Hi everyone, You may have noticed a series of GitHub Actions build failures recently across multiple workflows, including:
- https://github.com/apache/fineract/actions/runs/27887032589 - https://github.com/apache/fineract/actions/runs/27869715676 - https://github.com/apache/fineract/actions/runs/27868316954 <https://www.google.com/search?q=https%3A%2F%2Fgithub.com%2Fapache%2Ffineract%2Factions%2Fruns%2F27868316954> - https://github.com/apache/fineract/actions/runs/27862061333 <https://www.google.com/search?q=https%3A%2F%2Fgithub.com%2Fapache%2Ffineract%2Factions%2Fruns%2F27862061333> Root Cause The failures were caused by an organization-level validation error stating that gradle/actions/setup-gradle was no longer allowed under the Apache policy rules. This happened because ASF Infra removed expired and outdated actions from the organization-wide allowlist in this commit: https://github.com/apache/infrastructure-actions/commit/25ab499ef9c241b64a56860245e57c195baddec6 <https://www.google.com/search?q=https%3A%2F%2Fgithub.com%2Fapache%2Finfrastructure-actions%2Fcommit%2F25ab499ef9c241b64a56860245e57c195baddec6> As a result, the older versions/pinned SHAs we were utilizing in our workflows were immediately blocked by GitHub's enterprise security policies. Resolution A fix has been successfully merged to address this issue. We have upgraded the affected GitHub Actions to their latest approved versions/SHAs in PR #6009: https://github.com/apache/fineract/pull/6009 <https://www.google.com/search?q=https%3A%2F%2Fgithub.com%2Fapache%2Ffineract%2Fpull%2F6009> All main branch builds and new PRs should now run and pass successfully. Please rebase or update your open pull requests if you are still experiencing these workflow validation errors. Best regards, Aman Mittal
