Skip to content

build(deps): bump actions/upload-artifact from 4.3.4 to 4.3.6 #2238

build(deps): bump actions/upload-artifact from 4.3.4 to 4.3.6

build(deps): bump actions/upload-artifact from 4.3.4 to 4.3.6 #2238

Workflow file for this run

name: Dependency Checks
permissions:
contents: read
pull-requests: write
on:
push:
branches:
- main
- "release/**"
pull_request_target:
## NOTE: !!!
## When changing these workflows, ensure that the following is updated:
## - Documentation: docs/continuous-integration.md
## - Documentation: docs/makefile-cheat-sheet.md
## - Makefile: ./GNUmakefile
jobs:
checks:
name: go mod
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: .go-version
- name: Run make deps-check
run: |
echo "Using make to check dependencies"
make deps-check
comment:
if: github.event_name == 'pull_request_target'
name: Comment on Non-Maintainer Edit
runs-on: ubuntu-latest
steps:
- name: Filter Changes
id: filter
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
with:
filters: |
changed:
- .ci/providerlint/**
- go.mod
- go.sum
- name: Checkout Community Check
id: checkout
if: steps.filter.outputs.changed == 'true'
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
sparse-checkout: .github/actions/community_check
- name: Community Check
if: steps.checkout.outcome == 'success'
id: community_check
uses: ./.github/actions/community_check
with:
user_login: ${{ github.event.pull_request.user.login }}
maintainers: ${{ secrets.MAINTAINERS }}
- name: Check for Existing Comment
id: prc
if: steps.community_check.outputs.maintainer == 'false'
uses: peter-evans/find-comment@3eae4d37986fb5a8592848f6a574fdf654e61f9e # v3.1.0
with:
issue-number: ${{ github.event.pull_request.number }}
comment-author: "github-actions[bot]"
body-includes: "Please note that typically Go dependency changes"
- name: Leave a New Comment if One Does Not Exist
if: |
steps.prc.outcome == 'success'
&& steps.prc.outputs.comment-id == ''
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
issue-number: ${{ github.event.pull_request.number }}
body: |-
Thank you for your contribution! :rocket:
Please note that typically Go dependency changes are handled in this repository by dependabot or the maintainers. This is to prevent pull request merge conflicts and further delay reviews of contributions. Remove any changes to the `go.mod` or `go.sum` files and commit them into this pull request.
Additional details:
* Check [open pull requests with the `dependencies` label](https://github.com/hashicorp/terraform-provider-aws/pulls?q=is%3Aopen+is%3Apr+label%3Adependencies) to view other dependency updates.
* If this pull request includes an update the AWS Go SDK (or any other dependency) version, only updates submitted via dependabot will be merged. This pull request will need to remove these changes and will need to be rebased after the existing dependency update via dependabot has been merged for this pull request to be reviewed.
* If this pull request is for supporting a new AWS service:
* Ensure the new AWS service changes are following the [Contributing Guide section on new services](https://github.com/hashicorp/terraform-provider-aws/blob/main/docs/add-a-new-service.md), in particular that the dependency addition and initial provider support are in a separate pull request from other changes (e.g. new resources). Contributions not following this item will not be reviewed until the changes are split.
* If this pull request is already a separate pull request from the above item, you can ignore this message.