Skip to content

chore: upgrade github actions and node runtime (issue #481)#152

Open
abbyo12 wants to merge 1 commit into
mainfrom
issue-481/upgrade-node-actions
Open

chore: upgrade github actions and node runtime (issue #481)#152
abbyo12 wants to merge 1 commit into
mainfrom
issue-481/upgrade-node-actions

Conversation

@abbyo12

@abbyo12 abbyo12 commented May 1, 2026

Copy link
Copy Markdown

Description:
Upgrades the Go build and release pipelines to use the
latest GitHub Actions.

Key Upgrades:

  • Upgraded actions/setup-go to v6.
  • Standardized artifact management using
    actions/upload-artifact@v5 and
    actions/download-artifact@v5.
  • [ztiaws only]: Updated CI/CD documentation snippets to
    match the new company standards.

Summary by CodeRabbit

  • Chores

    • Updated CI/CD infrastructure and automation workflows to use latest stable versions of build and deployment tools.
  • Documentation

    • Updated authentication documentation examples to reflect current tool versions.

@abbyo12 abbyo12 self-assigned this May 1, 2026
@coderabbitai

coderabbitai Bot commented May 1, 2026

Copy link
Copy Markdown
📝 Walkthrough

Walkthrough

GitHub Actions versions are upgraded across workflow and documentation files. Checkout actions advance from v3–v4 to v5, setup-go from v5 to v6, upload/download artifacts from v4 to v5, and AWS credentials configuration from v2 to v5 in examples.

Changes

Cohort / File(s) Summary
Workflow Actions Upgrade
.github/workflows/build.yml
Updated actions/checkout (v4→v5), actions/setup-go (v5→v6), actions/upload-artifact (v4→v5), and actions/download-artifact (v4→v5) to latest major versions.
Documentation Examples
docs/CI_CD_AUTHENTICATION.md
Updated action version references in workflow examples: actions/checkout (v3→v5), aws-actions/configure-aws-credentials (v2→v5), and actions/upload-artifact (v3→v5).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 Hops with glee through version bumps so fine,
From v3, v4, to v5 aligned,
Actions updated, workflows run fast,
GitHub's latest tools, built to last!
Checkout, upload, credentials too—
A rabbit's blessing on all things new! 🚀

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Title check ⚠️ Warning The title mentions 'upgrade github actions and node runtime' but the actual changes only cover GitHub Actions upgrades (checkout, setup-go, upload-artifact, download-artifact). No node runtime changes are present in the provided changeset. Update the title to accurately reflect the actual changes, e.g., 'chore: upgrade github actions versions (issue #481)' or verify if node runtime upgrades exist in other parts of the PR not shown in the summary.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch issue-481/upgrade-node-actions

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
Review rate limit: 0/1 reviews remaining, refill in 60 minutes.

Comment @coderabbitai help to get the list of available commands and usage tips.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
.github/workflows/build.yml (1)

28-366: Pin GitHub Actions to commit SHAs instead of floating major tags.

The workflow uses multiple action references with floating major version tags (@v2, @v3, @v5, @v6), including actions/checkout@v5, actions/setup-go@v6, actions/upload-artifact@v5, actions/download-artifact@v5, dorny/paths-filter@v3, and softprops/action-gh-release@v2. Pinning to full commit SHAs prevents silent upstream changes and hardens CI supply-chain security.

Suggested pattern (example)
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@<full_commit_sha>

-      - name: Set up Go
-        uses: actions/setup-go@v6
+      - name: Set up Go
+        uses: actions/setup-go@<full_commit_sha>
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/build.yml around lines 28 - 366, The workflow uses
floating major tags for third-party actions (e.g., actions/checkout,
actions/setup-go, actions/upload-artifact, actions/download-artifact,
dorny/paths-filter, softprops/action-gh-release), which should be replaced with
pinned commit SHAs to avoid silent upstream changes; update each occurrence of
uses: actions/checkout@v5, actions/setup-go@v6, actions/upload-artifact@v5,
actions/download-artifact@v5, dorny/paths-filter@v3 and
softprops/action-gh-release@v2 to the corresponding full commit SHA for the
exact release you want, commit the updated workflow, and verify the pipeline
still runs (no other logic changes required).
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.github/workflows/build.yml:
- Around line 28-366: The workflow uses floating major tags for third-party
actions (e.g., actions/checkout, actions/setup-go, actions/upload-artifact,
actions/download-artifact, dorny/paths-filter, softprops/action-gh-release),
which should be replaced with pinned commit SHAs to avoid silent upstream
changes; update each occurrence of uses: actions/checkout@v5,
actions/setup-go@v6, actions/upload-artifact@v5, actions/download-artifact@v5,
dorny/paths-filter@v3 and softprops/action-gh-release@v2 to the corresponding
full commit SHA for the exact release you want, commit the updated workflow, and
verify the pipeline still runs (no other logic changes required).

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 7a201dfa-dd2a-4b7a-845a-b2bfe0683d1f

📥 Commits

Reviewing files that changed from the base of the PR and between c94117e and eba2765.

📒 Files selected for processing (2)
  • .github/workflows/build.yml
  • docs/CI_CD_AUTHENTICATION.md

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant