Skip to content

Commit ae5b06c

Browse files
ci: pin GitHub Actions to commit SHAs (#156)
1 parent 7a450fe commit ae5b06c

2 files changed

Lines changed: 15 additions & 15 deletions

File tree

.github/workflows/publish.yaml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -8,12 +8,12 @@ jobs:
88
runs-on: ubuntu-latest
99

1010
steps:
11-
- uses: actions/checkout@v4
11+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
1212
with:
1313
fetch-depth: 0
1414
persist-credentials: false
1515
- name: Set up Python
16-
uses: actions/setup-python@v5
16+
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
1717
with:
1818
python-version: "3.12"
1919
- name: Install tox
@@ -23,7 +23,7 @@ jobs:
2323
run: |-
2424
tox -e build
2525
- name: Store the distribution packages
26-
uses: actions/upload-artifact@v4
26+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
2727
with:
2828
name: python-package-distributions
2929
path: dist/
@@ -42,11 +42,11 @@ jobs:
4242
id-token: write # IMPORTANT: mandatory for trusted publishing
4343
steps:
4444
- name: Download all the dists
45-
uses: actions/download-artifact@v4
45+
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
4646
with:
4747
name: python-package-distributions
4848
path: dist/
4949
- name: Publish distribution 📦 to PyPI
50-
uses: pypa/gh-action-pypi-publish@release/v1
50+
uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # release/v1
5151
with:
5252
password: ${{ secrets.PYPI_TOKEN }}

.github/workflows/tests.yaml

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -6,13 +6,13 @@ on:
66
jobs:
77
call-inclusive-naming-check:
88
name: Inclusive naming
9-
uses: canonical/inclusive-naming/.github/workflows/woke.yaml@main
9+
uses: canonical/inclusive-naming/.github/workflows/woke.yaml@7aa0f7a606f182bd03a7adb28e0d710216101ca5 # main
1010
with:
1111
fail-on-error: "true"
1212

1313
lint-unit:
1414
name: Lint Unit
15-
uses: charmed-kubernetes/workflows/.github/workflows/lint-unit.yaml@main
15+
uses: charmed-kubernetes/workflows/.github/workflows/lint-unit.yaml@6ee58c37d404effad4598ce7b523dbaf0cb99285 # main
1616
with:
1717
with-uv: true
1818
python: "['3.8', '3.9', '3.10', '3.11', '3.12']"
@@ -28,15 +28,15 @@ jobs:
2828
juju: ['2.9']
2929
steps:
3030
- name: Check out code
31-
uses: actions/checkout@v4
31+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
3232

3333
- name: Setup Python
34-
uses: actions/setup-python@v5
34+
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
3535
with:
3636
python-version: '3.10'
3737

3838
- name: Setup operator test environment
39-
uses: charmed-kubernetes/actions-operator@main
39+
uses: charmed-kubernetes/actions-operator@ea90ed489690bf3b1c1fcca6ac5f9edab70aecb0 # main
4040
with:
4141
charm-channel: 3.x/stable
4242
juju-channel: ${{ matrix.juju }}/stable
@@ -54,7 +54,7 @@ jobs:
5454
5555
- name: Upload debug artifacts
5656
if: ${{ failure() }}
57-
uses: actions/upload-artifact@v4
57+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
5858
with:
5959
name: test-run-artifacts-${{ matrix.juju }}
6060
path: tmp
@@ -69,15 +69,15 @@ jobs:
6969
juju: ['3.1', '3']
7070
steps:
7171
- name: Check out code
72-
uses: actions/checkout@v4
72+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
7373

7474
- name: Setup Python
75-
uses: actions/setup-python@v5
75+
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
7676
with:
7777
python-version: '3.10'
7878

7979
- name: Setup operator test environment
80-
uses: charmed-kubernetes/actions-operator@main
80+
uses: charmed-kubernetes/actions-operator@ea90ed489690bf3b1c1fcca6ac5f9edab70aecb0 # main
8181
with:
8282
charm-channel: 3.x/stable
8383
juju-channel: ${{ matrix.juju }}/stable
@@ -95,7 +95,7 @@ jobs:
9595
9696
- name: Upload debug artifacts
9797
if: ${{ failure() }}
98-
uses: actions/upload-artifact@v4
98+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
9999
with:
100100
name: test-run-artifacts-${{ matrix.juju }}
101101
path: tmp

0 commit comments

Comments
 (0)