refactor(actions): Remove variables from action versions

Github doesn't support interpolating versions in `uses` blocks, so reverted back to just specifying SHAs directly. Bummer.
newrelic · Jun 26, 2024 · c99a855 · c99a855
1 parent f3f5f56
commit c99a855
Show file tree

Hide file tree

Showing 16 changed files with 45 additions and 49 deletions.
diff --git a/.github/actions/add-commit-status/action.yml b/.github/actions/add-commit-status/action.yml
@@ -11,7 +11,7 @@ runs:
   using: composite
   steps:
     - name: Add commit status
-      uses: actions/github-script@${{ vars.ACTIONS_GITHUB_SCRIPT_SHA }}
+      uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
       env:
         STATE: ${{ inputs.state }}
         STATUS_CONTEXT: ${{ inputs.statusContext }}
@@ -37,4 +37,3 @@ runs:
           const result = await github.rest.repos.createCommitStatus(args);
 
           console.log("Result:", result)
-
diff --git a/.github/actions/bootstrap/action.yml b/.github/actions/bootstrap/action.yml
@@ -4,7 +4,7 @@ runs:
   using: composite
   steps:
     - name: Setup node
-      uses: actions/setup-node@${{ vars.ACTIONS_SETUP_NODE_SHA }}
+      uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7
       with:
         node-version: 16
 
@@ -14,7 +14,7 @@ runs:
       working-directory: utils
       run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
 
-    - uses: actions/cache@v3
+    - uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c
       id: yarn-cache
       with:
         path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
@@ -25,4 +25,3 @@ runs:
     - name: Install dependencies
       shell: bash
       run: cd utils && yarn install --frozen-lockfile
-
diff --git a/.github/workflows/pr-merged.yml b/.github/workflows/pr-merged.yml
@@ -23,7 +23,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           token: ${{ secrets.OPENSOURCE_BOT_TOKEN }}
           ref: "release"
@@ -39,7 +39,7 @@ jobs:
       - name: Temporarily disable branch protections
         id: disable-branch-protection
         if: always()
-        uses: actions/github-script@${{ vars.ACTIONS_GITHUB_SCRIPT_SHA }}
+        uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
         with:
           github-token: ${{ secrets.OPENSOURCE_BOT_TOKEN }}
           script: |
@@ -73,7 +73,7 @@ jobs:
       - name: Re-enable branch protections
         id: enable-branch-protection
         if: always()
-        uses: actions/github-script@${{ vars.ACTIONS_GITHUB_SCRIPT_SHA }}
+        uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
         with:
           github-token: ${{ secrets.OPENSOURCE_BOT_TOKEN }}
           script: |

diff --git a/.github/workflows/pr-project-board.yml b/.github/workflows/pr-project-board.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
 
       - name: Move PR to Project Board for triage
         run: |

diff --git a/.github/workflows/preview-links.yml b/.github/workflows/preview-links.yml
@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
 
       - name: Setup workspace
         uses: "./.github/actions/bootstrap"

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           token: ${{ secrets.OPENSOURCE_BOT_TOKEN }}
           ref: "main"
@@ -43,7 +43,7 @@ jobs:
       - name: Temporarily disable branch protections
         id: disable-branch-protection
         if: always()
-        uses: actions/github-script@${{ vars.ACTIONS_GITHUB_SCRIPT_SHA }}
+        uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
         with:
           github-token: ${{ secrets.OPENSOURCE_BOT_TOKEN }}
           script: |
@@ -65,7 +65,7 @@ jobs:
       - name: Re-enable branch protections
         id: enable-branch-protection
         if: always()
-        uses: actions/github-script@${{ vars.ACTIONS_GITHUB_SCRIPT_SHA }}
+        uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
         with:
           github-token: ${{ secrets.OPENSOURCE_BOT_TOKEN }}
           script: |
@@ -110,7 +110,7 @@ jobs:
       # Checkout fetch-depth: 2 because there's a check to see if package.json
       # was updated, and need at least 2 commits for the check to function properly
       - name: Checkout repo
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           fetch-depth: 2
 

diff --git a/.github/workflows/repolinter.yml b/.github/workflows/repolinter.yml
@@ -15,17 +15,17 @@ jobs:
     steps:
       - name: Test Default Branch
         id: default-branch
-        uses: actions/github-script@${{ vars.ACTIONS_GITHUB_SCRIPT_SHA }}
+        uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
         with:
           script: |
             const data = await github.rest.repos.get(context.repo)
             return data.data && data.data.default_branch === context.ref.split('/').slice(-1)[0]
       - name: Checkout Self
         if: ${{ steps.default-branch.outputs.result == 'true' }}
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
       - name: Run Repolinter
         if: ${{ steps.default-branch.outputs.result == 'true' }}
-        uses: newrelic/repolinter-action@${{ vars.ACTIONS_REPO_LINTER_ACTION_SHA }}
+        uses: newrelic/repolinter-action@3f4448f855c351e9695b24524a4111c7847b84cb
         with:
           config_url: https://raw.githubusercontent.com/newrelic/.github/main/repolinter-rulesets/community-project.yml
           output_type: issue
diff --git a/.github/workflows/reusable.quickstart_submission.yml b/.github/workflows/reusable.quickstart_submission.yml
@@ -31,7 +31,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         # Ensure we have the most recent commit to `main`
         with:
           ref: "main"
@@ -55,7 +55,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         # Ensure we have the most recent commit to `main`
         with:
           ref: "main"
@@ -80,7 +80,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         # Ensure we have the most recent commit to `main`
         with:
           ref: "main"
@@ -105,7 +105,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         # Ensure we have the most recent commit to `main`
         with:
           ref: "main"
@@ -130,7 +130,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         # Ensure we have the most recent commit to `main`
         with:
           ref: "main"

diff --git a/.github/workflows/run_tests.yml b/.github/workflows/run_tests.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
 
       - name: Setup workspace
         uses: "./.github/actions/bootstrap"

diff --git a/.github/workflows/stale-message.yml b/.github/workflows/stale-message.yml
@@ -11,7 +11,7 @@ jobs:
   stale:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/stale@${{ vars.ACTIONS_STALE_SHA }}
+      - uses: actions/stale@6f05e4244c9a0b2ed3401882b05d701dd0a7289b
         with:
           stale-issue-message: "Old issues will be closed after 105 days of inactivity. This issue has been quiet for 90 days and is being marked as stale. Reply here to keep this issue open."
           close-issue-message: "This issue is being closed due to inactivity. Is this a mistake? Please re-open this issue or create a new one."

diff --git a/.github/workflows/submit-gate.yml b/.github/workflows/submit-gate.yml
@@ -21,6 +21,6 @@ jobs:
         run: echo "${{ github.event.pull_request.number }}" > pr_number_submit.txt
 
       - name: upload artifact
-        uses: actions/upload-artifact@${{ vars.ACTIONS_UPLOAD_ARTIFACT_SHA }}
+        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
         with:
           path: pr_number_submit.txt
diff --git a/.github/workflows/validate_data_sources.yml b/.github/workflows/validate_data_sources.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifact
-        uses: dawidd6/action-download-artifact@${{ vars.DAWIDD6_ACTION_DOWNLOAD_ARTIFACT_SHA }}
+        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e
         with:
           workflow: validation_gate.yml
           run_id: ${{ github.event.workflow_run.id }}
@@ -24,7 +24,7 @@ jobs:
           echo "pr-number=$PR_NUMBER" >> $GITHUB_ENV
 
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           ref: "refs/pull/${{ env.pr-number }}/merge"
 
@@ -54,4 +54,3 @@ jobs:
         with:
           statusContext: "Validation / Data source schema compliance"
           state: ${{ job.status }}
-
diff --git a/.github/workflows/validate_install_plans.yml b/.github/workflows/validate_install_plans.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifact
-        uses: dawidd6/action-download-artifact@${{ vars.DAWIDD6_ACTION_DOWNLOAD_ARTIFACT_SHA }}
+        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e
         with:
           workflow: validation_gate.yml
           run_id: ${{ github.event.workflow_run.id }}
@@ -24,7 +24,7 @@ jobs:
           echo "pr-number=$PR_NUMBER" >> $GITHUB_ENV
 
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           ref: "refs/pull/${{ env.pr-number }}/merge"
 
@@ -53,4 +53,3 @@ jobs:
         with:
           statusContext: "Validation / Install plan schema compliance"
           state: ${{ job.status }}
-
diff --git a/.github/workflows/validate_packs.yml b/.github/workflows/validate_packs.yml
@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifact
-        uses: dawidd6/action-download-artifact@${{ vars.DAWIDD6_ACTION_DOWNLOAD_ARTIFACT_SHA }}
+        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e
         with:
           workflow: validation_gate.yml
           run_id: ${{ github.event.workflow_run.id }}
@@ -27,7 +27,7 @@ jobs:
           echo "pr-number=$PR_NUMBER" >> $GITHUB_ENV
 
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           ref: "refs/pull/${{ env.pr-number }}/merge"
 
@@ -50,7 +50,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifact
-        uses: dawidd6/action-download-artifact@${{ vars.DAWIDD6_ACTION_DOWNLOAD_ARTIFACT_SHA }}
+        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e
         with:
           workflow: validation_gate.yml
           run_id: ${{ github.event.workflow_run.id }}
@@ -62,7 +62,7 @@ jobs:
           echo "pr-number=$PR_NUMBER" >> $GITHUB_ENV
 
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           ref: "refs/pull/${{ env.pr-number }}/merge"
 
@@ -85,7 +85,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifact
-        uses: dawidd6/action-download-artifact@${{ vars.DAWIDD6_ACTION_DOWNLOAD_ARTIFACT_SHA }}
+        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e
         with:
           workflow: validation_gate.yml
           run_id: ${{ github.event.workflow_run.id }}
@@ -97,7 +97,7 @@ jobs:
           echo "pr-number=$PR_NUMBER" >> $GITHUB_ENV
 
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           ref: "refs/pull/${{ env.pr-number }}/merge"
 
@@ -120,7 +120,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifact
-        uses: dawidd6/action-download-artifact@${{ vars.DAWIDD6_ACTION_DOWNLOAD_ARTIFACT_SHA }}
+        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e
         with:
           workflow: validation_gate.yml
           run_id: ${{ github.event.workflow_run.id }}
@@ -132,7 +132,7 @@ jobs:
           echo "pr-number=$PR_NUMBER" >> $GITHUB_ENV
 
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           ref: "refs/pull/${{ env.pr-number }}/merge"
 
@@ -168,7 +168,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifact
-        uses: dawidd6/action-download-artifact@${{ vars.DAWIDD6_ACTION_DOWNLOAD_ARTIFACT_SHA }}
+        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e
         with:
           workflow: validation_gate.yml
           run_id: ${{ github.event.workflow_run.id }}
@@ -180,7 +180,7 @@ jobs:
           echo "pr-number=$PR_NUMBER" >> $GITHUB_ENV
 
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           ref: "refs/pull/${{ env.pr-number }}/merge"
 
@@ -208,7 +208,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifact
-        uses: dawidd6/action-download-artifact@${{ vars.DAWIDD6_ACTION_DOWNLOAD_ARTIFACT_SHA }}
+        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e
         with:
           workflow: validation_gate.yml
           run_id: ${{ github.event.workflow_run.id }}
@@ -220,7 +220,7 @@ jobs:
           echo "pr-number=$PR_NUMBER" >> $GITHUB_ENV
 
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           ref: "refs/pull/${{ env.pr-number }}/merge"
 
@@ -250,7 +250,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifact
-        uses: dawidd6/action-download-artifact@${{ vars.DAWIDD6_ACTION_DOWNLOAD_ARTIFACT_SHA }}
+        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e
         with:
           workflow: validation_gate.yml
           run_id: ${{ github.event.workflow_run.id }}
@@ -262,7 +262,7 @@ jobs:
           echo "pr-number=$PR_NUMBER" >> $GITHUB_ENV
 
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           ref: "refs/pull/${{ env.pr-number }}/merge"
 
@@ -284,7 +284,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifact
-        uses: dawidd6/action-download-artifact@${{ vars.DAWIDD6_ACTION_DOWNLOAD_ARTIFACT_SHA }}
+        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e
         with:
           workflow: validation_gate.yml
           run_id: ${{ github.event.workflow_run.id }}
@@ -296,7 +296,7 @@ jobs:
           echo "pr-number=$PR_NUMBER" >> $GITHUB_ENV
 
       - name: Checkout repository
-        uses: actions/checkout@${{ vars.ACTIONS_CHECKOUT_SHA }}
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
         with:
           ref: "refs/pull/${{ env.pr-number }}/merge"