Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Turns off dependabot upgrades of github actions #173

Merged
merged 1 commit into from
Feb 8, 2021
Merged

Turns off dependabot upgrades of github actions #173

merged 1 commit into from
Feb 8, 2021

Conversation

ekcasey
Copy link
Member

@ekcasey ekcasey commented Feb 8, 2021

Summary

Because certain action versions are hardcoded in our pipeline definition, allowing dependabot to upgrade actions would cause the update-pipeline job and dependabot to fight with each other over the action version.

Use Cases

For example, this dependabot PR is attempting to change actions/cache@v2 to actions/[email protected]. However, if we merge this PR, the pipeline updater will attempt to change it back.

Checklist

  • I have viewed, signed, and submitted the Contributor License Agreement.
  • I have added an integration test, if necessary.

@ekcasey
Turns of dependabot upgrades of github actions
5a4d9c2 
Because certain action versions are hardcoded in our pipeline definition, allowing dependabot to upgrade actions would cause the update-pipeline job and dependebot to fight with each other over the action version.

Signed-off-by: Emily Casey <[email protected]>
@ekcasey ekcasey added type:bug A general bug semver:patch A change requiring a patch version bump labels Feb 8, 2021
@ekcasey ekcasey requested a review from a team February 8, 2021 18:54
@ekcasey ekcasey changed the title Turns of dependabot upgrades of github actions Turns off dependabot upgrades of github actions Feb 8, 2021
@ekcasey ekcasey merged commit aefbe49 into main Feb 8, 2021
@ekcasey ekcasey deleted the turn-off-dependabot-for-gha branch February 8, 2021 19:53
@ghost ghost mentioned this pull request Feb 8, 2021
Merged
This was referenced Feb 8, 2021
Merged
Merged
Merged
@ghost ghost mentioned this pull request Feb 9, 2021
Merged
This was referenced Feb 9, 2021
Merged
Merged
@ghost ghost mentioned this pull request Feb 9, 2021
Merged
This was referenced Feb 9, 2021
Merged
Merged
Merged
Merged
Merged
@buildpack-bot buildpack-bot mentioned this pull request Feb 9, 2021
Merged
This was referenced Feb 9, 2021
Merged
Merged
@ghost ghost mentioned this pull request Feb 9, 2021
Merged
This was referenced Feb 9, 2021
Merged
Merged
Merged
Merged
Merged
Merged
@paketo-bot paketo-bot mentioned this pull request Feb 9, 2021
Merged
@ghost ghost mentioned this pull request Feb 9, 2021
Merged
This was referenced Feb 9, 2021
Merged
Merged
Merged
@ghost ghost mentioned this pull request Feb 9, 2021
Merged
This was referenced Feb 9, 2021
Merged
Merged
Merged
Merged
Merged
Merged
@buildpack-bot buildpack-bot mentioned this pull request Feb 9, 2021
Closed
This was referenced Feb 9, 2021
Merged
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
semver:patch A change requiring a patch version bump type:bug A general bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ekcasey