Skip to content

Commit 19ae3c4

Browse files
mlawsoncamlawsonca
committed
Pin GHA action versions for Scorecard
Signed-off-by: Margaret Lawson <mlawsonca@google.com>
1 parent a6aaa55 commit 19ae3c4

File tree

1 file changed

+11
-11
lines changed

1 file changed

+11
-11
lines changed

.github/workflows/gcp-weekly.yml

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -116,7 +116,7 @@ jobs:
116116
echo "FVERSION=$FVERSION" >> $GITHUB_ENV
117117
echo "COMMIT_STATUS_DISTRO_VERSION=$COMMIT_STATUS_DISTRO_VERSION" >> $GITHUB_ENV
118118
- name: Checkout code
119-
uses: actions/checkout@v4
119+
uses: actions/checkout@v4@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
120120
with:
121121
# DO NOT LAND THIS. This is for testing only
122122
ref: ${{ github.event.pull_request.head.sha }}
@@ -162,7 +162,7 @@ jobs:
162162
cat mock_result/build.log
163163
- name: Save RPM build logs
164164
continue-on-error: true
165-
uses: actions/upload-artifact@v4
165+
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
166166
with:
167167
name: ${{ env.STAGE_NAME }} logs
168168
path: |
@@ -186,12 +186,12 @@ jobs:
186186
run: rm -f ${REPO_PATH}lastSuccessfulBuild;
187187
exit 1
188188
- name: Publish RPMs
189-
uses: actions/upload-artifact@v4
189+
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
190190
with:
191191
name: ${{ env.DISTRO_NAME }} ${{ env.DISTRO_VERSION }} RPM repository
192192
path: ${{ env.REPO_PATH}}${{ github.run_number }}/artifact/artifacts/${{ env.TARGET }}
193193
- name: Update commit status
194-
uses: ouzi-dev/commit-status-updater@v2
194+
uses: ouzi-dev/commit-status-updater@26588d166ff273fc4c0664517359948f7cdc9bf1 # v2.0.2
195195
with:
196196
# yamllint disable-line rule:line-length
197197
name: 'build/Build RPM on ${{ env.DISTRO_NAME }} ${{ env.COMMIT_STATUS_DISTRO_VERSION && env.COMMIT_STATUS_DISTRO_VERSION || env.DISTRO_VERSION }}'
@@ -300,7 +300,7 @@ jobs:
300300
echo "LABEL=$LABEL" >> $GITHUB_ENV
301301
echo "INST_RPMS=$INST_RPMS" >> $GITHUB_ENV
302302
- name: Checkout code
303-
uses: actions/checkout@v4
303+
uses: actions/checkout@v4@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
304304
with:
305305
submodules: true
306306
fetch-depth: 500
@@ -353,14 +353,14 @@ jobs:
353353
- name: Publish artifacts
354354
if: (!cancelled()) && (success() || failure()) &&
355355
steps.run-test.outcome != 'skipped'
356-
uses: actions/upload-artifact@v4
356+
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
357357
with:
358358
name: ${{ env.STAGE_NAME }} artifacts
359359
path: ${{ env.STAGE_NAME }}/**
360360
- name: Upload test results
361361
if: (success() || failure()) &&
362362
steps.run-test.outcome != 'skipped'
363-
uses: actions/upload-artifact@v4
363+
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
364364
with:
365365
name: ${{ env.STAGE_NAME }} test-results
366366
path: ${{ env.STAGE_NAME }}/**/results.xml
@@ -462,7 +462,7 @@ jobs:
462462
echo "INST_RPMS=$INST_RPMS" >> $GITHUB_ENV
463463
echo "SIZE=$SIZE" >> $GITHUB_ENV
464464
- name: Checkout code
465-
uses: actions/checkout@v4
465+
uses: actions/checkout@v4@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
466466
with:
467467
submodules: true
468468
fetch-depth: 500
@@ -507,22 +507,22 @@ jobs:
507507
- name: Publish test results
508508
if: (!cancelled()) && (success() || failure()) &&
509509
steps.run-test.outcome != 'skipped'
510-
uses: EnricoMi/publish-unit-test-result-action@v2
510+
uses: EnricoMi/publish-unit-test-result-action@170bf24d20d201b842d7a52403b73ed297e6645b # v2.18.0
511511
with:
512512
check_name: ${{ env.STAGE_NAME }} Test Results (old)
513513
github_token: ${{ secrets.GITHUB_TOKEN }}
514514
junit_files: ${{ env.STAGE_NAME }}/**/results.xml
515515
- name: Publish artifacts
516516
if: (!cancelled()) && (success() || failure()) &&
517517
steps.run-test.outcome != 'skipped'
518-
uses: actions/upload-artifact@v4
518+
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
519519
with:
520520
name: ${{ env.STAGE_NAME }} artifacts
521521
path: ${{ env.STAGE_NAME }}/**
522522
- name: Upload test results
523523
if: (success() || failure()) &&
524524
steps.run-test.outcome != 'skipped'
525-
uses: actions/upload-artifact@v4
525+
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
526526
with:
527527
name: ${{ env.STAGE_NAME }} test-results
528528
path: ${{ env.STAGE_NAME }}/**/results.xml

0 commit comments

Comments
 (0)