[
https://issues.apache.org/jira/browse/HADOOP-19868?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18075340#comment-18075340
]
ASF GitHub Bot commented on HADOOP-19868:
-----------------------------------------
pan3793 commented on PR #8450:
URL: https://github.com/apache/hadoop/pull/8450#issuecomment-4293725410
@ajfabbri, thanks for the follow-up. this is the first PR from the forked
repo to verify that workflow, and it's good to see it works by design.
Could you convert the Jira ticket to sub-task of HADOOP-19857 so we can
collect all GitHub Actions work?
And I just opened another PR (https://github.com/apache/hadoop/pull/8451) as
promised - leverage cache to speed up the image building. e.g.,
- (no cache, ~15min)
https://github.com/ajfabbri/hadoop/actions/runs/24760764395/job/72443729277
- (cache-hit, ~1min)
https://github.com/awesome-kyuubi/hadoop/actions/runs/24710635725/job/72274183322
I guess you also want to add such comments to those new YAML files
> ci: add security comments to github actions
> -------------------------------------------
>
> Key: HADOOP-19868
> URL: https://issues.apache.org/jira/browse/HADOOP-19868
> Project: Hadoop Common
> Issue Type: Improvement
> Components: test
> Reporter: Aaron Fabbri
> Assignee: Aaron Fabbri
> Priority: Minor
>
> Following up on HADOOP-19858, I have a patch for some `# Security:` comments
> to add to our github actions to explain why each workflow is safe.
> I'm also following up on INFRA-27839, just to double check they haven't
> enabled any risky defaults. I'll add comments with any details I find.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
