These are the current broken actions:

• reactivecircus/android-emulator-runner@4fe4b1ae376568ff65de774de6c0ca8070944022 #v2.37.0

It raises up an emulator: used for the instrumented tests, E2E tests and update tests

Ref: https://github.com/ReactiveCircus/android-emulator-runner

• GuillaumeFalourd/git-commit-push@205c043bca2f932f7a48a28a8d619ba30eb84ba #v1.3

It commits the generated content in the workflow: used for calens and SBOM

Ref: https://github.com/GuillaumeFalourd/git-commit-push

• dawidd6/action-download-artifact@8305c0f1062bb0d184d09ef4493ecb9288447732 #v20

It fetchs the latest artifact generated by other workflow: used for update tests

Ref: https://github.com/dawidd6/action-download-artifact

Today's weirdest scenario:

toolhippie/calens:0.4.0@sha256:728ee4d17b6a3ec40f1a34363d56abbfe7c52f57b9cd6233ee34b82345ccc07f #v0.4.0

it seems to be whitelisted but, it does not work. Check here

Try using the calens action and not the docker.
Currently the docker image is white listed but this does not work. The action should.....

Try using the calens action and not the docker.
Currently the docker image is white listed but this does not work. The action should.....

@DeepDiver1975

i tried, but it did not work. I will set the action and wait for a possible whitelisting of the pending actions.

OTOH, This is the message:

The actions guillaumefalourd/git-commit-push@205c043bca2f932f7a48a28a8d619ba30eb84ba and toolhippie/calens:0.4.0@sha256:728ee4d17b6a3ec40f1a34363d56abbfe7c52f57b9cd6233ee34b82345ccc07f are not allowed in owncloud/android because all actions must be from a repository owned by owncloud, created by GitHub, verified in the GitHub Marketplace, or match one of the patterns: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50, amannn/action-semantic-pull-request@e32d7e603df1aa1ba07e981f2a23455dee596825, peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e, peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0, shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f, softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe, toolhippie/calens:0.4.0@sha256:728ee4d17b6a3ec40f1a34363d56abbfe7c52f57b9cd6233ee34b82345ccc07f, transifex/cli-action@584fd205cbe598773b5a81ce711fa44842678189.

There, the toolhippie action is like:

toolhippie/calens:0.4.0@sha256:728ee4d17b6a3ec40f1a34363d56abbfe7c52f57b9cd6233ee34b82345ccc07f

is that correct? adding both version and the sha256?

There, the toolhippie action is like:

toolhippie/calens:0.4.0@sha256:728ee4d17b6a3ec40f1a34363d56abbfe7c52f57b9cd6233ee34b82345ccc07f

is that correct? adding both version and the sha256?

this is the docker image which I could not get to work - I just whitelisted:
actionhippie/calens@244f3e5,

• dawidd6/action-download-artifact@8305c0f1062bb0d184d09ef4493ecb9288447732 #v20

It fetchs the latest artifact generated by other workflow: used for update tests

Ref: https://github.com/dawidd6/action-download-artifact

can you look into the official action? https://github.com/marketplace/actions/download-a-build-artifact

Thank you

• reactivecircus/android-emulator-runner@4fe4b1ae376568ff65de774de6c0ca8070944022 #v2.37.0

It raises up an emulator: used for the instrumented tests, E2E tests and update tests

Ref: https://github.com/ReactiveCircus/android-emulator-runner

* `GuillaumeFalourd/git-commit-push@205c043bca2f932f7a48a28a8d619ba30eb84ba #v1.3`

It commits the generated content in the workflow: used for calens and SBOM

Ref: https://github.com/GuillaumeFalourd/git-commit-push

white listed

can you look into the official action? https://github.com/marketplace/actions/download-a-build-artifact

Such action only allows to download artifacts from jobs inside the same workflow execution. dawidd6/action-download-artifact allows to download artifacts from other workflows, that's the difference.

Anyway, this action is not a hard-requirement, dawidd6/action is just used in the update tests in order not to generate the same apk from latest in every night execution. We just generate it once per week and fetch in the daily executions. We could generate it in every execution and reduce the frequence from 5 times per week to 3 times per week (more than enough for our current run)

Thanks all for your inputs!!