Skip to content

[DEVOPS-1066] use CI-tools @v3#123

Closed
sebhmg wants to merge 3 commits intoMiraGeoscience:developfrom
sebhmg:DEVOPS-1066
Closed

[DEVOPS-1066] use CI-tools @v3#123
sebhmg wants to merge 3 commits intoMiraGeoscience:developfrom
sebhmg:DEVOPS-1066

Conversation

@sebhmg
Copy link
Copy Markdown

@sebhmg sebhmg commented Apr 17, 2026

No description provided.

Copilot AI review requested due to automatic review settings April 17, 2026 16:30
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates this repository’s GitHub Actions workflows to use the MiraGeoscience/CI-tools reusable workflows at @v3 (instead of @v2) to align CI/CD and security scanning with the newer shared pipeline definitions.

Changes:

  • Bumped Zizmor security scan reusable workflow references from @v2 to @v3.
  • Bumped Python analysis (static analysis + pytest) reusable workflow references from @v2 to @v3.
  • Bumped Python deploy (dev + prod) and PR→JIRA summary reusable workflow references from @v2 to @v3.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
.github/workflows/security_scan.yml Updates Zizmor reusable workflows to @v3.
.github/workflows/python_deploy_prod.yml Updates production release reusable workflows to @v3.
.github/workflows/python_deploy_dev.yml Updates development publish reusable workflows to @v3.
.github/workflows/python_analysis.yml Updates analysis/pytest reusable workflows to @v3.
.github/workflows/pr_add_jira_summary.yml Updates PR→JIRA summary reusable workflow to @v3.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/security_scan.yml Outdated
Comment on lines +27 to +34
contents: read
actions: read
uses: MiraGeoscience/CI-tools/.github/workflows/reusable-zizmor-advanced-security.yml@v2
uses: MiraGeoscience/CI-tools/.github/workflows/reusable-zizmor-advanced-security.yml@v3
Copy link

Copilot AI Apr 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The job id call-workflow-zizmor-annotate / displayed name indicates this is an "annotate" job, but it actually calls reusable-zizmor-advanced-security.yml. This mismatch is confusing when reading the workflow and when diagnosing failures in the Actions UI. Consider renaming the job id/name (or swapping the called reusable workflow) so the job identity matches what it runs.

Copilot uses AI. Check for mistakes.
Comment thread .github/workflows/security_scan.yml Outdated
Comment on lines +36 to +43
@@ -40,4 +40,4 @@ jobs:
checks: write
contents: read
actions: read
uses: MiraGeoscience/CI-tools/.github/workflows/reusable-zizmor-annotate.yml@v2
uses: MiraGeoscience/CI-tools/.github/workflows/reusable-zizmor-annotate.yml@v3
Copy link

Copilot AI Apr 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The job id call-workflow-zizmor-advanced-security / displayed name suggests "advanced security", but it calls reusable-zizmor-annotate.yml and is labeled "annotate". Align the job id/name with the reusable workflow it invokes to avoid confusion in logs and future edits.

Copilot uses AI. Check for mistakes.
Comment on lines 27 to +29
call-workflow-static-analysis:
name: Static analysis
uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-static_analysis.yml@v2
uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-static_analysis.yml@v3
Copy link

Copilot AI Apr 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PR title implies migrating CI-tools usage to @v3, but .github/workflows/issue_to_jira.yml still references MiraGeoscience/CI-tools/...@v2. Either update the remaining workflow to @v3 as well, or narrow/adjust the PR title/scope so it reflects what's actually upgraded.

Copilot uses AI. Check for mistakes.
@sebhmg
Copy link
Copy Markdown
Author

sebhmg commented Apr 17, 2026

see instead: #124

@sebhmg sebhmg closed this Apr 17, 2026
@sebhmg sebhmg deleted the DEVOPS-1066 branch April 17, 2026 16:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants