diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2847ffe15..9d0945938 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,7 +20,7 @@ jobs: release: ${{ steps.genver.outputs.release }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.ref }} fetch-depth: 0 @@ -47,7 +47,7 @@ jobs: GENVERSION: ${{ needs.versionning.outputs.version }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.ref }} submodules: true @@ -72,19 +72,19 @@ jobs: VERSION: ${{ needs.versionning.outputs.version }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.ref }} - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2 - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3 - name: login - uses: docker/login-action@v2 + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2 with: username: ${{ secrets.DOCKER_HUB_LOGIN }} password: ${{ secrets.DOCKER_HUB_TOKEN }} @@ -118,7 +118,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.ref }} @@ -131,7 +131,7 @@ jobs: aws: true - name: Checkout Infra - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: repository: aneoconsulting/ArmoniK path: infra @@ -217,7 +217,7 @@ jobs: aws s3 cp end2end-${{ matrix.tls }}-${{ matrix.mtls }}-${{ matrix.sslvalidation }}-${{ matrix.useca }}.tar.gz s3://${{ secrets.AWS_LOG_BUCKET_NAME }}/extcsharp-pipeline/${{ github.run_number }}/${{ github.run_attempt }}/end2end-${{ matrix.tls }}-${{ matrix.mtls }}-${{ matrix.sslvalidation }}-${{ matrix.useca }}.tar.gz - name: 'Upload Artifact' - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3 with: name: end2end-${{ matrix.tls }}-${{ matrix.mtls }}-${{ matrix.sslvalidation }}-${{ matrix.useca }}.tar.gz path: end2end-${{ matrix.tls }}-${{ matrix.mtls }}-${{ matrix.sslvalidation }}-${{ matrix.useca }}.tar.gz @@ -233,7 +233,7 @@ jobs: VERSION: ${{ needs.versionning.outputs.version }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.ref }} @@ -246,7 +246,7 @@ jobs: aws: true - name: Checkout Infra - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: repository: aneoconsulting/ArmoniK path: infra diff --git a/.github/workflows/build_documentations.yml b/.github/workflows/build_documentations.yml index e20499e44..23a4516e0 100644 --- a/.github/workflows/build_documentations.yml +++ b/.github/workflows/build_documentations.yml @@ -11,7 +11,7 @@ jobs: steps: - name: Checkout repo - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Get dotnet sdk run: | @@ -28,7 +28,7 @@ jobs: docfx Documentation/docfx.json - name: Deploy docfx documentation - uses: peaceiris/actions-gh-pages@v3 + uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # v3 with: github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: Documentation/_site diff --git a/.github/workflows/code-formatting.yml b/.github/workflows/code-formatting.yml index 6318f0717..2b90a913c 100644 --- a/.github/workflows/code-formatting.yml +++ b/.github/workflows/code-formatting.yml @@ -9,7 +9,7 @@ jobs: timeout-minutes: 15 steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 with: ref: ${{ github.ref }} diff --git a/.github/workflows/make-release.yml b/.github/workflows/make-release.yml index 62add10dd..a33a45c03 100644 --- a/.github/workflows/make-release.yml +++ b/.github/workflows/make-release.yml @@ -16,7 +16,7 @@ jobs: release: ${{ steps.release.outputs.version }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.ref }} fetch-depth: 0 @@ -33,7 +33,7 @@ jobs: - name: Generate Snapshot Version id: snapshot - uses: codacy/git-version@2.7.1 + uses: codacy/git-version@80c816f11db8dea5e3a81025f598193015b51832 # 2.8.0 with: minor-identifier: "feat:" release-branch: ${{ github.ref_name }}-pre @@ -41,7 +41,7 @@ jobs: - name: Generate Release Version id: release - uses: codacy/git-version@2.7.1 + uses: codacy/git-version@80c816f11db8dea5e3a81025f598193015b51832 # 2.8.0 with: minor-identifier: "feat:" release-branch: ${{ steps.rev.outputs.current-branch }} @@ -67,7 +67,7 @@ jobs: GENRELEASE: ${{ needs.versionning.outputs.release }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.ref }} submodules: true @@ -88,20 +88,20 @@ jobs: - versionning steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.ref }} submodules: true - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2 - name: login - uses: docker/login-action@v2 + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2 with: username: ${{ secrets.DOCKER_HUB_LOGIN }} password: ${{ secrets.DOCKER_HUB_TOKEN }} @@ -110,7 +110,7 @@ jobs: run: echo ${{ steps.buildx.outputs.platforms }} - name: Build and push - uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4 + uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4 with: file: Worker/src/DLLWorker/Dockerfile context: . diff --git a/.github/workflows/semantic-pull-request.yml b/.github/workflows/semantic-pull-request.yml index 6d9ef374a..122630dbc 100644 --- a/.github/workflows/semantic-pull-request.yml +++ b/.github/workflows/semantic-pull-request.yml @@ -17,12 +17,12 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@v5 + - uses: amannn/action-semantic-pull-request@e32d7e603df1aa1ba07e981f2a23455dee596825 # v5 id: lint_pr_title env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - uses: marocchino/sticky-pull-request-comment@v2 + - uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2 # When the previous steps fails, the workflow would stop. By adding this # condition you can continue the execution with the populated error message. if: always() && (steps.lint_pr_title.outputs.error_message != null) @@ -37,7 +37,7 @@ jobs: ``` # Delete a previous comment when the issue has been resolved - if: ${{ steps.lint_pr_title.outputs.error_message == null }} - uses: marocchino/sticky-pull-request-comment@v2 + uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2 with: header: pr-title-lint-error delete: true diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml index d92084cae..224cac335 100644 --- a/.github/workflows/sonar.yml +++ b/.github/workflows/sonar.yml @@ -12,24 +12,24 @@ jobs: runs-on: windows-latest steps: - name: Set up JDK - uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 # v3 + uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3 with: distribution: 'zulu' java-version: 17 - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis submodules: true - name: Cache SonarCloud packages - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3 + uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3 with: path: .\.sonar\cache key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar - name: Cache SonarCloud scanner id: cache-sonar-scanner - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3 + uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3 with: path: .\.sonar\scanner key: ${{ runner.os }}-sonar-scanner