diff --git a/.github/actions/automate-dependabot/action.yml b/.github/actions/automate-dependabot/action.yml index 9a971d26b..8b52a7682 100644 --- a/.github/actions/automate-dependabot/action.yml +++ b/.github/actions/automate-dependabot/action.yml @@ -32,7 +32,7 @@ runs: - name: Dependabot metadata if: steps.check.outputs.continue == 'true' id: metadata - uses: dependabot/fetch-metadata@v1.6.0 + uses: dependabot/fetch-metadata@c9c4182bf1b97f5224aee3906fd373f6b61b4526 # v1.6.0 with: github-token: "${{ inputs.token }}" diff --git a/.github/actions/calculate-next-internal-version/action.yml b/.github/actions/calculate-next-internal-version/action.yml index 863d1fdc5..eb6add914 100644 --- a/.github/actions/calculate-next-internal-version/action.yml +++ b/.github/actions/calculate-next-internal-version/action.yml @@ -19,8 +19,8 @@ outputs: runs: using: "composite" steps: - - uses: actions/setup-python@v4 - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-pysemver@v3.9.0 + - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-pysemver@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 - id: next-prerelease-resolver run: ${{ github.action_path }}/next-prerelease.sh shell: bash diff --git a/.github/actions/dbp-charts/publish-chart/action.yml b/.github/actions/dbp-charts/publish-chart/action.yml index 480b21d65..8dd6ac57a 100644 --- a/.github/actions/dbp-charts/publish-chart/action.yml +++ b/.github/actions/dbp-charts/publish-chart/action.yml @@ -22,11 +22,11 @@ runs: using: composite steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - name: Get branch name - uses: Alfresco/alfresco-build-tools/.github/actions/get-branch-name@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/get-branch-name@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 - name: Publish run: ${{ github.action_path }}/publish_chart.sh shell: bash diff --git a/.github/actions/dbp-charts/verify-compose/action.yml b/.github/actions/dbp-charts/verify-compose/action.yml index 47374acab..cef01fd19 100644 --- a/.github/actions/dbp-charts/verify-compose/action.yml +++ b/.github/actions/dbp-charts/verify-compose/action.yml @@ -22,19 +22,19 @@ runs: using: composite steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - if: ${{ inputs.quay_username != '' && inputs.quay_password != '' }} name: Login to Quay.io - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: quay.io username: ${{ inputs.quay_username }} password: ${{ inputs.quay_password }} - if: ${{ inputs.docker_username != '' && inputs.docker_password != '' }} name: Login to Docker Hub - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ inputs.docker_username }} password: ${{ inputs.docker_password }} diff --git a/.github/actions/dbp-charts/verify-helm/action.yml b/.github/actions/dbp-charts/verify-helm/action.yml index 3d495ac13..1c0490ab6 100644 --- a/.github/actions/dbp-charts/verify-helm/action.yml +++ b/.github/actions/dbp-charts/verify-helm/action.yml @@ -60,26 +60,26 @@ runs: steps: - name: Checkout if: inputs.skip_checkout == 'false' - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 with: aws-region: ${{ inputs.aws_region }} aws-access-key-id: ${{ inputs.aws_access_key_id }} aws-secret-access-key: ${{ inputs.aws_secret_access_key }} - - uses: azure/setup-kubectl@v3 + - uses: azure/setup-kubectl@901a10e89ea615cf61f57ac05cecdf23e7de06d8 # v3 with: version: ${{ inputs.kubectl_version }} - name: Login to Quay.io - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: quay.io username: ${{ inputs.quay_username }} password: ${{ inputs.quay_password }} if: ${{ inputs.acs_version != 'community' }} - name: Login to Docker Hub - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ inputs.docker_username}} password: ${{ inputs.docker_password }} diff --git a/.github/actions/docker-dump-containers-logs/action.yml b/.github/actions/docker-dump-containers-logs/action.yml index fafba013c..383a6fab1 100644 --- a/.github/actions/docker-dump-containers-logs/action.yml +++ b/.github/actions/docker-dump-containers-logs/action.yml @@ -26,7 +26,7 @@ runs: echo "artefactName=${{ inputs.output-archive-name }}" >> $GITHUB_ENV fi - name: "Upload archive containing all *.log files" - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: path: logs.tar.gz name: ${{ env.artefactName }} diff --git a/.github/actions/get-build-info/action.yml b/.github/actions/get-build-info/action.yml index 4c0eb3fe3..6ee0292ee 100644 --- a/.github/actions/get-build-info/action.yml +++ b/.github/actions/get-build-info/action.yml @@ -3,7 +3,7 @@ description: "Get build-related info from GitHub and load it as generically name runs: using: composite steps: - - uses: Alfresco/alfresco-build-tools/.github/actions/get-branch-name@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/get-branch-name@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 - name: "Get build info" run: | [[ $GITHUB_EVENT_NAME == "pull_request" ]] && IS_PULL_REQUEST="true" || IS_PULL_REQUEST="false" diff --git a/.github/actions/helm-integration-tests/action.yml b/.github/actions/helm-integration-tests/action.yml index 61b03ac81..20e5eb46c 100644 --- a/.github/actions/helm-integration-tests/action.yml +++ b/.github/actions/helm-integration-tests/action.yml @@ -37,7 +37,7 @@ runs: using: composite steps: - name: Setup rancher - uses: Alfresco/alfresco-build-tools/.github/actions/setup-rancher-cli@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/setup-rancher-cli@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: url: ${{ inputs.test-rancher-url }} access-key: ${{ inputs.test-rancher-access-key }} diff --git a/.github/actions/helm-package-chart/action.yml b/.github/actions/helm-package-chart/action.yml index 39f339622..52830103b 100644 --- a/.github/actions/helm-package-chart/action.yml +++ b/.github/actions/helm-package-chart/action.yml @@ -42,7 +42,7 @@ runs: echo "package-file-path=$PACKAGE_FILE_PATH" >> $GITHUB_OUTPUT - name: Upload Artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: ${{steps.package.outputs.package-file}} path: ${{steps.package.outputs.package-file-path}} diff --git a/.github/actions/helm-publish-chart/action.yml b/.github/actions/helm-publish-chart/action.yml index 70d5cdebe..20f358c6b 100644 --- a/.github/actions/helm-publish-chart/action.yml +++ b/.github/actions/helm-publish-chart/action.yml @@ -40,7 +40,7 @@ runs: run: echo "CHECKOUT_PATH=$(uuidgen)" >> $GITHUB_ENV - name: Checkout charts repository - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: path: ${{ env.CHECKOUT_PATH }} repository: ${{ inputs.helm-charts-repo }} @@ -110,7 +110,7 @@ runs: fi - name: Commit changes - uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: username: ${{ inputs.git-username }} add-options: . diff --git a/.github/actions/helm-release-and-publish/action.yml b/.github/actions/helm-release-and-publish/action.yml index 71ba36967..8128fa193 100644 --- a/.github/actions/helm-release-and-publish/action.yml +++ b/.github/actions/helm-release-and-publish/action.yml @@ -44,7 +44,7 @@ runs: run: | echo "VERSION=$VERSION" >> $GITHUB_ENV - - uses: Alfresco/alfresco-build-tools/.github/actions/git-check-existing-tag@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/git-check-existing-tag@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 id: check-tag with: tag: ${{ env.VERSION }} @@ -52,13 +52,13 @@ runs: - name: Update chart version if: steps.check-tag.outputs.exists == 'false' - uses: Alfresco/alfresco-build-tools/.github/actions/helm-update-chart-version@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/helm-update-chart-version@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: new-version: ${{ env.VERSION }} chart-repository-dir: ${{ inputs.chart-repository-dir }} chart-dir: ${{ inputs.chart-dir }} - - uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 if: steps.check-tag.outputs.exists == 'false' with: username: ${{ inputs.git-username }} @@ -75,7 +75,7 @@ runs: - name: Package Helm Chart if: steps.check-tag.outputs.exists == 'false' id: package-helm-chart - uses: Alfresco/alfresco-build-tools/.github/actions/helm-package-chart@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/helm-package-chart@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: chart-dir: ${{ inputs.chart-dir }} chart-repository-dir: ${{ inputs.chart-repository-dir }} @@ -88,7 +88,7 @@ runs: - name: Publish Helm chart if: steps.check-tag.outputs.exists == 'false' - uses: Alfresco/alfresco-build-tools/.github/actions/helm-publish-chart@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/helm-publish-chart@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: helm-charts-repo: ${{inputs.helm-repository}} helm-charts-repo-branch: ${{ inputs.helm-repository-branch }} diff --git a/.github/actions/helm-update-chart-version/action.yml b/.github/actions/helm-update-chart-version/action.yml index e90501639..cdb80ddf3 100644 --- a/.github/actions/helm-update-chart-version/action.yml +++ b/.github/actions/helm-update-chart-version/action.yml @@ -13,7 +13,7 @@ inputs: runs: using: composite steps: - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 - name: Update version shell: bash env: diff --git a/.github/actions/kubectl-keep-nslogs/action.yml b/.github/actions/kubectl-keep-nslogs/action.yml index 764304a92..09727ad46 100644 --- a/.github/actions/kubectl-keep-nslogs/action.yml +++ b/.github/actions/kubectl-keep-nslogs/action.yml @@ -34,7 +34,7 @@ runs: done done - name: upload kubernetes logs as artifact - uses: actions/upload-artifact@v3.1.3 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: >- ${{ inputs.namespace }}_logs.${{ github.run_number }}.${{ github.run_attempt }} diff --git a/.github/actions/maven-build-and-tag/action.yml b/.github/actions/maven-build-and-tag/action.yml index 3f1b646f7..6fae50c07 100644 --- a/.github/actions/maven-build-and-tag/action.yml +++ b/.github/actions/maven-build-and-tag/action.yml @@ -79,9 +79,9 @@ outputs: runs: using: composite steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: actions/cache@v3 + - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: path: ~/.m2/repository key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} @@ -89,7 +89,7 @@ runs: ${{ runner.os }}-maven- - name: Set up JDK - uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 + uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3.13 with: java-version: ${{ inputs.java-version }} distribution: ${{ inputs.java-distribution }} @@ -121,7 +121,7 @@ runs: - name: Update pom files to the new version id: update-pom-to-next-version if: github.event_name == 'push' || env.IS_PREVIEW == 'true' - uses: Alfresco/alfresco-build-tools/.github/actions/update-pom-to-next-pre-release@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/update-pom-to-next-pre-release@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: property-to-update: ${{ inputs.property-to-update }} maven-cli-opts: ${{ steps.compute-maven-options.outputs.result }} @@ -140,7 +140,7 @@ runs: - name: Login to DockerHub Registry if: inputs.docker-username != '' && (github.event_name == 'push' || env.IS_PREVIEW == 'true') - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: docker.io username: ${{ inputs.docker-username }} @@ -148,7 +148,7 @@ runs: - name: Login to Quay.io Docker Registry if: inputs.quay-username != '' - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: quay.io username: ${{ inputs.quay-username }} @@ -156,7 +156,7 @@ runs: - name: Login to ghcr.io Docker Registry if: inputs.ghcr-username != '' - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: ghcr.io username: ${{ inputs.ghcr-username }} @@ -196,7 +196,7 @@ runs: run: docker rm -f $(docker ps -a -q) continue-on-error: true - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 if: inputs.upload-jars == 'true' with: name: ${{ inputs.upload-jars-name }} @@ -204,7 +204,7 @@ runs: path: | ${{ inputs.upload-jars-path }} - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 if: inputs.upload-coverage == 'true' with: name: coverage @@ -216,7 +216,7 @@ runs: shell: bash run: find . -name TEST-*.xml -exec grep -h testcase {} \; | awk -F '"' '{printf("%s#%s() - %.3fms\n", $4, $2, $6); }' | sort -n -k 3 | tail -20 - - uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 if: github.event_name == 'push' with: username: ${{ inputs.git-username }} diff --git a/.github/actions/maven-release/action.yml b/.github/actions/maven-release/action.yml index 7f06ae29c..9cc94ebe4 100644 --- a/.github/actions/maven-release/action.yml +++ b/.github/actions/maven-release/action.yml @@ -68,14 +68,14 @@ runs: echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV - name: Checkout ${{ inputs.repo }} - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: repository: '${{ inputs.repo }}' ref: ${{ inputs.base-ref }} path: '${{ env.REPO_DIR }}' token: ${{ inputs.github-token }} - - uses: Alfresco/alfresco-build-tools/.github/actions/git-check-existing-tag@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/git-check-existing-tag@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 id: check-tag with: tag: ${{ env.RELEASE_VERSION }} @@ -83,7 +83,7 @@ runs: - name: Set up JDK if: steps.check-tag.outputs.exists == 'false' - uses: actions/setup-java@v3 + uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3.13.0 with: java-version: ${{ inputs.java-version }} distribution: ${{ inputs.java-distribution }} @@ -147,7 +147,7 @@ runs: - name: Commit changes if: steps.check-tag.outputs.exists == 'false' - uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: username: ${{ inputs.git-username }} add-options: -u diff --git a/.github/actions/pre-commit-default/action.yml b/.github/actions/pre-commit-default/action.yml index 0e995ac48..f2cc3adbb 100644 --- a/.github/actions/pre-commit-default/action.yml +++ b/.github/actions/pre-commit-default/action.yml @@ -23,7 +23,7 @@ runs: using: "composite" steps: - name: Set up Python ${{ inputs.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: ${{ inputs.python-version }} - name: build extra_args @@ -33,11 +33,11 @@ runs: run: | EXTRA_ARGS="--all-files ${{ inputs.extra-args }}" echo EXTRA_ARGS="${EXTRA_ARGS}" >> $GITHUB_ENV - - uses: pre-commit/action@v3.0.0 + - uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507 # v3.0.0 if: inputs.check-format == 'true' with: extra_args: ${{ env.EXTRA_ARGS }} --config ${{ github.action_path }}/format-config.yaml - - uses: pre-commit/action@v3.0.0 + - uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507 # v3.0.0 if: inputs.check-github-configuration == 'true' with: extra_args: ${{ env.EXTRA_ARGS }} --config ${{ github.action_path }}/github-config.yaml diff --git a/.github/actions/pre-commit/action.yml b/.github/actions/pre-commit/action.yml index f87184a78..7a82459a6 100644 --- a/.github/actions/pre-commit/action.yml +++ b/.github/actions/pre-commit/action.yml @@ -26,7 +26,7 @@ inputs: runs: using: "composite" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 if: inputs.skip_checkout == 'false' env: REF_TO_CHECKOUT: ${{ inputs.auto-commit == 'true' && github.head_ref || '' }} @@ -34,7 +34,7 @@ runs: ref: ${{ env.REF_TO_CHECKOUT }} - name: Set up Python ${{ inputs.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: ${{ inputs.python-version }} diff --git a/.github/actions/process-coverage-report/action.yml b/.github/actions/process-coverage-report/action.yml index 827884b37..04587ee52 100644 --- a/.github/actions/process-coverage-report/action.yml +++ b/.github/actions/process-coverage-report/action.yml @@ -54,7 +54,7 @@ outputs: runs: using: composite steps: - - uses: madrapps/jacoco-report@v1.6.1 + - uses: madrapps/jacoco-report@db72e7e7c96f98d239967958b0a0a6ca7d3bb45f # v1.6.1 id: jacoco-aggregate with: paths: ${{ inputs.paths }} diff --git a/.github/actions/rancher/action.yml b/.github/actions/rancher/action.yml index a9e3d452f..ae0ff2ea8 100644 --- a/.github/actions/rancher/action.yml +++ b/.github/actions/rancher/action.yml @@ -28,9 +28,9 @@ inputs: runs: using: "composite" steps: - - uses: azure/setup-kubectl@v3.2 + - uses: azure/setup-kubectl@901a10e89ea615cf61f57ac05cecdf23e7de06d8 # v3.2 - name: setup-python - uses: actions/setup-python@v4 + uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: "3.9" cache: pip diff --git a/.github/actions/reportportal-prepare/action.yml b/.github/actions/reportportal-prepare/action.yml index 4d63134f1..5e24b03a3 100644 --- a/.github/actions/reportportal-prepare/action.yml +++ b/.github/actions/reportportal-prepare/action.yml @@ -42,7 +42,7 @@ runs: using: composite steps: - name: Get branch name - uses: Alfresco/alfresco-build-tools/.github/actions/get-branch-name@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/get-branch-name@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 - name: Compute Report Portal input info id: info diff --git a/.github/actions/send-slack-notification-slow-job/action.yml b/.github/actions/send-slack-notification-slow-job/action.yml index b0cbd9648..fa4c729c8 100644 --- a/.github/actions/send-slack-notification-slow-job/action.yml +++ b/.github/actions/send-slack-notification-slow-job/action.yml @@ -25,7 +25,7 @@ runs: - name: Slack Notification if: fromJSON(steps.fetch_time.outputs.total_time) > fromJSON(inputs.max-build-time-seconds) - uses: Alfresco/alfresco-build-tools/.github/actions/send-slack-notification@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/send-slack-notification@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: channel-id: ${{ inputs.slack-channel }} message: 'Max build time exceeded: took ${{ steps.fetch_time.outputs.total_time }} seconds (expected max: ${{ inputs.max-build-time-seconds }} seconds)' diff --git a/.github/actions/send-slack-notification/action.yml b/.github/actions/send-slack-notification/action.yml index 4308883c2..ac6d00736 100644 --- a/.github/actions/send-slack-notification/action.yml +++ b/.github/actions/send-slack-notification/action.yml @@ -24,7 +24,7 @@ runs: steps: - name: Validate token if: inputs.token == '' - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | core.setFailed('Slack token was not provided!') @@ -82,11 +82,11 @@ runs: echo "result=$RESULT" >> $GITHUB_OUTPUT - name: Get branch name - uses: Alfresco/alfresco-build-tools/.github/actions/get-branch-name@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/get-branch-name@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 - name: Send slack notification id: slack - uses: slackapi/slack-github-action@v1.24.0 + uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0 env: SLACK_BOT_TOKEN: ${{ inputs.token }} COLOR: ${{ steps.compute-color.outputs.result }} diff --git a/.github/actions/send-teams-notification/action.yml b/.github/actions/send-teams-notification/action.yml index 131b618a2..751b64fba 100644 --- a/.github/actions/send-teams-notification/action.yml +++ b/.github/actions/send-teams-notification/action.yml @@ -58,12 +58,12 @@ inputs: runs: using: composite steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Check workflow status uses: martialonline/workflow-status@fe13c6a4716673e224038aa1b02387352fb35e13 id: workflow_status_check - name: Send teams notification - uses: skitionek/notify-microsoft-teams@9c67757f64d610fb6748d8ff3c11f284355ed7ec + uses: skitionek/notify-microsoft-teams@9c67757f64d610fb6748d8ff3c11f284355ed7ec # v1.0 with: webhook_url: ${{ inputs.webhook-url }} job: ${{ toJSON(steps.workflow_status_check.outputs) }} diff --git a/.github/actions/setup-helm-docs/action.yml b/.github/actions/setup-helm-docs/action.yml index de218a122..fa19581b0 100644 --- a/.github/actions/setup-helm-docs/action.yml +++ b/.github/actions/setup-helm-docs/action.yml @@ -8,7 +8,7 @@ inputs: runs: using: "composite" steps: - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-github-release-binary@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-github-release-binary@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: repo: norwoodj/helm-docs version: ${{ inputs.version }} diff --git a/.github/actions/setup-java-build/action.yml b/.github/actions/setup-java-build/action.yml index 4866ab143..525420806 100644 --- a/.github/actions/setup-java-build/action.yml +++ b/.github/actions/setup-java-build/action.yml @@ -17,7 +17,7 @@ runs: using: composite steps: - name: "Cache local Maven repository" - uses: actions/cache@v3 + uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: path: ~/.m2/repository key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} @@ -35,7 +35,7 @@ runs: cp ${{ github.action_path }}/settings.xml $HOME/.m2/settings.xml fi - name: "Set up Java" - uses: actions/setup-java@v3 + uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3.13.0 with: java-version: ${{ inputs.java-version }} distribution: ${{ inputs.java-distribution }} diff --git a/.github/actions/setup-jx-release-version/action.yml b/.github/actions/setup-jx-release-version/action.yml index 83a2e2631..ccc4112aa 100644 --- a/.github/actions/setup-jx-release-version/action.yml +++ b/.github/actions/setup-jx-release-version/action.yml @@ -8,7 +8,7 @@ inputs: runs: using: "composite" steps: - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-github-release-binary@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-github-release-binary@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: repo: jenkins-x-plugins/jx-release-version version: ${{ inputs.version }} diff --git a/.github/actions/setup-kind/action.yml b/.github/actions/setup-kind/action.yml index d0b7ea635..336211930 100644 --- a/.github/actions/setup-kind/action.yml +++ b/.github/actions/setup-kind/action.yml @@ -24,7 +24,7 @@ runs: using: "composite" steps: - name: Create cluster - uses: helm/kind-action@v1.8.0 # https://github.com/helm/kind-action/releases/tag/v1.8.0 + uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 with: config: ${{ github.action_path }}/kind.yml version: ${{ inputs.kind-version }} diff --git a/.github/actions/setup-terraform-docs/action.yml b/.github/actions/setup-terraform-docs/action.yml index 53e439122..b0d5ab4e3 100644 --- a/.github/actions/setup-terraform-docs/action.yml +++ b/.github/actions/setup-terraform-docs/action.yml @@ -8,7 +8,7 @@ inputs: runs: using: "composite" steps: - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-github-release-binary@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-github-release-binary@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: repo: terraform-docs/terraform-docs version: ${{ inputs.version }} diff --git a/.github/actions/update-pom-to-next-pre-release/action.yml b/.github/actions/update-pom-to-next-pre-release/action.yml index 9c740eb2a..1b062547e 100644 --- a/.github/actions/update-pom-to-next-pre-release/action.yml +++ b/.github/actions/update-pom-to-next-pre-release/action.yml @@ -33,7 +33,7 @@ runs: - id: next-prerelease-resolver name: Calculate next internal release if: inputs.version == '' - uses: Alfresco/alfresco-build-tools/.github/actions/calculate-next-internal-version@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/calculate-next-internal-version@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: next-version: ${{ steps.parse-next-final-version.outputs.result }} prerelease-type: ${{ inputs.prerelease-type }} @@ -50,7 +50,7 @@ runs: fi - name: Update pom files to the new version - uses: Alfresco/alfresco-build-tools/.github/actions/maven-update-pom-version@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/maven-update-pom-version@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: version: ${{ steps.resolve-version.outputs.version }} maven-cli-opts: ${{ inputs.maven-cli-opts }} diff --git a/.github/workflows/build-and-release-maven.yml b/.github/workflows/build-and-release-maven.yml index cacc806b0..10433d7bf 100644 --- a/.github/workflows/build-and-release-maven.yml +++ b/.github/workflows/build-and-release-maven.yml @@ -64,8 +64,8 @@ jobs: name: "Build" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v3.9.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: java-version: ${{ inputs.java-version }} java-distribution: ${{ inputs.java-distribution }} @@ -104,14 +104,14 @@ jobs: needs: compute_release_conditions if: needs.compute_release_conditions.outputs.should_release == 'true' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: persist-credentials: false - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: java-version: ${{ inputs.java-version }} java-distribution: ${{ inputs.java-distribution }} - - uses: Alfresco/alfresco-build-tools/.github/actions/configure-git-author@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/configure-git-author@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: username: ${{ secrets.BOT_GITHUB_USERNAME }} email: ${{ secrets.BOT_GITHUB_EMAIL }} diff --git a/.github/workflows/helm-publish-new-package-version.yml b/.github/workflows/helm-publish-new-package-version.yml index 0b0d6155c..3724c78e2 100644 --- a/.github/workflows/helm-publish-new-package-version.yml +++ b/.github/workflows/helm-publish-new-package-version.yml @@ -38,11 +38,11 @@ jobs: outputs: version: ${{ steps.next-release.outputs.next-prerelease }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - id: next-release name: Calculate next internal release - uses: Alfresco/alfresco-build-tools/.github/actions/calculate-next-internal-version@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/calculate-next-internal-version@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: next-version: ${{ inputs.next-version }} @@ -53,12 +53,12 @@ jobs: echo "VERSION=$VERSION" >> $GITHUB_ENV - name: Update chart version - uses: Alfresco/alfresco-build-tools/.github/actions/helm-update-chart-version@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/helm-update-chart-version@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: new-version: ${{env.VERSION}} chart-dir: ${{ inputs.chart-dir }} - - uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@v3.9.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: username: ${{ secrets.BOT_GITHUB_USERNAME }} add-options: -u @@ -69,7 +69,7 @@ jobs: - name: Package Helm Chart id: package-helm-chart - uses: Alfresco/alfresco-build-tools/.github/actions/helm-package-chart@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/helm-package-chart@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: chart-dir: ${{ inputs.chart-dir }} @@ -77,7 +77,7 @@ jobs: run: git push origin $VERSION - name: Publish Helm chart - uses: Alfresco/alfresco-build-tools/.github/actions/helm-publish-chart@v3.9.0 + uses: Alfresco/alfresco-build-tools/.github/actions/helm-publish-chart@92947f8dee1180182ac6cf516edce1d4eb7d9b38 # v3.9.0 with: helm-charts-repo: ${{ inputs.helm-charts-repo }} helm-charts-repo-branch: ${{ inputs.helm-charts-repo-branch }} diff --git a/.github/workflows/publish-artifacts-for-veracode.yml b/.github/workflows/publish-artifacts-for-veracode.yml index 54d6338fd..0ca3928c7 100644 --- a/.github/workflows/publish-artifacts-for-veracode.yml +++ b/.github/workflows/publish-artifacts-for-veracode.yml @@ -9,16 +9,16 @@ jobs: name: Build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Set up JDK 17 - uses: actions/setup-java@v3 + uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3.13.0 with: java-version: '17' distribution: 'temurin' cache: 'maven' - name: Login to DockerHub Registry - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: docker.io username: ${{ secrets.DOCKER_USERNAME }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 99688dd05..93193a81f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,7 +10,7 @@ jobs: name: Release runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 ref: master @@ -34,7 +34,7 @@ jobs: run: | ./release.sh $VERSION - - uses: stefanzweifel/git-auto-commit-action@v5 + - uses: stefanzweifel/git-auto-commit-action@8756aa072ef5b4a080af5dc8fef36c5d586e521d # v5.0.0 with: branch: master skip_checkout: true diff --git a/.github/workflows/test-with-bats.yml b/.github/workflows/test-with-bats.yml index 5a0de2ba5..e7882199a 100644 --- a/.github/workflows/test-with-bats.yml +++ b/.github/workflows/test-with-bats.yml @@ -12,9 +12,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: mig4/setup-bats@v1 + - uses: mig4/setup-bats@af9a00deb21b5d795cabfeaa8d9060410377686d # v1.2.0 with: bats-version: 1.8.0 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 614d3b3ba..c7291169a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -7,12 +7,18 @@ on: branches: [ master ] jobs: - + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - name: pre-commit checks + uses: ./.github/actions/pre-commit + - name: Ensure SHA pinned actions + uses: zgosalvez/github-actions-ensure-sha-pinned-actions@b35f285b9bb7e80de0967367cee66d3b6d50ceca # v3.0.1 test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: ./.github/actions/pre-commit + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: ./.github/actions/pre-commit-default # - name: Manual test for send slack notification # uses: ./.github/actions/send-slack-notification diff --git a/version.txt b/version.txt index 5f22788f5..857572fcd 100644 --- a/version.txt +++ b/version.txt @@ -1 +1 @@ -v3.9.0 +v4.0.0