search

sethvargo / ratchet

A tool for securing CI/CD workflows with version pinning.
Apache License 2.0
769 stars 32 forks source link

Support actions without releases #88

Closed prein closed 2 months ago

prein commented 2 months ago

New issue?

TL;DR

Resolve from tags when releases are not created in the action repository

Detailed design

In case of repositories such as https://api.github.com/repos/wagoid/commitlint-github-action, fall back to tags when releases are not created in a given repo.
Or at least continue ignoring the error

Additional information

Currently fails with

failed to upgrade refs: failed to resolve "actions://wagoid/commitlint-github-action@7f0a61df502599e1f1f50880aaa7ec1e2c0592f2": failed to upgrade ref: failed to get latest release: GET https://api.github.com/repos/wagoid/commitlint-github-action/releases/latest: 404 Not Found []
sethvargo commented 2 months ago

I'm not sure we want to do this. Based on my conversations with GitHub, GitHub Actions will be requiring a release in the future.

prein commented 2 months ago

Way to ignore the error would still be nice, if not too big of a change. In general, maybe instead of exit 1, it would be enough if ratcher left a comment, like # ratchet:WARN could not resolve this one

sethvargo commented 2 months ago

You can add # ratchet:exclude and then Ratchet won't try to update that line.

prein commented 2 months ago

I'm using ratchet with mass updates across multiple files in multiple repos and it would make my life easier to not to have to manually create exceptions. This is even more true in context of running ratchet in automation, headless. Browsing logs, I'll only see one issue at a time, the first one.