From 03914927eb0cec7d63cae321a5d14b6341ec451f Mon Sep 17 00:00:00 2001 From: Marius Brehler Date: Wed, 14 Feb 2024 12:17:10 +0100 Subject: [PATCH] Pin actions with hash (#34) Instead of specifing actions with a tag, this pins the actions to the corresponding commit hash. --- .github/workflows/build_and_deploy_docu.yml | 4 ++-- .github/workflows/code_coverage.yml | 4 ++-- .github/workflows/lint.yml | 4 ++-- .github/workflows/tests.yml | 12 ++++++------ 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build_and_deploy_docu.yml b/.github/workflows/build_and_deploy_docu.yml index 914dd40..03f5866 100644 --- a/.github/workflows/build_and_deploy_docu.yml +++ b/.github/workflows/build_and_deploy_docu.yml @@ -16,9 +16,9 @@ jobs: name: Build and deploy Docu runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: '3.10' diff --git a/.github/workflows/code_coverage.yml b/.github/workflows/code_coverage.yml index e655d00..2ad2b66 100644 --- a/.github/workflows/code_coverage.yml +++ b/.github/workflows/code_coverage.yml @@ -18,9 +18,9 @@ jobs: name: Code Coverage runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: '3.10' diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 1b990fe..de318a5 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -20,9 +20,9 @@ jobs: name: Lint Check runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: '3.10' diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 20b07eb..c15f9bc 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -18,9 +18,9 @@ jobs: name: Unit Tests runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: '3.10' @@ -34,7 +34,7 @@ jobs: - name: Run Unit Tests run: python3 -m xmlrunner discover -s tests/unit_test -v -o tmp/build/unittest-reports - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: Unit Test results path: tmp/build/unittest-reports/*.xml @@ -43,9 +43,9 @@ jobs: name: Integration Tests runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: '3.10' @@ -59,7 +59,7 @@ jobs: - name: Run Unit Tests run: python3 -m xmlrunner discover -s tests/integration_tests -v -o tmp/build/integrationtest-reports - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: Integration Test results path: tmp/build/integrationtest-reports/*.xml