Skip to content

Commit

Permalink
ci: Update 3rd-party components of github->actions
Browse files Browse the repository at this point in the history
Signed-off-by: Taras Drozdovskyi <[email protected]>
  • Loading branch information
tdrozdovsky committed Apr 22, 2024
1 parent 12da07a commit af586f7
Show file tree
Hide file tree
Showing 8 changed files with 16 additions and 13 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
platform: [numaker_pfm_m2351, m2351_badge, mps2_an505_qemu]
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f

- name: Install extra tools
run: |
Expand Down
9 changes: 6 additions & 3 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,9 @@ on:
schedule:
- cron: '19 23 * * 2'

permissions:
contents: read

jobs:
analyze:
name: Analyze
Expand Down Expand Up @@ -48,11 +51,11 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand Down Expand Up @@ -86,6 +89,6 @@ jobs:
make
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1
with:
category: "/language:${{matrix.language}}"
2 changes: 1 addition & 1 deletion .github/workflows/fossology.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
name: Check license, copyright, keyword
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
- run: |
docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \
-e GITHUB_TOKEN=${{ github.token }} \
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/license-finder.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
image: gianlucadb0/license_finder

steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f

- name: License finder run
run: |
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/linter.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ jobs:
cpp-linter:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: cpp-linter/cpp-linter-action@main
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
- uses: cpp-linter/cpp-linter-action@bbc213852a439498b38fa21ea5c698e852abd3f5
id: linter
continue-on-error: true
env:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
egress-policy: audit

- name: Checkout repository
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f

- name: Install extra tools
run: |
Expand Down Expand Up @@ -96,7 +96,7 @@ jobs:
actions: read # To read the workflow path.
id-token: write # To sign the provenance.
contents: write # To add assets to a release.
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.9.0
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0
with:
base64-subjects: "${{ needs.build.outputs.hashes }}"
upload-assets: true # Optional: Upload to a new release
Expand Down Expand Up @@ -126,7 +126,7 @@ jobs:
name: ${{ needs.build.outputs.version }}_ns.bin

- name: Upload assets
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # v2.0.4
with:
files: |
${{ needs.build.outputs.version }}_s.bin
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/scancode.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
image: gianlucadb0/scancode-toolkit

steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f

- name: Create results directory
run: mkdir results
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/scorecards-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ jobs:
egress-policy: audit

- name: "Checkout code"
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
with:
persist-credentials: false

Expand Down

0 comments on commit af586f7

Please sign in to comment.