Skip to content

Commit

Permalink
Update github-actions
Browse files Browse the repository at this point in the history
  • Loading branch information
renovate[bot] authored Dec 2, 2024
1 parent 5037383 commit a82a131
Show file tree
Hide file tree
Showing 4 changed files with 24 additions and 24 deletions.
24 changes: 12 additions & 12 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,25 +12,25 @@ jobs:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@6c3b1c91e8873ae0c705b0709f957c7a6a5eaf10
- uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443 github.com:443 proxy.golang.org:443 objects.githubusercontent.com:443 raw.githubusercontent.com:443
- name: Checkout repo
uses: actions/checkout@37b082107ba410260a3aaddf93122e04801ce631
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
with:
go-version-file: ./go.mod

# Linting
- name: Linting
uses: golangci/golangci-lint-action@d6238b002a20823d52840fda27e2d4891c5952dc
uses: golangci/golangci-lint-action@9e66d46e22c9991dbf33ddab82b6b28b69052dec
with:
version: latest
args: --config=./.github/.golangci.yml ./...
Expand All @@ -44,19 +44,19 @@ jobs:
matrix:
go: [ '1.22', '1.21' ]
steps:
- uses: step-security/harden-runner@6c3b1c91e8873ae0c705b0709f957c7a6a5eaf10
- uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
github.com:443 proxy.golang.org:443 storage.googleapis.com:443 sum.golang.org:443
- name: Checkout repo
uses: actions/checkout@37b082107ba410260a3aaddf93122e04801ce631
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
with:
go-version: ${{ matrix.go }}

Expand All @@ -68,19 +68,19 @@ jobs:
name: Analyze
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@6c3b1c91e8873ae0c705b0709f957c7a6a5eaf10
- uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.codecov.io:443 api.github.com:443 cli.codecov.io:443 ea6ne4j2sb.execute-api.eu-central-1.amazonaws.com:443 github.com:443 proxy.golang.org:443 objects.githubusercontent.com:443 scanner.sonarcloud.io:443 sonarcloud.io:443 storage.googleapis.com:443
- name: Checkout repo
uses: actions/checkout@37b082107ba410260a3aaddf93122e04801ce631
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
with:
go-version-file: ./go.mod

Expand All @@ -90,15 +90,15 @@ jobs:

# Codecov
- name: Codecov
uses: codecov/codecov-action@c852ea6812cbd15cfa9f9daeb08f30391c54eb91
uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
file: .github/coverage.out

# Sonar
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@6bbd64e0cb2194e04addb429d669a9ee873eeeef
uses: SonarSource/sonarcloud-github-action@9f9bba2c7aaf7a55eac26abbac906c3021d211b2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:
fail-fast: false

steps:
- uses: step-security/harden-runner@6c3b1c91e8873ae0c705b0709f957c7a6a5eaf10
- uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f
with:
disable-sudo: true
egress-policy: block
Expand All @@ -38,16 +38,16 @@ jobs:
sum.golang.org:443
- name: Checkout repository
uses: actions/checkout@37b082107ba410260a3aaddf93122e04801ce631
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@dbf2b1706b768069fb1bb2dd2d8552be7a9e2a51
uses: github/codeql-action/init@3d3d628990a5f99229dd9fa1821cc5a4f31b613b
with:
languages: go

- name: Autobuild
uses: github/codeql-action/autobuild@dbf2b1706b768069fb1bb2dd2d8552be7a9e2a51
uses: github/codeql-action/autobuild@3d3d628990a5f99229dd9fa1821cc5a4f31b613b

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@dbf2b1706b768069fb1bb2dd2d8552be7a9e2a51
uses: github/codeql-action/analyze@3d3d628990a5f99229dd9fa1821cc5a4f31b613b
10 changes: 5 additions & 5 deletions .github/workflows/scorecards.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
id-token: write

steps:
- uses: step-security/harden-runner@6c3b1c91e8873ae0c705b0709f957c7a6a5eaf10
- uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f
with:
disable-sudo: true
egress-policy: block
Expand All @@ -40,12 +40,12 @@ jobs:
www.bestpractices.dev:443
- name: "Checkout code"
uses: actions/checkout@37b082107ba410260a3aaddf93122e04801ce631
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@665016c9c2c7c34fe934fb13ebf88bff794f9b1d
uses: ossf/scorecard-action@83a1bb1ff6a010f9ab75ad12160fe70252c99b71
with:
results_file: results.sarif
results_format: sarif
Expand All @@ -60,14 +60,14 @@ jobs:

# Upload the results as artifacts (optional).
- name: "Upload artifact"
uses: actions/upload-artifact@79616d2ded92999fceefea2ca2e4bdf6101fa919
uses: actions/upload-artifact@184d73b71b93c222403b2e7f1ffebe4508014249
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@dbf2b1706b768069fb1bb2dd2d8552be7a9e2a51
uses: github/codeql-action/upload-sarif@3d3d628990a5f99229dd9fa1821cc5a4f31b613b
with:
sarif_file: results.sarif
4 changes: 2 additions & 2 deletions .github/workflows/snyk.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@ jobs:
name: Snyk
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/golang@7968f3f72b7f36280e6380b7c151c6a8d5a61dd0
uses: snyk/actions/golang@cdb760004ba9ea4d525f2e043745dfe85bb9077e
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
Expand Down

0 comments on commit a82a131

Please sign in to comment.