yuqi1129 opened a new pull request, #10506: URL: https://github.com/apache/gravitino/pull/10506
### What changes were proposed in this pull request? Pin all `docker/*` GitHub Actions to their exact commit SHA (v4.0.0) in every CI workflow file, as required by the Apache GitHub organization policy. The Apache allowlist at https://github.com/apache/infrastructure-actions/blob/main/actions.yml requires SHA-pinned references, not floating tags like `@v3` or `@v3.6.0`. Updated SHAs (from the Apache allowlist): | Action | SHA | Tag | |--------|-----|-----| | `docker/setup-qemu-action` | `ce360397dd3f832beb865e1373c09c0e9f86d70a` | v4.0.0 | | `docker/login-action` | `b45d80f862d83dbcd57f89517bcf500b2ab88fb2` | v4.0.0 | | `docker/setup-buildx-action` | `4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd` | v4.0.0 | Affected files (10): - `.github/workflows/access-control-integration-test.yml` - `.github/workflows/python-integration-test.yml` - `.github/workflows/trino-integration-test.yml` - `.github/workflows/backend-integration-test-action.yml` - `.github/workflows/cron-integration-test.yml` - `.github/workflows/gvfs-fuse-build-test.yml` - `.github/workflows/flink-integration-test-action.yml` - `.github/workflows/spark-integration-test-action.yml` - `.github/workflows/frontend-integration-test.yml` - `.github/workflows/docker-image.yml` ### Why are the changes needed? Fix #10502 The Apache GitHub organization policy requires actions to be referenced by their exact commit SHA. Using floating tags (`@v3`, `@v3.6.0`) causes all CI runs to fail with: > The action docker/[email protected] is not allowed in apache/gravitino because all actions must be from a repository owned by your enterprise, created by GitHub, or match one of the patterns ### Does this PR introduce _any_ user-facing change? No. ### How was this patch tested? CI-only change; no logic modified. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
