SEC-090: Automated trusted workflow pinning (2024-06-17) (#1009)

* Result of tsccr-helper -log-level=info gha update -latest . * Ensure CI runs on action upgrade * Add version to .goreleaser file --------- Co-authored-by: hashicorp-tsccr[bot] <hashicorp-tsccr[bot]@users.noreply.github.com> Co-authored-by: Austin Valle <[email protected]>
hashicorp · Jun 21, 2024 · d737605 · d737605
1 parent 63578d1
commit d737605
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 4 deletions.
diff --git a/.github/workflows/ci-goreleaser.yml b/.github/workflows/ci-goreleaser.yml
@@ -4,6 +4,7 @@ name: ci-goreleaser
 on:
   pull_request:
     paths:
+      - .github/workflows/ci-goreleaser.yml
       - .goreleaser.yml
 
 permissions:
@@ -17,6 +18,6 @@ jobs:
       - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
         with:
           go-version-file: 'go.mod'
-      - uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
+      - uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0
         with:
           args: check
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -93,7 +93,7 @@ jobs:
           cd .changes
           sed -e "1{/# /d;}" -e "2{/^$/d;}" ${{ needs.changelog-version.outputs.version }}.md > /tmp/release-notes.txt
 
-      - uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
+      - uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:

diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -1,6 +1,7 @@
+version: 2
 project_name: terraform-plugin-framework
-build:
-  skip: true
+builds:
+  - skip: true
 milestones:
   - close: true
 release: