Update GitHub Actions with new versions.

Change Summary

This update involves modifications to the GitHub Actions workflows for deployment and planning processes. Specifically, the changes focus on updating the versions of various GitHub Actions used within these workflows to ensure they are utilizing the latest available commits.

Technical Details

• Files Modified:
  • .github/workflows/deploy.yml
  • .github/workflows/plan.yml
• Specific Changes:
  • Updated the gruntwork-io/terragrunt-action from commit v3 to commit 95fc057922e3c3d4cc021a81a213f088f333ddef.
  • Updated the aws-actions/configure-aws-credentials from commit v5.1.1 to commit 61815dcd50bd041e203e49132bacad1fd04d2708.
  • Updated the tailscale/github-action from commit v4 to commit 53acf823325fe9ca47f4cdaa951f90b4b0de5bb9.
• Implementation Details:
  • The gruntwork-io/terragrunt-action is used to check and format HCL files and to run Terragrunt commands.
  • The aws-actions/configure-aws-credentials is used to configure AWS credentials for interactions with AWS services.
  • The tailscale/github-action is used to set up Tailscale within the GitHub Actions environment.

Key Learnings & Insights

• Reasoning Behind Changes:
  • The updates to the GitHub Actions are aimed at leveraging the latest features, bug fixes, and security patches available in these actions.
  • Using specific commit hashes instead of tags ensures that the workflows are reproducible and not subject to changes in the tagged versions.
• Problem-Solving Approaches:
  • The approach taken involved identifying the latest commits for the required actions and updating the workflow files accordingly.
  • This ensures that the CI/CD pipelines benefit from the most recent improvements without being tied to semantic versioning, which may not always reflect minor but critical changes.
• Best Practices Demonstrated:
  • Pinning to specific commits rather than versions helps avoid unexpected changes due to version updates.
  • Regularly reviewing and updating GitHub Actions to incorporate the latest changes is a good practice for maintaining secure and efficient CI/CD pipelines.

Impact Assessment

• System Effects:
  • These changes should enhance the reliability and security of the CI/CD pipelines by incorporating the latest updates from the GitHub Actions.
  • There should be no breaking changes as the functionality of the actions remains consistent; only the underlying commits have been updated.
• Performance & Security:
  • Potential performance improvements and security patches from the updated actions.
  • Ensures that the deployment and planning processes are using the most secure and efficient methods available.
• Maintainability:
  • Simplifies future updates by allowing easy identification of the exact commits being used, making it easier to track changes and troubleshoot issues.

Developer Notes

• Gotchas & Edge Cases:
  • Ensure that the specified commits exist and are valid to avoid workflow failures.
  • Monitor the actions for any deprecated features or breaking changes in future updates of the actions.
• Context for Future Developers:
  • Understand the importance of pinning to specific commits for reproducibility.
  • Be aware of the rationale behind these changes to maintain consistency in future updates.
• Potential Future Improvements:
  • Consider automating the process of updating to the latest commits to reduce manual effort.
  • Regularly review the actions for new features or improvements that could benefit the workflows.