From 0c46d99c133672bd990f0cbdb4996344873b1b27 Mon Sep 17 00:00:00 2001 From: Alano Terblanche <18033717+Benehiko@users.noreply.github.com> Date: Thu, 5 Mar 2026 14:05:54 +0100 Subject: [PATCH] chore: pin gh actions to commit tags Signed-off-by: Alano Terblanche <18033717+Benehiko@users.noreply.github.com> --- .github/workflows/go-work-check.yml | 4 ++-- .github/workflows/gomodguard.yml | 6 +++--- .github/workflows/govulncheck.yml | 6 +++--- .github/workflows/keychain.yml | 14 +++++++------- .github/workflows/lint.yml | 8 ++++---- .github/workflows/pr-review.yml | 2 +- .github/workflows/proto-check.yml | 6 +++--- .github/workflows/proto-lint.yml | 6 +++--- .github/workflows/unittests.yml | 4 ++-- 9 files changed, 28 insertions(+), 28 deletions(-) diff --git a/.github/workflows/go-work-check.yml b/.github/workflows/go-work-check.yml index a09b7ba7..8722a38d 100644 --- a/.github/workflows/go-work-check.yml +++ b/.github/workflows/go-work-check.yml @@ -13,9 +13,9 @@ jobs: pull-requests: write contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version-file: go.work - name: Check if go work sync/vendor is clean diff --git a/.github/workflows/gomodguard.yml b/.github/workflows/gomodguard.yml index d014399c..2e2e6f75 100644 --- a/.github/workflows/gomodguard.yml +++ b/.github/workflows/gomodguard.yml @@ -13,17 +13,17 @@ jobs: pull-requests: write contents: write steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 - name: Hub login - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: username: dockerpublicbot password: ${{ secrets.DOCKERPUBLICBOT_WRITE_PAT }} - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 with: driver: cloud endpoint: "docker/secrets-engine" diff --git a/.github/workflows/govulncheck.yml b/.github/workflows/govulncheck.yml index 4b77278d..fca2bb5f 100644 --- a/.github/workflows/govulncheck.yml +++ b/.github/workflows/govulncheck.yml @@ -13,17 +13,17 @@ jobs: pull-requests: write contents: write steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 - name: Hub login - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: username: dockerpublicbot password: ${{ secrets.DOCKERPUBLICBOT_WRITE_PAT }} - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 with: driver: cloud endpoint: "docker/secrets-engine" diff --git a/.github/workflows/keychain.yml b/.github/workflows/keychain.yml index 96545d63..8abb6825 100644 --- a/.github/workflows/keychain.yml +++ b/.github/workflows/keychain.yml @@ -27,15 +27,15 @@ jobs: # - ubuntu-24-kdewallet steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Hub login - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: username: dockerpublicbot password: ${{ secrets.DOCKERPUBLICBOT_WRITE_PAT }} - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 with: driver: cloud endpoint: "docker/secrets-engine" @@ -55,9 +55,9 @@ jobs: - windows-2022 - windows-2025 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version-file: go.work - name: Test keychain @@ -76,9 +76,9 @@ jobs: - macOS-15 - macOS-14 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version-file: go.work - name: Test keychain diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index b7339aac..f1839e58 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -22,19 +22,19 @@ jobs: contents: write steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version-file: go.work - name: Hub login - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: username: dockerpublicbot password: ${{ secrets.DOCKERPUBLICBOT_WRITE_PAT }} - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 with: driver: cloud endpoint: "docker/secrets-engine" diff --git a/.github/workflows/pr-review.yml b/.github/workflows/pr-review.yml index 6042bcc4..be237d64 100644 --- a/.github/workflows/pr-review.yml +++ b/.github/workflows/pr-review.yml @@ -12,5 +12,5 @@ permissions: issues: write jobs: review: - uses: docker/cagent-action/.github/workflows/review-pr.yml@latest + uses: docker/cagent-action/.github/workflows/review-pr.yml@6ee4111d1f2b1078cf438d955d1c1c5cc48c36c7 # latest secrets: inherit diff --git a/.github/workflows/proto-check.yml b/.github/workflows/proto-check.yml index 11839f5b..c122e17c 100644 --- a/.github/workflows/proto-check.yml +++ b/.github/workflows/proto-check.yml @@ -17,17 +17,17 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Hub login - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: username: dockerpublicbot password: ${{ secrets.DOCKERPUBLICBOT_WRITE_PAT }} - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 with: driver: cloud endpoint: "docker/secrets-engine" diff --git a/.github/workflows/proto-lint.yml b/.github/workflows/proto-lint.yml index a7d9e5d3..403a8b86 100644 --- a/.github/workflows/proto-lint.yml +++ b/.github/workflows/proto-lint.yml @@ -17,17 +17,17 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Hub login - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: username: dockerpublicbot password: ${{ secrets.DOCKERPUBLICBOT_WRITE_PAT }} - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 with: driver: cloud endpoint: "docker/secrets-engine" diff --git a/.github/workflows/unittests.yml b/.github/workflows/unittests.yml index 94734a5d..abd31baf 100644 --- a/.github/workflows/unittests.yml +++ b/.github/workflows/unittests.yml @@ -9,9 +9,9 @@ jobs: name: Unit Tests runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version-file: go.work - name: Unit Tests