diff --git a/.github/workflows/allow-deploys.yml b/.github/workflows/allow-deploys.yml index 7a313aa..ef93eed 100644 --- a/.github/workflows/allow-deploys.yml +++ b/.github/workflows/allow-deploys.yml @@ -23,7 +23,7 @@ jobs: runs-on: linux-arm64 steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 # Enable CD on merge to main - name: Enable ${{ inputs.workflow }} workflow diff --git a/.github/workflows/block-deploys.yml b/.github/workflows/block-deploys.yml index 316e839..2d577cb 100644 --- a/.github/workflows/block-deploys.yml +++ b/.github/workflows/block-deploys.yml @@ -23,7 +23,7 @@ jobs: runs-on: linux-arm64 steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 # Disable CD on merge to main - name: Disable ${{ inputs.workflow }} workflow diff --git a/.github/workflows/code-coverage-kotlin.yml b/.github/workflows/code-coverage-kotlin.yml index c768dba..89b90b4 100644 --- a/.github/workflows/code-coverage-kotlin.yml +++ b/.github/workflows/code-coverage-kotlin.yml @@ -97,7 +97,7 @@ jobs: timeout-minutes: ${{ inputs.test-timeout-minutes }} steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Validate service-name format run: | if ! echo "${{ inputs.service-name }}" | grep -qE '^[a-z0-9]+(-[a-z0-9]+)*$'; then @@ -135,7 +135,7 @@ jobs: runs-on: linux-arm64 steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Check if can access Dev Lens run: | curl --retry 3 --retry-delay 5 --retry-all-errors -f -s -o /dev/null --max-time 30 https://dev-lens.staging.monta.app/health diff --git a/.github/workflows/component-build.yml b/.github/workflows/component-build.yml index 36b4e14..57ae83f 100644 --- a/.github/workflows/component-build.yml +++ b/.github/workflows/component-build.yml @@ -107,7 +107,7 @@ jobs: runner-arm64: ${{ steps.runner-arm64.outputs.runner-name }} steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: ref: ${{ inputs.git-sha || github.sha }} - name: Get x64 runner name @@ -148,7 +148,7 @@ jobs: runner: ${{ needs.setup.outputs.runner-arm64 }} steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: ref: ${{ inputs.git-sha || github.sha }} - name: Configure AWS credentials via assumed role diff --git a/.github/workflows/component-deploy-v2.yml b/.github/workflows/component-deploy-v2.yml index 20789ec..02f5a8c 100644 --- a/.github/workflows/component-deploy-v2.yml +++ b/.github/workflows/component-deploy-v2.yml @@ -118,7 +118,7 @@ jobs: slack-channel-id: "C01KL9FUPNK" slack-message-id: ${{ inputs.slack-message-id }} - name: Check out service repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: repository: monta-app/${{ inputs.repository-name || format('service-{0}', inputs.service-identifier) }} path: 'service-repo' diff --git a/.github/workflows/component-deploy.yml b/.github/workflows/component-deploy.yml index 9d6fba6..c4e8768 100644 --- a/.github/workflows/component-deploy.yml +++ b/.github/workflows/component-deploy.yml @@ -106,7 +106,7 @@ jobs: slack-channel-id: "C01KL9FUPNK" slack-message-id: ${{ inputs.slack-message-id }} - name: Check out manifest repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: repository: monta-app/kube-manifests path: 'manifests' diff --git a/.github/workflows/component-service-profile-kotlin.yml b/.github/workflows/component-service-profile-kotlin.yml index d789703..28dcd45 100644 --- a/.github/workflows/component-service-profile-kotlin.yml +++ b/.github/workflows/component-service-profile-kotlin.yml @@ -51,7 +51,7 @@ jobs: runs-on: linux-arm64 steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Set up JDK uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: @@ -124,7 +124,7 @@ jobs: {"condition": {"method": "OPTIONS"}, "name": "OPTIONS [Default]"} ]' > service-profile.yml - name: Check out manifest repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: path: 'manifests' repository: monta-app/kube-manifests diff --git a/.github/workflows/component-test-kotlin.yml b/.github/workflows/component-test-kotlin.yml index 3402fc2..100a458 100644 --- a/.github/workflows/component-test-kotlin.yml +++ b/.github/workflows/component-test-kotlin.yml @@ -72,7 +72,7 @@ jobs: timeout-minutes: 30 steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Set up JDK uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: diff --git a/.github/workflows/component-test-python.yml b/.github/workflows/component-test-python.yml index e1281c7..6d6cbe6 100644 --- a/.github/workflows/component-test-python.yml +++ b/.github/workflows/component-test-python.yml @@ -74,7 +74,7 @@ jobs: timeout-minutes: 30 steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Setup Docker Compose if: ${{ inputs.docker-compose-path }} uses: monta-app/github-workflows/.github/actions/docker-compose-setup@main diff --git a/.github/workflows/create-release-tag.yml b/.github/workflows/create-release-tag.yml index 21e6497..45d2758 100644 --- a/.github/workflows/create-release-tag.yml +++ b/.github/workflows/create-release-tag.yml @@ -17,7 +17,7 @@ jobs: contents: write steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/publish-tech-docs.yml b/.github/workflows/publish-tech-docs.yml index e3be864..e2f48bf 100644 --- a/.github/workflows/publish-tech-docs.yml +++ b/.github/workflows/publish-tech-docs.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6 diff --git a/.github/workflows/pull-request-bun.yml b/.github/workflows/pull-request-bun.yml index 8515ab0..1e3ec12 100644 --- a/.github/workflows/pull-request-bun.yml +++ b/.github/workflows/pull-request-bun.yml @@ -69,7 +69,7 @@ jobs: timeout-minutes: ${{ inputs.build-timeout-minutes }} steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 diff --git a/.github/workflows/pull-request-kotlin.yml b/.github/workflows/pull-request-kotlin.yml index 6ca4a46..87bf7ee 100644 --- a/.github/workflows/pull-request-kotlin.yml +++ b/.github/workflows/pull-request-kotlin.yml @@ -80,7 +80,7 @@ jobs: steps: # Checkout - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: # to check out the actual pull request commit, not the merge commit ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/pull-request-react.yml b/.github/workflows/pull-request-react.yml index 0c1db5f..f9faa4e 100644 --- a/.github/workflows/pull-request-react.yml +++ b/.github/workflows/pull-request-react.yml @@ -75,7 +75,7 @@ jobs: timeout-minutes: ${{ inputs.build-timeout-minutes }} steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 60f3084..5c65fd4 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -16,7 +16,7 @@ jobs: runs-on: linux-arm64 steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Run actionlint uses: reviewdog/action-actionlint@6fb7acc99f4a1008869fa8a0f09cfca740837d9d # v1 diff --git a/.github/workflows/rollback.yml b/.github/workflows/rollback.yml index f1caec0..d0e697c 100644 --- a/.github/workflows/rollback.yml +++ b/.github/workflows/rollback.yml @@ -53,7 +53,7 @@ jobs: if: ${{ !inputs.dry-run }} runs-on: linux-arm64 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Slack Notification uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2 env: @@ -82,7 +82,7 @@ jobs: runs-on: linux-arm64 steps: - name: Checkout branch - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 2 @@ -96,7 +96,7 @@ jobs: echo "rollback_commit_sha=$ROLLBACK_COMMIT_SHA" >> "$GITHUB_OUTPUT" - name: Check out kube-manifests - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: repository: monta-app/kube-manifests path: 'kube-manifests' diff --git a/.github/workflows/semgrep-security-scan.yml b/.github/workflows/semgrep-security-scan.yml index 7d12389..a079614 100644 --- a/.github/workflows/semgrep-security-scan.yml +++ b/.github/workflows/semgrep-security-scan.yml @@ -28,7 +28,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 diff --git a/.github/workflows/sonar-cloud.yml b/.github/workflows/sonar-cloud.yml index 51eece8..41df8f6 100644 --- a/.github/workflows/sonar-cloud.yml +++ b/.github/workflows/sonar-cloud.yml @@ -54,7 +54,7 @@ jobs: runs-on: ${{ needs.setup.outputs.runner-name }} timeout-minutes: 30 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: # Shallow clones should be disabled for a better relevancy of analysis fetch-depth: 0 diff --git a/.github/workflows/track-pending-release.yml b/.github/workflows/track-pending-release.yml index ad48da5..b82bf68 100644 --- a/.github/workflows/track-pending-release.yml +++ b/.github/workflows/track-pending-release.yml @@ -21,7 +21,7 @@ jobs: timeout-minutes: 5 steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 # Need full history for comparison