From 2ea7b777b1a5d95c73da46231af208af887791b1 Mon Sep 17 00:00:00 2001 From: Aline Shulzhenko Date: Wed, 7 Aug 2024 09:50:38 -0400 Subject: [PATCH] update github actions to commits --- .github/dependabot.yml | 4 ++++ .../workflows/.github/workflows/dependabot_auto_merge.yml | 8 ++++---- .github/workflows/ci.yml | 4 ++-- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 90cfb11..e0f92c7 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -11,6 +11,10 @@ registries: username: ${{secrets.DEPENDENCIES_GITHUB_USER}} password: ${{secrets.DEPENDENCIES_GITHUB_TOKEN}} updates: + - package-ecosystem: github-actions + directory: "/" + schedule: + interval: weekly - package-ecosystem: bundler directory: "/" schedule: diff --git a/.github/workflows/.github/workflows/dependabot_auto_merge.yml b/.github/workflows/.github/workflows/dependabot_auto_merge.yml index 3caf56b..80cc1b7 100644 --- a/.github/workflows/.github/workflows/dependabot_auto_merge.yml +++ b/.github/workflows/.github/workflows/dependabot_auto_merge.yml @@ -8,7 +8,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v1.6.0 + uses: dependabot/fetch-metadata@c9c4182bf1b97f5224aee3906fd373f6b61b4526 # v1.6.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" @@ -16,7 +16,7 @@ jobs: id: check_ci_failure continue-on-error: true if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.dependency-group == 'auto_merge' }} - uses: actions/github-script@v6 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 with: script: | function sleep(ms) { @@ -62,7 +62,7 @@ jobs: core.setOutput("ci_state", ci_state) - name: Send Slack notification if auto-merge failed if: ${{ steps.check_ci_failure.outputs.ci_state == 'false' }} - uses: ruby/action-slack@v3.0.0 + uses: ruby/action-slack@b6882ea6ef8f556f9f9af9ec1220d3f1ced74acf # v3.0.0 with: payload: | { @@ -77,7 +77,7 @@ jobs: - name: Approve and merge if: ${{ steps.check_ci_failure.outputs.ci_state == 'true' && (steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.dependency-group == 'auto_merge') }} - uses: actions/github-script@v6 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 with: script: | await github.rest.pulls.createReview({ diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 177cb9b..30bb127 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,9 +14,9 @@ jobs: matrix: version: [ '2.7', '3.0', '3.1', '3.2', '3.3' ] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Ruby ${{ matrix.version }} - uses: ruby/setup-ruby@v1 + uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1.190.0 with: ruby-version: ${{ matrix.version }} bundler-cache: true