Skip to content

Use datadog-ci CLI installer and pin version#11335

Open
daniel-mohedano wants to merge 1 commit into
masterfrom
daniel.mohedano/pin-datadog-ci
Open

Use datadog-ci CLI installer and pin version#11335
daniel-mohedano wants to merge 1 commit into
masterfrom
daniel.mohedano/pin-datadog-ci

Conversation

@daniel-mohedano
Copy link
Copy Markdown
Contributor

@daniel-mohedano daniel-mohedano commented May 11, 2026
edited by atlassian Bot
Loading

What Does This Do

  • Updates the analyze-chages.yaml workflow to use the datadog-ci CLI installer (which uses the binary under the hood) instead of a direct download from the releases page. Also pins the datadog-ci version to avoid possible supply-chain attacks.

Contributor Checklist

Jira ticket: SDTEST-3645

Note: Once your PR is ready to merge, add it to the merge queue by commenting /merge. /merge -c cancels the queue request. /merge -f --reason "reason" skips all merge queue checks; please use this judiciously, as some checks do not run at the PR-level. For more information, see this doc.

@daniel-mohedano daniel-mohedano added tag: no release notes Changes to exclude from release notes comp: tooling Build & Tooling tag: security Security related changes labels May 11, 2026
@daniel-mohedano daniel-mohedano marked this pull request as ready for review May 11, 2026 13:35
@daniel-mohedano daniel-mohedano requested a review from a team as a code owner May 11, 2026 13:35
AlexeyKuznetsov-DD
AlexeyKuznetsov-DD reviewed May 11, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@AlexeyKuznetsov-DD AlexeyKuznetsov-DD left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just curious what will be the process of periodical updates for version: v5.16.1?

@daniel-mohedano
Copy link
Copy Markdown
Contributor Author

daniel-mohedano commented May 11, 2026

For now it will be pinned and we would have to update the version manually. Although it's possible that we move towards releasing a new version of the action with each datadog-ci new release. So every release would be shipped with the datadog-ci version pinned to the latest one at the moment of release. We've already implemented this for other actions such as https://github.com/DataDog/junit-upload-github-action. With this, we could update the install-datadog-ci-github-action version easily through dependabot or other means and get the latest versions of datadog-ci (with the proper cooldowns and guardrails)

@daniel-mohedano
Copy link
Copy Markdown
Contributor Author

daniel-mohedano commented May 12, 2026

/merge

@gh-worker-devflow-routing-ef8351
Copy link
Copy Markdown

gh-worker-devflow-routing-ef8351 Bot commented May 12, 2026
edited
Loading

View all feedbacks in Devflow UI.

2026-05-12 06:32:58 UTC ℹ️ Start processing command /merge

2026-05-12 06:33:02 UTC ℹ️ MergeQueue: pull request added to the queue

The expected merge time in master is approximately 1h (p90).

2026-05-12 08:33:35 UTCMergeQueue: The build pipeline has timeout

The merge request has been interrupted because the build 0 took longer than expected. The current limit for the base branch 'master' is 120 minutes.

Possible reasons:

  • some mandatory checkruns are failing:
    • Check pull request labels
    • Check pull requests
    • Enforce Groovy migration

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AlexeyKuznetsov-DD AlexeyKuznetsov-DD AlexeyKuznetsov-DD approved these changes

Assignees

No one assigned

Labels

comp: tooling Build & Tooling tag: no release notes Changes to exclude from release notes tag: security Security related changes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@daniel-mohedano @AlexeyKuznetsov-DD