2727 run : echo "date=$(date +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
2828
2929 - name : Checkout Code
30- uses : actions/checkout@v4
30+ uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
3131
3232 - name : Set environment for branch
3333 run : |
@@ -43,15 +43,16 @@ jobs:
4343 fi
4444
4545name : Install Cosign
46- uses : sigstore/cosign-installer@v3.8.1
46+ if : github.repository_owner == 'microcks' && env.PACKAGE_IMAGE == 'true'
47+ uses : sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a # v3.8.1
4748
4849 - name : Set up QEMU
4950 if : github.repository_owner == 'microcks' && env.PACKAGE_IMAGE == 'true'
50- uses : docker/setup-qemu-action@v3
51+ uses : docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
5152
5253 - name : Set up Docker Buildx
5354 if : github.repository_owner == 'microcks' && env.PACKAGE_IMAGE == 'true'
54- uses : docker/setup-buildx-action@v3
55+ uses : docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
5556
5657 - name : Login to Quay.io and Docker Hub registries and setup multi-arch builder
5758 if : github.repository_owner == 'microcks' && env.PACKAGE_IMAGE == 'true'
6364
6465name : Build and push container image
6566 id : build-and-push
66- uses : docker/build-push-action@v6.15.0
67+ uses : docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
6768 if : github.repository_owner == 'microcks' && env.PACKAGE_IMAGE == 'true'
6869 with :
6970 context : .
7980tags : quay.io/microcks/microcks-hub:${{env.IMAGE_TAG}},docker.io/microcks/microcks-hub:${{env.IMAGE_TAG}}
8081
8182 - name : Sign the image with GitHub OIDC Token
83+ if : github.repository_owner == 'microcks' && env.PACKAGE_IMAGE == 'true'
8284 env :
8385 DIGEST : ${{ steps.build-and-push.outputs.digest }}
8486 TAGS : quay.io/microcks/microcks-hub:${{env.IMAGE_TAG}} docker.io/microcks/microcks-hub:${{env.IMAGE_TAG}}
0 commit comments