Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: Update 3rd-party components #193

Merged
merged 1 commit into from
Nov 2, 2024
Merged

ci: Update 3rd-party components #193

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
platform: [numaker_pfm_m2351, m2351_badge, mps2_an505_qemu]
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683

- name: Install extra tools
run: |
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,11 +51,11 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa
uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand Down Expand Up @@ -89,6 +89,6 @@ jobs:
make

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa
uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd
with:
category: "/language:${{matrix.language}}"
4 changes: 2 additions & 2 deletions .github/workflows/fossology.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
name: Check license, copyright, keyword
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- run: |
docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \
-e GITHUB_TOKEN=${{ github.token }} \
Expand All @@ -21,7 +21,7 @@ jobs:
-e GITHUB_ACTIONS=true \
fossology/fossology:scanner "/bin/fossologyscanner" --report TEXT repo nomos ojo copyright keyword
# Upload artifact
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: scan-fossology-report
path: ./results
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/license-finder.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,15 +12,15 @@ jobs:
image: gianlucadb0/license_finder

steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683

- name: License finder run
run: |
license_finder approvals add awesome_gpl_gem
license_finder > ./license-finder-report

- name: Upload artifact
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: scan-license-finder-report
path: ./license-finder-report
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/linter.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
cpp-linter:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: cpp-linter/cpp-linter-action@a37e579de27f4a759c4c5f18f1d43592076236c9
id: linter
continue-on-error: true
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,12 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7
with:
egress-policy: audit

- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683

- name: Install extra tools
run: |
Expand Down Expand Up @@ -55,14 +55,14 @@ jobs:
# echo "version=mtower-${VERSION:1}.bin" >> "$GITHUB_OUTPUT"

- name: Upload build artifacts
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: ${{ steps.mtower_version.outputs.version }}_s.bin
path: ./${{ steps.mtower_version.outputs.version }}_s.bin
if-no-files-found: error

- name: Upload build artifacts
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: ${{ steps.mtower_version.outputs.version }}_ns.bin
path: ./${{ steps.mtower_version.outputs.version }}_ns.bin
Expand All @@ -78,7 +78,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7
with:
egress-policy: audit

Expand Down Expand Up @@ -111,7 +111,7 @@ jobs:
if: startsWith(github.ref, 'refs/tags/')
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7
with:
egress-policy: audit

Expand All @@ -126,7 +126,7 @@ jobs:
name: ${{ needs.build.outputs.version }}_ns.bin

- name: Upload assets
uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191
uses: softprops/action-gh-release@e7a8f85e1c67a31e6ed99a94b41bd0b71bbee6b8
with:
files: |
${{ needs.build.outputs.version }}_s.bin
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/scancode.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
image: gianlucadb0/scancode-toolkit

steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683

- name: Create results directory
run: mkdir results
Expand All @@ -21,7 +21,7 @@ jobs:
run: scancode -clpeui -n 2 --cyclonedx ./results/sbom-cyclonedx --spdx-rdf ./results/sbom-spdx ./

- name: Upload artifact
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: scan-scancode-report
path: ./results/
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/scorecards-analysis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,12 +32,12 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7
with:
egress-policy: audit

- name: "Checkout code"
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false

Expand All @@ -64,14 +64,14 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa
uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd
with:
sarif_file: results.sarif
Loading