Skip to content

Commit

Permalink
Merge branch 'main' into bug/check-race
Browse files Browse the repository at this point in the history
  • Loading branch information
@spencerschrock
spencerschrock authored Mar 15, 2023
2 parents d19b0b8 + c20ed9e commit ef74ee4
Show file tree
Hide file tree
Showing 8 changed files with 34 additions and 41 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/codeql-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/docker.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ jobs:
if: (needs.docs_only_check.outputs.docs_only != 'true')
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -107,7 +107,7 @@ jobs:
if: (needs.docs_only_check.outputs.docs_only != 'true')
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -155,7 +155,7 @@ jobs:
if: (needs.docs_only_check.outputs.docs_only != 'true')
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -203,7 +203,7 @@ jobs:
if: (needs.docs_only_check.outputs.docs_only != 'true')
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -251,7 +251,7 @@ jobs:
if: (needs.docs_only_check.outputs.docs_only != 'true')
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -299,7 +299,7 @@ jobs:
if: (needs.docs_only_check.outputs.docs_only != 'true')
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -347,7 +347,7 @@ jobs:
if: (needs.docs_only_check.outputs.docs_only != 'true')
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down
9 changes: 1 addition & 8 deletions .github/workflows/goreleaser.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand All @@ -47,12 +47,6 @@ jobs:
- name: Configure ldflags
id: ldflags
run: echo "version_flags=$(./scripts/version-ldflags)" >> "$GITHUB_OUTPUT"
- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@111c56156bcc6918c056dbef52164cfa583dc549 # v5.2.0
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.PASSPHRASE }}
- name: Run GoReleaser
id: run-goreleaser
uses: goreleaser/goreleaser-action@8f67e590f2d095516493f017008adc464e63adb1 # v2.5.0
Expand All @@ -61,7 +55,6 @@ jobs:
args: release --rm-dist
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
VERSION_LDFLAGS: ${{ steps.ldflags.outputs.version_flags }}
- name: Generate subject
id: hash
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/integration.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand All @@ -37,7 +37,7 @@ jobs:
needs: [approve]
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down
40 changes: 20 additions & 20 deletions .github/workflows/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -77,7 +77,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -125,7 +125,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -172,7 +172,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -208,7 +208,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -256,7 +256,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -304,7 +304,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -352,7 +352,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -400,7 +400,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -448,7 +448,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -496,7 +496,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -544,7 +544,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -592,7 +592,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -640,7 +640,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -688,7 +688,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -735,7 +735,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -765,7 +765,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -808,7 +808,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: Install Protoc
Expand Down Expand Up @@ -854,7 +854,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down Expand Up @@ -889,7 +889,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/publishimage.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ jobs:
COSIGN_EXPERIMENTAL: "true"
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/stale.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/verify.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

Expand Down

0 comments on commit ef74ee4

Please sign in to comment.