diff --git a/.github/actions/build-app/action.yml b/.github/actions/build-app/action.yml index a155f662..180aa299 100644 --- a/.github/actions/build-app/action.yml +++ b/.github/actions/build-app/action.yml @@ -23,7 +23,7 @@ runs: steps: - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ inputs.image }} flavor: | @@ -32,7 +32,7 @@ runs: type=raw,value=${{ inputs.tag-prefix }}-${{ github.run_number }}-a${{ github.run_attempt }} - name: Build and push - uses: docker/build-push-action@v6 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: . file: ${{ inputs.dockerfile }} diff --git a/.github/actions/promote-image/action.yml b/.github/actions/promote-image/action.yml index c256ba9c..ff7cf835 100644 --- a/.github/actions/promote-image/action.yml +++ b/.github/actions/promote-image/action.yml @@ -17,7 +17,7 @@ runs: - name: Extract metadata (tags, labels) for Promotion id: remeta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ inputs.image }} flavor: | diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index 79e30526..e54fc6ae 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -51,9 +51,9 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - uses: actions/setup-dotnet@v5 + - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5.2.0 with: dotnet-version: '${{ env.DOTNET_VERSION }}' @@ -78,13 +78,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v4 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Log in to Container Registry - uses: docker/login-action@v4 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -114,10 +114,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Log in to Container Registry - uses: docker/login-action@v4 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -137,7 +137,7 @@ jobs: environment: production steps: - name: Send repository dispatch - uses: peter-evans/repository-dispatch@v4 + uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4.0.1 with: token: ${{ secrets.GITOPS_PAT }} repository: openshock/kubernetes-cluster-gitops @@ -155,7 +155,7 @@ jobs: steps: - name: Send repository dispatch - uses: peter-evans/repository-dispatch@v4 + uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4.0.1 with: token: ${{ secrets.GITOPS_PAT }} repository: openshock/kubernetes-cluster-gitops @@ -172,7 +172,7 @@ jobs: environment: development steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: sparse-checkout: | .github diff --git a/.github/workflows/ci-tag.yml b/.github/workflows/ci-tag.yml index 959050ce..aef5139e 100644 --- a/.github/workflows/ci-tag.yml +++ b/.github/workflows/ci-tag.yml @@ -21,7 +21,7 @@ jobs: steps: - name: Find latest tag id: latest-tag - uses: oprypin/find-latest-tag@v1 + uses: oprypin/find-latest-tag@dd2729fe78b0bb55523ae2b2a310c6773a652bd1 # v1.1.2 with: repository: ${{ github.repository }} regex: '^\d+\.\d+\.\d+$' diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d9cbb591..84957b7f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -27,17 +27,17 @@ jobs: contents: read steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 with: languages: csharp build-mode: manual - name: Setup .NET SDK ${{ env.DOTNET_VERSION }} - uses: actions/setup-dotnet@v5 + uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5.2.0 with: dotnet-version: ${{ env.DOTNET_VERSION }} @@ -50,6 +50,6 @@ jobs: dotnet publish Cron/Cron.csproj -c Release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 with: category: "/language:csharp" diff --git a/.github/workflows/update-cloudflare-proxies.yml b/.github/workflows/update-cloudflare-proxies.yml index 6ed0e573..d6da732f 100644 --- a/.github/workflows/update-cloudflare-proxies.yml +++ b/.github/workflows/update-cloudflare-proxies.yml @@ -14,11 +14,11 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: ref: ${{ github.ref }} - - uses: actions/setup-dotnet@v5 + - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5.2.0 with: global-json-file: global.json