diff --git a/.github/workflows/github-release.yml b/.github/workflows/github-release.yml index c954579..e0869ad 100644 --- a/.github/workflows/github-release.yml +++ b/.github/workflows/github-release.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: fetch-depth: 0 - name: install autotag binary diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index d88f13d..cb57f79 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -15,15 +15,15 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5 - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v4 + uses: goreleaser/goreleaser-action@5fdedb94abba051217030cc86d4523cf3f02243d # v4 with: distribution: goreleaser version: latest diff --git a/.github/workflows/lint-test-build-push.yml b/.github/workflows/lint-test-build-push.yml index 7a2e160..1b19b9a 100644 --- a/.github/workflows/lint-test-build-push.yml +++ b/.github/workflows/lint-test-build-push.yml @@ -9,14 +9,14 @@ jobs: lint-test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5 - - uses: hadolint/hadolint-action@v3.1.0 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 - name: golangci-lint - uses: golangci/golangci-lint-action@v6 + uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6 with: version: latest @@ -33,7 +33,7 @@ jobs: contents: read id-token: write steps: - - uses: 'actions/checkout@v4' + - uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4 - name: Extract branch name shell: bash @@ -52,14 +52,14 @@ jobs: - id: 'auth' name: 'Authenticate to Google Cloud' - uses: 'google-github-actions/auth@v1' + uses: 'google-github-actions/auth@3a3c4c57d294ef65efaaee4ff17b22fa88dd3c69' # v1 with: workload_identity_provider: ${{ secrets.GCLOUD_OIDC_POOL }} create_credentials_file: true service_account: ${{ secrets.GSA }} token_format: 'access_token' - - uses: 'docker/login-action@v3' + - uses: 'docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567' # v3 name: 'Docker login' with: registry: 'us-docker.pkg.dev' @@ -67,7 +67,7 @@ jobs: password: '${{ steps.auth.outputs.access_token }}' - name: Build and push - uses: docker/build-push-action@v6 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6 with: context: . push: true diff --git a/.github/workflows/validate-renovate.yml b/.github/workflows/validate-renovate.yml index e47a269..c8348e2 100644 --- a/.github/workflows/validate-renovate.yml +++ b/.github/workflows/validate-renovate.yml @@ -12,9 +12,9 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4 + - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 with: node-version: 20