Update labeler config for major version increment #2747
Conversation
moradology
force-pushed
the
fix/update-labeler
branch
from
9dcbb89 to
cbe89b8
Compare
|
OK, here's verification: |
|
This was kind of confusing, so I'm going to avoid switching back to |
|
I also tried something similar in my PR, following from discussion I found online. I have no idea what's really going on! It would be OK by me to merge something to see if it gets fixed, without 100% certainty, since it's definitely broken right now. |
|
OK, switched over to |
|
@dstansby , perhaps? |
| - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| ref: ${{ github.event.pull_request.head.sha }} |
There was a problem hiding this comment.
Why do we need to checkout the repo?
There was a problem hiding this comment.
Failure to find .github/labeler.yml, which was the first error being encountered on #2533 and led me to looking into this
| ref: ${{ github.event.pull_request.head.sha }} | ||
|
|
||
| - name: Run Pull Request Labeler | ||
| uses: actions/[email protected] |
There was a problem hiding this comment.
Could we switch back to using the SHA instead? It will be updated find by dependabot, but it's generally recommended to use the SHA instead of a tag for security reasons.
|
I think a slightly simpler fix is at #2744 - if another maintainer wants to review and merge that instead I think it would work? Otherwise I left a couple of comments above on this PR, and I'd be happy to merge this PR once they're resolved. |
|
🫡 Simpler is generally better, so I defer to the wisdom of others here! I do think the checkout is going to ultimately need to make its way in, however |
|
Thanks for working on this @moradology - it looks like it's fixed now on main |
This PR simply prepares the repo to upgrade the major version of the labeler workflow (and fix all the workflow errors people are encountering). See docs here: https://github.com/actions/labeler?tab=readme-ov-file#updating-major-version-of-the-labeler
pull_requeston line 4 ofneeds_release_notes.ymlwill need to be reverted topull_request_target. This must happen to avoid permissions issues! Cf. https://github.com/actions/labeler?tab=readme-ov-file#recommended-permissionsThis addresses the issue mentioned in #2744 and the unfortunate bug hanging up #2533 (among others)