diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index fe2611188..e3dc29353 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -30,7 +30,7 @@ jobs: docs_changed: ${{steps.docs-changes.outputs.count > 0}} steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Check code changes id: code-changes uses: technote-space/get-diff-action@v6 @@ -75,7 +75,7 @@ jobs: if: needs.check-changes.outputs.code_changed == 'true' steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Set up Go uses: actions/setup-go@v4 with: @@ -92,7 +92,7 @@ jobs: if: needs.check-changes.outputs.code_changed == 'true' steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Set up Go uses: actions/setup-go@v4 with: @@ -110,7 +110,7 @@ jobs: if: needs.check-changes.outputs.docs_changed == 'true' steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Setup Node uses: actions/setup-node@v3 with: @@ -127,7 +127,7 @@ jobs: if: needs.check-changes.outputs.image_config_changed == 'true' steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Run hadolint for Dockerfile uses: hadolint/hadolint-action@v3.1.0 with: @@ -144,7 +144,7 @@ jobs: if: needs.check-changes.outputs.helm_chart_changed == 'true' steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Setup k8s tools uses: yokawasa/action-setup-kube-tools@v0.9.3 with: @@ -171,7 +171,7 @@ jobs: if: needs.check-changes.outputs.code_changed == 'true' || needs.check-changes.outputs.test_data_changed == 'true' steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Set up Go uses: actions/setup-go@v4 with: @@ -218,7 +218,7 @@ jobs: goos: windows steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Set up Go uses: actions/setup-go@v4 with: @@ -242,7 +242,7 @@ jobs: id-token: write steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 with: fetch-depth: 0 - name: Set up Go @@ -283,7 +283,7 @@ jobs: (needs.test.result == 'success' || (needs.test.result == 'skipped' && needs.check-changes.outputs.image_config_changed == 'true')) steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Install Cosign if: github.ref == 'refs/heads/main' uses: sigstore/cosign-installer@v3.1.2 @@ -362,7 +362,7 @@ jobs: - prepare-release steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Prepare image version id: image-version run: | @@ -436,7 +436,7 @@ jobs: if: needs.prepare-release.outputs.release_created steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Prepare image version id: image-version run: | @@ -458,7 +458,7 @@ jobs: if: needs.prepare-release.outputs.release_created == false && needs.check-changes.outputs.docs_changed == 'true' steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 with: submodules: true # Fetch Hugo themes (true OR recursive) fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod @@ -505,7 +505,7 @@ jobs: if: needs.prepare-release.outputs.release_created steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 with: submodules: true # Fetch Hugo themes (true OR recursive) fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index 3d2f6a0c0..0ab72727a 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -21,7 +21,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Run Trivy vulnerability scanner in repo mode uses: aquasecurity/trivy-action@master with: @@ -46,7 +46,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: