From 900feb92943debf7c3956524118027b3ebb99b0d Mon Sep 17 00:00:00 2001
From: Rob Waight <43173714+rwaight@users.noreply.github.com>
Date: Tue, 7 Jan 2025 12:51:57 -0600
Subject: [PATCH 1/2] ci: pin actions version commits

---
 .github/workflows/license.yml    |  3 ++-
 .github/workflows/pr.yml         |  3 ++-
 .github/workflows/prerelease.yml | 14 ++++++++------
 .github/workflows/release.yml    |  8 +++++---
 4 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml
index ffc5c6054..90175c7bc 100644
--- a/.github/workflows/license.yml
+++ b/.github/workflows/license.yml
@@ -11,7 +11,8 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout the repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Check license headers
         run: |
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 18a37e060..ce950d9e7 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -18,7 +18,8 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout the repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Bootstrap Action Workspace
         id: bootstrap
diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml
index 2168fd432..40741b199 100644
--- a/.github/workflows/prerelease.yml
+++ b/.github/workflows/prerelease.yml
@@ -26,22 +26,23 @@ jobs:
     steps:
       - id: repo-basename
         run: 'echo "value=`basename ${{ github.repository }}`" >> $GITHUB_OUTPUT'
-      - uses: actions/checkout@v4
+      - name: Checkout the repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       - name: Setup Pages
         id: pages
-        uses: actions/configure-pages@v5.0.0
+        uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0
       - name: Build documentation
         uses: elastic/docs-builder@main
         with:
           prefix: '${{ steps.repo-basename.outputs.value }}'
       - name: Upload artifact
-        uses: actions/upload-pages-artifact@v3.0.1
+        uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1
         with:
           path: .artifacts/docs/html
           
       - name: Deploy artifact
         id: deployment
-        uses: actions/deploy-pages@v4.0.5 
+        uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
         
   build:
     runs-on: ubuntu-latest
@@ -50,14 +51,15 @@ jobs:
       major-version: ${{ steps.bootstrap.outputs.major-version }}
 
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout the repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Bootstrap Action Workspace
         id: bootstrap
         uses: ./.github/actions/bootstrap
         
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 43084ee2e..b30a110db 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -16,14 +16,15 @@ jobs:
       major-version: ${{ steps.bootstrap.outputs.major-version }}
 
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout the repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Bootstrap Action Workspace
         id: bootstrap
         uses: ./.github/actions/bootstrap
         
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
@@ -47,7 +48,8 @@ jobs:
       major-version: ${{ steps.bootstrap.outputs.major-version }}
 
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout the repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Bootstrap Action Workspace
         id: bootstrap

From 1069baa1e2878f3658b3cab5ba98b7ab217dd7f5 Mon Sep 17 00:00:00 2001
From: Rob Waight <43173714+rwaight@users.noreply.github.com>
Date: Tue, 7 Jan 2025 12:56:16 -0600
Subject: [PATCH 2/2] ci(docs): actions verified creator notes

---
 .github/workflows/license.yml    |  2 ++
 .github/workflows/pr.yml         |  2 ++
 .github/workflows/prerelease.yml | 12 ++++++++++++
 .github/workflows/release.yml    |  6 ++++++
 4 files changed, 22 insertions(+)

diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml
index 90175c7bc..17de08edb 100644
--- a/.github/workflows/license.yml
+++ b/.github/workflows/license.yml
@@ -12,6 +12,8 @@ jobs:
 
     steps:
       - name: Checkout the repo
+        # Verified creator: https://github.com/marketplace/actions/checkout
+        # GitHub Action for checking out a repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Check license headers
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index ce950d9e7..a3df8524a 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -19,6 +19,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout the repo
+        # Verified creator: https://github.com/marketplace/actions/checkout
+        # GitHub Action for checking out a repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Bootstrap Action Workspace
diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml
index 40741b199..fda304df4 100644
--- a/.github/workflows/prerelease.yml
+++ b/.github/workflows/prerelease.yml
@@ -27,21 +27,29 @@ jobs:
       - id: repo-basename
         run: 'echo "value=`basename ${{ github.repository }}`" >> $GITHUB_OUTPUT'
       - name: Checkout the repo
+        # Verified creator: https://github.com/marketplace/actions/checkout
+        # GitHub Action for checking out a repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       - name: Setup Pages
         id: pages
+        # Verified creator: https://github.com/marketplace/actions/configure-github-pages
+        # A GitHub Action to enable Pages and extract various metadata about a site.
         uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0
       - name: Build documentation
         uses: elastic/docs-builder@main
         with:
           prefix: '${{ steps.repo-basename.outputs.value }}'
       - name: Upload artifact
+        # Verified creator: https://github.com/marketplace/actions/upload-github-pages-artifact
+        # A composite action for packaging and uploading an artifact that can be deployed to GitHub Pages.
         uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1
         with:
           path: .artifacts/docs/html
           
       - name: Deploy artifact
         id: deployment
+        # Verified creator: https://github.com/marketplace/actions/deploy-github-pages-site
+        # GitHub Action to publish artifacts to GitHub Pages for deployments
         uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
         
   build:
@@ -52,6 +60,8 @@ jobs:
 
     steps:
       - name: Checkout the repo
+        # Verified creator: https://github.com/marketplace/actions/checkout
+        # GitHub Action for checking out a repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Bootstrap Action Workspace
@@ -59,6 +69,8 @@ jobs:
         uses: ./.github/actions/bootstrap
         
       - name: Login to GitHub Container Registry
+        # Verified creator: https://github.com/marketplace/actions/docker-login
+        # GitHub Action to login against a Docker registry
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
         with:
           registry: ghcr.io
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index b30a110db..984d18f12 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -17,6 +17,8 @@ jobs:
 
     steps:
       - name: Checkout the repo
+        # Verified creator: https://github.com/marketplace/actions/checkout
+        # GitHub Action for checking out a repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Bootstrap Action Workspace
@@ -24,6 +26,8 @@ jobs:
         uses: ./.github/actions/bootstrap
         
       - name: Login to GitHub Container Registry
+        # Verified creator: https://github.com/marketplace/actions/docker-login
+        # GitHub Action to login against a Docker registry
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
         with:
           registry: ghcr.io
@@ -49,6 +53,8 @@ jobs:
 
     steps:
       - name: Checkout the repo
+        # Verified creator: https://github.com/marketplace/actions/checkout
+        # GitHub Action for checking out a repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Bootstrap Action Workspace