From 9fbebc82f6a54b2d6e873eb2485f833537d3ea80 Mon Sep 17 00:00:00 2001 From: Dmytro Bondar Date: Fri, 7 Nov 2025 23:17:00 +0100 Subject: [PATCH] Update and pin all actions versions (#564) Signed-off-by: Dmytro Bondar --- .github/workflows/chart.yml | 12 ++++++------ .github/workflows/docker-publish.yml | 22 +++++++++++----------- .github/workflows/pages.yml | 6 +++--- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/chart.yml b/.github/workflows/chart.yml index cc959b5..ecb7ba3 100644 --- a/.github/workflows/chart.yml +++ b/.github/workflows/chart.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event_name == 'pull_request' }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 @@ -35,16 +35,16 @@ jobs: # ct lint requires Python 3.x to run following packages: # - yamale (https://github.com/23andMe/Yamale) # - yamllint (https://github.com/adrienverge/yamllint) - - uses: actions/setup-python@v6 + - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: '3.x' - - uses: helm/chart-testing-action@v2 + - uses: helm/chart-testing-action@6ec842c01de15ebb84c8627d2744a0c2f2755c9f # v2.8.0 - name: Run chart-testing (lint) run: ct lint --config ct.yaml - - uses: nolar/setup-k3d-k3s@v1 + - uses: nolar/setup-k3d-k3s@293b8e5822a20bc0d5bcdd4826f1a665e72aba96 # v1.0.9 with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -60,9 +60,9 @@ jobs: permissions: packages: write steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: docker/login-action@v3 + - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index bc3c7da..48407be 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -18,13 +18,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out the repo - uses: actions/checkout@v5 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 - name: Get Version shell: bash @@ -32,14 +32,14 @@ jobs: - name: Login to Docker Hub if: github.event_name != 'pull_request' - uses: docker/login-action@v3 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry if: github.event_name != 'pull_request' - uses: docker/login-action@v3 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -47,7 +47,7 @@ jobs: - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0 with: images: | wgportal/wg-portal @@ -68,7 +68,7 @@ jobs: type=semver,pattern=v{{major}} - name: Build and push Docker image - uses: docker/build-push-action@v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 with: context: . push: ${{ github.event_name != 'pull_request' }} @@ -80,7 +80,7 @@ jobs: BUILD_VERSION=${{ env.BUILD_VERSION }} - name: Export binaries from images - uses: docker/build-push-action@v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 with: context: . platforms: linux/amd64,linux/arm64,linux/arm/v7 @@ -96,7 +96,7 @@ jobs: done - name: Upload binaries - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: binaries path: binaries/wg-portal_linux* @@ -110,12 +110,12 @@ jobs: contents: write steps: - name: Download binaries - uses: actions/download-artifact@v5 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: binaries - name: Create GitHub Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 with: files: 'wg-portal_linux*' generate_release_notes: true diff --git a/.github/workflows/pages.yml b/.github/workflows/pages.yml index 0bc7674..37fd61f 100644 --- a/.github/workflows/pages.yml +++ b/.github/workflows/pages.yml @@ -15,11 +15,11 @@ jobs: deploy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 - - uses: actions/setup-python@v6 + - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: 3.x @@ -37,4 +37,4 @@ jobs: run: mike deploy --push --update-aliases ${{ github.ref_name }} latest env: GIT_COMMITTER_NAME: "github-actions[bot]" - GIT_COMMITTER_EMAIL: "41898282+github-actions[bot]@users.noreply.github.com" \ No newline at end of file + GIT_COMMITTER_EMAIL: "41898282+github-actions[bot]@users.noreply.github.com"