ESM, and dependency updates such as @actions/core to 3.0.0 and @docker/actions-toolkit to 0.77.0. [1]


🌐 Web query:

docker/setup-buildx-action@v4 GitHub Action release

💡 Result:

docker/setup-buildx-action@v4 corresponds to the v4.0.0 release of docker/setup-buildx-action, published March 5, 2026. Key changes in v4.0.0 include: defaulting to Node 24 runtime (requires GitHub Actions Runner v2.327.1+), removing deprecated inputs/outputs, switching to ESM, and dependency bumps (notably @actions/core to 3.0.0 and @docker/actions-toolkit to 0.79.0). [1]

Source: [1]


🌐 Web query:

docker/login-action@v4 GitHub Action release

💡 Result:

docker/login-action@v4 corresponds to docker/login-action v4.0.0, released on March 4, 2026. [1][2]

Key changes in v4.0.0:

  • Node 24 as the default runtime (requires GitHub Actions Runner v2.327.1+) [1]
  • Switched the action to ESM (and updated config/test wiring) [1]
  • Dependency updates, including @actions/core 3.0.0 and AWS ECR SDK bumps [1]

GitHub Action major version bumps require runner compatibility verification.

All three docker actions (setup-qemu-action, setup-buildx-action, login-action) upgraded to v4.0.0 introduce a critical requirement: GitHub Actions Runner v2.327.1 or later (due to Node 24 as the default runtime). Verify that your CI/CD environment runs this runner version or later. Additionally, these v4 releases include breaking changes (ESM migration, dependency updates) beyond typical security patches. The checkout@v6 upgrade appears unaffected by these constraints.

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/freshen-images.yml at line 21, The workflow upgrades to
setup-qemu-action, setup-buildx-action, and login-action v4 which require GitHub
Actions Runner v2.327.1+; update the CI to ensure the runner meets that minimum
or revert/pin those actions to their last v3-compatible releases (reference the
action names setup-qemu-action, setup-buildx-action, login-action) and keep
checkout@v6 as-is if desired; add a short comment in the workflow noting the
runner version requirement and/or add an explicit runner compatibility check
step so future runs fail fast if the runner is too old.

with:
fetch-depth: 0
- id: tags
Expand All @@ -35,17 +35,17 @@ jobs:
id: ["operator-sdk", "helm-operator", "scorecard-test"]
steps:
- name: set up qemu
uses: docker/setup-qemu-action@v3
uses: docker/setup-qemu-action@v4
- name: set up buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@v4
- name: quay.io login
uses: docker/login-action@v3
uses: docker/login-action@v4
with:
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
registry: quay.io
- name: checkout
uses: actions/checkout@v5
uses: actions/checkout@v6
with:
fetch-depth: 1
- name: build and push
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/integration.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
outputs:
skip: ${{ steps.check_docs_only.outputs.skip }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0
- id: check_docs_only
Expand All @@ -26,7 +26,7 @@ jobs:
needs: check_docs_only
if: needs.check_docs_only.outputs.skip != 'true'
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/olm-check.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
name: check-olm-minor-releases
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
- id: run-check-olm
run: ./hack/check-olm.sh

Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/test-go.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
outputs:
skip: ${{ steps.check_docs_only.outputs.skip }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "Non-SHA pinned actions in this workflow:"
rg -nP '^\s*-\s*uses:\s*[^@]+@(?![0-9a-f]{40}$)[^ ]+' .github/workflows/test-go.yml

echo
echo "Non-SHA pinned actions across workflows:"
rg -nP '^\s*-\s*uses:\s*[^@]+@(?![0-9a-f]{40}$)[^ ]+' .github/workflows/*.yml

Repository: openshift/ocp-release-operator-sdk

Length of output: 2044


Pin GitHub Actions to immutable commit SHAs instead of mutable version tags.

Mutable tags like @v6 can drift and weaken CI supply-chain security. Lines 15, 32, 40, 52, 60, 64 in this workflow (and multiple others) use mutable pins. Switch to commit-SHA pinning with periodic automated updates.

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/test-go.yml at line 15, The workflow uses mutable action
tags like "uses: actions/checkout@v6" which can drift; update each "uses:" entry
(e.g., actions/checkout, actions/setup-go, actions/cache,
docker/build-push-action, and any other actions referenced on lines called out)
to pin to the corresponding commit SHAs instead of version tags, replacing "@v6"
/ "@vX" with the specific immutable commit SHA for each action and add a comment
or workflow schedule note to periodically update those SHAs via an automated
dependabot/renovate or a scripted job.

with:
fetch-depth: 0
- id: check_docs_only
Expand All @@ -29,7 +29,7 @@ jobs:
needs: check_docs_only
if: needs.check_docs_only.outputs.skip != 'true'
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0

Expand All @@ -49,7 +49,7 @@ jobs:
needs: check_docs_only
if: needs.check_docs_only.outputs.skip != 'true'
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/test-helm.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
outputs:
skip: ${{ steps.check_docs_only.outputs.skip }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0
- id: check_docs_only
Expand All @@ -26,7 +26,7 @@ jobs:
needs: check_docs_only
if: needs.check_docs_only.outputs.skip != 'true'
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/test-sample-go.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
outputs:
skip: ${{ steps.check_docs_only.outputs.skip }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0
- id: check_docs_only
Expand All @@ -26,7 +26,7 @@ jobs:
needs: check_docs_only
if: needs.check_docs_only.outputs.skip != 'true'
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0

Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/test-sanity.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
outputs:
skip: ${{ steps.check_docs_only.outputs.skip }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0
- id: check_docs_only
Expand All @@ -26,7 +26,7 @@ jobs:
needs: check_docs_only
if: needs.check_docs_only.outputs.skip != 'true'
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0

Expand All @@ -45,7 +45,7 @@ jobs:
name: docs
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v6
with:
fetch-depth: 0
submodules: recursive
Expand Down
Loading