From b0b381e841e8f3421bdd4c4fc00784b1332edbda Mon Sep 17 00:00:00 2001 From: "hashicorp-tsccr[bot]" <129506189+hashicorp-tsccr[bot]@users.noreply.github.com> Date: Mon, 4 Nov 2024 13:53:58 -0800 Subject: [PATCH] SEC-090: Automated trusted workflow pinning (2024-11-04) (#962) Result of tsccr-helper -log-level=info gha update -latest .github/ Co-authored-by: hashicorp-tsccr[bot] --- .github/actions/integration-test/action.yml | 4 +-- .github/workflows/build.yaml | 32 ++++++++++----------- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/actions/integration-test/action.yml b/.github/actions/integration-test/action.yml index d2f9e163..d49fe5c7 100644 --- a/.github/actions/integration-test/action.yml +++ b/.github/actions/integration-test/action.yml @@ -56,9 +56,9 @@ runs: fi [ -n "${{ inputs.version }}" ] || (echo "inputs.version not set" >&2 ; exit 1) # Checkout this repo. - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version-file: .go-version - name: Create Kind Cluster diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 58460503..77cfec2b 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -22,7 +22,7 @@ jobs: outputs: product-version: ${{ steps.get-product-version.outputs.product-version }} steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: get product version id: get-product-version run: | @@ -36,9 +36,9 @@ jobs: outputs: go-version: ${{ steps.setup-go.outputs.go-version }} steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - id: setup-go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version-file: .go-version - name: go mod download all @@ -77,12 +77,12 @@ jobs: needs: - build-pre-checks steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version-file: .go-version - run: make ci-test - - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 + - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: '20' - run: npm install -g bats@${BATS_VERSION} @@ -100,7 +100,7 @@ jobs: filepath: ${{ steps.generate-metadata-file.outputs.filepath }} steps: - name: Checkout directory - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Generate metadata file id: generate-metadata-file uses: hashicorp/actions-generate-metadata@v1 @@ -125,9 +125,9 @@ jobs: fail-fast: true steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version-file: .go-version - name: Build binary @@ -168,7 +168,7 @@ jobs: repo: ${{github.event.repository.name}} version: ${{needs.get-product-version.outputs.product-version}} steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup scripts directory shell: bash run: | @@ -212,7 +212,7 @@ jobs: version: ${{needs.get-product-version.outputs.product-version}} image_tag: ${{needs.get-product-version.outputs.product-version}}-ubi steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup scripts directory shell: bash run: | @@ -258,7 +258,7 @@ jobs: version: ${{needs.get-product-version.outputs.product-version}} image_tag: ${{needs.get-product-version.outputs.product-version}}-ubi steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup scripts directory shell: bash run: | @@ -328,9 +328,9 @@ jobs: shell: bash run: | helm repo add hashicorp https://helm.releases.hashicorp.com - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version-file: .go-version - name: Run tests @@ -365,7 +365,7 @@ jobs: installation-method: [helm, kustomize] vault-enterprise: [true, false] steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: ./.github/actions/integration-test name: vault:${{ matrix.vault-version }} kind:${{ matrix.k8s-version }} with: @@ -401,7 +401,7 @@ jobs: installation-method: [kustomize] vault-enterprise: [true] steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: ./.github/actions/integration-test name: vault:${{ matrix.vault-version }} kind:${{ matrix.k8s-version }} with: