search

okteto / pipeline

Enable GitHub developers to trigger Okteto Pipelines from a GitHub Actions workflow
https://okteto.com
Apache License 2.0
15 stars 8 forks source link

Out of order tags are confusing Dependabot #23

Open bwestover opened 2 years ago

bwestover commented 2 years ago

We use Dependabot to manage our GitHub Actions dependencies (docs).

The issue we're running into is that this repo has "newer" tags (v4.2 - v4.6) than the actual latest as of this writing (2.5.2). Those tags point to older code, and so Dependabot is trying to "upgrade" us to an older version. Other dependency managers may have a similar issue, I'm not sure.

Would you consider removing these out of order tags?

@rberrelleza @irespaldiza

rberrelleza commented 2 years ago

@bwestover yes, that's a good idea. I think we should remove the old tags, since we are now following a different version scheme. Are you only affected by pipeline action?

bwestover commented 2 years ago

Are you only affected by pipeline action?

We also saw this in okteto/login, however I believe that one is deprecated anyway in favor of okteto/context. The other actions we use (okteto/destroy-preview and okteto/deploy-preview) didn't seem to have the out of order tags, so were working correctly with Dependabot.

Thanks!

maroshii commented 2 years ago

Thanks for reporting @bwestover! This should be fixed now. All v4.x tags have been deleted.

bwestover commented 2 years ago

:sparkles: Thank you :bow: