From b7f3a341c0fe066fdf559757c691c93929e3fe5e Mon Sep 17 00:00:00 2001 From: brokenpip3 Date: Sun, 30 Mar 2025 17:32:37 +0200 Subject: [PATCH] pin github actions --- .github/workflows/auto-gen-docs.yaml | 20 +++++++++---------- .../workflows/auto-generate-manifests.yaml | 4 ++-- .github/workflows/auto-stale-issue.yaml | 2 +- .github/workflows/auto-tests-bats.yaml | 8 ++++---- .github/workflows/auto-tests-e2e.yaml | 12 +++++------ .github/workflows/auto-tests-helm.yaml | 12 +++++------ .github/workflows/release-backup.yaml | 4 ++-- .github/workflows/release-helm-chart.yaml | 6 +++--- .github/workflows/release-nightly.yaml | 10 +++++----- .github/workflows/release.yaml | 8 ++++---- 10 files changed, 43 insertions(+), 43 deletions(-) diff --git a/.github/workflows/auto-gen-docs.yaml b/.github/workflows/auto-gen-docs.yaml index 283f013a..74267599 100644 --- a/.github/workflows/auto-gen-docs.yaml +++ b/.github/workflows/auto-gen-docs.yaml @@ -33,14 +33,14 @@ jobs: runs-on: ubuntu-latest if: github.event_name == 'pull_request' || (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master') steps: - - uses: DeterminateSystems/nix-installer-action@v13 + - uses: DeterminateSystems/nix-installer-action@ab6bcb2d5af0e904d04aea750e2089e9dc4cbfdd # v13 with: diagnostic-endpoint: "" - - uses: DeterminateSystems/magic-nix-cache-action@v7 + - uses: DeterminateSystems/magic-nix-cache-action@b46e247b898aa56e6d2d2e728dc6df6c84fdb738 # v7 with: diagnostic-endpoint: "" - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Check for changes run: | @@ -54,7 +54,7 @@ jobs: | sed -e 's/\(.*\)/"\1"/' | xargs sed -i "/date:/c\date: $(date +'%Y-%m-%d')" - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6 if: env.IS_CHANGED == 'true' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master') with: commit-message: Auto-updated docs @@ -68,14 +68,14 @@ jobs: runs-on: ubuntu-latest if: github.event_name == 'pull_request' || (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master') steps: - - uses: DeterminateSystems/nix-installer-action@v13 + - uses: DeterminateSystems/nix-installer-action@ab6bcb2d5af0e904d04aea750e2089e9dc4cbfdd # v13 with: diagnostic-endpoint: "" - - uses: DeterminateSystems/magic-nix-cache-action@v7 + - uses: DeterminateSystems/magic-nix-cache-action@b46e247b898aa56e6d2d2e728dc6df6c84fdb738 # v7 with: diagnostic-endpoint: "" - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: nix checks run: nix flake check - name: nix build @@ -85,9 +85,9 @@ jobs: run: nix build .#website - name: Setup Pages id: pages - uses: actions/configure-pages@v5 + uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5 - name: Upload artifact - uses: actions/upload-pages-artifact@v3 + uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3 with: path: ./result @@ -102,4 +102,4 @@ jobs: steps: - name: Deploy to GitHub Pages id: deployment - uses: actions/deploy-pages@v4 + uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4 diff --git a/.github/workflows/auto-generate-manifests.yaml b/.github/workflows/auto-generate-manifests.yaml index c20979bb..c7936e7b 100644 --- a/.github/workflows/auto-generate-manifests.yaml +++ b/.github/workflows/auto-generate-manifests.yaml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Set up env vars run: | @@ -51,7 +51,7 @@ jobs: cp chart/jenkins-operator/crds/jenkins-crd.yaml deploy/crds/jenkins.io_jenkins_crd.yaml - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6 with: commit-message: Auto-updated Kubernetes Manifests branch: manifest-deploy-update diff --git a/.github/workflows/auto-stale-issue.yaml b/.github/workflows/auto-stale-issue.yaml index b31b74f3..d00cf52a 100644 --- a/.github/workflows/auto-stale-issue.yaml +++ b/.github/workflows/auto-stale-issue.yaml @@ -12,7 +12,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@v9 + - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9 with: repo-token: ${{ secrets.GITHUB_TOKEN }} operations-per-run: 200 diff --git a/.github/workflows/auto-tests-bats.yaml b/.github/workflows/auto-tests-bats.yaml index 113219d2..33ca6a4f 100644 --- a/.github/workflows/auto-tests-bats.yaml +++ b/.github/workflows/auto-tests-bats.yaml @@ -27,7 +27,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Set up env vars run: | @@ -38,7 +38,7 @@ jobs: echo "GOPATH=/home/runner/go" >> $GITHUB_ENV - name: Prepare go environment - uses: actions/setup-go@v5 + uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5 with: go-version: ${{ env.GO_VERSION }} @@ -46,7 +46,7 @@ jobs: run: make go-dependencies - name: Setup Bats and libs - uses: bats-core/bats-action@2.0.0 + uses: bats-core/bats-action@e424f8b8f722bf06a64acb1e10d8c437cd4170e6 # 2.0.0 with: support-path: "${{ github.workspace }}/.bats/bats-support" assert-path: "${{ github.workspace }}/.bats/bats-assert" @@ -54,7 +54,7 @@ jobs: file-path: "${{ github.workspace }}/.bats/bats-file" - name: Kind setup - uses: helm/kind-action@v1.10.0 + uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 with: cluster_name: ${{env.KIND_CLUSTER_NAME}} diff --git a/.github/workflows/auto-tests-e2e.yaml b/.github/workflows/auto-tests-e2e.yaml index 45432bea..b7617588 100644 --- a/.github/workflows/auto-tests-e2e.yaml +++ b/.github/workflows/auto-tests-e2e.yaml @@ -26,7 +26,7 @@ jobs: outputs: matrix: ${{ steps.matrix.outputs.matrix }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - id: matrix run: | script=$(./test/make_matrix_ginkgo.sh e2e) @@ -37,7 +37,7 @@ jobs: runs-on: ubuntu-latest needs: [create-e2e-list] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Set up env vars run: | @@ -46,7 +46,7 @@ jobs: echo "GOPATH=/home/runner/go" >> $GITHUB_ENV - name: Prepare go environment - uses: actions/setup-go@v5 + uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5 with: go-version: ${{ env.GO_VERSION }} @@ -66,7 +66,7 @@ jobs: matrix: ${{ fromJSON(needs.create-e2e-list.outputs.matrix) }} steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Set up env vars run: | @@ -76,7 +76,7 @@ jobs: echo "GOPATH=/home/runner/go" >> $GITHUB_ENV - name: Prepare go environment - uses: actions/setup-go@v5 + uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5 with: go-version: ${{ env.GO_VERSION }} @@ -84,7 +84,7 @@ jobs: run: make go-dependencies - name: Kind setup - uses: helm/kind-action@v1.10.0 + uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 with: cluster_name: ${{env.KIND_CLUSTER_NAME}} config: kind-cluster.yaml diff --git a/.github/workflows/auto-tests-helm.yaml b/.github/workflows/auto-tests-helm.yaml index 4b7f4d63..1a873e84 100644 --- a/.github/workflows/auto-tests-helm.yaml +++ b/.github/workflows/auto-tests-helm.yaml @@ -26,7 +26,7 @@ jobs: outputs: matrix: ${{ steps.matrix.outputs.matrix }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - id: matrix run: | script=$(./test/make_matrix_ginkgo.sh helm) @@ -37,7 +37,7 @@ jobs: runs-on: ubuntu-latest needs: [create-helm-list] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Set up env vars run: | @@ -46,7 +46,7 @@ jobs: echo "GOPATH=/home/runner/go" >> $GITHUB_ENV - name: Prepare go environment - uses: actions/setup-go@v5 + uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5 with: go-version: ${{ env.GO_VERSION }} @@ -66,7 +66,7 @@ jobs: matrix: ${{ fromJSON(needs.create-helm-list.outputs.matrix) }} steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Set up env vars run: | @@ -77,7 +77,7 @@ jobs: echo "GOPATH=/home/runner/go" >> $GITHUB_ENV - name: Prepare go environment - uses: actions/setup-go@v5 + uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5 with: go-version: ${{ env.GO_VERSION }} @@ -85,7 +85,7 @@ jobs: run: make go-dependencies - name: Kind setup - uses: helm/kind-action@v1.10.0 + uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 with: cluster_name: ${{env.KIND_CLUSTER_NAME}} config: kind-cluster.yaml diff --git a/.github/workflows/release-backup.yaml b/.github/workflows/release-backup.yaml index 138665dd..723513b2 100644 --- a/.github/workflows/release-backup.yaml +++ b/.github/workflows/release-backup.yaml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Check envs run: make -C backup/pvc check-env @@ -46,7 +46,7 @@ jobs: - name: Login to Quay.io if: github.ref == 'refs/heads/master' && github.event_name != 'pull_request' - uses: docker/login-action@v3 + uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3 with: registry: quay.io username: ${{ secrets.QUAYIO_USERNAME }} diff --git a/.github/workflows/release-helm-chart.yaml b/.github/workflows/release-helm-chart.yaml index 5b0778fc..be35eafc 100644 --- a/.github/workflows/release-helm-chart.yaml +++ b/.github/workflows/release-helm-chart.yaml @@ -17,7 +17,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Deploy Helm chart run: | @@ -31,10 +31,10 @@ jobs: # Creates pull request with new chart version - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6 with: commit-message: Release Helm chart ${{ github.event.inputs.chartVersion }} branch: helm-chart-release-${{ github.event.inputs.chartVersion }} title: Release ${{ github.event.inputs.chartVersion }} Helm Chart body: | - Release ${{ github.event.inputs.chartVersion }} Helm Chart \ No newline at end of file + Release ${{ github.event.inputs.chartVersion }} Helm Chart diff --git a/.github/workflows/release-nightly.yaml b/.github/workflows/release-nightly.yaml index f8b4200c..9bb69dca 100644 --- a/.github/workflows/release-nightly.yaml +++ b/.github/workflows/release-nightly.yaml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Prep - check out code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Prep - Set up env vars run: | @@ -26,7 +26,7 @@ jobs: - name: Prep - setup Bats and bats libs if: ${{ github.event.inputs.skipTests != 'true' }} - uses: bats-core/bats-action@2.0.0 + uses: bats-core/bats-action@e424f8b8f722bf06a64acb1e10d8c437cd4170e6 # 2.0.0 with: support-path: "${{ github.workspace }}/.bats/bats-support" assert-path: "${{ github.workspace }}/.bats/bats-assert" @@ -34,7 +34,7 @@ jobs: file-path: "${{ github.workspace }}/.bats/bats-file" - name: Prep - go environment - uses: actions/setup-go@v5 + uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5 with: go-version: ${{ env.GO_VERSION }} @@ -54,7 +54,7 @@ jobs: - name: Prep - Kind setup if: ${{ github.event.inputs.skipTests != 'true' }} - uses: helm/kind-action@v1.10.0 + uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 with: cluster_name: ${{env.KIND_CLUSTER_NAME}} config: kind-cluster.yaml @@ -77,7 +77,7 @@ jobs: run: make bats-tests - name: Post - Login to Quay.io - uses: docker/login-action@v3 + uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3 with: registry: quay.io username: ${{ secrets.QUAYIO_USERNAME }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 9e66c97c..8c09cce2 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -9,7 +9,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: fetch-depth: 0 @@ -20,7 +20,7 @@ jobs: echo "GOPATH=/home/runner/go" >> $GITHUB_ENV - name: Prepare go environment - uses: actions/setup-go@v5 + uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5 with: go-version: ${{ env.GO_VERSION }} @@ -40,12 +40,12 @@ jobs: echo "VERSION=$(cat VERSION.txt)" >> $GITHUB_ENV - name: Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda # v2 with: tag_name: ${{ env.VERSION }} - name: Login to Quay.io - uses: docker/login-action@v3 + uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3 with: registry: quay.io username: ${{ secrets.QUAYIO_USERNAME }}