From 0de0a3bfcc6ba9e5083c0a9e2aaa9ea8a197987d Mon Sep 17 00:00:00 2001 From: TrueCharts-Admin Date: Mon, 7 Oct 2024 18:03:34 +0000 Subject: [PATCH] chore(deps): pin dependencies by renovate --- .github/workflows/charts-lint.yaml | 4 ++-- .github/workflows/charts-release.yaml | 8 ++++---- .github/workflows/charts-test.yaml | 14 +++++++------- .github/workflows/containers.build.yaml | 6 +++--- .github/workflows/containers.housekeeping.yaml | 2 +- .github/workflows/containers.scarf.yaml | 2 +- .github/workflows/pr-validate.yaml | 4 ++-- .github/workflows/prune.yaml | 2 +- .github/workflows/schedule-sync-labels.yaml | 2 +- .../ix-source/.github/workflows/ci.yml | 6 +++--- .../.github/workflows/docker_image.yml | 8 ++++---- .../ix-source/.github/workflows/lint.yml | 4 ++-- .../ix-source/.github/workflows/test.yaml | 4 ++-- .../truecharts-fork/.github/workflows/ci.yml | 6 +++--- .../.github/workflows/containers.build.yaml | 18 +++++++++--------- .../truecharts-fork/.github/workflows/lint.yml | 4 ++-- .../.github/workflows/test.yaml | 4 ++-- .../.github/workflows/fluxupdate.yaml | 4 ++-- .../jailman/.github/workflows/filecheck.yml | 2 +- .../jailman/.github/workflows/shellcheck.yml | 4 ++-- archive/jailman/.github/workflows/wiki.yml | 2 +- .../jailman/wiki/.github/workflows/deploy.yml | 2 +- .../.github/workflows/PR_testing.yaml | 4 ++-- .../.github/workflows/Push_testing.yaml | 4 ++-- .../workflows/metadata-label-commenter.yaml | 4 ++-- .../.github/workflows/metadata-label-pr.yaml | 2 +- .../scale-catalog/.github/workflows/prune.yaml | 2 +- .../workflows/schedule-sync-labels.yaml | 4 ++-- .../scale-catalog/.github/workflows/stale.yaml | 2 +- .../truetool/.github/workflows/renovate.yml | 2 +- .../truetool/.github/workflows/shellcheck.yml | 8 ++++---- .../.github/workflows/docker-publish.yml | 2 +- 32 files changed, 73 insertions(+), 73 deletions(-) diff --git a/.github/workflows/charts-lint.yaml b/.github/workflows/charts-lint.yaml index 22f013c5101a..e3b5614df2cc 100644 --- a/.github/workflows/charts-lint.yaml +++ b/.github/workflows/charts-lint.yaml @@ -22,13 +22,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout [master] - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 1 ref: master - name: Checkout [commit] - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} diff --git a/.github/workflows/charts-release.yaml b/.github/workflows/charts-release.yaml index 229008f9d684..1d3b5a9c4bae 100644 --- a/.github/workflows/charts-release.yaml +++ b/.github/workflows/charts-release.yaml @@ -15,7 +15,7 @@ jobs: runs-on: actions-runner-large steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: token: ${{ secrets.BOT_TOKEN }} fetch-depth: 0 @@ -30,7 +30,7 @@ jobs: - name: Cache Changelog id: cache-changelog - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 + uses: actions/cache@2cdf405574d6ef1f33a1d12acccd3ae82f47b3f2 # v4 with: path: changelog.json.gz key: ${{ env.CHANGELOG_CACHE_KEY }} @@ -53,7 +53,7 @@ jobs: gzip "$JSON_FILE" --best - name: Checkout Helm-Staging - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 1 repository: truecharts/helm-staging @@ -87,7 +87,7 @@ jobs: cd - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 1 repository: truecharts/website diff --git a/.github/workflows/charts-test.yaml b/.github/workflows/charts-test.yaml index 508f0f3bd51d..63ca9ee00a12 100644 --- a/.github/workflows/charts-test.yaml +++ b/.github/workflows/charts-test.yaml @@ -50,7 +50,7 @@ jobs: detected6: ${{ steps.list-changed.outputs.detected6 }} steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -115,7 +115,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -169,7 +169,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -223,7 +223,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -277,7 +277,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -331,7 +331,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -385,7 +385,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} diff --git a/.github/workflows/containers.build.yaml b/.github/workflows/containers.build.yaml index fdec6e143635..a1fcdb09d67c 100644 --- a/.github/workflows/containers.build.yaml +++ b/.github/workflows/containers.build.yaml @@ -30,7 +30,7 @@ jobs: matrix: "{\"container\": ${{ steps.reduce.outputs.containers }} }" steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3 id: filter with: @@ -51,7 +51,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 - name: hadolint uses: reviewdog/action-hadolint@73fec8b28091e5082c19df69815dd749d97b882a # v1.46.0 with: @@ -77,7 +77,7 @@ jobs: if: "!contains(github.event.head_commit.message, '[ci-skip]')" steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 # Define if tests and push should be run against which versions/platforms - name: Prepare diff --git a/.github/workflows/containers.housekeeping.yaml b/.github/workflows/containers.housekeeping.yaml index c34141a27914..3f7c2195aee1 100644 --- a/.github/workflows/containers.housekeeping.yaml +++ b/.github/workflows/containers.housekeeping.yaml @@ -16,7 +16,7 @@ jobs: name: "Housekeeping" steps: - name: Checkout branch - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 0 token: ${{ secrets.BOT_TOKEN }} diff --git a/.github/workflows/containers.scarf.yaml b/.github/workflows/containers.scarf.yaml index 59ec74ce0cb0..1fa64b370f55 100644 --- a/.github/workflows/containers.scarf.yaml +++ b/.github/workflows/containers.scarf.yaml @@ -9,7 +9,7 @@ jobs: name: "Add to Scarf" steps: - name: Checkout branch - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 0 token: ${{ secrets.BOT_TOKEN }} diff --git a/.github/workflows/pr-validate.yaml b/.github/workflows/pr-validate.yaml index f84931ab63e9..f1bd4f1c7ac8 100644 --- a/.github/workflows/pr-validate.yaml +++ b/.github/workflows/pr-validate.yaml @@ -17,7 +17,7 @@ jobs: addedOrModifiedCharts: ${{ steps.collect-changes.outputs.addedOrModifiedCharts }} steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 - name: Collect changes id: collect-changes @@ -49,7 +49,7 @@ jobs: head-commit-message: ${{ steps.get_head_commit_message.outputs.headCommitMsg }} steps: - name: Get repo - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: verbose head git commit message diff --git a/.github/workflows/prune.yaml b/.github/workflows/prune.yaml index 9ace9cc75170..8ba19695c2ab 100644 --- a/.github/workflows/prune.yaml +++ b/.github/workflows/prune.yaml @@ -9,7 +9,7 @@ jobs: name: "prune old releases" steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: fetch-depth: 0 - uses: actions/delete-package-versions@e5bc658cc4c965c472efe991f8beea3981499c55 # v5 diff --git a/.github/workflows/schedule-sync-labels.yaml b/.github/workflows/schedule-sync-labels.yaml index fff31628503c..927370d46b5a 100644 --- a/.github/workflows/schedule-sync-labels.yaml +++ b/.github/workflows/schedule-sync-labels.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 with: token: ${{ secrets.BOT_TOKEN }} diff --git a/archive/catalog_validation/ix-source/.github/workflows/ci.yml b/archive/catalog_validation/ix-source/.github/workflows/ci.yml index a964f544c9f1..0fa6c8caba8a 100644 --- a/archive/catalog_validation/ix-source/.github/workflows/ci.yml +++ b/archive/catalog_validation/ix-source/.github/workflows/ci.yml @@ -6,11 +6,11 @@ jobs: build-deb: runs-on: ubuntu-latest container: - image: ixsystems/catalog_validation:latest + image: ixsystems/catalog_validation:latest@sha256:ec054455af9857782d13f0507b0e0378ed0dee83dab11a3e1e5939eebb083522 steps: - name: Checkout - uses: actions/checkout@v1 + uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1 - name: Build deb package run: > @@ -27,7 +27,7 @@ jobs: run: mv ../*.deb artifacts if: success() - - uses: actions/upload-artifact@v1 + - uses: actions/upload-artifact@3446296876d12d4e3a0f3145a3c87e67bf0a16b5 # v1 with: name: py-catalog-validation path: artifacts diff --git a/archive/catalog_validation/ix-source/.github/workflows/docker_image.yml b/archive/catalog_validation/ix-source/.github/workflows/docker_image.yml index 91f66097dbd1..d8ceb42440bf 100644 --- a/archive/catalog_validation/ix-source/.github/workflows/docker_image.yml +++ b/archive/catalog_validation/ix-source/.github/workflows/docker_image.yml @@ -10,17 +10,17 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up QEMU - uses: docker/setup-qemu-action@v1 + uses: docker/setup-qemu-action@27d0a4f181a40b142cce983c5393082c365d1480 # v1 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@f211e3e9ded2d9377c8cadc4489a4e38014bc4c9 # v1 - name: Login to DockerHub - uses: docker/login-action@v1 + uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 # v1 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push id: docker_build - uses: docker/build-push-action@v2 + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a # v2 with: push: true tags: ixsystems/catalog_validation:latest diff --git a/archive/catalog_validation/ix-source/.github/workflows/lint.yml b/archive/catalog_validation/ix-source/.github/workflows/lint.yml index 8cd12cb7c516..650064973e20 100644 --- a/archive/catalog_validation/ix-source/.github/workflows/lint.yml +++ b/archive/catalog_validation/ix-source/.github/workflows/lint.yml @@ -8,9 +8,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Set up Python 3.8 - uses: actions/setup-python@v1 + uses: actions/setup-python@0f07f7f756721ebd886c2462646a35f78a8bc4de # v1 with: python-version: 3.8 - name: Install dependencies diff --git a/archive/catalog_validation/ix-source/.github/workflows/test.yaml b/archive/catalog_validation/ix-source/.github/workflows/test.yaml index 81880fe30829..3089b4dcbb0a 100644 --- a/archive/catalog_validation/ix-source/.github/workflows/test.yaml +++ b/archive/catalog_validation/ix-source/.github/workflows/test.yaml @@ -7,10 +7,10 @@ jobs: runs-on: ubuntu-latest container: - image: ghcr.io/truenas/middleware:master + image: ghcr.io/truenas/middleware:master@sha256:f6d1c7a932e0745d3bf9928711de0e715d7d130e317931a2498457aec5aa555b steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Setup dependencies run: | /usr/bin/install-dev-tools diff --git a/archive/catalog_validation/truecharts-fork/.github/workflows/ci.yml b/archive/catalog_validation/truecharts-fork/.github/workflows/ci.yml index 2d48c77a40d0..9358902f1e1b 100644 --- a/archive/catalog_validation/truecharts-fork/.github/workflows/ci.yml +++ b/archive/catalog_validation/truecharts-fork/.github/workflows/ci.yml @@ -6,11 +6,11 @@ jobs: build-deb: runs-on: ubuntu-latest container: - image: tccr.io/truecharts/catalog_validation:latest + image: tccr.io/truecharts/catalog_validation:latest@sha256:35d6b9765e7f86f064b494c640b60ca485b4a82a12e4851930dd50fca83c6c2e steps: - name: Checkout - uses: actions/checkout@v1 + uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1 - name: Build deb package run: > @@ -27,7 +27,7 @@ jobs: run: mv ../*.deb artifacts if: success() - - uses: actions/upload-artifact@v1 + - uses: actions/upload-artifact@3446296876d12d4e3a0f3145a3c87e67bf0a16b5 # v1 with: name: py-catalog-validation path: artifacts diff --git a/archive/catalog_validation/truecharts-fork/.github/workflows/containers.build.yaml b/archive/catalog_validation/truecharts-fork/.github/workflows/containers.build.yaml index ee67f87fd276..cd121b05b2b8 100644 --- a/archive/catalog_validation/truecharts-fork/.github/workflows/containers.build.yaml +++ b/archive/catalog_validation/truecharts-fork/.github/workflows/containers.build.yaml @@ -16,7 +16,7 @@ jobs: if: "!contains(github.event.head_commit.message, '[ci-skip]')" steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 # Define if tests and push should be run against which versions/platforms - name: Prepare @@ -42,17 +42,17 @@ jobs: format: 'YYYYMMDDHHmmss' - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3 + uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3 with: platforms: amd64 - uses: sigstore/cosign-installer@main - name: Install Syft - uses: anchore/sbom-action/download-syft@78fc58e266e87a38d4194b2137a3d4e9bcaf7ca1 # v0.14.3 + uses: anchore/sbom-action/download-syft@61119d458adab75f756bc0b9e4bde25725f86a7a # v0.17.2 - name: Login to Quay - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3 if: github.event_name != 'pull_request' with: registry: quay.io @@ -60,7 +60,7 @@ jobs: password: ${{ secrets.QUAY_SECRET }} - name: Login to GHCR - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3 if: github.event_name != 'pull_request' with: registry: ghcr.io @@ -69,7 +69,7 @@ jobs: - name: Docker meta id: meta - uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5 + uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5 with: # list of Docker images to use as base name for tags images: | @@ -80,7 +80,7 @@ jobs: # Install and configure Buildx - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3 with: install: true version: latest @@ -89,7 +89,7 @@ jobs: # Creates a local build to run tests on - name: Build and Load local test-container if: ${{ steps.prep.outputs.goss == 'true' }} - uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5 with: build-args: | CONTAINER_NAME=catalog_validation @@ -102,7 +102,7 @@ jobs: # Push if not a PR, otherwise just test the build process for all requested platforms - name: Build and Push id: push - uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5 with: build-args: | CONTAINER_NAME=catalog_validation diff --git a/archive/catalog_validation/truecharts-fork/.github/workflows/lint.yml b/archive/catalog_validation/truecharts-fork/.github/workflows/lint.yml index 8cd12cb7c516..650064973e20 100644 --- a/archive/catalog_validation/truecharts-fork/.github/workflows/lint.yml +++ b/archive/catalog_validation/truecharts-fork/.github/workflows/lint.yml @@ -8,9 +8,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Set up Python 3.8 - uses: actions/setup-python@v1 + uses: actions/setup-python@0f07f7f756721ebd886c2462646a35f78a8bc4de # v1 with: python-version: 3.8 - name: Install dependencies diff --git a/archive/catalog_validation/truecharts-fork/.github/workflows/test.yaml b/archive/catalog_validation/truecharts-fork/.github/workflows/test.yaml index 74fc0f44ed7c..3867280cd4eb 100644 --- a/archive/catalog_validation/truecharts-fork/.github/workflows/test.yaml +++ b/archive/catalog_validation/truecharts-fork/.github/workflows/test.yaml @@ -8,9 +8,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Set up Python 3.8 - uses: actions/setup-python@v1 + uses: actions/setup-python@0f07f7f756721ebd886c2462646a35f78a8bc4de # v1 with: python-version: 3.8 - name: Install dependencies diff --git a/archive/clustertool/.github/workflows/fluxupdate.yaml b/archive/clustertool/.github/workflows/fluxupdate.yaml index 3d9b0c515086..510538f75a97 100644 --- a/archive/clustertool/.github/workflows/fluxupdate.yaml +++ b/archive/clustertool/.github/workflows/fluxupdate.yaml @@ -10,7 +10,7 @@ jobs: flux-upgrade: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 with: fetch-depth: 1 @@ -28,7 +28,7 @@ jobs: echo "::set-output name=flux_version::$VERSION" - name: Create pull request for Flux upgrade - uses: peter-evans/create-pull-request@v3 + uses: peter-evans/create-pull-request@18f7dc018cc2cd597073088f7c7591b9d1c02672 # v3 with: token: ${{ secrets.GITHUB_TOKEN }} branch: "flux/upgrade-${{ steps.upgrade.outputs.flux_version }}" diff --git a/archive/jailman/.github/workflows/filecheck.yml b/archive/jailman/.github/workflows/filecheck.yml index e3efcef86de6..449730b4af76 100644 --- a/archive/jailman/.github/workflows/filecheck.yml +++ b/archive/jailman/.github/workflows/filecheck.yml @@ -11,7 +11,7 @@ jobs: name: Check Files runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1 - name: check existance run: | for pathname in blueprints/*; do test -e $pathname/readme.md || { echo "File missing: $pathname/readme.md"; error="true"; }; done diff --git a/archive/jailman/.github/workflows/shellcheck.yml b/archive/jailman/.github/workflows/shellcheck.yml index d4e3bd5b8c81..0a9f158517c6 100644 --- a/archive/jailman/.github/workflows/shellcheck.yml +++ b/archive/jailman/.github/workflows/shellcheck.yml @@ -14,6 +14,6 @@ jobs: Shellcheck: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1 - name: Shell Linter - uses: azohra/shell-linter@v0.3.0 + uses: azohra/shell-linter@6bbeaa868df09c34ddc008e6030cfe89c03394a1 # v0.6.0 diff --git a/archive/jailman/.github/workflows/wiki.yml b/archive/jailman/.github/workflows/wiki.yml index a925925399df..e0ba0ad11204 100644 --- a/archive/jailman/.github/workflows/wiki.yml +++ b/archive/jailman/.github/workflows/wiki.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout master - uses: actions/checkout@v1 + uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1 with: ref: 'master' - name: rename-readme diff --git a/archive/jailman/wiki/.github/workflows/deploy.yml b/archive/jailman/wiki/.github/workflows/deploy.yml index ff040122e25d..2b318f5121c4 100644 --- a/archive/jailman/wiki/.github/workflows/deploy.yml +++ b/archive/jailman/wiki/.github/workflows/deploy.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout master - uses: actions/checkout@v1 + uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1 with: ref: 'master' - name: Deploy docs diff --git a/archive/scale-catalog-template/.github/workflows/PR_testing.yaml b/archive/scale-catalog-template/.github/workflows/PR_testing.yaml index 001e3c0605a0..b8b2b1bc6788 100644 --- a/archive/scale-catalog-template/.github/workflows/PR_testing.yaml +++ b/archive/scale-catalog-template/.github/workflows/PR_testing.yaml @@ -6,14 +6,14 @@ jobs: test-apps: runs-on: ubuntu-latest container: - image: ixsystems/catalog_validation:latest + image: ixsystems/catalog_validation:latest@sha256:ec054455af9857782d13f0507b0e0378ed0dee83dab11a3e1e5939eebb083522 steps: - name: Install Helm run: /bin/bash -c "curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash" - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 with: fetch-depth: 0 diff --git a/archive/scale-catalog-template/.github/workflows/Push_testing.yaml b/archive/scale-catalog-template/.github/workflows/Push_testing.yaml index 47d58ac70ed7..bb2ba8f74747 100644 --- a/archive/scale-catalog-template/.github/workflows/Push_testing.yaml +++ b/archive/scale-catalog-template/.github/workflows/Push_testing.yaml @@ -6,10 +6,10 @@ jobs: build: runs-on: ubuntu-latest container: - image: ixsystems/catalog_validation:latest + image: ixsystems/catalog_validation:latest@sha256:ec054455af9857782d13f0507b0e0378ed0dee83dab11a3e1e5939eebb083522 steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1 name: Checkout - name: Validate catalog format diff --git a/archive/scale-catalog/.github/workflows/metadata-label-commenter.yaml b/archive/scale-catalog/.github/workflows/metadata-label-commenter.yaml index 168a041aa5f6..4dd32e44673b 100644 --- a/archive/scale-catalog/.github/workflows/metadata-label-commenter.yaml +++ b/archive/scale-catalog/.github/workflows/metadata-label-commenter.yaml @@ -22,11 +22,11 @@ jobs: name: Label commenter runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: token: ${{ secrets.BOT_TOKEN }} ref: master - - uses: peaceiris/actions-label-commenter@v1 + - uses: peaceiris/actions-label-commenter@f0dbbef043eb1b150b566db36b0bdc8b7f505579 # v1 with: github_token: ${{ secrets.BOT_TOKEN }} diff --git a/archive/scale-catalog/.github/workflows/metadata-label-pr.yaml b/archive/scale-catalog/.github/workflows/metadata-label-pr.yaml index 12cb7138e149..b92a00dd0a48 100644 --- a/archive/scale-catalog/.github/workflows/metadata-label-pr.yaml +++ b/archive/scale-catalog/.github/workflows/metadata-label-pr.yaml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Label Size - uses: pascalgn/size-label-action@v0.4.3 + uses: pascalgn/size-label-action@be08a2d5f857dc99c5b9426cdb5a8ea1aa7f0399 # v0.5.4 env: GITHUB_TOKEN: "${{ secrets.BOT_TOKEN }}" with: diff --git a/archive/scale-catalog/.github/workflows/prune.yaml b/archive/scale-catalog/.github/workflows/prune.yaml index 9c72f020c51a..eecc8677b7b4 100644 --- a/archive/scale-catalog/.github/workflows/prune.yaml +++ b/archive/scale-catalog/.github/workflows/prune.yaml @@ -9,7 +9,7 @@ jobs: name: "Pruning" steps: - name: Checkout branch - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 with: fetch-depth: 0 token: ${{ secrets.BOT_TOKEN }} diff --git a/archive/scale-catalog/.github/workflows/schedule-sync-labels.yaml b/archive/scale-catalog/.github/workflows/schedule-sync-labels.yaml index 001877c309da..3e142eae4fe6 100644 --- a/archive/scale-catalog/.github/workflows/schedule-sync-labels.yaml +++ b/archive/scale-catalog/.github/workflows/schedule-sync-labels.yaml @@ -12,12 +12,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: token: ${{ secrets.BOT_TOKEN }} - name: Sync Labels - uses: EndBug/label-sync@v2 + uses: EndBug/label-sync@52074158190acb45f3077f9099fea818aa43f97a # v2 with: config-file: | https://raw.githubusercontent.com/truecharts/.github/main/.github/labels.yaml diff --git a/archive/scale-catalog/.github/workflows/stale.yaml b/archive/scale-catalog/.github/workflows/stale.yaml index fb649a1487f1..b0f947e3ba64 100644 --- a/archive/scale-catalog/.github/workflows/stale.yaml +++ b/archive/scale-catalog/.github/workflows/stale.yaml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Check for stale issues and PRs - uses: actions/stale@v5 + uses: actions/stale@f7176fd3007623b69d27091f9b9d4ab7995f0a06 # v5 with: repo-token: ${{ secrets.BOT_TOKEN }} days-before-issue-stale: 180 diff --git a/archive/truetool/.github/workflows/renovate.yml b/archive/truetool/.github/workflows/renovate.yml index 1ef067568f14..14cc0817313a 100644 --- a/archive/truetool/.github/workflows/renovate.yml +++ b/archive/truetool/.github/workflows/renovate.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: token: ${{ secrets.BOT_TOKEN }} - name: Self-hosted Renovate diff --git a/archive/truetool/.github/workflows/shellcheck.yml b/archive/truetool/.github/workflows/shellcheck.yml index b0c3d633b4e7..9c268f218e3f 100644 --- a/archive/truetool/.github/workflows/shellcheck.yml +++ b/archive/truetool/.github/workflows/shellcheck.yml @@ -10,7 +10,7 @@ jobs: name: Shellcheck runs-on: ubuntu-latest steps: - - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Run ShellCheck uses: ludeeus/action-shellcheck@master with: @@ -21,6 +21,6 @@ jobs: pre-commit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3 - - uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4 - - uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507 # tag=v3.0.0 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 + - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4 + - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 diff --git a/containers/apps/kube-sa-proxy/.github/workflows/docker-publish.yml b/containers/apps/kube-sa-proxy/.github/workflows/docker-publish.yml index 69ac76cee65d..bfe9592181c5 100644 --- a/containers/apps/kube-sa-proxy/.github/workflows/docker-publish.yml +++ b/containers/apps/kube-sa-proxy/.github/workflows/docker-publish.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 - name: Log in to the Container registry uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3