From 711c00f6dfa4870f253bc1464845d8e457852d00 Mon Sep 17 00:00:00 2001 From: Masaya Suzuki <15100604+massongit@users.noreply.github.com> Date: Wed, 16 Oct 2024 10:25:33 +0900 Subject: [PATCH] =?UTF-8?q?Actions=E3=81=AE=E3=83=90=E3=83=BC=E3=82=B8?= =?UTF-8?q?=E3=83=A7=E3=83=B3=E3=82=92=E3=82=B3=E3=83=9F=E3=83=83=E3=83=88?= =?UTF-8?q?=E3=83=8F=E3=83=83=E3=82=B7=E3=83=A5=E3=81=A7=E5=9B=BA=E5=AE=9A?= =?UTF-8?q?=E3=81=99=E3=82=8B=20(#1438)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Pin dependencies * super-linterのバージョン取得処理修正 --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/add-to-task-list.yml | 4 ++-- .github/workflows/create-release.yml | 2 +- .github/workflows/format-json-yml.yml | 6 +++--- .github/workflows/github-actions-cache-cleaner.yml | 4 ++-- .github/workflows/super-linter.yml | 6 +++--- .github/workflows/update-gitleaks.yml | 6 +++--- .github/workflows/update-package.yml | 6 +++--- action.yml | 2 +- package-lock.json | 2 +- package.json | 2 +- scripts/super_linter/build/set_path.sh | 5 +++-- 11 files changed, 23 insertions(+), 22 deletions(-) diff --git a/.github/workflows/add-to-task-list.yml b/.github/workflows/add-to-task-list.yml index 946a764fe..4035ff311 100644 --- a/.github/workflows/add-to-task-list.yml +++ b/.github/workflows/add-to-task-list.yml @@ -15,11 +15,11 @@ jobs: steps: - name: Generate a token id: generate_token - uses: actions/create-github-app-token@v1.11.0 + uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 with: app-id: ${{ secrets.PROJECT_AUTOMATION_APP_ID }} private-key: ${{ secrets.PROJECT_AUTOMATION_PRIVATE_KEY }} - - uses: dev-hato/actions-add-to-projects@v0.0.83 + - uses: dev-hato/actions-add-to-projects@fd5b783f40eca48aaee26b62b3df0c1606e845dc # v0.0.83 with: github-token: ${{steps.generate_token.outputs.token}} project-url: https://github.com/orgs/dev-hato/projects/1 diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml index 1a667b6d6..5ff93fbb2 100644 --- a/.github/workflows/create-release.yml +++ b/.github/workflows/create-release.yml @@ -14,7 +14,7 @@ jobs: create-release: runs-on: ubuntu-latest steps: - - uses: dev-hato/actions-create-release@v0.0.38 + - uses: dev-hato/actions-create-release@c2a40c5aa1affd28467f9d85ab21730396b96167 # v0.0.38 with: github-token: ${{secrets.GITHUB_TOKEN}} concurrency: diff --git a/.github/workflows/format-json-yml.yml b/.github/workflows/format-json-yml.yml index 1881d52bf..7514e01ca 100644 --- a/.github/workflows/format-json-yml.yml +++ b/.github/workflows/format-json-yml.yml @@ -19,18 +19,18 @@ jobs: steps: - name: Generate a token id: generate_token - uses: actions/create-github-app-token@v1.11.0 + uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 if: github.event_name != 'pull_request' || github.event.action != 'closed' with: app-id: ${{ secrets.PROJECT_AUTOMATION_APP_ID }} private-key: ${{ secrets.PROJECT_AUTOMATION_PRIVATE_KEY }} - - uses: actions/checkout@v4.2.1 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 if: github.event_name != 'pull_request' || github.event.action != 'closed' with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} token: ${{ steps.generate_token.outputs.token }} - - uses: actions/setup-node@v4.0.4 + - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 if: github.event_name != 'pull_request' || github.event.action != 'closed' with: node-version-file: .node-version diff --git a/.github/workflows/github-actions-cache-cleaner.yml b/.github/workflows/github-actions-cache-cleaner.yml index 416028e07..4fb13231e 100644 --- a/.github/workflows/github-actions-cache-cleaner.yml +++ b/.github/workflows/github-actions-cache-cleaner.yml @@ -12,8 +12,8 @@ jobs: github-actions-cache-cleaner: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.2.1 - - uses: dev-hato/github-actions-cache-cleaner@v0.0.54 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: dev-hato/github-actions-cache-cleaner@8885351fba02a9d237a5115d7dff95f2b8fa8078 # v0.0.54 with: github-token: ${{secrets.GITHUB_TOKEN}} concurrency: diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml index c787a6e1a..a67713001 100644 --- a/.github/workflows/super-linter.yml +++ b/.github/workflows/super-linter.yml @@ -39,12 +39,12 @@ jobs: # Checkout the code base # ########################## - name: Checkout Code - uses: actions/checkout@v4.2.1 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: # Full git history is needed to get a proper list # of changed files within `super-linter` fetch-depth: 0 - - uses: actions/setup-node@v4.0.4 + - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: cache: npm - run: bash "${GITHUB_WORKSPACE}/scripts/super_linter/build/set_path.sh" @@ -52,7 +52,7 @@ jobs: # Run Linter against code base # ################################ - name: Lint Code Base - uses: super-linter/super-linter/slim@v7.1.0 + uses: super-linter/super-linter/slim@b92721f792f381cedc002ecdbb9847a15ece5bb8 # v7.1.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} DEFAULT_BRANCH: main diff --git a/.github/workflows/update-gitleaks.yml b/.github/workflows/update-gitleaks.yml index e865d3831..41cc7d00e 100644 --- a/.github/workflows/update-gitleaks.yml +++ b/.github/workflows/update-gitleaks.yml @@ -17,19 +17,19 @@ jobs: update-gitleaks: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.2.1 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 if: github.event_name != 'pull_request' || github.event.action != 'closed' with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} - - uses: actions/setup-node@v4.0.4 + - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 if: github.event_name != 'pull_request' || github.event.action != 'closed' with: cache: npm - name: Install packages if: github.event_name != 'pull_request' || github.event.action != 'closed' run: npm ci - - uses: dev-hato/actions-update-gitleaks@v0.0.79 + - uses: dev-hato/actions-update-gitleaks@0e9a2d1c25c0acc3108157714109d94ebecbf7cf # v0.0.79 with: github-token: ${{secrets.GITHUB_TOKEN}} concurrency: diff --git a/.github/workflows/update-package.yml b/.github/workflows/update-package.yml index 6f518cdd2..101ace3bd 100644 --- a/.github/workflows/update-package.yml +++ b/.github/workflows/update-package.yml @@ -18,18 +18,18 @@ jobs: update-package: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.2.1 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 if: github.event_name != 'pull_request' || github.event.action != 'closed' with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} - - uses: actions/setup-node@v4.0.4 + - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 if: github.event_name != 'pull_request' || github.event.action != 'closed' with: cache: npm - if: github.event_name != 'pull_request' || github.event.action != 'closed' run: npm install - - uses: dev-hato/actions-diff-pr-management@v1.2.0 + - uses: dev-hato/actions-diff-pr-management@e5c78b251a69f44f93b2f1398e06b129bcf151ec # v1.2.0 with: github-token: ${{secrets.GITHUB_TOKEN}} branch-name-prefix: fix-package diff --git a/action.yml b/action.yml index ca66df1ae..9efe2a0ec 100644 --- a/action.yml +++ b/action.yml @@ -14,7 +14,7 @@ runs: - shell: bash if: github.event_name != 'pull_request' || github.event.action != 'closed' run: npx prettier --write . - - uses: dev-hato/actions-diff-pr-management@v1.2.0 + - uses: dev-hato/actions-diff-pr-management@e5c78b251a69f44f93b2f1398e06b129bcf151ec # v1.2.0 with: github-token: ${{inputs.github-token}} branch-name-prefix: fix-format-json-yml diff --git a/package-lock.json b/package-lock.json index 18ede0a13..df3b10a74 100644 --- a/package-lock.json +++ b/package-lock.json @@ -7,7 +7,7 @@ "devDependencies": { "@proofdict/textlint-rule-proofdict": "3.1.2", "@textlint-ja/textlint-rule-no-insert-dropping-sa": "2.0.1", - "prettier": "^3.3.3", + "prettier": "3.3.3", "textlint": "14.2.1", "textlint-filter-rule-comments": "1.2.2", "textlint-rule-abbr-within-parentheses": "1.0.2", diff --git a/package.json b/package.json index 33f0e9c2f..2c52d3317 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "devDependencies": { "@proofdict/textlint-rule-proofdict": "3.1.2", "@textlint-ja/textlint-rule-no-insert-dropping-sa": "2.0.1", - "prettier": "^3.3.3", + "prettier": "3.3.3", "textlint": "14.2.1", "textlint-filter-rule-comments": "1.2.2", "textlint-rule-abbr-within-parentheses": "1.0.2", diff --git a/scripts/super_linter/build/set_path.sh b/scripts/super_linter/build/set_path.sh index e2422e23c..7775ce058 100755 --- a/scripts/super_linter/build/set_path.sh +++ b/scripts/super_linter/build/set_path.sh @@ -1,6 +1,7 @@ #!/usr/bin/env bash npm ci -action="$(yq '.jobs.build.steps[-1].uses' .github/workflows/super-linter.yml)" -PATH="$(docker run --rm --entrypoint '' "ghcr.io/${action//\/slim@/:slim-}" /bin/sh -c 'echo $PATH')" +tag_name="$(yq '.jobs.build.steps[-1].uses' .github/workflows/super-linter.yml | sed -e 's;/slim@.*;:slim;g')" +tag_version="$(yq '.jobs.build.steps[-1].uses | line_comment' .github/workflows/super-linter.yml)" +PATH="$(docker run --rm --entrypoint '' "ghcr.io/${tag_name}-${tag_version}" /bin/sh -c 'echo $PATH')" echo "PATH=/github/workspace/node_modules/.bin:${PATH}" >>"$GITHUB_ENV"