diff --git a/.github/workflows/_build-and-push.yml b/.github/workflows/_build-and-push.yml index 73dad8d011..a390f7d92a 100644 --- a/.github/workflows/_build-and-push.yml +++ b/.github/workflows/_build-and-push.yml @@ -71,11 +71,11 @@ jobs: run_integration_tests: 'false' artifact_to_dl: '' steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 - name: cache node modules id: cache-npm - uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # pin@v3.0.8 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # pin@v3.0.8 env: cache-name: cache-node-modules with: @@ -94,7 +94,7 @@ jobs: inputs.specific_path == 'all' || inputs.specific_path == matrix.svc_prefix - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@e0fc2428ccc7f7031a468e4a9d673be1a95fb8b9 # pin@v1.7.0 + uses: aws-actions/configure-aws-credentials@e9cf1db62a2c7bfa124c55c2432ffcf0ae30832b # pin@v1.7.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }} @@ -107,7 +107,7 @@ jobs: (inputs.specific_path == 'all' || inputs.specific_path == matrix.svc_prefix) - name: download artifact - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 with: name: ${{ matrix.artifact_to_dl }} path: service-${{ matrix.svc_prefix }}/web/dist @@ -203,7 +203,7 @@ jobs: (inputs.specific_path == 'all' || inputs.specific_path == matrix.svc_prefix) - name: archive test results - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # pin@v3.1.0 + uses: actions/upload-artifact@ef09cdac3e2d3e60d8ccadda691f4f1cec5035cb # pin@v3.1.0 with: name: service-${{ matrix.svc_prefix }} path: build/service-${{ matrix.svc_prefix }} @@ -264,7 +264,7 @@ jobs: - name: ecr login id: login_ecr - uses: aws-actions/amazon-ecr-login@ebdeac79a5f9525e298b368a491c338b8fd60fe9 # pin@v1.5.1 + uses: aws-actions/amazon-ecr-login@9940b30459fc350ab282a29fb1194169fef6cc32 # pin@v1.5.1 with: registries: 311462405659 if: | diff --git a/.github/workflows/_codecov.yml b/.github/workflows/_codecov.yml index 0686e45952..307b331176 100644 --- a/.github/workflows/_codecov.yml +++ b/.github/workflows/_codecov.yml @@ -15,10 +15,10 @@ jobs: code_coverage: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 - name: download artifact for front tests id: download-artifact-front-tests - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 continue-on-error: true with: name: service-front @@ -26,7 +26,7 @@ jobs: if: inputs.specific_path == 'all' - name: download artifact for api tests id: download-artifact-api-tests - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 continue-on-error: true with: name: service-api @@ -34,7 +34,7 @@ jobs: if: inputs.specific_path == 'all' - name: download artifact for admin tests id: download-artifact-admin-tests - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 continue-on-error: true with: name: service-admin diff --git a/.github/workflows/_ecr-scanning.yml b/.github/workflows/_ecr-scanning.yml index ed5f3abf4a..f73028e8bd 100644 --- a/.github/workflows/_ecr-scanning.yml +++ b/.github/workflows/_ecr-scanning.yml @@ -15,10 +15,10 @@ jobs: ecr-scan-results: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 - name: configure AWS credentials ECR scan results - uses: aws-actions/configure-aws-credentials@e0fc2428ccc7f7031a468e4a9d673be1a95fb8b9 # pin@v1.7.0 + uses: aws-actions/configure-aws-credentials@e9cf1db62a2c7bfa124c55c2432ffcf0ae30832b # pin@v1.7.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }} @@ -27,7 +27,7 @@ jobs: role-session-name: OPGUseAnLPAECRScanGithubAction - name: install python - uses: actions/setup-python@9a7ac94420f42ee15fc60ab88d0dca4be1fd5757 # pin@v4.2.0 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # pin@v4.2.0 with: python-version: '3.10' cache: 'pip' diff --git a/.github/workflows/_lint-terraform.yml b/.github/workflows/_lint-terraform.yml index 027b4f950c..b26a1b2a8f 100644 --- a/.github/workflows/_lint-terraform.yml +++ b/.github/workflows/_lint-terraform.yml @@ -20,7 +20,7 @@ jobs: - folder: 'environment' - folder: 'account' steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 - name: Set Terraform version working-directory: ./terraform/${{ matrix.folder }} @@ -37,7 +37,7 @@ jobs: name: Setup TFLint - name: configure AWS credentials for terraform - uses: aws-actions/configure-aws-credentials@e0fc2428ccc7f7031a468e4a9d673be1a95fb8b9 # pin@v1.7.0 + uses: aws-actions/configure-aws-credentials@e9cf1db62a2c7bfa124c55c2432ffcf0ae30832b # pin@v1.7.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }} diff --git a/.github/workflows/_node-build.yml b/.github/workflows/_node-build.yml index 6b1f3c6278..c5168e7cdd 100644 --- a/.github/workflows/_node-build.yml +++ b/.github/workflows/_node-build.yml @@ -11,13 +11,13 @@ jobs: build-web: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 - uses: actions/setup-node@c2ac33f2c62f978d6c944d9648125a294e56dc0b # pin@v3.6.0 with: node-version-file: '.nvmrc' - name: cache node modules id: cache-npm - uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # pin@v3.0.8 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # pin@v3.0.8 env: cache-name: cache-node-modules with: @@ -33,7 +33,7 @@ jobs: cd service-front/web/ npm run build - name: archive dist - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # pin@v3.1.0 + uses: actions/upload-artifact@ef09cdac3e2d3e60d8ccadda691f4f1cec5035cb # pin@v3.1.0 with: name: dist-web path: service-front/web/dist/ diff --git a/.github/workflows/_node-test.yml b/.github/workflows/_node-test.yml index b5768c4478..0d8eb83683 100644 --- a/.github/workflows/_node-test.yml +++ b/.github/workflows/_node-test.yml @@ -11,13 +11,13 @@ jobs: unit-test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 - uses: actions/setup-node@c2ac33f2c62f978d6c944d9648125a294e56dc0b # pin@v3.6.0 with: node-version-file: '.nvmrc' - name: cache node modules id: cache-npm - uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # pin@v3.0.8 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # pin@v3.0.8 env: cache-name: cache-node-modules with: diff --git a/.github/workflows/_run-behat-tests.yml b/.github/workflows/_run-behat-tests.yml index 333bbe2d2d..40587f0d90 100644 --- a/.github/workflows/_run-behat-tests.yml +++ b/.github/workflows/_run-behat-tests.yml @@ -16,10 +16,10 @@ jobs: build-web: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 - name: install python - uses: actions/setup-python@9a7ac94420f42ee15fc60ab88d0dca4be1fd5757 # pin@v4.2.0 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # pin@v4.2.0 with: python-version: '3.10' cache: 'pip' @@ -45,13 +45,13 @@ jobs: working-directory: tests/smoke - name: download cluster_config - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 with: name: environment_config_file path: terraform/environment - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@e0fc2428ccc7f7031a468e4a9d673be1a95fb8b9 # pin@v1.7.0 + uses: aws-actions/configure-aws-credentials@e9cf1db62a2c7bfa124c55c2432ffcf0ae30832b # pin@v1.7.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }} @@ -86,7 +86,7 @@ jobs: vendor/bin/behat - name: archive failed test screenshots - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # pin@v3.1.0 + uses: actions/upload-artifact@ef09cdac3e2d3e60d8ccadda691f4f1cec5035cb # pin@v3.1.0 with: name: behat-screenshots path: tests/smoke/failed_step_screenshots diff --git a/.github/workflows/_run-terraform.yml b/.github/workflows/_run-terraform.yml index 8609bd5a9d..5839f80f92 100644 --- a/.github/workflows/_run-terraform.yml +++ b/.github/workflows/_run-terraform.yml @@ -58,7 +58,7 @@ jobs: echo "admin-tag=$(echo ${TAG})" >> $GITHUB_OUTPUT fi - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 with: fetch-depth: '0' @@ -76,7 +76,7 @@ jobs: terraform_version: ${{ steps.set-terraform-version.outputs.TF_VERSION }} - name: configure AWS credentials for getting pagerduty token - uses: aws-actions/configure-aws-credentials@e0fc2428ccc7f7031a468e4a9d673be1a95fb8b9 # pin@v1.7.0 + uses: aws-actions/configure-aws-credentials@e9cf1db62a2c7bfa124c55c2432ffcf0ae30832b # pin@v1.7.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }} @@ -93,7 +93,7 @@ jobs: echo TF_VAR_pagerduty_token=$TF_VAR_pagerduty_token >> $GITHUB_ENV - name: configure AWS credentials for terraform - uses: aws-actions/configure-aws-credentials@e0fc2428ccc7f7031a468e4a9d673be1a95fb8b9 # pin@v1.7.0 + uses: aws-actions/configure-aws-credentials@e9cf1db62a2c7bfa124c55c2432ffcf0ae30832b # pin@v1.7.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }} @@ -152,7 +152,7 @@ jobs: - name: upload environment cluster config file if: inputs.terraform_path == 'environment' - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # pin@v3.1.0 + uses: actions/upload-artifact@ef09cdac3e2d3e60d8ccadda691f4f1cec5035cb # pin@v3.1.0 with: name: environment_config_file path: terraform/environment/cluster_config.json diff --git a/.github/workflows/_seed-database.yml b/.github/workflows/_seed-database.yml index fa5eadeb9b..abc75bd8e5 100644 --- a/.github/workflows/_seed-database.yml +++ b/.github/workflows/_seed-database.yml @@ -5,12 +5,12 @@ jobs: terraform_workflow: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 with: fetch-depth: '0' - name: configure AWS credentials for terraform - uses: aws-actions/configure-aws-credentials@e0fc2428ccc7f7031a468e4a9d673be1a95fb8b9 # pin@v1.7.0 + uses: aws-actions/configure-aws-credentials@e9cf1db62a2c7bfa124c55c2432ffcf0ae30832b # pin@v1.7.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }} @@ -19,13 +19,13 @@ jobs: role-session-name: OPGUseAnLPASeedGithubAction - name: download cluster_config - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 with: name: environment_config_file path: terraform/environment - name: install python - uses: actions/setup-python@9a7ac94420f42ee15fc60ab88d0dca4be1fd5757 # pin@v4.2.0 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # pin@v4.2.0 with: python-version: '3.10' cache: 'pip' diff --git a/.github/workflows/_slack-notification.yml b/.github/workflows/_slack-notification.yml index d1e60ffb04..c73e18b3b7 100644 --- a/.github/workflows/_slack-notification.yml +++ b/.github/workflows/_slack-notification.yml @@ -24,10 +24,10 @@ jobs: send-slack-notification: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 - name: install python - uses: actions/setup-python@9a7ac94420f42ee15fc60ab88d0dca4be1fd5757 # pin@v4.2.0 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # pin@v4.2.0 with: python-version: '3.10' cache: 'pip' @@ -36,7 +36,7 @@ jobs: run: pip install -r scripts/pipeline/requirements.txt - name: download cluster_config - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 with: name: environment_config_file path: /tmp diff --git a/.github/workflows/path-to-live.yml b/.github/workflows/path-to-live.yml index 50d61813dd..9adc6934e8 100644 --- a/.github/workflows/path-to-live.yml +++ b/.github/workflows/path-to-live.yml @@ -34,14 +34,14 @@ jobs: short_sha: ${{ steps.variables.outputs.short_sha }} semver_tag: ${{ steps.semver_tag.outputs.created_tag }} steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 - name: extract variables for workflow id: variables run: | echo "short_sha=$(echo ${GITHUB_SHA:0:7})" >> $GITHUB_OUTPUT - name: Bump version and push tag - uses: ministryofjustice/opg-github-actions/.github/actions/semver-tag@v3.0.4 + uses: ministryofjustice/opg-github-actions/.github/actions/semver-tag@v3.0.6 id: semver_tag with: with_v: true @@ -90,19 +90,19 @@ jobs: - workflow_variables runs-on: ubuntu-latest steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 - name: download artifact for front tests - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 with: name: service-front path: service-front - name: download artifact for api tests - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 with: name: service-api path: service-api - name: download artifact for api tests - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 with: name: service-admin path: service-admin @@ -198,11 +198,11 @@ jobs: needs: - terraform_apply_production steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 with: fetch-depth: '0' - name: download cluster_config - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 with: name: environment_config_file path: terraform/environment diff --git a/.github/workflows/pull-request-path.yml b/.github/workflows/pull-request-path.yml index 720417f80c..d72192bd0e 100644 --- a/.github/workflows/pull-request-path.yml +++ b/.github/workflows/pull-request-path.yml @@ -37,24 +37,24 @@ jobs: short_sha: ${{ steps.variables.outputs.short_sha }} specific_path: ${{ steps.variables.outputs.path }} steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 with: fetch-depth: 2 - name: get changed files in the admin folder id: changed-files-admin - uses: tj-actions/changed-files@2859a60726ea6e36242029176333d2d37880bbc5 + uses: tj-actions/changed-files@e8a7e822693e723321608f9be7209c66c3f74860 with: files: | service-admin/** - name: get changed files in the terraform folder id: changed-files-terraform - uses: tj-actions/changed-files@2859a60726ea6e36242029176333d2d37880bbc5 + uses: tj-actions/changed-files@e8a7e822693e723321608f9be7209c66c3f74860 with: files: | terraform/** - name: get changed docs files in any folder id: changed-files-docs - uses: tj-actions/changed-files@2859a60726ea6e36242029176333d2d37880bbc5 + uses: tj-actions/changed-files@e8a7e822693e723321608f9be7209c66c3f74860 with: files: | **/*.md diff --git a/.github/workflows/scheduled-codeql-analysis.yml b/.github/workflows/scheduled-codeql-analysis.yml index 8f01fe1ee5..4f65a4427e 100644 --- a/.github/workflows/scheduled-codeql-analysis.yml +++ b/.github/workflows/scheduled-codeql-analysis.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/scheduled-tfsec.yml b/.github/workflows/scheduled-tfsec.yml index ac7cd25aed..afea4eb388 100644 --- a/.github/workflows/scheduled-tfsec.yml +++ b/.github/workflows/scheduled-tfsec.yml @@ -13,7 +13,7 @@ jobs: contents: read security-events: write steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 with: persist-credentials: false diff --git a/.github/workflows/scheduled-update-demo.yml b/.github/workflows/scheduled-update-demo.yml index fd99a5bbe6..1cc7763b24 100644 --- a/.github/workflows/scheduled-update-demo.yml +++ b/.github/workflows/scheduled-update-demo.yml @@ -44,7 +44,7 @@ jobs: - seed_dynamodb steps: - name: configure AWS credentials for ecs update - uses: aws-actions/configure-aws-credentials@e0fc2428ccc7f7031a468e4a9d673be1a95fb8b9 # pin@v1.7.0 + uses: aws-actions/configure-aws-credentials@e9cf1db62a2c7bfa124c55c2432ffcf0ae30832b # pin@v1.7.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }} diff --git a/.github/workflows/scheduled-workspace-cleanup.yml b/.github/workflows/scheduled-workspace-cleanup.yml index 5f49e55d68..ec708b5dda 100644 --- a/.github/workflows/scheduled-workspace-cleanup.yml +++ b/.github/workflows/scheduled-workspace-cleanup.yml @@ -21,7 +21,7 @@ jobs: terraform_environment_cleanup: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v3 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v3 - name: Set Terraform version working-directory: ./terraform/environment @@ -40,7 +40,7 @@ jobs: ssh-private-key: ${{ secrets.USE_AN_LPA_DEPLOY_KEY_PRIVATE_KEY }} - name: configure AWS credentials for getting pagerduty token - uses: aws-actions/configure-aws-credentials@e0fc2428ccc7f7031a468e4a9d673be1a95fb8b9 # pin@v1.7.0 + uses: aws-actions/configure-aws-credentials@e9cf1db62a2c7bfa124c55c2432ffcf0ae30832b # pin@v1.7.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }} @@ -57,7 +57,7 @@ jobs: echo TF_VAR_pagerduty_token=$TF_VAR_pagerduty_token >> $GITHUB_ENV - name: configure AWS credentials for terraform - uses: aws-actions/configure-aws-credentials@e0fc2428ccc7f7031a468e4a9d673be1a95fb8b9 # pin@v1.7.0 + uses: aws-actions/configure-aws-credentials@e9cf1db62a2c7bfa124c55c2432ffcf0ae30832b # pin@v1.7.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }} diff --git a/.github/workflows/statistics.yml b/.github/workflows/statistics.yml index e03bf8a306..9eefe79fb6 100644 --- a/.github/workflows/statistics.yml +++ b/.github/workflows/statistics.yml @@ -29,7 +29,7 @@ jobs: role-duration-seconds: 1800 role-session-name: OPGGetServiceStats - name: Set up Python - uses: actions/setup-python@v5.0.0 + uses: actions/setup-python@v5.1.0 with: python-version: 3.11.5 - name: Install requirements diff --git a/.github/workflows/workflow-deploy-ref-to-env.yml b/.github/workflows/workflow-deploy-ref-to-env.yml index e5833e28b6..c28b16b319 100644 --- a/.github/workflows/workflow-deploy-ref-to-env.yml +++ b/.github/workflows/workflow-deploy-ref-to-env.yml @@ -53,20 +53,20 @@ jobs: short_sha: ${{ steps.variables.outputs.short_sha }} specific_path: ${{ steps.variables.outputs.path }} steps: - - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # pin@v4 + - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017 # pin@v4 with: fetch-depth: 2 ref: ${{ inputs.git_ref }} - name: get changed files in the admin folder id: changed-files-admin - uses: tj-actions/changed-files@2859a60726ea6e36242029176333d2d37880bbc5 + uses: tj-actions/changed-files@e8a7e822693e723321608f9be7209c66c3f74860 with: files: | service-admin/** - name: get changed files in the terraform folder id: changed-files-terraform - uses: tj-actions/changed-files@2859a60726ea6e36242029176333d2d37880bbc5 + uses: tj-actions/changed-files@e8a7e822693e723321608f9be7209c66c3f74860 with: files: | terraform/**