Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: bump actions/download-artifact version #3291

Merged
merged 1 commit into from
Sep 9, 2024
Merged

ci: bump actions/download-artifact version #3291

merged 1 commit into from
Sep 9, 2024

Conversation

renanrodrigo
Copy link
Member

@renanrodrigo renanrodrigo commented Sep 4, 2024
edited
Loading

Why is this needed?

This PR solves all of our problems because it mitigates CVE-2024-42471.
Dependabot told us about this one, but I'm reopening here to let CI run and make sure all is good.
See #3289 for context.

Test Steps

Just let the CI run

  • (un)check this to re-run the checklist action

@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 4, 2024
edited by renanrodrigo
Loading

PR Checklist

How to use this checklist

How to use this checklist

PR Author

For each section, check a box when it is true.
Uncheck a box if it becomes un-true.
Then check the box at the bottom of the PR description to re-run the action that creates this checklist.
The action that creates and updates this comment will retain your edits.
The action will fail if the checklist is not completed.

PR Reviewer

Check that the PR checklist action did not fail.
Double check that the author filled out the checklist accurately.
If you disagree with a checklist item, start a conversation.
For example, the author may say they don't think integration tests are necessary, but you may disagree.

Bug References

None.

Confirm

  • I've properly referenced all bugs that this PR fixes
How to properly reference fixed bugs
  • If this PR is related to a Jira item, include an SC-1234 reference in the PR title
  • If this PR is fixes a GitHub issue, include a Fixes: #1234 reference in the commit that fixes the issue
  • If this PR is fixes a Launchpad bug, include a LP: #12345678 reference in the commit that fixes the issue

Test Updates

Unit Tests

  • I have updated or added any unit tests accordingly
  • No unit test changes are necessary for this change

Integration Tests

  • I have updated or added any integration tests accordingly
  • No integration test changes are necessary for this change

Documentation

  • Changes here need to be documented and I have referenced the docs PR in the description
  • No documentation updates are necessary for this change

Does this PR require review from someone outside the core ubuntu-pro-client team?

  • Yes, and I have requested those reviews via GitHub
  • No

@renanrodrigo
Copy link
Member Author

So, CI ran an the new version of the action is not pulling our artifact. Needs some investigation on why.

@renanrodrigo
Copy link
Member Author

@paride I see there is an upload-artifact action too - maybe there is where the mismatch happens. This gotta be simpler than expected I guess

@renanrodrigo
Copy link
Member Author

Solved - this is now good to go

@orndorffgrant orndorffgrant merged commit 46c87ba into next-v35 Sep 9, 2024
20 of 24 checks passed
@orndorffgrant orndorffgrant deleted the update-download-artifact branch September 9, 2024 20:33
@paride
Copy link
Contributor

paride commented Sep 11, 2024

Thanks. Sorry with all the things around .5 I didn't get to this earlier.

@renanrodrigo
Copy link
Member Author

@paride don't worry - it was easier than expected and at least we didn't waste your time (:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@orndorffgrant orndorffgrant orndorffgrant approved these changes

@paride paride Awaiting requested review from paride

@lucasmoura lucasmoura Awaiting requested review from lucasmoura

@dheyay dheyay Awaiting requested review from dheyay

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@renanrodrigo @paride @orndorffgrant