Skip to content

chore: pin GH actions to commit sha#3

Merged
derekbit merged 1 commit into
longhorn:mainfrom
c3y1huang:pin-actions-to-sha
Mar 27, 2026
Merged

chore: pin GH actions to commit sha#3
derekbit merged 1 commit into
longhorn:mainfrom
c3y1huang:pin-actions-to-sha

Conversation

@c3y1huang

@c3y1huang c3y1huang commented Mar 27, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Pin GH Actions to commit sha

longhorn/longhorn#12841
https://github.com/rancher/rancher-security/issues/1617

Summary by CodeRabbit

  • Chores
    • Updated build pipeline configurations to use pinned commit versions for third-party actions, improving build consistency and reliability.

@c3y1huang
chore: pin GH actions to commit sha
b669a09 
longhorn/longhorn-12841

Signed-off-by: Chin-Ya Huang <chin-ya.huang@suse.com>
@coderabbitai

coderabbitai Bot commented Mar 27, 2026
edited
Loading

Copy link
Copy Markdown
📝 Walkthrough

Walkthrough

GitHub Actions workflow updated to pin third-party action versions to specific commit SHAs instead of floating major version tags, affecting actions/checkout, codecov/codecov-action, docker/setup-qemu-action, docker/setup-buildx-action, and docker/login-action.

Changes

Cohort / File(s) Summary
GitHub Actions Version Pinning
.github/workflows/build.yml		 Updated third-party action references to use specific commit SHA versions instead of floating major version tags (v3/v4) for five actions: checkout, codecov, docker/setup-qemu, docker/setup-buildx, and docker/login.

Estimated Code Review Effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 Actions pinned with SHA precision,
No floating tags to cause derision!
Stable workflows, clear as day,
Reproducibility hops to stay! 🎯

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The PR title 'chore: pin GH actions to commit sha' accurately summarizes the main change: pinning GitHub Actions to specific commit SHAs instead of floating version tags.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@c3y1huang c3y1huang mentioned this pull request Mar 27, 2026
Closed
@derekbit derekbit merged commit 67b7aa2 into longhorn:main Mar 27, 2026
5 of 8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@derekbit derekbit derekbit approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@c3y1huang @derekbit