Skip to content

Commit

Permalink
ci: Update 3rd-party components
Browse files Browse the repository at this point in the history 
Signed-off-by: Taras Drozdovskyi <[email protected]>
  • Loading branch information
@tdrozdovsky
tdrozdovsky committed Aug 8, 2024
1 parent b582cf4 commit 3d5449e
Show file tree
Hide file tree
Showing 8 changed files with 27 additions and 27 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,10 @@ jobs:
os: [ubuntu-20.04]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332

- name: Setup Golang
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
with:
go-version: '1.19'

Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/codeql.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,18 +22,18 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@f079b8493333aace61c81488f8bd40919487bd9f
uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a
with:
languages: ${{ matrix.language }}

- name: Setup Golang
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
with:
go-version: '1.19'

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@f079b8493333aace61c81488f8bd40919487bd9f
uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a
6 changes: 3 additions & 3 deletions .github/workflows/fossology-check.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
name: Check license, copyright, keyword
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- run: |
docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \
-e GITHUB_TOKEN=${{ github.token }} \
Expand All @@ -21,12 +21,12 @@ jobs:
-e GITHUB_ACTIONS=true \
fossology/fossology:scanner "/bin/fossologyscanner" --report TEXT repo nomos ojo copyright keyword
# Upload artifact
- uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
- uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b
with:
name: scan-fossology-report
path: ./results

# Artifact download
- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: scan-fossology-report
4 changes: 2 additions & 2 deletions .github/workflows/go-fuzz-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,10 @@ jobs:
os: [ubuntu-20.04]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332

- name: Setup Golang
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
with:
go-version: '1.19'

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/lint-vet-gofmt-staticcheck-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@ jobs:
lintvetanalysis:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332

- name: Setup Golang
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
with:
go-version: '1.19'

Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/publish.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,15 +12,15 @@ jobs:
runs-on: ubuntu-20.04
steps:
- name: Check out the repo
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332

- name: Setup Golang
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
with:
go-version: '1.19'

- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf

- name: Extract metadata (tags, labels) for Docker
id: meta
Expand All @@ -31,10 +31,10 @@ jobs:
type=semver,pattern={{version}}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db

- name: Log in to Docker Hub
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
Expand All @@ -45,7 +45,7 @@ jobs:
cp configs/defdockerfiles/ubuntu_multistage Dockerfile
- name: Build and push
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0
uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445
with:
context: .
build-args: TARGETVERSION=v${{ steps.meta.outputs.version }}
Expand All @@ -63,7 +63,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c
with:
egress-policy: audit

Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/scorecards-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,17 +32,17 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c
with:
egress-policy: audit

- name: "Checkout code"
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
with:
results_file: results.sarif
results_format: sarif
Expand All @@ -64,14 +64,14 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a
with:
sarif_file: results.sarif
4 changes: 2 additions & 2 deletions .github/workflows/test-suite.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,10 @@ jobs:
os: [ubuntu-20.04]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332

- name: Setup Golang
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
with:
go-version: '1.19'

Expand Down

0 comments on commit 3d5449e

Please sign in to comment.