Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR modernizes and simplifies the GitHub Actions workflows by removing redundant custom actions and adopting standard practices for action version pinning.
- Removes custom Docker actions in favor of official docker/build-push-action and docker/login-action
- Eliminates redundant actions that can be replaced with simple run commands (ESLint, OpenAPI lint)
- Updates action version references from specific SHA commits to major version pinning (e.g., @v4, @v5)
Reviewed Changes
Copilot reviewed 36 out of 36 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| test/ files | Removes test assets that were used for the eliminated actions |
| actions/eslint/, actions/openapi-lint/, actions/push-docker/, actions/build-docker/, actions/artifactory-login/ | Completely removes custom actions that are being replaced by official alternatives |
| actions/helm-lint/action.yaml | Updates action versions to major version pinning and renames input parameter |
| actions/init-npm/action.yaml | Updates Node.js default version and action versions to major version pinning |
| actions/build-and-push-helm/action.yaml | Updates step names and variable references for consistency |
| actions/update-artifacts-file/action.yaml | Updates checkout action to major version pinning |
| .github/workflows/ files | Updates test workflows to use official Docker actions and major version pinning |
| README.md | Updates documentation to reflect removed actions |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
shimoncohen
reviewed
Sep 25, 2025
shimoncohen
reviewed
Sep 25, 2025
shimoncohen
reviewed
Sep 25, 2025
shimoncohen
approved these changes
Sep 25, 2025
This was referenced Sep 28, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Simplify and Modernize GitHub Actions
This PR overhauls our GitHub Actions workflows to improve maintainability, security, and simplicity by adopting current best practices.
Key Changes
Removed Custom Docker Actions: The proprietary actions for Docker login, build, and push have been removed. They are replaced by the official, open-source docker/login-action and docker/build-push-action (refer to this PR). This makes our CI pipeline more standard and easier for new contributors to understand.
Eliminated Redundant Actions: Removed workflow steps that didn't provide significant value over a simple run command. For instance, the dedicated ESLint action was replaced with a direct call to npm run lint, reducing unnecessary dependencies.
Updated to Major Version Pinning: Action versions are now pinned to their major release (e.g., actions/checkout@v4 instead of actions/checkout@v4.1.1). This practice ensures we automatically receive the latest non-breaking features and security patches without requiring manual intervention for every minor update.