6868 # https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests
6969
7070 - name : Upload SDK artifact
71- uses : actions/upload-artifact@v4
71+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
7272 with :
7373 name : ${{ env.ARTIFACT_NAME }}
7474 path : dist/${{ env.ARTIFACT_NAME }}
9292 echo ${MATRIX}
9393 echo "aws_regions_json=${MATRIX}" >> $GITHUB_OUTPUT
9494name : Checkout Repo @ SHA - ${{ github.sha }}
95- uses : actions/checkout@v4
96- - uses : actions/setup-python@v5
95+ uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
96+ - uses : actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
9797 with :
9898 python-version : ' 3.x'
9999 - name : Build layers
@@ -103,7 +103,7 @@ jobs:
103103 pip install tox
104104 tox
105105name : upload layer
106- uses : actions/upload-artifact@v4
106+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
107107 with :
108108 name : layer.zip
109109 path : lambda-layer/src/build/aws-opentelemetry-python-layer.zip
@@ -113,7 +113,7 @@ jobs:
113113 runs-on : ubuntu-latest
114114 steps :
115115 - name : Checkout Repo @ SHA - ${{ github.sha }}
116- uses : actions/checkout@v4
116+ uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
117117
118118 - name : Configure AWS credentials for PyPI secrets
119119 uses : aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0
@@ -158,7 +158,7 @@ jobs:
158158 run : pip install twine
159159
160160 - name : Download SDK artifact
161- uses : actions/download-artifact@v4
161+ uses : actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
162162 with :
163163 name : ${{ env.ARTIFACT_NAME }}
164164
@@ -227,7 +227,7 @@ jobs:
227227 fi
228228 SECRET_KEY=${SECRET_KEY//-/_}
229229 echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV
230- uses : aws-actions/configure-aws-credentials@v4 .0.2
230+ uses : aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5 .0.0
231231 with :
232232 role-to-assume : ${{ secrets[env.SECRET_KEY] }}
233233 role-duration-seconds : 1200
@@ -236,7 +236,7 @@ jobs:
236236 run : |
237237 echo BUCKET_NAME=python-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV
238238name : download layer.zip
239- uses : actions/download-artifact@v4
239+ uses : actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
240240 with :
241241 name : layer.zip
242242 - name : publish
@@ -274,7 +274,7 @@ jobs:
274274 --action lambda:GetLayerVersion
275275name : upload layer arn artifact
276276 if : ${{ success() }}
277- uses : actions/upload-artifact@v4
277+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
278278 with :
279279 name : ${{ env.LAYER_NAME }}-${{ matrix.aws_region }}
280280 path : ${{ env.LAYER_NAME }}/${{ matrix.aws_region }}
@@ -290,10 +290,10 @@ jobs:
290290 layer-note : ${{ steps.layer-note.outputs.layer-note }}
291291 steps :
292292 - name : Checkout Repo @ SHA - ${{ github.sha }}
293- uses : actions/checkout@v4
294- - uses : hashicorp/setup-terraform@v2
293+ uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
294+ - uses : hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2
295295 - name : download layerARNs
296- uses : actions/download-artifact@v4
296+ uses : actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
297297 with :
298298 pattern : ${{ env.LAYER_NAME }}-*
299299 path : ${{ env.LAYER_NAME }}
@@ -354,15 +354,15 @@ jobs:
354354 runs-on : ubuntu-latest
355355 steps :
356356 - name : Checkout Repo @ SHA - ${{ github.sha }}
357- uses : actions/checkout@v4
357+ uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
358358
359359 - name : Download SDK artifact
360- uses : actions/download-artifact@v4
360+ uses : actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
361361 with :
362362 name : ${{ env.ARTIFACT_NAME }}
363363
364364 - name : Download layer.zip artifact
365- uses : actions/download-artifact@v4
365+ uses : actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
366366 with :
367367 name : layer.zip
368368
0 commit comments