Skip to content

Commit badd27c

Browse files
Pin dependencies
1 parent 5ad365d commit badd27c

8 files changed

Lines changed: 27 additions & 27 deletions

.github/workflows/catalog-openstack-operator-upgrades.yaml

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -29,34 +29,34 @@ jobs:
2929
runs-on: ubuntu-latest
3030
steps:
3131
- name: Install Go
32-
uses: actions/setup-go@v4
32+
uses: actions/setup-go@7b8cf10d4e4a01d4992d18a89f4d7dc5a3e6d6f4 # v4
3333
with:
3434
go-version: ${{ inputs.go_version }}
3535
cache: false
3636
- name: Checkout openstack-operator repository
37-
uses: actions/checkout@v4
37+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
3838
with:
3939
path: ./openstack-operator
4040
- name: Get branch name
4141
id: branch-name
42-
uses: tj-actions/branch-names@v9
42+
uses: tj-actions/branch-names@5250492686b253f06fa55861556d1027b067aeb5 # v9
4343
- name: Set latest tag for non main branch
4444
if: "${{ steps.branch-name.outputs.current_branch != 'main' }}"
4545
run: |
4646
echo "latesttag=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV
4747
- name: Install opm
48-
uses: redhat-actions/openshift-tools-installer@v1
48+
uses: redhat-actions/openshift-tools-installer@144527c7d98999f2652264c048c7a9bd103f8a82 # v1
4949
with:
5050
source: github
5151
opm: 'latest'
5252
- name: Log in to Quay Registry
53-
uses: redhat-actions/podman-login@v1
53+
uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1
5454
with:
5555
registry: ${{ env.imageregistry }}
5656
username: ${{ secrets.QUAY_USERNAME }}
5757
password: ${{ secrets.QUAY_PASSWORD }}
5858
- name: Log in to Red Hat Registry
59-
uses: redhat-actions/podman-login@v1
59+
uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1
6060
with:
6161
registry: registry.redhat.io
6262
username: ${{ secrets.REDHATIO_USERNAME }}
@@ -72,14 +72,14 @@ jobs:
7272
BUNDLE: ${{ env.imageregistry }}/${{ env.imagenamespace }}/openstack-operator-bundle:${{ github.sha }}
7373
- name: Buildah Action
7474
id: build-operator-index-upgrade
75-
uses: redhat-actions/buildah-build@v2
75+
uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2
7676
with:
7777
image: openstack-operator-index-upgrade
7878
tags: ${{ env.latesttag }} ${{ github.sha }}
7979
containerfiles: |
8080
./catalog.Dockerfile
8181
- name: Push openstack-operator-index-upgrade To ${{ env.imageregistry }}
82-
uses: redhat-actions/push-to-registry@v2
82+
uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2
8383
with:
8484
image: ${{ steps.build-operator-index-upgrade.outputs.image }}
8585
tags: ${{ steps.build-operator-index-upgrade.outputs.tags }}

.github/workflows/codeql.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -52,11 +52,11 @@ jobs:
5252
# your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
5353
steps:
5454
- name: Checkout repository
55-
uses: actions/checkout@v4
55+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
5656

5757
# Initializes the CodeQL tools for scanning.
5858
- name: Initialize CodeQL
59-
uses: github/codeql-action/init@v3
59+
uses: github/codeql-action/init@dd903d2e4f5405488e5ef1422510ee31c8b32357 # v3
6060
with:
6161
languages: ${{ matrix.language }}
6262
build-mode: ${{ matrix.build-mode }}
@@ -84,6 +84,6 @@ jobs:
8484
exit 1
8585
8686
- name: Perform CodeQL Analysis
87-
uses: github/codeql-action/analyze@v3
87+
uses: github/codeql-action/analyze@dd903d2e4f5405488e5ef1422510ee31c8b32357 # v3
8888
with:
8989
category: "/language:${{matrix.language}}"

.github/workflows/crd-size-badge.yaml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -18,12 +18,12 @@ jobs:
1818
runs-on: ubuntu-latest
1919
steps:
2020
- name: Checkout
21-
uses: actions/checkout@v4
21+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
2222
with:
2323
ref: ${{ github.event.pull_request.head.sha || github.sha }}
2424

2525
- name: Install yq
26-
uses: mikefarah/yq@v4
26+
uses: mikefarah/yq@1b9b4ac5187171d2e5e3129be0cfa827c7f9d53d # v4
2727

2828
- name: Compute CRD JSON size
2929
id: size
@@ -68,7 +68,7 @@ jobs:
6868
6969
- name: Find existing comment
7070
if: github.event_name == 'pull_request_target'
71-
uses: peter-evans/find-comment@v3
71+
uses: peter-evans/find-comment@3eae4d37986fb5a8592848f6a574fdf654e61f9e # v3
7272
id: find_comment
7373
with:
7474
issue-number: ${{ github.event.pull_request.number }}
@@ -77,7 +77,7 @@ jobs:
7777

7878
- name: Post or update PR comment
7979
if: github.event_name == 'pull_request_target'
80-
uses: peter-evans/create-or-update-comment@v4
80+
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4
8181
with:
8282
comment-id: ${{ steps.find_comment.outputs.comment-id }}
8383
issue-number: ${{ github.event.pull_request.number }}
@@ -107,7 +107,7 @@ jobs:
107107
108108
- name: Update badge gist
109109
if: github.event_name == 'push'
110-
uses: schneegans/dynamic-badges-action@v1.7.0
110+
uses: schneegans/dynamic-badges-action@0e50b8bad39e7e1afd3e4e9c2b7dd145fad07501 # v1.8.0
111111
with:
112112
auth: ${{ secrets.GIST_SECRET }}
113113
gistID: ${{ vars.GIST_ID }}

.github/workflows/crd-sync-check.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ jobs:
3232
echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT
3333
3434
- name: Checkout repository
35-
uses: actions/checkout@v4
35+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
3636
with:
3737
ref: ${{ steps.set_branch.outputs.branch_name }}
3838

.github/workflows/docs.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,16 +19,16 @@ jobs:
1919
runs-on: ubuntu-latest
2020
steps:
2121
- name: Install Go
22-
uses: actions/setup-go@v3
22+
uses: actions/setup-go@be3c94b385c4f180051c996d336f57a34c397495 # v3
2323
with:
2424
go-version: 1.24.x
25-
- uses: actions/checkout@v4
25+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
2626
with:
2727
# this fetches all branches. Needed because we need gh-pages branch for deploy to work
2828
fetch-depth: 0
2929
- uses: ruby/setup-ruby@v1
3030
with:
31-
ruby-version: '3.2'
31+
ruby-version: '3.4.9'
3232

3333
- name: Install Asciidoc
3434
run: make docs-dependencies

.github/workflows/kustom.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,10 +14,10 @@ jobs:
1414
runs-on: ubuntu-latest
1515
steps:
1616
- name: Install Go
17-
uses: actions/setup-go@v3
17+
uses: actions/setup-go@be3c94b385c4f180051c996d336f57a34c397495 # v3
1818
with:
1919
go-version: 1.24.x
20-
- uses: actions/checkout@v4
20+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
2121
with:
2222
# this fetches all branches. Needed because we need gh-pages branch for deploy to work
2323
fetch-depth: 0

.github/workflows/lints.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ jobs:
88
runs-on: ubuntu-latest
99
steps:
1010
- name: Checkout project code
11-
uses: actions/checkout@v4
11+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
1212
- name: check for replace lines in go.mod files
1313
run: |
1414
! egrep --invert-match -e '^replace.*/apis => \./apis|^replace.*//allow-merging$' `find . -name 'go.mod'` | egrep -e 'go.mod:replace'

.github/workflows/release-openstack-operator.yaml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,10 +15,10 @@ jobs:
1515
runs-on: ubuntu-latest
1616

1717
steps:
18-
- uses: actions/checkout@v2
18+
- uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2
1919

2020
- name: Tag image
21-
uses: tinact/docker.image-retag@1.0.2
21+
uses: tinact/docker.image-retag@684702232e2a3c29b4e5ca25d7d80f927d255c64 # 1.0.3
2222
with:
2323
image_name: ${{ env.imagenamespace }}/
2424
image_old_tag: ${{ github.sha }}
@@ -28,7 +28,7 @@ jobs:
2828
registry_password: ${{ secrets.QUAY_PASSWORD }}
2929

3030
- name: Tag -bundle image
31-
uses: tinact/docker.image-retag@1.0.2
31+
uses: tinact/docker.image-retag@684702232e2a3c29b4e5ca25d7d80f927d255c64 # 1.0.3
3232
with:
3333
image_name: ${{ env.imagenamespace }}/-bundle
3434
image_old_tag: ${{ github.sha }}
@@ -38,7 +38,7 @@ jobs:
3838
registry_password: ${{ secrets.QUAY_PASSWORD }}
3939

4040
- name: Tag -index image
41-
uses: tinact/docker.image-retag@1.0.2
41+
uses: tinact/docker.image-retag@684702232e2a3c29b4e5ca25d7d80f927d255c64 # 1.0.3
4242
with:
4343
image_name: ${{ env.imagenamespace }}/-index
4444
image_old_tag: ${{ github.sha }}

0 commit comments

Comments
 (0)