[SPARK-56119] Sync docker-related GitHub Actions versions to the ASF approved patterns

dongjoon-hyun · dongjoon-hyun · commit 0d8394feb3d6 · 2026-03-20T17:21:17.000-07:00
### What changes were proposed in this pull request? This PR aims to sync `docker`-related GitHub Actions versions to the ASF approved patterns. ### Why are the changes needed? Currently, the CI is blocked by the ASF check because of the recent change. - https://github.com/apache/spark-connect-swift/actions/runs/23365458370 - apache/infrastructure-actions#547 > The actions docker/setup-qemu-actionv3, docker/setup-buildx-actionv3, docker/login-actionv3, and docker/build-push-actionv6 are not allowed in apache/spark-connect-swift because all actions must be from a repository owned by your enterprise, created by GitHub, or match one of the patterns As of now, the updated patterns are the following. - https://github.com/apache/infrastructure-actions/blob/07f5f9d2b05fe0ec9886e3ef0a9d79797817f0cb/approved_patterns.yml#L100-L104 ``` - docker/build-push-action10e90e3645eae34f1e60eeb005ba3a3d33f178e8 - docker/login-actionc94ce9fb468520275223c153574b00df6fe4bcc9 - docker/metadata-actionc299e40c65443455700f0fdfc63efafe5b349051 - docker/setup-buildx-action8d2750c68a42422c14e847fe6c8ac0403b4cbd6f - docker/setup-qemu-action29109295f81e9208d7d86ff1c6c12d2833863392 ``` ### Does this PR introduce _any_ user-facing change? No. ### How was this patch tested? Manual review because the updated CI should be triggered manually. ### Was this patch authored or co-authored using generative AI tooling? Generated-by: Claude Code (claude-opus-4-6) Closes #567 from dongjoon-hyun/SPARK-56119. Authored-by: Dongjoon Hyun <dongjoon@apache.org> Signed-off-by: Dongjoon Hyun <dongjoon@apache.org>
diff --git a/.github/workflows/publish_snapshot_dockerhub.yml b/.github/workflows/publish_snapshot_dockerhub.yml
@@ -24,11 +24,11 @@ jobs:
         branch: ${{ fromJSON( inputs.branch || '["main"]' ) }}
     steps:
     - name: Set up QEMU
-      uses: docker/setup-qemu-action@v3
+      uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
+      uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f
     - name: Login to Docker Hub
-      uses: docker/login-action@v3
+      uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9
       with:
         username: ${{ secrets.DOCKERHUB_USER }}
         password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -37,7 +37,7 @@ jobs:
       with:
         ref: ${{ matrix.branch }}
     - name: Build and push
-      uses: docker/build-push-action@v6
+      uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8
       with:
         # build cache on Github Actions, See: https://docs.docker.com/build/cache/backends/gha/#using-dockerbuild-push-action
         cache-from: type=gha
