From 1e8744c7b5a5ed45974275fa71486d2e2544334d Mon Sep 17 00:00:00 2001 From: dor-forer Date: Mon, 4 May 2026 16:31:54 +0300 Subject: [PATCH 1/3] Bump GitHub Actions to Node 24 compatible versions [MOD-15112] (#947) [MOD-15112] Bump GitHub Actions to Node 24 compatible versions Migrate all JavaScript-based GitHub Actions to versions running on the Node 24 runtime ahead of the June 2, 2026 Node 20 deprecation. - actions/checkout v4 -> v6 - actions/setup-python v5 -> v6 - actions/upload-artifact v4 -> v7 - aws-actions/configure-aws-credentials v4 -> v6 - machulav/ec2-github-runner v2.4.2 -> v2.6.1 - codecov/codecov-action v4 -> v6 - github/codeql-action/* v3 -> v4 - korthout/backport-action v3 -> v4 - release-drafter/release-drafter v6 -> v7 - slackapi/slack-github-action v1 -> v3 (input-based webhook config) (cherry picked from commit 369f14fb01ef7b827e4242f543460a15750d82ca) --- .github/workflows/arm.yml | 8 ++++---- .github/workflows/benchmark-runner.yml | 10 +++++----- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/coverage.yml | 14 +++++++------- .github/workflows/event-nightly.yml | 6 +++--- .github/workflows/event-pull_request.yml | 9 ++++----- .github/workflows/release-drafter.yml | 2 +- .github/workflows/task-backport_pr.yml | 4 ++-- .github/workflows/task-unit-test.yml | 4 ++-- 9 files changed, 32 insertions(+), 33 deletions(-) diff --git a/.github/workflows/arm.yml b/.github/workflows/arm.yml index e2aa8c317..022fa65a9 100644 --- a/.github/workflows/arm.yml +++ b/.github/workflows/arm.yml @@ -11,14 +11,14 @@ jobs: ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }} steps: - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v6 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_REGION }} - name: Start EC2 runner id: start-ec2-runner - uses: machulav/ec2-github-runner@v2.4.2 + uses: machulav/ec2-github-runner@v2.6.1 with: mode: start github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} @@ -44,13 +44,13 @@ jobs: if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs steps: - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v6 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_REGION }} - name: Stop EC2 runner - uses: machulav/ec2-github-runner@v2.4.2 + uses: machulav/ec2-github-runner@v2.6.1 with: mode: stop github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/benchmark-runner.yml b/.github/workflows/benchmark-runner.yml index 534d9f674..0c2f4c117 100644 --- a/.github/workflows/benchmark-runner.yml +++ b/.github/workflows/benchmark-runner.yml @@ -24,14 +24,14 @@ jobs: ec2_instance_id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }} steps: - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v6 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_REGION_BENCHMARK }} - name: Start EC2 runner id: start-ec2-runner - uses: machulav/ec2-github-runner@v2.4.2 + uses: machulav/ec2-github-runner@v2.6.1 with: mode: start github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} @@ -48,7 +48,7 @@ jobs: - name: Pre checkout deps run: sudo apt-get update && sudo apt-get -y install git - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: submodules: recursive - name: Print runner info @@ -96,13 +96,13 @@ jobs: if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs steps: - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v6 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_REGION_BENCHMARK }} - name: Stop EC2 runner - uses: machulav/ec2-github-runner@v2.4.2 + uses: machulav/ec2-github-runner@v2.6.1 with: mode: stop github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4219f68fd..4bb4a70eb 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -32,12 +32,12 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: submodules: recursive # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -48,7 +48,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@v4 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -60,4 +60,4 @@ jobs: # - run: make - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 1da4a084a..c02ce658f 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -9,14 +9,14 @@ jobs: ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }} steps: - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v6 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_REGION_BENCHMARK }} - name: Start EC2 runner id: start-ec2-runner - uses: machulav/ec2-github-runner@v2.4.2 + uses: machulav/ec2-github-runner@v2.6.1 with: mode: start github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} @@ -35,7 +35,7 @@ jobs: - name: Pre checkout deps run: sudo apt-get update && sudo apt-get install -y git - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: submodules: recursive - name: Print CPU information @@ -67,7 +67,7 @@ jobs: - name: run codecov run: make coverage - name: Upload coverage to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v6 # NOSONAR with: file: ./bin/Linux-x86_64-debug/cov.info token: ${{ secrets.CODECOV_TOKEN }} @@ -83,7 +83,7 @@ jobs: echo "path=bin/${FULL_VARIANT}/unit_tests/Testing/Temporary/" >> $GITHUB_OUTPUT - name: Archive san tests reports if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: san tests reports on intel path: ${{ steps.tests-artifact-path.outputs.path }} @@ -97,13 +97,13 @@ jobs: if: ${{ always() }} steps: - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v6 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_REGION_BENCHMARK }} - name: Stop EC2 runner - uses: machulav/ec2-github-runner@v2.4.2 + uses: machulav/ec2-github-runner@v2.6.1 with: mode: stop github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/event-nightly.yml b/.github/workflows/event-nightly.yml index 31024fca5..88ecc624e 100644 --- a/.github/workflows/event-nightly.yml +++ b/.github/workflows/event-nightly.yml @@ -69,8 +69,8 @@ jobs: if: failure() steps: - name: Notify on failure - uses: slackapi/slack-github-action@v1 + uses: slackapi/slack-github-action@v3 with: + webhook: ${{ secrets.SLACK_WEBHOOK_URL_NIGHTLY_FAILURE }} + webhook-type: incoming-webhook payload: '{ "failed_run": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "repository": "${{github.repository}}" }' - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_NIGHTLY_FAILURE }} diff --git a/.github/workflows/event-pull_request.yml b/.github/workflows/event-pull_request.yml index 9e70802f2..1dba65a53 100644 --- a/.github/workflows/event-pull_request.yml +++ b/.github/workflows/event-pull_request.yml @@ -14,7 +14,7 @@ jobs: cancel-in-progress: true steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: submodules: recursive - name: Print CPU information @@ -31,7 +31,7 @@ jobs: echo "Runner Architecture: ${{ runner.arch }}" echo "========================" - name: setup python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.10' - name: install dependencies @@ -44,11 +44,10 @@ jobs: run: make unit_test - name: flow tests run: make flow_test VERBOSE=1 - # Using version 4 if node20 is supported, since it is MUCH faster (15m vs 25s) - name: Upload Logs # Upload artifacts only if flow tests failed if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: Test Logs path: | @@ -74,7 +73,7 @@ jobs: spellcheck: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: submodules: recursive - name: Spellcheck diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 752c1db1c..64eeab699 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: # Drafts your next Release notes as Pull Requests are merged into "master" - - uses: release-drafter/release-drafter@v6 + - uses: release-drafter/release-drafter@v7 with: # (Optional) specify config name to use, relative to .github/. Default: release-drafter.yml config-name: release-drafter-config.yml diff --git a/.github/workflows/task-backport_pr.yml b/.github/workflows/task-backport_pr.yml index 8f984ac24..590a26034 100644 --- a/.github/workflows/task-backport_pr.yml +++ b/.github/workflows/task-backport_pr.yml @@ -28,12 +28,12 @@ jobs: startsWith(github.event.comment.body, '/backport') ) steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: submodules: recursive - name: Create backport pull requests id: backport - uses: korthout/backport-action@v3 + uses: korthout/backport-action@v4 with: pull_title: '[${target_branch}] ${pull_title}' merge_commits: 'skip' diff --git a/.github/workflows/task-unit-test.yml b/.github/workflows/task-unit-test.yml index 83b4cd118..4faaca712 100644 --- a/.github/workflows/task-unit-test.yml +++ b/.github/workflows/task-unit-test.yml @@ -32,7 +32,7 @@ jobs: - name: pre-checkout script run: ${{ inputs.pre-checkout-script }} - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: submodules: recursive - name: Print CPU information @@ -76,7 +76,7 @@ jobs: echo "path=bin/${FULL_VARIANT}/unit_tests/Testing/Temporary/" >> $GITHUB_OUTPUT - name: Archive san tests reports if: ${{ inputs.san == 'address' && failure() }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: san tests reports on ${{ steps.artifact-name.outputs.name }} path: ${{ steps.tests-artifact-path.outputs.path }} From b61afc76657a3777f5a24084391e5d34a766a02e Mon Sep 17 00:00:00 2001 From: dor-forer Date: Tue, 5 May 2026 12:43:36 +0300 Subject: [PATCH 2/3] Fix codecov-action input: file -> files [MOD-15112] (#953) [MOD-15112] Fix codecov-action 'file' input renamed to 'files' in v5+ Renaming codecov/codecov-action's 'file' input to 'files'. The 'file' input was removed in v5.0.0 (renamed to 'files') and v6 did not reintroduce it. Combined with 'disable_search: true', the old 'file:' key was silently ignored and no coverage report was uploaded. (cherry picked from commit 5ec2f779fd827e713352a5e92345c42b4d402e36) --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index c02ce658f..d94f439cf 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -69,7 +69,7 @@ jobs: - name: Upload coverage to Codecov uses: codecov/codecov-action@v6 # NOSONAR with: - file: ./bin/Linux-x86_64-debug/cov.info + files: ./bin/Linux-x86_64-debug/cov.info token: ${{ secrets.CODECOV_TOKEN }} disable_safe_directory: true disable_search: true From d9de9fe64c94d0f32806db09996b5fec8da8a5c5 Mon Sep 17 00:00:00 2001 From: Dor Forer Date: Tue, 5 May 2026 15:14:42 +0300 Subject: [PATCH 3/3] Fix release-drafter v7 auth: env GITHUB_TOKEN -> with: token [MOD-15112] (cherry picked from commit 097d43f14ff1b7658b8e6f71db845e3358b2b7c3) --- .github/workflows/release-drafter.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 64eeab699..063d18cc4 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -14,6 +14,5 @@ jobs: - uses: release-drafter/release-drafter@v7 with: # (Optional) specify config name to use, relative to .github/. Default: release-drafter.yml - config-name: release-drafter-config.yml - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + config-name: release-drafter-config.yml + token: ${{ secrets.GITHUB_TOKEN }}