diff --git a/.github/workflows/GH-771-targets.yml b/.github/workflows/GH-771-targets.yml index 3390f3b8..1a1aeefb 100644 --- a/.github/workflows/GH-771-targets.yml +++ b/.github/workflows/GH-771-targets.yml @@ -17,7 +17,7 @@ permissions: {} jobs: echo: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }} timeout-minutes: 5 steps: diff --git a/.github/workflows/GH-771-wait.yml b/.github/workflows/GH-771-wait.yml index 6af760b0..bd69227a 100644 --- a/.github/workflows/GH-771-wait.yml +++ b/.github/workflows/GH-771-wait.yml @@ -17,7 +17,7 @@ permissions: {} jobs: wait: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }} timeout-minutes: 5 steps: diff --git a/.github/workflows/ci-nix.yml b/.github/workflows/ci-nix.yml index b14948b4..45efbdf0 100644 --- a/.github/workflows/ci-nix.yml +++ b/.github/workflows/ci-nix.yml @@ -22,7 +22,7 @@ on: jobs: tasks: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 timeout-minutes: 30 steps: - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7b479917..34b0d9b0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,7 +3,7 @@ on: push: branches: [main] paths-ignore: - - '.github/dependabot.yml' + - '.github/workflows/ci-nix.yml' - 'LICENSE' - '.editorconfig' - 'README.md' @@ -18,7 +18,7 @@ on: jobs: build: timeout-minutes: 15 - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 @@ -33,7 +33,7 @@ jobs: test: timeout-minutes: 15 - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 @@ -46,7 +46,7 @@ jobs: typecheck: timeout-minutes: 15 - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index cb2795a6..f9192087 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -12,7 +12,7 @@ permissions: jobs: dependency-review: timeout-minutes: 15 - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: 'Checkout Repository' uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index 2ddf43e9..2b0f5ae6 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -5,7 +5,7 @@ jobs: gitleaks: timeout-minutes: 15 name: gitleaks - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/itself.yml b/.github/workflows/itself.yml index 3069a9d5..ecce5ccf 100644 --- a/.github/workflows/itself.yml +++ b/.github/workflows/itself.yml @@ -27,7 +27,7 @@ permissions: {} jobs: default_logic: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }} timeout-minutes: 10 steps: @@ -35,7 +35,7 @@ jobs: # Do NOT specify any options here to make sure zero config may work - uses: ./ validation_example_basic_errors_allow_failure: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }} timeout-minutes: 5 steps: @@ -50,7 +50,7 @@ jobs: min-interval-seconds: '-1' attempt-limits: '0' validation_example_combination_errors_allow_failure: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }} timeout-minutes: 5 steps: @@ -74,7 +74,7 @@ jobs: } ] exponential_backoff_allow_failure: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }} timeout-minutes: 5 steps: @@ -92,7 +92,7 @@ jobs: attempt-limits: 2 skip-same-workflow: 'true' equal_intervals: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }} timeout-minutes: 10 steps: @@ -106,7 +106,7 @@ jobs: attempt-limits: 60 skip-same-workflow: 'true' wait-list: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }} timeout-minutes: 5 steps: @@ -132,7 +132,7 @@ jobs: } ] skip-list: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }} timeout-minutes: 5 steps: diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index b6ead501..d0b7b203 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -14,7 +14,7 @@ on: jobs: deno_lint: timeout-minutes: 15 - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - uses: denoland/setup-deno@041b854f97b325bd60e53e9dc2de9cb9f9ac0cba # v1.1.4 @@ -24,7 +24,7 @@ jobs: dprint: timeout-minutes: 15 - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - uses: dprint/check@2f1cf31537886c3bfb05591c031f7744e48ba8a1 # v2.2 @@ -33,7 +33,7 @@ jobs: typos: timeout-minutes: 15 - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 # Intentionally point to the latest version, not the version bound by nix. @@ -44,15 +44,3 @@ jobs: . .github .vscode - - actionlint: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - - name: Download actionlint - id: get_actionlint - run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) - shell: bash - - name: Check workflow files - run: ${{ steps.get_actionlint.outputs.executable }} -color - shell: bash diff --git a/.github/workflows/merge-bot-pr.yml b/.github/workflows/merge-bot-pr.yml index 3e3b082c..4bab7406 100644 --- a/.github/workflows/merge-bot-pr.yml +++ b/.github/workflows/merge-bot-pr.yml @@ -10,7 +10,7 @@ permissions: jobs: judge-dependabot: timeout-minutes: 5 - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 outputs: merge: ${{ steps.conclusion.outputs.merge }} if: ${{ github.actor == 'dependabot[bot]' }} @@ -28,7 +28,7 @@ jobs: needs: [judge-dependabot] if: ${{ needs.judge-dependabot.outputs.merge == 'true' }} timeout-minutes: 30 - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: # Required for checkout before referring to your own action as `uses: ./`. - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 @@ -52,7 +52,7 @@ jobs: # Changing in all personal repository is annoy task for me. Even if using terrafform, getting mandatory CI names in each repo is too annoy! renovate: timeout-minutes: 30 - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor == 'renovate[bot]' }} steps: # Required for checkout before referring to your own action as `uses: ./`. @@ -73,7 +73,7 @@ jobs: # https://github.com/kachick/anylang-template/issues/51 selfup-runner: timeout-minutes: 30 - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor == 'selfup-runner[bot]' }} steps: # Required for checkout before referring to your own action as `uses: ./`. diff --git a/Makefile.toml b/Makefile.toml index ac537d72..de0bbcf8 100644 --- a/Makefile.toml +++ b/Makefile.toml @@ -24,7 +24,6 @@ script = [ "dprint check", "deno lint", "typos . .github .vscode", - "actionlint", "gitleaks detect", "git ls-files '*.nix' | xargs nixfmt --check", ] @@ -73,7 +72,6 @@ script = [ "makers --version", "dprint --version", "nixfmt --version", - "actionlint --version", "typos --version", "gh --version", "jq --version", diff --git a/README.md b/README.md index 5223fbed..d3216555 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ jobs: # contents: read # checks: read # actions: read - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - uses: kachick/wait-other-jobs@v3.2.0 timeout-minutes: 15 # Recommended to be enabled with your appropriate value for fail-safe use @@ -102,7 +102,7 @@ See the [docs](docs/examples.md) for further detail. jobs: your_job: # This will be used default job name if you not specify below "name" field name: "Changed at here" - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - uses: kachick/wait-other-jobs@v3 with: diff --git a/docs/examples.md b/docs/examples.md index 4b2d7210..12f98f80 100644 --- a/docs/examples.md +++ b/docs/examples.md @@ -24,7 +24,7 @@ permissions: jobs: dependabot: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor == 'dependabot[bot]' }} steps: - name: Dependabot metadata @@ -44,7 +44,7 @@ jobs: GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} renovate: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ github.actor == 'renovate[bot]' }} steps: - name: Wait other jobs diff --git a/flake.nix b/flake.nix index bb29dcd4..ffc1e383 100644 --- a/flake.nix +++ b/flake.nix @@ -45,7 +45,11 @@ edge-pkgs.typos # Helper for writing and linting actions - edge-pkgs.actionlint + # + # NOTE: Do NOT add actionlint as a dependency + # - It does not target actions; it lints the user's side. + # - It assumes major actions in a stable state, often causing problems between versions. + # - Use https://github.com/github/vscode-github-actions for a better solution to get hints. edge-pkgs.pinact # For fighting the GitHub API