chore(deps): update ghcr build/tag/push action to use main instead of…

[venkatamutyala]

User description

… being pinned to a version

---

Type

enhancement

---

Description

• Updated the GitHub Action used in the GHCR workflow to track the main branch. This change ensures that the workflow benefits from the latest updates without being pinned to a specific version.

---

Changes walkthrough

	Relevant files
Dependencies	ghcr.yaml Update GitHub Action to Use `main` Branch                                .github/workflows/ghcr.yaml Updated the GitHub Action for building, tagging, and pushing Docker images to use the main branch instead of a specific version (v0.1.3). +1/-1

---

✨ PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[qodo-merge-pro]

PR Description updated to latest commit (e9ad370)

• Copy walkthrough table to "Files Changed" Tab

[qodo-merge-pro]

PR Review

⏱️ Estimated effort to review [1-5]	1, because the change is minimal and straightforward, involving only the update of a GitHub Action version from a specific version to track the main branch. This is a simple change in the CI/CD pipeline configuration that does not involve complex logic or code changes.
🧪 Relevant tests	No
🔍 Possible issues	Dependency on main branch: Tracking the main branch for a GitHub Action could introduce instability if breaking changes or bugs are introduced in the main branch of the action repository. It's generally safer to pin dependencies to specific versions to ensure consistent behavior.
🔒 Security concerns	No

---

✨ Review tool usage guide:

---

Overview:
The review tool scans the PR code changes, and generates a PR review which includes several types of feedbacks, such as possible PR issues, security threats and relevant test in the PR. More feedbacks can be added by configuring the tool.

The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on any PR.

• When commenting, to edit configurations related to the review tool (pr_reviewer section), use the following template:

/review --pr_reviewer.some_config1=... --pr_reviewer.some_config2=...

• With a configuration file, use the following template:

[pr_reviewer]
some_config1=...
some_config2=...

See the review usage page for a comprehensive guide on using this tool.

[qodo-merge-pro]

PR Code Suggestions

Category

Suggestions

Best practice

Pin the GitHub Action to a specific commit SHA for improved security and stability. It's recommended to pin the GitHub Actions to a specific commit SHA for better security and stability. Using the main branch could introduce breaking changes or vulnerabilities. .github/workflows/ghcr.yaml [10] -uses: GlueOps/github-actions-build-push-containers@main +uses: GlueOps/github-actions-build-push-containers@<commit-sha>

---

✨ Improve tool usage guide:

---

Overview:
The improve tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.

• When commenting, to edit configurations related to the improve tool (pr_code_suggestions section), use the following template:

/improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=...

• With a configuration file, use the following template:

[pr_code_suggestions]
some_config1=...
some_config2=...

See the improve usage page for a comprehensive guide on using this tool.