diff --git a/.github/workflows/build-and-push-docker.yml b/.github/workflows/build-and-push-docker.yml index cc0edbf..62ebdf6 100644 --- a/.github/workflows/build-and-push-docker.yml +++ b/.github/workflows/build-and-push-docker.yml @@ -31,7 +31,7 @@ jobs: packages: write contents: read steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Build image run: docker build --tag ${{ inputs.registry }}/${{ inputs.image_name }}:${{ inputs.image_version }} api/ diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8a8c77f..c21807d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,7 +24,7 @@ jobs: # Reference: https://github.com/swagger-api/swagger-codegen/blob/master/standalone-gen-dev/standalone-generator-development.md runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: API Generation Setup run: | @@ -36,7 +36,7 @@ jobs: java -jar ${{ env.SWAGGER_CODEGEN_CLI_LOCAL_JAR }} generate -i ${{ env.SWAGGER_API_FILE }} -l go -o ${{ env.OUT_GO }} - name: Archive generated GO code - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3 with: name: go-api path: ${{ env.OUT_GO }} @@ -72,7 +72,7 @@ jobs: ls -rotl ${OUT_JAVA} - name: Archive generated JAVA code - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3 with: name: java-api path: ${{ env.OUT_JAVA }} @@ -83,7 +83,7 @@ jobs: java -jar ${{ env.SWAGGER_CODEGEN_CLI_LOCAL_JAR }} generate -i ${{ env.SWAGGER_API_FILE }} -l nodejs-server -o ${{ env.OUT_NODEJS }} - name: API Server Implementation - NodeJS - uses: actions/setup-python@v2 + uses: actions/setup-python@e9aba2c848f5ebd159c070c61ea2c4e2b122355e # v2 with: python-version: 3.8 #install the python needed - name: Overlay NodeJS Server Implementation @@ -126,7 +126,7 @@ jobs: # - name: Generate NPM package details # run: | - name: Archive generated NodeJS code - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3 with: name: nodejs-server path: ${{ env.OUT_NODEJS }} @@ -140,7 +140,7 @@ jobs: packages: write contents: read steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Build image run: | @@ -160,7 +160,7 @@ jobs: runs-on: ubuntu-latest needs: [generate-api-code, docker-API-Builder] steps: - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3 - name: List java-api Directory Contents run: ls -rotl java-api @@ -176,7 +176,7 @@ jobs: echo "buildRoot=${PWD}" >> $GITHUB_ENV - name: Publish Java client jar - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3 with: name: java-client path: ${{ env.buildRoot }}/build/libs/*.jar @@ -192,7 +192,7 @@ jobs: echo "targetRoot=${PWD}/target" >> $GITHUB_ENV - name: Publish packaged Java client jar - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3 with: name: java-client-package path: | @@ -209,7 +209,7 @@ jobs: packages: write contents: read steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Copy API Definition run: cp ${{ env.SWAGGER_API_FILE }} ${{ env.BUILD_DIR }} @@ -237,7 +237,7 @@ jobs: packages: write contents: read steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Build image run: | @@ -263,7 +263,7 @@ jobs: packages: write contents: read steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Build image run: | @@ -289,7 +289,7 @@ jobs: packages: write contents: read steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Build image run: | @@ -325,7 +325,7 @@ jobs: packages: write contents: read steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Build image run: | @@ -350,7 +350,7 @@ jobs: packages: write contents: read steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Build image run: | @@ -375,7 +375,7 @@ jobs: packages: write contents: read steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Build image run: | @@ -393,9 +393,9 @@ jobs: build-obsidian-lightswitch-chaincode: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Checkout the Obsidian repo - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 with: repository: mcoblenz/Obsidian path: './Obsidian' @@ -436,7 +436,7 @@ jobs: echo "buildRoot=${PWD}" >> $GITHUB_ENV popd - name: Publish chaincode jar - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3 with: name: lightswitch-chaincode path: | @@ -453,8 +453,8 @@ jobs: packages: write contents: read steps: - - uses: actions/checkout@v2 - - uses: actions/download-artifact@v3 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 + - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3 - name: Prepare run: | pushd lightswitch-chaincode/build/libs diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9f9d230..5f19a86 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -39,11 +39,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@df329aa0e224a5582af14d153cfb09a2e783e7f9 # v2 with: languages: ${{ matrix.language }} @@ -58,7 +58,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@faa06bd0c3efe9bf73685e4489e70f0f552edc63 # v3 # Command-line programs to run using the OS shell. # See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -71,7 +71,7 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@faa06bd0c3efe9bf73685e4489e70f0f552edc63 # v3 with: category: "/language:${{ matrix.language }}"