Hi everyone,

You may have noticed a series of GitHub Actions build failures recently
across multiple workflows, including:

   -

   https://github.com/apache/fineract/actions/runs/27887032589
   -

   https://github.com/apache/fineract/actions/runs/27869715676
   -

   https://github.com/apache/fineract/actions/runs/27868316954
   
<https://www.google.com/search?q=https%3A%2F%2Fgithub.com%2Fapache%2Ffineract%2Factions%2Fruns%2F27868316954>
   -

   https://github.com/apache/fineract/actions/runs/27862061333
   
<https://www.google.com/search?q=https%3A%2F%2Fgithub.com%2Fapache%2Ffineract%2Factions%2Fruns%2F27862061333>

Root Cause

The failures were caused by an organization-level validation error stating
that gradle/actions/setup-gradle was no longer allowed under the Apache
policy rules.

This happened because ASF Infra removed expired and outdated actions from
the organization-wide allowlist in this commit:
https://github.com/apache/infrastructure-actions/commit/25ab499ef9c241b64a56860245e57c195baddec6
<https://www.google.com/search?q=https%3A%2F%2Fgithub.com%2Fapache%2Finfrastructure-actions%2Fcommit%2F25ab499ef9c241b64a56860245e57c195baddec6>

As a result, the older versions/pinned SHAs we were utilizing in our
workflows were immediately blocked by GitHub's enterprise security policies.
Resolution

A fix has been successfully merged to address this issue. We have upgraded
the affected GitHub Actions to their latest approved versions/SHAs in PR
#6009: https://github.com/apache/fineract/pull/6009
<https://www.google.com/search?q=https%3A%2F%2Fgithub.com%2Fapache%2Ffineract%2Fpull%2F6009>

All main branch builds and new PRs should now run and pass successfully.
Please rebase or update your open pull requests if you are still
experiencing these workflow validation errors.

Best regards,

Aman Mittal

Reply via email to