diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index c55c8cca..9e32ca92 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -19,26 +19,26 @@ jobs: runs-on: ubuntu-latest steps: - name: Login to dockerhub - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3 with: username: bl4ko password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to ghcr.io - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3 with: registry: ghcr.io username: bl4ko password: ${{ secrets.GITHUB_TOKEN }} - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3 - name: Build and push final image - uses: docker/build-push-action@v5.1.0 + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: platforms: linux/amd64,linux/arm64,linux/386,linux/arm/v6,linux/arm/v7 tags: | diff --git a/.github/workflows/check_links.yml b/.github/workflows/check_links.yml index b9f92e2a..ec72bb4b 100644 --- a/.github/workflows/check_links.yml +++ b/.github/workflows/check_links.yml @@ -10,15 +10,15 @@ jobs: linkChecker: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - name: Link Checker id: lychee - uses: lycheeverse/lychee-action@v1.9.3 + uses: lycheeverse/lychee-action@c053181aa0c3d17606addfe97a9075a32723548a # v1.9.3 - name: Create Issue From File if: env.lychee_exit_code != 0 - uses: peter-evans/create-issue-from-file@v5 + uses: peter-evans/create-issue-from-file@24452a72d85239eacf1468b0f1982a9f3fec4c94 # v5 with: title: Link Checker Report content-filepath: ./lychee/out.md diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9085e89e..cd15822a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -15,13 +15,13 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 # This is currently workaround for checking if gofiles have changed, # Because paths filter doesn't work with required checks - name: Get changed files id: changed-files - uses: tj-actions/changed-files@v42 + uses: tj-actions/changed-files@3f54ebb830831fc121d3263c1857cfbdc310cdb9 # v42 with: files: | cmd/** @@ -32,13 +32,13 @@ jobs: - name: Setup Go if: steps.changed-files.outputs.any_modified == 'true' - uses: actions/setup-go@v5 + uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 with: go-version: ${{ matrix.go-version }} - name: golangci-lint if: steps.changed-files.outputs.any_modified == 'true' - uses: golangci/golangci-lint-action@v4 + uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4 with: version: latest args: --timeout=5m @@ -53,7 +53,7 @@ jobs: - name: Upload Go test results if: steps.changed-files.outputs.any_modified == 'true' - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4 with: name: Go-results-${{ matrix.go-version }} path: TestResults-${{ matrix.go-version }}.json @@ -63,11 +63,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - name: Get changed files id: changed-files - uses: tj-actions/changed-files@v42 + uses: tj-actions/changed-files@3f54ebb830831fc121d3263c1857cfbdc310cdb9 # v42 with: files: | cmd/** diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index 45ebc55a..87e3bfb7 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -8,9 +8,9 @@ jobs: name: gitleaks runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 with: fetch-depth: 0 - - uses: gitleaks/gitleaks-action@v2 + - uses: gitleaks/gitleaks-action@cb7149a9b57195b609c63e8518d2c6056677d2d0 # v2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a8e996ba..4994702c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,12 +9,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: persist-credentials: false - name: Setup Node.js - uses: actions/setup-node@v3 + uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3 with: node-version: "lts/*" diff --git a/.github/workflows/spellcheck.yml b/.github/workflows/spellcheck.yml index 7e23d120..4bd5b929 100644 --- a/.github/workflows/spellcheck.yml +++ b/.github/workflows/spellcheck.yml @@ -7,5 +7,5 @@ jobs: spellcheck: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: streetsidesoftware/cspell-action@v5 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: streetsidesoftware/cspell-action@61139534e14c5c19c4c12c9967771f3f20ce9072 # v5