diff --git a/.github/workflows/cleanup-registry.yml b/.github/workflows/cleanup-registry.yml index da476d12a..a2a28086d 100644 --- a/.github/workflows/cleanup-registry.yml +++ b/.github/workflows/cleanup-registry.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Delete old versions - uses: snok/container-retention-policy@f617f1ca161a52bce48417eedd76924e71d0b4d9 # v2.1.0 + uses: snok/container-retention-policy@3d27e6a0361deed0b7dc5099a82eadd07924b177 # v2.1.3 with: image-names: ${{ env.IMAGE_NAMES }} cut-off: 2 days ago UTC diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index 243a8c56c..745669b84 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -35,7 +35,7 @@ jobs: stage: ${{ steps.get_metadata.outputs.stage }} steps: - name: Checkout code - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Get metadata id: get_metadata @@ -80,7 +80,7 @@ jobs: - name: Checkout code if: fromJSON(needs.metadata.outputs.has_diff) - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Run merge if: fromJSON(needs.metadata.outputs.has_diff) @@ -135,7 +135,7 @@ jobs: fi - name: Checkout code - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: ref: ${{ needs.merge.outputs.sha }} @@ -161,7 +161,7 @@ jobs: docker-compose up -d - name: Finalize Sentry release - uses: getsentry/action-release@4744f6a65149f441c5f396d5b0877307c0db52c7 # v1.4.1 + uses: getsentry/action-release@3b41b36c375cc23a26fa8773a103ba1c49805418 # v1.5.0 env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ vars.SENTRY_ORG_NAME }} @@ -209,7 +209,7 @@ jobs: done - name: Update Continuous Delivery check run - uses: guidojw/actions/update-check-run@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/update-check-run@3beff67e42d9f4f079239c3bc2aa3ef2d2446be7 # v1.4.4 with: app_id: ${{ vars.GH_APP_ID }} private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 71a22b9a7..4cf5d323f 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -18,12 +18,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: ref: ${{ inputs.sha }} - name: Build test image - uses: guidojw/actions/build-docker-image@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/build-docker-image@3beff67e42d9f4f079239c3bc2aa3ef2d2446be7 # v1.4.4 with: file: Dockerfile target: base @@ -35,7 +35,7 @@ jobs: needs: build steps: - name: Checkout code - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: ref: ${{ inputs.sha }} @@ -50,7 +50,7 @@ jobs: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) 1.6.24 - name: Load test image - uses: guidojw/actions/load-docker-image@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/load-docker-image@3beff67e42d9f4f079239c3bc2aa3ef2d2446be7 # v1.4.4 with: name: app @@ -71,7 +71,7 @@ jobs: needs: build steps: - name: Load test image - uses: guidojw/actions/load-docker-image@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/load-docker-image@3beff67e42d9f4f079239c3bc2aa3ef2d2446be7 # v1.4.4 with: name: app diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml index c9be26317..f802b3acf 100644 --- a/.github/workflows/publish-image.yml +++ b/.github/workflows/publish-image.yml @@ -55,16 +55,16 @@ jobs: needs: metadata steps: - name: Checkout code - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: ref: ${{ inputs.sha }} fetch-depth: 0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4b4e9c3e2d4531116a6f8ba8e71fc6e2cb6e6c8c # v2.5.0 + uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to GitHub Container Registry - uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # tag=v2.1.0 + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 with: registry: ${{ vars.DOCKER_REGISTRY_URL }} username: ${{ github.repository_owner }} @@ -72,7 +72,7 @@ jobs: - name: Build and push image id: build_push_image - uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4.0.0 + uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 with: push: true context: . @@ -92,7 +92,7 @@ jobs: - name: Create Sentry release if: ${{ !(github.event_name == 'workflow_dispatch' && github.workflow == 'Publish Image') }} - uses: getsentry/action-release@4744f6a65149f441c5f396d5b0877307c0db52c7 # v1.4.1 + uses: getsentry/action-release@3b41b36c375cc23a26fa8773a103ba1c49805418 # v1.5.0 env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ vars.SENTRY_ORG_NAME }} @@ -123,7 +123,7 @@ jobs: done - name: Update Publish Image check run - uses: guidojw/actions/update-check-run@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/update-check-run@3beff67e42d9f4f079239c3bc2aa3ef2d2446be7 # v1.4.4 with: app_id: ${{ vars.GH_APP_ID }} private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}