This is an automated email from the ASF dual-hosted git repository.
zeroshade pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-adbc.git
The following commit(s) were added to refs/heads/main by this push:
new 41b8e108b ci: add ASF allowlist check (#4172)
41b8e108b is described below
commit 41b8e108ba7b712916a40a7d9b8dad39ae14529d
Author: David Li <[email protected]>
AuthorDate: Fri Apr 3 02:56:30 2026 +0900
ci: add ASF allowlist check (#4172)
Based on Iceberg's:
https://github.com/apache/iceberg/blob/main/.github/workflows/asf-allowlist-check.yml
---
.github/workflows/asf-allowlist-check.yml | 42 +++++++++++++++++++++++++++++++
.github/workflows/integration.yml | 2 +-
2 files changed, 43 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/asf-allowlist-check.yml
b/.github/workflows/asf-allowlist-check.yml
new file mode 100644
index 000000000..3507f29b4
--- /dev/null
+++ b/.github/workflows/asf-allowlist-check.yml
@@ -0,0 +1,42 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# See
https://github.com/apache/iceberg/blob/main/.github/workflows/asf-allowlist-check.yml
+name: "Check actions are on ASF allowlist"
+
+on:
+ pull_request:
+ paths:
+ - ".github/**"
+ push:
+ branches:
+ - main
+ paths:
+ - ".github/**"
+
+permissions:
+ contents: read
+
+jobs:
+ asf-allowlist-check:
+ runs-on: ubuntu-slim
+ steps:
+ - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+ with:
+ persist-credentials: false
+ # Intentionally unpinned to always use the latest allowlist from the ASF.
+ - uses: apache/infrastructure-actions/allowlist-check@main # zizmor:
ignore[unpinned-uses]
diff --git a/.github/workflows/integration.yml
b/.github/workflows/integration.yml
index 4b44f1dcc..b53abecf0 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -278,7 +278,7 @@ jobs:
./ci/scripts/python_test.sh "$(pwd)" "$(pwd)/build"
docker compose down
docker compose rm -fsv
- - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 #
v8.0.0
+ - uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 #
v7.6.0
- name: Run PostgreSQL Validation Suite
run: |
env POSTGRES_VERSION=18 docker compose up --wait --detach
postgres-test
