Skip to content

Commit

Permalink
chore(deps): pin dependencies (#121)
Browse files Browse the repository at this point in the history
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
  • Loading branch information
renovate[bot] authored Jul 18, 2024
1 parent 557d4f9 commit 37d8d61
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 18 deletions.
12 changes: 6 additions & 6 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3

# https://github.com/magnetikonline/action-golang-cache
- name: Setup Golang with cache
Expand All @@ -24,31 +24,31 @@ jobs:
# with:
# go-version-file: go.mod

- uses: aquaproj/aqua-installer@61e2563dfe7674cbf74fe6ec212e444198a3bb00 # tag=v2.0.2
- uses: aquaproj/aqua-installer@fd2089d1f56724d6456f24d58605e6964deae124 # v2.3.2
with:
enable_aqua_install: true
aqua_opts: '--tags release'
env:
AQUA_LOG_LEVEL: debug
AQUA_OPTS: ''
- name: mage-tidy
uses: magefile/mage-action@3b833fb24c0d19eed3aa760b9eb285b4b84f420f # v2
uses: magefile/mage-action@a3d5bb52942181c125118a2be4b4664c3337aef6 # v2
with:
version: latest
args: init
- name: docker-login
uses: docker/login-action@v2 # renovate: tag=v2
uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2
with:
username: ${{ secrets.DSV_DOCKER_USERNAME }}
password: ${{ secrets.DSV_DOCKER_PASSWORD }}
- name: quay-login
uses: docker/login-action@v2 # renovate: tag=v2
uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2
with:
registry: quay.io
username: ${{ secrets.DOCKER_QUAY_LOGIN_NAME }}
password: ${{ secrets.DOCKER_QUAY_PASSWORD }}
- name: mage-release
uses: magefile/mage-action@3b833fb24c0d19eed3aa760b9eb285b4b84f420f # v2
uses: magefile/mage-action@a3d5bb52942181c125118a2be4b4664c3337aef6 # v2
with:
version: latest
args: release
Expand Down
16 changes: 8 additions & 8 deletions .github/workflows/scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@ jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: aquaproj/aqua-installer@61e2563dfe7674cbf74fe6ec212e444198a3bb00 # tag=v2.0.2
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
- uses: aquaproj/aqua-installer@fd2089d1f56724d6456f24d58605e6964deae124 # v2.3.2
with:
enable_aqua_install: true
aqua_opts: '--tags scan'
Expand All @@ -34,7 +34,7 @@ jobs:
echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
# no pinning of github managed action
- name: Setup Golang caches
uses: actions/cache@v3
uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3
with:
path: |
${HOME}/.cache/go-build
Expand All @@ -45,7 +45,7 @@ jobs:
# This should be informational, and not block as it's experimental and no exclusion logic at this time that I've found.
# https://go.dev/security/vuln/#feedback
- name: govuln-scan
uses: elgohr/go-vulncheck-action@90e331d6e77587505906ef175d4b44a1d2cb6a63 # renovate tag=v1
uses: elgohr/go-vulncheck-action@e73217f293105d5418d631c4d308eb0c27943f1d # renovate tag=v1
continue-on-error: true
# - name: mage-vulcheck
# run: |
Expand All @@ -64,11 +64,11 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
uses: github/codeql-action/init@e113c555ef0956479345cfc3ed530c938d670db0 # v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -81,7 +81,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2
uses: github/codeql-action/autobuild@e113c555ef0956479345cfc3ed530c938d670db0 # v2

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -93,6 +93,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
uses: github/codeql-action/analyze@e113c555ef0956479345cfc3ed530c938d670db0 # v2
with:
category: '/language:${{matrix.language}}'
8 changes: 4 additions & 4 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,8 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v3
- uses: aquaproj/aqua-installer@61e2563dfe7674cbf74fe6ec212e444198a3bb00 # v2.0.2
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
- uses: aquaproj/aqua-installer@fd2089d1f56724d6456f24d58605e6964deae124 # v2.3.2
with:
enable_aqua_install: true
aqua_opts: '--tags test'
Expand All @@ -56,7 +56,7 @@ jobs:
echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
# no pinning of github managed action
- name: Setup Golang caches
uses: actions/cache@v3
uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3
with:
path: |
${HOME}/.cache/go-build
Expand All @@ -82,6 +82,6 @@ jobs:
GOTEST_DISABLE_RACE: 1
# GOTEST_FLAGS: '${{ inputs.gotestflags }}'

- uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70 # renovate: tag=v3.1.1
- uses: codecov/codecov-action@ab904c41d6ece82784817410c45d8b8c02684457 # v3.1.6
with:
fail_ci_if_error: false

0 comments on commit 37d8d61

Please sign in to comment.