Update GitHub Actions to specific commit versions.

Change Summary

This update modifies the GitHub Actions workflows for deployment (deploy.yml) and planning (plan.yml). The primary change involves pinning specific commit hashes for several GitHub Actions, ensuring consistency and stability in the CI/CD pipeline.

Technical Details

• deploy.yml:
  • Pinned actions/checkout to commit 34e114876b0b11c390a56381ad16ebd13914f8d5 (previously v4).
  • Pinned gruntwork-io/terragrunt-action to commit 95fc057922e3c3d4cc021a81a213f088f333ddef (previously v3).
  • Pinned aws-actions/configure-aws-credentials to commit 61815dcd50bd041e203e49132bacad1fd04d2708 (previously v5.1.1).
  • Pinned tailscale/github-action to commit 53acf823325fe9ca47f4cdaa951f90b4b0de5bb9 (previously v4).
• plan.yml:
  • Same pinning changes as in deploy.yml for consistency across workflows.

Key Learnings & Insights

• Stability through Pinning: Pinning to specific commits rather than tags ensures that the CI/CD pipeline uses a known, tested version of each action, reducing the risk of breakages due to future updates.
• Consistency Across Workflows: Applying the same changes to both deploy.yml and plan.yml ensures that the deployment and planning phases use identical versions of actions, maintaining consistency and reliability.
• Version Management: This approach highlights the importance of version control in dependencies, especially in automated workflows where unexpected changes can lead to failures.

Impact Assessment

• Performance: No direct performance impact is expected from these changes, as they primarily affect the stability and reliability of the CI/CD pipeline.
• Security: Using specific commits can enhance security by avoiding potential vulnerabilities introduced in newer versions of actions.
• Maintainability: While pinning to specific commits can simplify troubleshooting, it also requires manual updates to adopt new features or fixes from action maintainers.

Developer Notes

• Update Process: When updating actions, consider the trade-offs between using latest tags and pinning to specific commits. Evaluate the need for new features versus the stability of the pipeline.
• Monitoring: Continuously monitor the pinned actions for any critical updates or security patches that may necessitate a change.
• Future Improvements: Explore the use of dependency management tools or scripts to automate the process of updating and pinning GitHub Actions, reducing manual effort and potential errors.