ci: update workflow action pins#64
Merged
Merged
Conversation
shudonglin
commented
Jun 27, 2026
shudonglin
left a comment
Author
There was a problem hiding this comment.
Post-merge review note from the gateway release pass.
Reviewed as part of the production deployment verification. CI passed before merge, the New API image was built and deployed successfully, production Terraform converged, live Cloud Run traffic is on the merged New API image tag, and post-deploy smoke/log checks passed. No follow-up blocker found in this PR during release verification.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
提交说明 / PR Notice
Important
This PR description was AI-assisted and locally reviewed for accuracy before submission
变更描述 / Description
Updates CI workflow action references to the latest resolved release tags and pins each supported action by full commit SHA. The version comment remains beside each SHA so maintainers can audit the intended release while GitHub executes an immutable ref
变更类型 / Type of change
关联任务 / Related Issue
提交前检查项 / Checklist
运行证明 / Proof of Work
git diff --check ruby -e 'require "yaml"; Dir[".github/workflows/*.{yml,yaml}"].sort.each { |f| YAML.load_file(f) }; puts "workflow yaml parses"' python3 workflow_action_pin_audit.pyObserved output:
workflow yaml parsesandnew-api workflow action refs are SHA pinned with latest comments