From fb1cc35191aefe3dde6b0c4c6dee7ff6b25f8308 Mon Sep 17 00:00:00 2001
From: Morten Lied Johansen <morten.lied.johansen@nav.no>
Date: Mon, 5 Aug 2024 15:10:39 +0200
Subject: [PATCH] Update and pin/exclude versions of various github actions

---
 .github/workflows/main.yaml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 52510d7..cb1a78a 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -21,7 +21,7 @@ jobs:
     name: Version
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4 # ratchet:actions/checkout@v3
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # ratchet:actions/checkout@v4
       - name: Generate image environment variable
         id: set-image-tag
         run: |
@@ -47,11 +47,11 @@ jobs:
         with:
           cosign-release: 'v2.2.1'
       - name: Checkout
-        uses: actions/checkout@v4 # ratchet:actions/checkout@v3
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # ratchet:actions/checkout@v4
       - id: "auth"
         name: "Authenticate to Google Cloud"
         if: github.ref == 'refs/heads/main'
-        uses: "google-github-actions/auth@v2.1.3" # ratchet:google-github-actions/auth@v1.0.0
+        uses: "google-github-actions/auth@71fee32a0bb7e97b4d33d548e7d957010649d8fa" # ratchet:google-github-actions/auth@v2.1.3
         with:
           workload_identity_provider: ${{ secrets.NAIS_IO_WORKLOAD_IDENTITY_PROVIDER }}
           service_account: "gh-aiven-poke@nais-io.iam.gserviceaccount.com"
@@ -88,7 +88,7 @@ jobs:
         run: cosign sign --yes ${{ steps.imgdigest.outputs.digest }}
       - name: "Setup Python, Poetry and Dependencies"
         if: github.ref == 'refs/heads/main'
-        uses: packetcoders/action-setup-cache-python-poetry@main
+        uses: packetcoders/action-setup-cache-python-poetry@0d0be5577b30d85f3fa2d93a4beeda149520f120 # ratchet:packetcoders/action-setup-cache-python-poetry@v1.2.0
         with:
           python-version: 3.12
           poetry-version: 1.5.1
@@ -110,7 +110,7 @@ jobs:
     needs:
       - version
     steps:
-      - uses: actions/checkout@v4 # ratchet:actions/checkout@v3
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # ratchet:actions/checkout@v4
       - id: 'auth'
         if: github.ref == 'refs/heads/main'
         name: 'Authenticate to Google Cloud'
@@ -158,7 +158,7 @@ jobs:
     permissions:
       id-token: write
     steps:
-      - uses: nais/fasit-deploy@badff0705af8a57bcf0ab172895273da09ae5959 # ratchet:nais/fasit-deploy@v2
+      - uses: nais/fasit-deploy@v2 # ratchet:exclude
         with:
           chart: oci://${{ env.GOOGLE_REGISTRY }}/nais-io/nais/feature/${{ env.FEATURE }}
           version: ${{ needs.version.outputs.version }}