Add permission section

2025-12-11 12:06:44 +00:00 · 2025-01-16 08:38:47 -06:00
8 changed files with 47 additions and 76 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,14 +0,0 @@
 # To get started with Dependabot version updates, you'll need to specify which
 # package ecosystems to update and where the package manifests are located.
 # Please see the documentation for all configuration options:
 # https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
 version: 2
 updates:
  # Enable version updates for GitHub Actions
  - package-ecosystem: 'github-actions'
    # Workflow files stored in the default location of `.github/workflows`
    # You don't need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.
    directory: '/'
    schedule:
      interval: 'weekly'
--- a/.github/workflows/build-tool-packages.yml
+++ b/.github/workflows/build-tool-packages.yml
@@ -43,7 +43,7 @@ jobs:
    steps:
    - name: checkout
      if: env.excludewinarm == 'true'
-      uses: actions/checkout@v5
+      uses: actions/checkout@v4
      with:
        submodules: true
@@ -76,26 +76,50 @@ jobs:
        - os: ubuntu-latest
          platform: linux
          architecture: x64
-        - os: macos-15-intel
+        - os: macos-13
          platform: darwin
          architecture: x64
        - os: windows-latest
          platform: win32
          architecture: x64
-        - os: ubuntu-22.04-arm
+        - os: setup-actions-ubuntu-arm64-2-core
          platform: linux
          architecture: arm64
          runner_type: self-hosted
        - os: macos-latest
          platform: darwin
          architecture: arm64
-        - os: windows-11-arm
+        - os: setup-actions-windows-arm64-4-core
          platform: win32
          architecture: arm64
          runner_type: self-hosted
    steps:
    - name: Setup Environment on Windows ARM64 Runner
      if: matrix.os == 'setup-actions-windows-arm64-4-core'
      shell: powershell
      run: |
            # Install Chocolatey
            Set-ExecutionPolicy Bypass -Scope Process -Force
            [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
            iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
            echo "C:\ProgramData\Chocolatey\bin" | Out-File -Append -FilePath $env:GITHUB_PATH -Encoding utf8
            # Install PowerShell
            choco install powershell-core -y
            echo "C:\Program Files\PowerShell\7" | Out-File -Append -FilePath $env:GITHUB_PATH -Encoding utf8
            # Install Git
            choco install git -y
            echo "C:\Program Files\Git\cmd" | Out-File -Append -FilePath $env:GITHUB_PATH -Encoding utf8
             # Install 7-Zip
            choco install 7zip -y
            echo "C:\ProgramData\chocolatey\bin" | Out-File -Append -FilePath $env:GITHUB_PATH -Encoding utf8
    - name: checkout
      if: env.excludewinarm == 'true'
-      uses: actions/checkout@v5
+      uses: actions/checkout@v4
      with:
        submodules: true
@@ -105,7 +129,7 @@ jobs:
    - name: Download artifact
      if: env.excludewinarm == 'true'
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v4
      with:
        name: ${{ env.ARTIFACT_NAME }}
        path: ${{ runner.temp }}/${{ env.ARTIFACT_NAME }}
@@ -160,49 +184,24 @@ jobs:
        Write-Host "to determine if ${{ inputs.tool-name }} version was consumed from cache or if it was downloaded"
        for ($i = 0; $i -lt 200; $i++) { Get-Random }
    - name: Ensure Pester Installed
      run: |
        $module = Get-Module -ListAvailable -Name Pester
        if (-not $module -or ($module.Version -lt [Version]"5.0.0")) {
          Install-Module Pester -Force -Scope CurrentUser -SkipPublisherCheck
        }
    - name: Run tests
      if: env.excludewinarm == 'true'
      env: 
        VERSION: ${{ inputs.tool-version }}
      run: |
        Install-Module Pester -Force -Scope CurrentUser -SkipPublisherCheck
        Import-Module Pester
        $toolName = (Get-Culture).TextInfo.ToTitleCase("${{ inputs.tool-name }}")
-        Invoke-Pester -Configuration @{
+        Invoke-Pester -Script ./$toolName.Tests.ps1 -EnableExit
                  Run = @{ Path = "./$toolName.Tests.ps1" }
                  Should = @{ ErrorAction = 'Continue' }
                  Output = @{ EnableExit = $true }
                }
      working-directory: ./tests
    # - name: Run tests
    #   if: env.excludewinarm == 'true'
    #   env: 
    #     VERSION: ${{ inputs.tool-version }}
    #   run: |
    #     Install-Module Pester -Force -Scope CurrentUser -SkipPublisherCheck
    #     Import-Module Pester
    #     $toolName = (Get-Culture).TextInfo.ToTitleCase("${{ inputs.tool-name }}")
    #     Invoke-Pester -Configuration @{
    #               Run = @{ Path = "./$toolName.Tests.ps1" }
    #               Should = @{ ErrorAction = 'Continue' }
    #               Output = @{ EnableExit = $true }
    #             }      
    #   working-directory: ./tests
  publish_release:
    name: Publish release
    if: inputs.publish-release
    needs: test
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/download-artifact@v5
+    - uses: actions/download-artifact@v4
    - name: Generate release body
      id: generate-release-body
--- a/.github/workflows/common_tests.yml
+++ b/.github/workflows/common_tests.yml
@@ -7,7 +7,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
-      uses: actions/checkout@v5
+      uses: actions/checkout@v4
    - name: Install Pester
      shell: pwsh
--- a/.github/workflows/create-pr-to-update-manifest.yml
+++ b/.github/workflows/create-pr-to-update-manifest.yml
@@ -20,7 +20,7 @@ jobs:
    name: Create Pull Request
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v4
      with:
        submodules: true
--- a/.github/workflows/get-new-tool-versions.yml
+++ b/.github/workflows/get-new-tool-versions.yml
@@ -30,7 +30,7 @@ jobs:
    outputs:
      versions_output: ${{ steps.Get_new_versions.outputs.TOOL_VERSIONS }}
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
        with:
          submodules: true
@@ -45,7 +45,7 @@ jobs:
    env:
      TOOL_VERSIONS: ${{needs.find_new_versions.outputs.versions_output}}
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
        with:
          submodules: true
@@ -75,7 +75,7 @@ jobs:
      TOOL_VERSIONS: ${{needs.find_new_versions.outputs.versions_output}}
    environment: Get Available Tools Versions - Publishing Approval
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
        with:
          submodules: true
@@ -95,7 +95,7 @@ jobs:
    needs: [find_new_versions, check_new_versions, trigger_builds]
    if: failure()
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
        with:
          submodules: true
--- a/.github/workflows/get-tools-new-versions.yml
+++ b/.github/workflows/get-tools-new-versions.yml
@@ -42,7 +42,7 @@ jobs:
    name: 'Searching for new versions of ${{ matrix.tool.name }}'
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
      - id: get-new-tool-versions
        name: Get new tool versions
        run: | 
@@ -71,7 +71,7 @@ jobs:
    needs: [find-new-tool-versions]
    if: failure()
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
      - id: get-failed-jobs
        name: Get failed jobs
        run: |
--- a/.github/workflows/validate-manifest.yml
+++ b/.github/workflows/validate-manifest.yml
@@ -24,7 +24,7 @@ jobs:
  validation:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
        with:
          submodules: true
@@ -37,7 +37,7 @@ jobs:
    needs: [validation]
    if: failure()
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
        with:
          submodules: true
--- a/README.md
+++ b/README.md
@@ -10,20 +10,6 @@ permissions:
  contents: read # access to read repository's content
  actions: read # access to reading actions 
 ```
 ### Note
-Thank you for your interest in this GitHub action, however, right now we are not taking contributions. Add commentMore actionsAdd commentMore actions
+## Contribution
-
+Contributions are welcome! See [Contributor's Guide](./CONTRIBUTING.md) for more details about contribution process and code structure
 We continue to focus our resources on strategic areas that help our customers be successful while making developers' lives easier. While GitHub Actions remains a key part of this vision, we are allocating resources towards other areas of Actions and are not taking contributions to this repository at this time. The GitHub public roadmap is the best place to follow along for any updates on features we’re working on and what stage they’re in.
 We are taking the following steps to better direct requests related to GitHub Actions, including:
 1. We will be directing questions and support requests to our [Community Discussions area](https://github.com/orgs/community/discussions/categories/actions)
 2. High Priority bugs can be reported through Community Discussions or you can report these to our support team https://support.github.com/contact/bug-report.
 3. Security Issues should be handled as per our [security.md](security.md)
 We will still provide security updates for this project and fix major breaking changes during this time.
 You are welcome to still raise bugs in this repo.