diff --git a/.github/workflows/benchmarks.yaml b/.github/workflows/benchmarks.yaml index 09cc5ad..304ba94 100644 --- a/.github/workflows/benchmarks.yaml +++ b/.github/workflows/benchmarks.yaml @@ -24,7 +24,7 @@ jobs: pull-requests: write steps: - name: Checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 diff --git a/.github/workflows/buf.yaml b/.github/workflows/buf.yaml index 75cff13..78faeb8 100644 --- a/.github/workflows/buf.yaml +++ b/.github/workflows/buf.yaml @@ -15,9 +15,9 @@ jobs: contents: read pull-requests: write steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: bufbuild/buf-setup-action@dde0b9351db90fbf78e345f41a57de8514bf1091 # v1.32.2 + - uses: bufbuild/buf-setup-action@35c243d7f2a909b1d4e40399b348a7fdab27d78d # v1.34.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build-grpc-utils-image.yaml b/.github/workflows/build-grpc-utils-image.yaml index d134dc1..8067e25 100644 --- a/.github/workflows/build-grpc-utils-image.yaml +++ b/.github/workflows/build-grpc-utils-image.yaml @@ -20,7 +20,7 @@ jobs: contents: read steps: - name: Checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Container meta for the gRPC utils image id: container_grpc_utils_meta @@ -30,10 +30,10 @@ jobs: ghcr.io/${{ github.repository }}-grpc-utils - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3 + uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3 + uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3 - name: Login to GitHub Container Registry uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3 @@ -44,7 +44,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push gRPC utils image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5 with: push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.container_grpc_utils_meta.outputs.tags }} diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3c183f7..fb93677 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -13,7 +13,7 @@ permissions: read-all jobs: build: - uses: miracum/.github/.github/workflows/standard-build.yaml@614627d88ea531acb0b0f321f507b2c7c91a721d # v1.9.1 + uses: miracum/.github/.github/workflows/standard-build.yaml@948ae9768d09eb2ce8570c1ea6b4d3334a106aba # v1.10.3 permissions: contents: read id-token: write @@ -36,7 +36,7 @@ jobs: pull-requests: write steps: - name: Download test image - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ needs.build.outputs.image-slug }}-test path: /tmp @@ -84,11 +84,11 @@ jobs: pull-requests: write steps: - name: Checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Download container image if: ${{ github.event_name == 'pull_request' }} - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ needs.build.outputs.image-slug }} path: /tmp @@ -185,11 +185,11 @@ jobs: - build steps: - name: Checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Download container image if: ${{ github.event_name == 'pull_request' }} - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ needs.build.outputs.image-slug }} path: /tmp @@ -222,7 +222,7 @@ jobs: pull-requests: write steps: - name: Checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: install iter8 cli env: @@ -240,7 +240,7 @@ jobs: - name: Download container image if: ${{ github.event_name == 'pull_request' }} - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ needs.build.outputs.image-slug }} path: /tmp @@ -299,7 +299,7 @@ jobs: - name: Upload report if: always() - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: iter8-report.html path: | @@ -313,14 +313,14 @@ jobs: - name: Upload cluster dump if: always() - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: kind-cluster-dump.txt path: | kind-cluster-dump.txt lint: - uses: miracum/.github/.github/workflows/standard-lint.yaml@614627d88ea531acb0b0f321f507b2c7c91a721d # v1.9.1 + uses: miracum/.github/.github/workflows/standard-lint.yaml@948ae9768d09eb2ce8570c1ea6b4d3334a106aba # v1.10.3 permissions: contents: read pull-requests: write diff --git a/.github/workflows/lint-pr-title.yaml b/.github/workflows/lint-pr-title.yaml index 293ea09..0081e0b 100644 --- a/.github/workflows/lint-pr-title.yaml +++ b/.github/workflows/lint-pr-title.yaml @@ -14,7 +14,7 @@ jobs: name: Lint PR title runs-on: ubuntu-22.04 steps: - - uses: amannn/action-semantic-pull-request@cfb60706e18bc85e8aec535e3c577abe8f70378e # v5.5.2 + - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/nightly-chaos.yaml b/.github/workflows/nightly-chaos.yaml index c8a4713..b3691e4 100644 --- a/.github/workflows/nightly-chaos.yaml +++ b/.github/workflows/nightly-chaos.yaml @@ -15,12 +15,12 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3 + uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3 - name: Install Task uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v2.0.0 @@ -38,7 +38,7 @@ jobs: - name: Upload cluster dump if: always() - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: kind-cluster-dump.txt path: | diff --git a/.github/workflows/schedule.yaml b/.github/workflows/schedule.yaml index ab083e1..9b11719 100644 --- a/.github/workflows/schedule.yaml +++ b/.github/workflows/schedule.yaml @@ -10,7 +10,7 @@ permissions: read-all jobs: schedule: - uses: miracum/.github/.github/workflows/standard-schedule.yaml@614627d88ea531acb0b0f321f507b2c7c91a721d # v1.9.1 + uses: miracum/.github/.github/workflows/standard-schedule.yaml@948ae9768d09eb2ce8570c1ea6b4d3334a106aba # v1.10.3 permissions: contents: read issues: write diff --git a/.github/workflows/scorecards.yaml b/.github/workflows/scorecards.yaml index 96b29b7..ba68236 100644 --- a/.github/workflows/scorecards.yaml +++ b/.github/workflows/scorecards.yaml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: SARIF file path: results.sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: results.sarif