Skip to content

Commit 73c4621

Browse files
authored
Merge pull request #290 from com-pas/feat/harden-github-actions
fix: update GitHub Actions to specific commit versions
2 parents b4db5c2 + eff9119 commit 73c4621

5 files changed

Lines changed: 17 additions & 17 deletions

File tree

.github/workflows/auto-alignment-aws.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,10 +15,10 @@ jobs:
1515
environment: aws
1616
steps:
1717
- name: checkout
18-
uses: actions/checkout@v6
18+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6
1919

2020
- name: Configure AWS credentials
21-
uses: aws-actions/configure-aws-credentials@v6
21+
uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 #v6
2222
with:
2323
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
2424
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -32,7 +32,7 @@ jobs:
3232
key-path: '["services", "scl-auto-alignment", "image"]'
3333
- name: Render CoMPAS OpenSCD Container
3434
id: render-auto-alignment
35-
uses: aws-actions/amazon-ecs-render-task-definition@v1
35+
uses: aws-actions/amazon-ecs-render-task-definition@6b89923a897d41e9ad789181d8865b532ecf973c #v1
3636
with:
3737
task-definition: ${{ github.workspace }}/aws/task-definitions/compas-auto-alignment.json
3838
container-name: CoMPAS-Scl-Auto-Alignment
@@ -42,7 +42,7 @@ jobs:
4242
JWT_VERIFY_ISSUER=${{ secrets.JWT_VERIFY_ISSUER }}
4343
4444
- name: Deploy to Amazon ECS service
45-
uses: aws-actions/amazon-ecs-deploy-task-definition@v2
45+
uses: aws-actions/amazon-ecs-deploy-task-definition@cbf54ec46642b86ff78c2f5793da6746954cf8ff #v2
4646
with:
4747
task-definition: ${{ steps.render-auto-alignment.outputs.task-definition }}
4848
service: scl-auto-alignment

.github/workflows/cim-mapping-aws.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,10 +15,10 @@ jobs:
1515
environment: aws
1616
steps:
1717
- name: checkout
18-
uses: actions/checkout@v6
18+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6
1919

2020
- name: Configure AWS credentials
21-
uses: aws-actions/configure-aws-credentials@v6
21+
uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 #v6
2222
with:
2323
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
2424
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -32,7 +32,7 @@ jobs:
3232
key-path: '["services", "cim-mapping", "image"]'
3333
- name: Render CoMPAS OpenSCD Container
3434
id: render-cim-mapping
35-
uses: aws-actions/amazon-ecs-render-task-definition@v1
35+
uses: aws-actions/amazon-ecs-render-task-definition@6b89923a897d41e9ad789181d8865b532ecf973c #v1
3636
with:
3737
task-definition: ${{ github.workspace }}/aws/task-definitions/compas-cim-mapping.json
3838
container-name: CoMPAS-Cim-Mapping
@@ -42,7 +42,7 @@ jobs:
4242
JWT_VERIFY_ISSUER=${{ secrets.JWT_VERIFY_ISSUER }}
4343
4444
- name: Deploy to Amazon ECS service
45-
uses: aws-actions/amazon-ecs-deploy-task-definition@v2
45+
uses: aws-actions/amazon-ecs-deploy-task-definition@cbf54ec46642b86ff78c2f5793da6746954cf8ff #v2
4646
with:
4747
task-definition: ${{ steps.render-cim-mapping.outputs.task-definition }}
4848
service: Compas-Cim-Mapping

.github/workflows/compas-openscd-aws.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,10 +15,10 @@ jobs:
1515
environment: aws
1616
steps:
1717
- name: checkout
18-
uses: actions/checkout@v6
18+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6
1919

2020
- name: Configure AWS credentials
21-
uses: aws-actions/configure-aws-credentials@v6
21+
uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 #v6
2222
with:
2323
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
2424
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -32,14 +32,14 @@ jobs:
3232
key-path: '["services", "open-scd", "image"]'
3333
- name: Render CoMPAS OpenSCD Container
3434
id: render-compas-openscd
35-
uses: aws-actions/amazon-ecs-render-task-definition@v1
35+
uses: aws-actions/amazon-ecs-render-task-definition@6b89923a897d41e9ad789181d8865b532ecf973c #v1
3636
with:
3737
task-definition: ${{ github.workspace }}/aws/task-definitions/compas-openscd.json
3838
container-name: CoMPAS-OpenSCD
3939
image: ${{ steps.read_docker_compose.outputs.data }}
4040

4141
- name: Deploy to Amazon ECS service
42-
uses: aws-actions/amazon-ecs-deploy-task-definition@v2
42+
uses: aws-actions/amazon-ecs-deploy-task-definition@cbf54ec46642b86ff78c2f5793da6746954cf8ff #v2
4343
with:
4444
task-definition: ${{ steps.render-compas-openscd.outputs.task-definition }}
4545
service: CoMPAS-Open-SCD

.github/workflows/data-service-aws.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,10 +15,10 @@ jobs:
1515
environment: aws
1616
steps:
1717
- name: checkout
18-
uses: actions/checkout@v6
18+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6
1919

2020
- name: Configure AWS credentials
21-
uses: aws-actions/configure-aws-credentials@v6
21+
uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 #v6
2222
with:
2323
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
2424
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -32,7 +32,7 @@ jobs:
3232
key-path: '["services", "scl-data-service", "image"]'
3333
- name: Render CoMPAS SCL Data Service Container
3434
id: render-scl-data-service
35-
uses: aws-actions/amazon-ecs-render-task-definition@v1
35+
uses: aws-actions/amazon-ecs-render-task-definition@6b89923a897d41e9ad789181d8865b532ecf973c #v1
3636
with:
3737
task-definition: ${{ github.workspace }}/aws/task-definitions/compas-scl-data-service.json
3838
container-name: CoMPAS-Scl-Data-Service
@@ -47,7 +47,7 @@ jobs:
4747
4848
- name: Modify Amazon ECS task definition with postgres container
4949
id: render-postgres
50-
uses: aws-actions/amazon-ecs-render-task-definition@v1
50+
uses: aws-actions/amazon-ecs-render-task-definition@6b89923a897d41e9ad789181d8865b532ecf973c #v1
5151
with:
5252
task-definition: ${{ steps.render-scl-data-service.outputs.task-definition }}
5353
container-name: Postgresql

.github/workflows/release-please.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ jobs:
1616
release-please:
1717
runs-on: ubuntu-latest
1818
steps:
19-
- uses: google-github-actions/release-please-action@v4
19+
- uses: google-github-actions/release-please-action@e4dc86ba9405554aeba3c6bb2d169500e7d3b4ee #v4
2020
with:
2121
release-type: simple
2222
package-name: compas-deployment

0 commit comments

Comments
 (0)