Skip to content

Commit

Permalink
feat(actions): Pin commit SHAs (#1111)
Browse files Browse the repository at this point in the history 
pin commit SHAs
  • Loading branch information
@nafisat2
nafisat2 committed Jul 23, 2024
1 parent 55d9dab commit c11c35f
Show file tree
Hide file tree
Showing 7 changed files with 25 additions and 25 deletions.
2 changes: 1 addition & 1 deletion .github/actions/setup-goversion/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,6 @@ runs:
run: |
cat Dockerfile | awk '/^FROM golang:.* as build$/ {v=$2;split(v,a,":")}; END {printf("version=%s", a[2])}' >> $GITHUB_OUTPUT
shell: bash
- uses: actions/setup-go@v5
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: "${{steps.goversion.outputs.version}}"
2 changes: 1 addition & 1 deletion .github/workflows/acceptance-tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Call Dagger Function
id: dagger
uses: dagger/dagger-for-github@29d44c596610126326d4c6a567e9a23acbd61fa8 # v6.1.0
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/check-dagger-drift.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Determine Dagger version
id: dagger_version
Expand All @@ -21,7 +21,7 @@ jobs:
echo "version=$(<.version)" > $GITHUB_OUTPUT
rm -rf .version
- uses: actions/cache@v4
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
id: cache_daggercli
with:
path: bin
Expand Down
20 changes: 10 additions & 10 deletions .github/workflows/docker.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,27 +38,27 @@ jobs:

steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ${{ env.REGISTRY_IMAGE }}
tags: ${{ env.TAGS_CONFIG }}

# Setup buildx
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0

- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: grafana/shared-workflows/actions/dockerhub-login@main

- name: Build and push by digest
id: build
uses: docker/build-push-action@v6
uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
with:
context: .
platforms: ${{ matrix.platform }}
Expand All @@ -76,7 +76,7 @@ jobs:
- name: Upload digest
if: github.event_name != 'pull_request'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: ${{ steps.digest.outputs.artifact_name }}
path: /tmp/digests/*
Expand All @@ -90,13 +90,13 @@ jobs:
- build
steps:
- name: Download digests (linux/amd64)
uses: actions/download-artifact@v4
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: digests-linux-amd64
path: /tmp/digests-linux-amd64

- name: Download digests (linux/arm64)
uses: actions/download-artifact@v4
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: digests-linux-arm64
path: /tmp/digests-linux-arm64
Expand All @@ -108,11 +108,11 @@ jobs:
cp /tmp/digests-linux-arm64/* /tmp/digests/
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0

- name: Docker meta
id: meta
uses: docker/metadata-action@v5
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ${{ env.REGISTRY_IMAGE }}
tags: ${{ env.TAGS_CONFIG }}
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/publish-page.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,12 +32,12 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Install pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
with:
version: 9
- uses: actions/setup-node@v4
- uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
with:
node-version: 20
cache: 'pnpm'
Expand All @@ -61,14 +61,14 @@ jobs:
- name: Deploy main
if: github.event_name != 'pull_request'
uses: JamesIves/github-pages-deploy-action@v4
uses: JamesIves/github-pages-deploy-action@94f3c658273cf92fb48ef99e5fbc02bd2dc642b2 # v4.6.3
with:
clean-exclude: pr-preview/
folder: ./docs/dist/

- name: Deploy preview
if: github.event_name == 'pull_request'
uses: rossjrw/pr-preview-action@v1
uses: rossjrw/pr-preview-action@f31d5aa7b364955ea86228b9dcd346dc3f29c408 # v1.4.7
with:
deploy-repository: ${{ github.event.pull_request.head.repo.full_name }}
source-dir: ./docs/dist/
4 changes: 2 additions & 2 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
# https://github.com/actions/checkout/issues/1467
fetch-depth: 0
Expand All @@ -21,7 +21,7 @@ jobs:
- id: docker_tag
run: echo "DOCKER_TAG=${GITHUB_REF_NAME#v}" >> "$GITHUB_ENV"
- name: Release
uses: softprops/action-gh-release@v2
uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8
with:
body: |
This is release `${{ env.GITHUB_REF_NAME }}` of Tanka (`tk`).
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,16 +12,16 @@ jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: ./.github/actions/setup-goversion
- run: make lint

test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: ./.github/actions/setup-goversion
- uses: azure/setup-helm@v4
- uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
version: '3.13.1'
- name: Install jsonnet
Expand All @@ -31,6 +31,6 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: ./.github/actions/setup-goversion
- run: make cross

0 comments on commit c11c35f

Please sign in to comment.