Skip to content

Commit 2c2cfa4

Browse files
anthony-nhsanthony-nhs
authored
Fix: [AEA-0000] - use versioned sbom check (#26)
## Summary - Routine Change ### Details - use versioned sbom check
1 parent 4a6d03a commit 2c2cfa4

File tree

3 files changed

+13
-13
lines changed

3 files changed

+13
-13
lines changed

.github/workflows/pull_request.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
1818
steps:
1919
- name: Checkout code
20-
uses: actions/checkout@v5
20+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
2121

2222
- name: Get asdf version
2323
id: asdf-version

.github/workflows/quality-checks.yml

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -28,14 +28,14 @@ jobs:
2828
quality_checks:
2929
runs-on: ubuntu-22.04
3030
steps:
31-
- uses: actions/setup-java@v5
31+
- uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165
3232
if: ${{ inputs.install_java }}
3333
with:
3434
java-version: "21"
3535
distribution: "corretto"
3636

3737
- name: Checkout code
38-
uses: actions/checkout@v5
38+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
3939
with:
4040
ref: ${{ env.BRANCH_NAME }}
4141
fetch-depth: 0
@@ -79,7 +79,7 @@ jobs:
7979
asdf_version: ${{ inputs.asdfVersion }}
8080

8181
- name: Cache asdf
82-
uses: actions/cache@v4
82+
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830
8383
with:
8484
path: |
8585
~/.asdf
@@ -196,10 +196,10 @@ jobs:
196196
run: make lint
197197

198198
- name: actionlint
199-
uses: raven-actions/actionlint@v2
199+
uses: raven-actions/actionlint@3a24062651993d40fed1019b58ac6fbdfbf276cc
200200

201201
- name: Run ShellCheck
202-
uses: ludeeus/action-shellcheck@master
202+
uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38
203203
with:
204204
ignore_paths: >-
205205
*test*
@@ -302,9 +302,9 @@ jobs:
302302
done
303303
304304
- name: Download terraform plans
305-
uses: actions/download-artifact@v5
305+
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53
306306
with:
307-
pattern: '*_terraform_plan'
307+
pattern: "*_terraform_plan"
308308
path: terraform_plans/
309309
merge-multiple: true
310310

@@ -319,7 +319,7 @@ jobs:
319319
ls -l terraform_plans/
320320
echo "terraform_plans_exist=true" >> "$GITHUB_OUTPUT"
321321
fi
322-
322+
323323
- name: Run cfn-guard script for terraform plans
324324
if: steps.check_terraform_plans.outputs.terraform_plans_exist == 'true'
325325
run: |
@@ -343,13 +343,13 @@ jobs:
343343

344344
- name: Upload cfn_guard_output
345345
if: failure()
346-
uses: actions/upload-artifact@v4
346+
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4
347347
with:
348348
name: cfn_guard_output
349349
path: cfn_guard_output
350350

351351
- name: Generate and check SBOMs
352-
uses: NHSDigital/eps-action-sbom@main
352+
uses: NHSDigital/eps-action-sbom@efc65411a5d69d617c9ba15d633a18f7b9896859
353353

354354
- name: "check is SONAR_TOKEN exists"
355355
env:
@@ -362,7 +362,7 @@ jobs:
362362
run: mvn sonar:sonar -Dsonar.login=${{ secrets.SONAR_TOKEN }}
363363

364364
- name: SonarCloud Scan
365-
uses: SonarSource/sonarqube-scan-action@master
365+
uses: SonarSource/sonarqube-scan-action@fd88b7d7ccbaefd23d8f36f73b59db7a3d246602
366366
if: ${{ steps.check_java.outputs.uses_java == 'false' && env.SONAR_TOKEN_EXISTS == 'true' }}
367367
env:
368368
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ jobs:
1515
tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
1616
steps:
1717
- name: Checkout code
18-
uses: actions/checkout@v5
18+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
1919

2020
- name: Get asdf version
2121
id: asdf-version

0 commit comments

Comments
 (0)