From 60fedf4a0b249d18747290864aec0c845ea090ab Mon Sep 17 00:00:00 2001 From: Brijeshthummar02 Date: Sun, 16 Mar 2025 21:59:47 +0530 Subject: [PATCH 1/3] Update: GitHub Actions workflows to use specific versions of actions --- .github/workflows/backend_tests.yml | 4 ++-- .github/workflows/branch-deploy.yml | 6 ++--- .github/workflows/branch-remove.yml | 2 +- .github/workflows/build-public-image.yml | 6 ++--- .github/workflows/codeql-analysis.yml | 4 ++-- .github/workflows/cve_checks.yml | 6 ++--- .github/workflows/docker_build.yml | 8 +++---- .github/workflows/docker_publish.yml | 2 +- .github/workflows/e2e-run.yml | 22 +++++++++---------- .github/workflows/frontend_tests.yml | 2 +- .github/workflows/main.yml | 6 ++--- .github/workflows/md-links.yml | 2 +- .github/workflows/release-serde-api.yml | 4 ++-- .github/workflows/release.yml | 6 ++--- .../workflows/separate_env_public_create.yml | 6 ++--- .github/workflows/workflow_linter.yml | 2 +- 16 files changed, 44 insertions(+), 44 deletions(-) diff --git a/.github/workflows/backend_tests.yml b/.github/workflows/backend_tests.yml index f3ea2061c..66bb75e60 100644 --- a/.github/workflows/backend_tests.yml +++ b/.github/workflows/backend_tests.yml @@ -19,14 +19,14 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: token: ${{ github.token }} fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} - name: Set up JDK - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 with: java-version: '21' distribution: 'zulu' diff --git a/.github/workflows/branch-deploy.yml b/.github/workflows/branch-deploy.yml index 83ed43438..3536a58fa 100644 --- a/.github/workflows/branch-deploy.yml +++ b/.github/workflows/branch-deploy.yml @@ -15,7 +15,7 @@ jobs: if: ${{ github.event.label.name == 'status/feature_testing' || github.event.label.name == 'status/feature_testing_public' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} @@ -27,7 +27,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up JDK - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 with: java-version: '21' distribution: 'zulu' @@ -45,7 +45,7 @@ jobs: id: buildx uses: docker/setup-buildx-action@v3 - name: Cache Docker layers - uses: actions/cache@v4 + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} diff --git a/.github/workflows/branch-remove.yml b/.github/workflows/branch-remove.yml index d700ea976..8ecbe2d31 100644 --- a/.github/workflows/branch-remove.yml +++ b/.github/workflows/branch-remove.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest if: ${{ (github.event.label.name == 'status/feature_testing' || github.event.label.name == 'status/feature_testing_public') || (github.event.action == 'closed' && (contains(github.event.pull_request.labels.*.name, 'status/feature_testing') || contains(github.event.pull_request.labels.*.name, 'status/feature_testing_public'))) }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: token: ${{ github.token }} - name: clone diff --git a/.github/workflows/build-public-image.yml b/.github/workflows/build-public-image.yml index f1305363e..57af56434 100644 --- a/.github/workflows/build-public-image.yml +++ b/.github/workflows/build-public-image.yml @@ -15,7 +15,7 @@ jobs: if: ${{ github.event.label.name == 'status/image_testing' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} @@ -25,7 +25,7 @@ jobs: tag='${{ github.event.pull_request.number }}' echo "tag=${tag}" >> $GITHUB_OUTPUT - name: Set up JDK - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 with: java-version: '21' distribution: 'zulu' @@ -43,7 +43,7 @@ jobs: id: buildx uses: docker/setup-buildx-action@v3 - name: Cache Docker layers - uses: actions/cache@v4 + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0f150f0e0..fb673e92c 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -38,7 +38,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: token: ${{ github.token }} @@ -48,7 +48,7 @@ jobs: languages: ${{ matrix.language }} - name: Set up JDK - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 with: java-version: '21' distribution: 'zulu' diff --git a/.github/workflows/cve_checks.yml b/.github/workflows/cve_checks.yml index e979c3454..8424fcb74 100644 --- a/.github/workflows/cve_checks.yml +++ b/.github/workflows/cve_checks.yml @@ -18,12 +18,12 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: token: ${{ github.token }} - name: Set up JDK - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 with: java-version: '21' distribution: 'zulu' @@ -45,7 +45,7 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Cache Docker layers - uses: actions/cache@v4 + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml index a302ab94b..026de7d6d 100644 --- a/.github/workflows/docker_build.yml +++ b/.github/workflows/docker_build.yml @@ -18,13 +18,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: name: kafbat-ui-${{ inputs.version }} path: api/build/libs @@ -37,7 +37,7 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Cache Docker layers - uses: actions/cache@v4 + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ inputs.sha }} @@ -81,7 +81,7 @@ jobs: docker image save kafka-ui:temp > /tmp/image.tar - name: Upload docker image - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 with: name: image path: /tmp/image.tar diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 77ecb86c1..70bd1f2db 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Download docker image - uses: actions/download-artifact@v4 + uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: name: image path: /tmp diff --git a/.github/workflows/e2e-run.yml b/.github/workflows/e2e-run.yml index b8799de6d..ec47937a1 100644 --- a/.github/workflows/e2e-run.yml +++ b/.github/workflows/e2e-run.yml @@ -22,13 +22,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: token: ${{ github.token }} ref: ${{ inputs.sha }} - name: Set up JDK - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 with: java-version: '21' distribution: 'zulu' @@ -44,7 +44,7 @@ jobs: -Pversion=latest - name: Upload build artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 with: name: artifacts path: | @@ -58,7 +58,7 @@ jobs: docker image save ghcr.io/kafbat/kafka-ui:latest > /tmp/image.tar - name: Upload docker image - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 with: name: image path: /tmp/image.tar @@ -70,26 +70,26 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: token: ${{ github.token }} ref: ${{ inputs.sha }} - name: Set up JDK - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 with: java-version: '21' distribution: 'zulu' cache: 'gradle' - name: Download build artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: name: artifacts path: api/build - name: Download docker image - uses: actions/download-artifact@v4 + uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: name: image path: /tmp @@ -121,7 +121,7 @@ jobs: - name: Upload allure reports artifact if: '!cancelled()' - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 with: name: reports path: ./e2e-tests/build/allure-results @@ -129,7 +129,7 @@ jobs: - name: Upload selenide results artifact if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 with: name: selenide-results path: ./e2e-tests/build/selenide-results @@ -141,7 +141,7 @@ jobs: if: ${{ !cancelled() && github.repository_owner == 'kafbat' }} steps: - name: Download allure reports artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: name: reports path: ./e2e-tests/build/allure-results diff --git a/.github/workflows/frontend_tests.yml b/.github/workflows/frontend_tests.yml index 9dc34fc23..9d0653bdb 100644 --- a/.github/workflows/frontend_tests.yml +++ b/.github/workflows/frontend_tests.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index f9eee5a40..2235c4bf5 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -20,13 +20,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} - name: Set up JDK - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 with: java-version: '21' distribution: 'zulu' @@ -43,7 +43,7 @@ jobs: -Pversion=$version - name: Upload jar - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 with: name: kafbat-ui-${{ steps.build.outputs.version }} path: api/build/libs/api-${{ steps.build.outputs.version }}.jar diff --git a/.github/workflows/md-links.yml b/.github/workflows/md-links.yml index 45a8e920a..744d31080 100644 --- a/.github/workflows/md-links.yml +++ b/.github/workflows/md-links.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: token: ${{ github.token }} - name: Check URLs in files diff --git a/.github/workflows/release-serde-api.yml b/.github/workflows/release-serde-api.yml index e201a1b06..fc816bae1 100644 --- a/.github/workflows/release-serde-api.yml +++ b/.github/workflows/release-serde-api.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: fetch-depth: 0 token: ${{ github.token }} @@ -20,7 +20,7 @@ jobs: git config user.email github-actions@github.com - name: Set up JDK - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 with: java-version: '21' distribution: 'zulu' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index af49ff50f..2624e94d3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,7 +15,7 @@ jobs: outputs: version: ${{steps.build.outputs.version}} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} @@ -26,7 +26,7 @@ jobs: git config user.email github-actions@github.com - name: Set up JDK - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 with: java-version: '21' distribution: 'zulu' @@ -50,7 +50,7 @@ jobs: tag: ${{ github.event.release.tag_name }} - name: Archive JAR - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 with: name: kafbat-ui-${{ steps.build.outputs.version }} path: api/build/libs/api-${{ steps.build.outputs.version }}.jar diff --git a/.github/workflows/separate_env_public_create.yml b/.github/workflows/separate_env_public_create.yml index 799736a8a..f5f7efbb0 100644 --- a/.github/workflows/separate_env_public_create.yml +++ b/.github/workflows/separate_env_public_create.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} @@ -27,7 +27,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up JDK - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 with: java-version: '21' distribution: 'zulu' @@ -45,7 +45,7 @@ jobs: id: buildx uses: docker/setup-buildx-action@v3 - name: Cache Docker layers - uses: actions/cache@v4 + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} diff --git a/.github/workflows/workflow_linter.yml b/.github/workflows/workflow_linter.yml index 80d0b31b6..c442fd10b 100644 --- a/.github/workflows/workflow_linter.yml +++ b/.github/workflows/workflow_linter.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} From 7042aa5a3b3b67045ec54deeb2134adb7ae8199e Mon Sep 17 00:00:00 2001 From: Brijeshthummar02 Date: Mon, 17 Mar 2025 10:22:11 +0530 Subject: [PATCH 2/3] Update GitHub Actions workflows to use specific commit SHA versions of actions --- .github/workflows/backend_tests.yml | 4 +-- .github/workflows/block_merge.yml | 2 +- .github/workflows/branch-deploy.yml | 20 ++++++------ .github/workflows/branch-remove.yml | 2 +- .github/workflows/build-public-image.yml | 18 +++++------ .github/workflows/codeql-analysis.yml | 10 +++--- .github/workflows/cve_checks.yml | 14 ++++---- .github/workflows/delete-public-image.yml | 4 +-- .github/workflows/docker_build.yml | 14 ++++---- .github/workflows/docker_publish.yml | 10 +++--- .github/workflows/e2e-run.yml | 32 +++++++++---------- .github/workflows/frontend_tests.yml | 6 ++-- .github/workflows/infra_discord_hook.yml | 2 +- .github/workflows/main.yml | 6 ++-- .github/workflows/md-links.yml | 4 +-- .github/workflows/pr_linter.yml | 4 +-- .github/workflows/release-serde-api.yml | 4 +-- .github/workflows/release.yml | 10 +++--- .github/workflows/release_drafter.yml | 2 +- .../workflows/separate_env_public_create.yml | 16 +++++----- .../welcome-first-time-contributors.yml | 2 +- .github/workflows/workflow_linter.yml | 2 +- 22 files changed, 94 insertions(+), 94 deletions(-) diff --git a/.github/workflows/backend_tests.yml b/.github/workflows/backend_tests.yml index 66bb75e60..e6147b644 100644 --- a/.github/workflows/backend_tests.yml +++ b/.github/workflows/backend_tests.yml @@ -19,14 +19,14 @@ jobs: steps: - name: Checkout - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: token: ${{ github.token }} fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: java-version: '21' distribution: 'zulu' diff --git a/.github/workflows/block_merge.yml b/.github/workflows/block_merge.yml index 34e4dc864..0a26b3a34 100644 --- a/.github/workflows/block_merge.yml +++ b/.github/workflows/block_merge.yml @@ -6,7 +6,7 @@ jobs: block_merge: runs-on: ubuntu-latest steps: - - uses: mheap/github-action-required-labels@v5 + - uses: mheap/github-action-required-labels@388fd6af37b34cdfe5a23b37060e763217e58b03 # infered from @v5 with: mode: exactly count: 0 diff --git a/.github/workflows/branch-deploy.yml b/.github/workflows/branch-deploy.yml index 3536a58fa..ef2758953 100644 --- a/.github/workflows/branch-deploy.yml +++ b/.github/workflows/branch-deploy.yml @@ -15,7 +15,7 @@ jobs: if: ${{ github.event.label.name == 'status/feature_testing' || github.event.label.name == 'status/feature_testing_public' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} @@ -27,7 +27,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: java-version: '21' distribution: 'zulu' @@ -40,29 +40,29 @@ jobs: export VERSION=$(./mvnw -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec) echo "version=${VERSION}" >> $GITHUB_OUTPUT - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # infered from @v3 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # infered from @v3 - name: Cache Docker layers - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # infered from @v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # infered from @v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: eu-central-1 - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 + uses: aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # infered from @v4 - name: Build and push id: docker_build_and_push - uses: docker/build-push-action@v6 + uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # infered from @v6 with: builder: ${{ steps.buildx.outputs.name }} context: api @@ -93,7 +93,7 @@ jobs: - name: update status check for private deployment if: ${{ github.event.label.name == 'status/feature_testing' }} - uses: Sibz/github-status-action@v1.1.6 + uses: Sibz/github-status-action@650dd1a882a76dbbbc4576fb5974b8d22f29847f # infered from @v1.1.6 with: authToken: ${{secrets.GITHUB_TOKEN}} context: "Click Details button to open custom deployment page" @@ -103,7 +103,7 @@ jobs: - name: update status check for public deployment if: ${{ github.event.label.name == 'status/feature_testing_public' }} - uses: Sibz/github-status-action@v1.1.6 + uses: Sibz/github-status-action@650dd1a882a76dbbbc4576fb5974b8d22f29847f # infered from @v1.1.6 with: authToken: ${{secrets.GITHUB_TOKEN}} context: "Click Details button to open custom deployment page" diff --git a/.github/workflows/branch-remove.yml b/.github/workflows/branch-remove.yml index 8ecbe2d31..3f5999676 100644 --- a/.github/workflows/branch-remove.yml +++ b/.github/workflows/branch-remove.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest if: ${{ (github.event.label.name == 'status/feature_testing' || github.event.label.name == 'status/feature_testing_public') || (github.event.action == 'closed' && (contains(github.event.pull_request.labels.*.name, 'status/feature_testing') || contains(github.event.pull_request.labels.*.name, 'status/feature_testing_public'))) }} steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: token: ${{ github.token }} - name: clone diff --git a/.github/workflows/build-public-image.yml b/.github/workflows/build-public-image.yml index 57af56434..ca13bae2b 100644 --- a/.github/workflows/build-public-image.yml +++ b/.github/workflows/build-public-image.yml @@ -15,7 +15,7 @@ jobs: if: ${{ github.event.label.name == 'status/image_testing' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} @@ -25,7 +25,7 @@ jobs: tag='${{ github.event.pull_request.number }}' echo "tag=${tag}" >> $GITHUB_OUTPUT - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: java-version: '21' distribution: 'zulu' @@ -38,30 +38,30 @@ jobs: export VERSION=$(./mvnw -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec) echo "version=${VERSION}" >> $GITHUB_OUTPUT - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # infered from @v3 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # infered from @v3 - name: Cache Docker layers - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # infered from @v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # infered from @v4 with: aws-region: us-east-1 role-to-assume: ${{ secrets.AWS_ROLE }} - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 + uses: aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # infered from @v4 with: registry-type: 'public' - name: Build and push id: docker_build_and_push - uses: docker/build-push-action@v6 + uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # infered from @v6 with: builder: ${{ steps.buildx.outputs.name }} context: api @@ -72,7 +72,7 @@ jobs: cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache - name: make comment with private deployment link - uses: peter-evans/create-or-update-comment@v4 + uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # infered from @v4 with: issue-number: ${{ github.event.pull_request.number }} body: | diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index fb673e92c..056b34905 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -38,24 +38,24 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: token: ${{ github.token }} - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@1a7989f3955e0c69f0e0ccc14aee54a387a0fd31 # infered from @v3 with: languages: ${{ matrix.language }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: java-version: '21' distribution: 'zulu' cache: 'gradle' - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@bed2a47f201e917459bc40343380c570a730ff06 # infered from @v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@86b04fb0e47484f7282357688f21d5d0e32175fe # infered from @v3 diff --git a/.github/workflows/cve_checks.yml b/.github/workflows/cve_checks.yml index 8424fcb74..19d4c2532 100644 --- a/.github/workflows/cve_checks.yml +++ b/.github/workflows/cve_checks.yml @@ -18,12 +18,12 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: token: ${{ github.token }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: java-version: '21' distribution: 'zulu' @@ -39,13 +39,13 @@ jobs: -Pversion=latest - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # infered from @v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # infered from @v3 - name: Cache Docker layers - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # infered from @v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} @@ -53,7 +53,7 @@ jobs: ${{ runner.os }}-buildx- - name: Build docker image - uses: docker/build-push-action@v6 + uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # infered from @v6 with: builder: ${{ steps.buildx.outputs.name }} context: api @@ -68,7 +68,7 @@ jobs: cache-to: type=local,dest=/tmp/.buildx-cache - name: Run CVE checks - uses: aquasecurity/trivy-action@0.29.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # infered from @v0.29.0 with: image-ref: "ghcr.io/kafbat/kafka-ui:latest" format: "table" diff --git a/.github/workflows/delete-public-image.yml b/.github/workflows/delete-public-image.yml index 8e3f2dd7c..af20d99d0 100644 --- a/.github/workflows/delete-public-image.yml +++ b/.github/workflows/delete-public-image.yml @@ -15,14 +15,14 @@ jobs: tag='${{ github.event.pull_request.number }}' echo "tag=${tag}" >> $GITHUB_OUTPUT - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # infered from @v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 + uses: aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # infered from @v4 with: registry-type: 'public' - name: Remove from ECR diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml index 026de7d6d..f9529e18b 100644 --- a/.github/workflows/docker_build.yml +++ b/.github/workflows/docker_build.yml @@ -18,26 +18,26 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} - name: Download artifacts - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 + uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # infered from @v4 with: name: kafbat-ui-${{ inputs.version }} path: api/build/libs - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # infered from @v3 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # infered from @v3 - name: Cache Docker layers - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # infered from @v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ inputs.sha }} @@ -60,7 +60,7 @@ jobs: - name: Build docker image id: docker_build - uses: docker/build-push-action@v6 + uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # infered from @v6 with: builder: ${{ steps.buildx.outputs.name }} context: api @@ -81,7 +81,7 @@ jobs: docker image save kafka-ui:temp > /tmp/image.tar - name: Upload docker image - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # infered from @v4 with: name: image path: /tmp/image.tar diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 70bd1f2db..acc2d2e7f 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Download docker image - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 + uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # infered from @v4 with: name: image path: /tmp @@ -48,7 +48,7 @@ jobs: - name: Login to docker.io if: matrix.registry == 'docker.io' - uses: docker/login-action@v3 + uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # infered from @v3 with: registry: ${{ matrix.registry }} username: ${{ secrets.DOCKERHUB_USERNAME }} @@ -56,7 +56,7 @@ jobs: - name: Login to ghcr.io if: matrix.registry == 'ghcr.io' - uses: docker/login-action@v3 + uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # infered from @v3 with: registry: ${{ matrix.registry }} username: ${{ github.actor }} @@ -64,7 +64,7 @@ jobs: - name: Configure AWS credentials if: matrix.registry == 'ecr' - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # infered from @v4 with: aws-region: us-east-1 # This region only for public ECR role-to-assume: ${{ secrets.AWS_ROLE }} @@ -72,7 +72,7 @@ jobs: - name: Login to public ECR if: matrix.registry == 'ecr' id: login-ecr-public - uses: aws-actions/amazon-ecr-login@v2 + uses: aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # infered from @v2 with: registry-type: public diff --git a/.github/workflows/e2e-run.yml b/.github/workflows/e2e-run.yml index ec47937a1..b81c1162c 100644 --- a/.github/workflows/e2e-run.yml +++ b/.github/workflows/e2e-run.yml @@ -22,13 +22,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: token: ${{ github.token }} ref: ${{ inputs.sha }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: java-version: '21' distribution: 'zulu' @@ -44,7 +44,7 @@ jobs: -Pversion=latest - name: Upload build artifacts - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # infered from @v4 with: name: artifacts path: | @@ -58,7 +58,7 @@ jobs: docker image save ghcr.io/kafbat/kafka-ui:latest > /tmp/image.tar - name: Upload docker image - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # infered from @v4 with: name: image path: /tmp/image.tar @@ -70,26 +70,26 @@ jobs: steps: - name: Checkout - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: token: ${{ github.token }} ref: ${{ inputs.sha }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: java-version: '21' distribution: 'zulu' cache: 'gradle' - name: Download build artifacts - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 + uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # infered from @v4 with: name: artifacts path: api/build - name: Download docker image - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 + uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # infered from @v4 with: name: image path: /tmp @@ -99,7 +99,7 @@ jobs: docker load --input /tmp/image.tar - name: Cache Docker images. - uses: ScribeMD/docker-cache@0.5.0 + uses: ScribeMD/docker-cache@fb28c93772363301b8d0a6072ce850224b73f74e # infered from @v0.5.0 with: key: docker-${{ runner.os }}-${{ hashFiles('./e2e-tests/selenoid/selenoid-ci.yaml', './documentation/compose/e2e-tests.yaml') }} @@ -113,7 +113,7 @@ jobs: - name: Dump Docker logs on failure if: failure() - uses: jwalton/gh-docker-logs@v2.2.2 + uses: jwalton/gh-docker-logs@2741064ab9d7af54b0b1ffb6076cf64c16f0220e # infered from @v2.2.2 - name: Run test suite run: | @@ -121,7 +121,7 @@ jobs: - name: Upload allure reports artifact if: '!cancelled()' - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # infered from @v4 with: name: reports path: ./e2e-tests/build/allure-results @@ -129,7 +129,7 @@ jobs: - name: Upload selenide results artifact if: failure() - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # infered from @v4 with: name: selenide-results path: ./e2e-tests/build/selenide-results @@ -141,13 +141,13 @@ jobs: if: ${{ !cancelled() && github.repository_owner == 'kafbat' }} steps: - name: Download allure reports artifact - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 + uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # infered from @v4 with: name: reports path: ./e2e-tests/build/allure-results - name: Generate Allure report - uses: simple-elf/allure-report-action@v1.9 + uses: simple-elf/allure-report-action@58e6590adf6d8f196a0d771bf8a00e6921086a62 # infered from @v1.9 id: allure-report with: allure_results: ./e2e-tests/build/allure-results @@ -157,7 +157,7 @@ jobs: report_url: "https://reports.kafbat.dev" - name: Upload allure report to R2 - uses: ryand56/r2-upload-action@latest + uses: ryand56/r2-upload-action@b801a390acbdeb034c5e684ff5e1361c06639e7c # infered from @latest with: source-dir: allure-history/allure-results destination-dir: . @@ -167,7 +167,7 @@ jobs: r2-secret-access-key: ${{ secrets.R2_ACCESS_SECRET_KEY }} - name: Add allure link status check - uses: Sibz/github-status-action@v1.1.6 + uses: Sibz/github-status-action@650dd1a882a76dbbbc4576fb5974b8d22f29847f # infered from @v1.1.6 with: authToken: ${{secrets.GITHUB_TOKEN}} context: "E2E allure report / Click to view the report" diff --git a/.github/workflows/frontend_tests.yml b/.github/workflows/frontend_tests.yml index 9d0653bdb..8dbb9c9bc 100644 --- a/.github/workflows/frontend_tests.yml +++ b/.github/workflows/frontend_tests.yml @@ -14,19 +14,19 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} - - uses: pnpm/action-setup@v4.1.0 + - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # infered from @v4.1.0 with: version: 9.15.4 - name: Install node - uses: actions/setup-node@v4.0.2 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # infered from @v4.0.2 with: node-version: "22.12.0" cache: "pnpm" diff --git a/.github/workflows/infra_discord_hook.yml b/.github/workflows/infra_discord_hook.yml index 929a19cd4..8b9e2a161 100644 --- a/.github/workflows/infra_discord_hook.yml +++ b/.github/workflows/infra_discord_hook.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Notify Discord on Failure - uses: Ilshidur/action-discord@0.3.2 + uses: Ilshidur/action-discord@0c4b27844ba47cb1c7bee539c8eead5284ce9fa9 # infered from @v0.3.2 with: args: ${{ inputs.message }} env: diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 2235c4bf5..94e6f92f9 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -20,13 +20,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: java-version: '21' distribution: 'zulu' @@ -43,7 +43,7 @@ jobs: -Pversion=$version - name: Upload jar - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # infered from @v4 with: name: kafbat-ui-${{ steps.build.outputs.version }} path: api/build/libs/api-${{ steps.build.outputs.version }}.jar diff --git a/.github/workflows/md-links.yml b/.github/workflows/md-links.yml index 744d31080..5638f91b5 100644 --- a/.github/workflows/md-links.yml +++ b/.github/workflows/md-links.yml @@ -17,11 +17,11 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: token: ${{ github.token }} - name: Check URLs in files - uses: urlstechie/urlchecker-action@0.0.34 + uses: urlstechie/urlchecker-action@b643b43e2ac605e1475331c7b67247d242b7dce4 # infered from @v0.0.34 with: exclude_patterns: localhost,127.0.,192.168. exclude_urls: https://api.server,https://graph.microsoft.com/User.Read,https://dev-a63ggcut.auth0.com/,http://main-schema-registry:8081,http://schema-registry:8081,http://another-yet-schema-registry:8081,http://another-schema-registry:8081 diff --git a/.github/workflows/pr_linter.yml b/.github/workflows/pr_linter.yml index a3c633cb7..5fd28aaf9 100644 --- a/.github/workflows/pr_linter.yml +++ b/.github/workflows/pr_linter.yml @@ -11,9 +11,9 @@ jobs: check-tasks: runs-on: ubuntu-latest steps: - - uses: kentaro-m/task-completed-checker-action@v0.1.2 + - uses: kentaro-m/task-completed-checker-action@2ddb65fdd5577bae4a8e82e0564e459677aec893 # infered from @v0.1.2 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" - - uses: dekinderfiets/pr-description-enforcer@0.0.1 + - uses: dekinderfiets/pr-description-enforcer@f6a858878d694ff5b2760380fbcd21129030c5dd # infered from @v0.0.1 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/release-serde-api.yml b/.github/workflows/release-serde-api.yml index fc816bae1..e19a6e38d 100644 --- a/.github/workflows/release-serde-api.yml +++ b/.github/workflows/release-serde-api.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: fetch-depth: 0 token: ${{ github.token }} @@ -20,7 +20,7 @@ jobs: git config user.email github-actions@github.com - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: java-version: '21' distribution: 'zulu' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2624e94d3..d8f700916 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,7 +15,7 @@ jobs: outputs: version: ${{steps.build.outputs.version}} steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} @@ -26,7 +26,7 @@ jobs: git config user.email github-actions@github.com - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: java-version: '21' distribution: 'zulu' @@ -43,14 +43,14 @@ jobs: -Pversion=$version - name: Upload files to a GitHub release - uses: svenstaro/upload-release-action@2.9.0 + uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # infered from @v2.9.0 with: repo_token: ${{ secrets.GITHUB_TOKEN }} file: api/build/libs/api-${{ steps.build.outputs.version }}.jar tag: ${{ github.event.release.tag_name }} - name: Archive JAR - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # infered from @v4 with: name: kafbat-ui-${{ steps.build.outputs.version }} path: api/build/libs/api-${{ steps.build.outputs.version }}.jar @@ -81,7 +81,7 @@ jobs: needs: release steps: - name: Repository Dispatch - uses: peter-evans/repository-dispatch@v3 + uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # infered from @v3 with: token: ${{ secrets.CHARTS_ACTIONS_TOKEN }} repository: kafbat/helm-charts diff --git a/.github/workflows/release_drafter.yml b/.github/workflows/release_drafter.yml index 0e81bbd94..dee41cb68 100644 --- a/.github/workflows/release_drafter.yml +++ b/.github/workflows/release_drafter.yml @@ -23,7 +23,7 @@ jobs: contents: write pull-requests: write steps: - - uses: release-drafter/release-drafter@v6 + - uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348 # infered from @v6 with: config-name: release_drafter.yaml disable-autolabeler: true diff --git a/.github/workflows/separate_env_public_create.yml b/.github/workflows/separate_env_public_create.yml index f5f7efbb0..760449b68 100644 --- a/.github/workflows/separate_env_public_create.yml +++ b/.github/workflows/separate_env_public_create.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} @@ -27,7 +27,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: java-version: '21' distribution: 'zulu' @@ -40,29 +40,29 @@ jobs: export VERSION=$(./mvnw -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec) echo "version=${VERSION}" >> $GITHUB_OUTPUT - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # infered from @v3 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # infered from @v3 - name: Cache Docker layers - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # infered from @v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # infered from @v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: eu-central-1 - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 + uses: aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # infered from @v2 - name: Build and push id: docker_build_and_push - uses: docker/build-push-action@v6 + uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # infered from @v6 with: builder: ${{ steps.buildx.outputs.name }} context: api diff --git a/.github/workflows/welcome-first-time-contributors.yml b/.github/workflows/welcome-first-time-contributors.yml index 27cd67408..d253c0e44 100644 --- a/.github/workflows/welcome-first-time-contributors.yml +++ b/.github/workflows/welcome-first-time-contributors.yml @@ -14,7 +14,7 @@ jobs: welcome: runs-on: ubuntu-latest steps: - - uses: actions/first-interaction@v1 + - uses: actions/first-interaction@3c71ce730280171fd1cfb57c00c774f8998586f7 # infered from @v1 with: repo-token: ${{ secrets.GITHUB_TOKEN }} issue-message: | diff --git a/.github/workflows/workflow_linter.yml b/.github/workflows/workflow_linter.yml index c442fd10b..9ff82674b 100644 --- a/.github/workflows/workflow_linter.yml +++ b/.github/workflows/workflow_linter.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 + - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} From 0faef06c6a0ba14b8dce010249f9ee4e5adc3da4 Mon Sep 17 00:00:00 2001 From: Brijeshthummar02 Date: Mon, 17 Mar 2025 17:13:13 +0530 Subject: [PATCH 3/3] Update GitHub Actions workflows to use specific commit SHA for docker setup action --- .github/workflows/docker_build.yml | 2 +- .github/workflows/docker_publish.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml index f9529e18b..35ecc5390 100644 --- a/.github/workflows/docker_build.yml +++ b/.github/workflows/docker_build.yml @@ -49,7 +49,7 @@ jobs: # Also containerd is one of the option to allow preserving provenance attestations: # https://docs.docker.com/build/attestations/#creating-attestations - name: Setup docker with containerd - uses: crazy-max/ghaction-setup-docker@v3 + uses: crazy-max/ghaction-setup-docker@635d07c09dc2b52072362e9bb37e7e789767106d # infered from @v3 with: daemon-config: | { diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index acc2d2e7f..a71a3652b 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -33,7 +33,7 @@ jobs: # setup containerd to preserve provenance attestations :https://docs.docker.com/build/attestations/#creating-attestations - name: Setup docker with containerd - uses: crazy-max/ghaction-setup-docker@v3 + uses: crazy-max/ghaction-setup-docker@635d07c09dc2b52072362e9bb37e7e789767106d # infered from @v3 with: daemon-config: | {