diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 16869de..bf4b1f7 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -14,9 +14,9 @@ jobs: id-token: write steps: - - uses: 'actions/checkout@v4' + - uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4 - - uses: hadolint/hadolint-action@v3.1.0 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 with: dockerfile: ${{ inputs.dockerFile }} verbose: true @@ -35,10 +35,10 @@ jobs: id: extract_tag - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3 - name: Setup docker build shell: bash @@ -56,7 +56,7 @@ jobs: id: setup - name: Docker Hub Login - uses: docker/login-action@v3 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3 with: registry: 'docker.io' username: ${{ secrets.DOCKER_USERNAME }} @@ -72,7 +72,7 @@ jobs: fi - name: Build and push dockerhub - uses: docker/build-push-action@v5 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5 with: context: ${{steps.setup.outputs.context}} platforms: ${{ env.DOCKER_PLATFORMS }} diff --git a/.github/workflows/delete.yml b/.github/workflows/delete.yml index 446b1a9..79163a1 100644 --- a/.github/workflows/delete.yml +++ b/.github/workflows/delete.yml @@ -18,7 +18,7 @@ jobs: outputs: images: ${{ steps.images.outputs.images }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Find docker files id: images @@ -38,7 +38,7 @@ jobs: fail-fast: false steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Get branch run: | diff --git a/.github/workflows/dockerhub-descriptions.yml b/.github/workflows/dockerhub-descriptions.yml index 32ce5e3..cab8ba5 100644 --- a/.github/workflows/dockerhub-descriptions.yml +++ b/.github/workflows/dockerhub-descriptions.yml @@ -11,10 +11,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Base - Update Docker Hub Description - uses: peter-evans/dockerhub-description@v4 + uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae # v4 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} @@ -27,7 +27,7 @@ jobs: readme_paths: ${{ steps.find-readmes.outputs.readme_paths }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Find README files id: find-readmes @@ -45,7 +45,7 @@ jobs: readme-path: ${{ fromJson(needs.find-example-descriptions.outputs.readme_paths) }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Extract Repository Name id: extract-repo @@ -54,7 +54,7 @@ jobs: echo "::set-output name=repo_name::${repo_name}" - name: Update Docker Hub Description - uses: peter-evans/dockerhub-description@v4 + uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae # v4 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} diff --git a/.github/workflows/github-release.yml b/.github/workflows/github-release.yml index d84fe51..80d87ca 100644 --- a/.github/workflows/github-release.yml +++ b/.github/workflows/github-release.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: fetch-depth: 0 - name: install autotag binary diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index c89a2ce..f39a8f7 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -15,17 +15,17 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5 with: go-version: '>=1.22.2' - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v4 + uses: goreleaser/goreleaser-action@5fdedb94abba051217030cc86d4523cf3f02243d # v4 with: distribution: goreleaser version: latest diff --git a/.github/workflows/lint-test-build.yml b/.github/workflows/lint-test-build.yml index 13d0878..4bc4b24 100644 --- a/.github/workflows/lint-test-build.yml +++ b/.github/workflows/lint-test-build.yml @@ -22,7 +22,7 @@ jobs: lint-test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: check valid yml run: yq . ./examples/*/scyllaridae.yml @@ -30,12 +30,12 @@ jobs: - name: check valid sh run: shellcheck examples/*/*.sh - - uses: actions/setup-go@v5 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5 with: go-version: '>=1.22.2' - name: golangci-lint - uses: golangci/golangci-lint-action@v6 + uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6 with: version: latest @@ -68,7 +68,7 @@ jobs: outputs: dockerFiles: ${{ steps.images.outputs.dockerFiles }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Find docker files id: images run: | @@ -108,7 +108,7 @@ jobs: name: Integration tests runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Extract branch name as docker tag shell: bash run: |-