From 0a8fa6f5d49ba629f91e7a9f0236bb9ff56f01db Mon Sep 17 00:00:00 2001 From: peelz Date: Mon, 8 May 2023 12:55:05 -0400 Subject: [PATCH] Pin CI actions to specific commit hashes --- .github/workflows/publish-release.yml | 4 ++-- .github/workflows/report-test-results.yml | 2 +- .github/workflows/run-tests.yml | 6 +++--- .github/workflows/update-docs.yml | 22 +++++++++++----------- .github/workflows/update-moonsharp.yml | 2 +- 5 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index 0785b0e21..b27282623 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -52,12 +52,12 @@ jobs: steps: - name: Checkout branch - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: submodules: recursive - name: Setup .NET - uses: actions/setup-dotnet@v2 + uses: actions/setup-dotnet@607fce577a46308457984d59e4954e075820f10a # v3.0.3 with: dotnet-version: | 6.0.x diff --git a/.github/workflows/report-test-results.yml b/.github/workflows/report-test-results.yml index 261cf723c..814a055a7 100644 --- a/.github/workflows/report-test-results.yml +++ b/.github/workflows/report-test-results.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Report test results - uses: dorny/test-reporter@v1 + uses: dorny/test-reporter@c9b3d0e2bd2a4e96aaf424dbaa31c46b42318226 # v1.6.0 with: name: Test results artifact: test-results diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 129256b6d..c557eadc9 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -14,14 +14,14 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout branch - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: repository: ${{ inputs.repository }} ref: ${{ inputs.ref }} submodules: recursive - name: Setup .NET - uses: actions/setup-dotnet@v2 + uses: actions/setup-dotnet@607fce577a46308457984d59e4954e075820f10a # v3.0.3 with: dotnet-version: | 6.0.x @@ -38,7 +38,7 @@ jobs: echo "EXITCODE=$?" >> "$GITHUB_ENV" - name: Upload test results - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: test-results path: test-results.trx diff --git a/.github/workflows/update-docs.yml b/.github/workflows/update-docs.yml index 0e0fe8136..c9bd6464e 100644 --- a/.github/workflows/update-docs.yml +++ b/.github/workflows/update-docs.yml @@ -17,21 +17,21 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout branch - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: submodules: recursive - name: Setup .NET - uses: actions/setup-dotnet@v2 + uses: actions/setup-dotnet@607fce577a46308457984d59e4954e075820f10a # v3.0.3 with: dotnet-version: | 6.0.x - - uses: leafo/gh-actions-lua@v8 + - uses: leafo/gh-actions-lua@35bcb06abec04ec87df82e08caa84d545348536e # v10.0.0 with: luaVersion: "5.2" - - uses: leafo/gh-actions-luarocks@v4 + - uses: leafo/gh-actions-luarocks@e65774a6386cb4f24e293dca7fc4ff89165b64c5 # v4.3.0 - name: Run install script working-directory: ${{ env.DOCS_LUA_ROOT }} @@ -51,7 +51,7 @@ jobs: tar -czf "$CI_ARTIFACTS_DIR"/lua.tar.gz -C "$DOCS_LUA_ROOT"/build . - name: Upload tarball - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: docs-lua path: ${{ env.CI_ARTIFACTS_DIR }}/lua.tar.gz @@ -60,7 +60,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout branch - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Install doxygen run: sudo apt-get update && sudo apt-get install -y doxygen @@ -75,7 +75,7 @@ jobs: tar -czf "$CI_ARTIFACTS_DIR"/cs.tar.gz -C "$DOCS_CS_ROOT"/build . - name: Upload tarball - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: docs-cs path: ${{ env.CI_ARTIFACTS_DIR }}/cs.tar.gz @@ -85,18 +85,18 @@ jobs: needs: [update-docs-lua, update-docs-cs] steps: - name: Checkout branch - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - run: mkdir -p "$CI_ARTIFACTS_DIR" "$CI_DEPLOY_DIR" - name: "Download build artifacts: lua docs" - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: docs-lua path: ${{ env.CI_ARTIFACTS_DIR }} - name: "Download build artifacts: cs docs" - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: docs-cs path: ${{ env.CI_ARTIFACTS_DIR }} @@ -111,7 +111,7 @@ jobs: run: cp -r "$DOCS_LANDINGPAGE_ROOT"/. "$CI_DEPLOY_DIR" - name: Deploy - uses: peaceiris/actions-gh-pages@v3 + uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 #v3.9.3 with: github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: ${{ env.CI_DEPLOY_DIR }} diff --git a/.github/workflows/update-moonsharp.yml b/.github/workflows/update-moonsharp.yml index 274a5915c..e8e033ca0 100644 --- a/.github/workflows/update-moonsharp.yml +++ b/.github/workflows/update-moonsharp.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: submodules: recursive