From 085f548333dd2a7065aa762b98fd55c69b06f620 Mon Sep 17 00:00:00 2001 From: Fabian Kammel Date: Wed, 20 Jul 2022 10:48:01 +0200 Subject: [PATCH] GitHub action pin-by-hash & dependabot (#283) * remove Sunday and Monday morning runs, little value * run test lint on main, as we do for all linters * fixup outdated instructions * use version hash instead of tags * use dependabot for github actions Signed-off-by: Fabian Kammel --- .github/actions/azure_login/action.yml | 2 +- .github/actions/build_cli/action.yml | 6 +++--- .github/actions/build_micro_service/action.yml | 8 ++++---- .github/actions/constellation_create/action.yml | 2 +- .github/actions/constellation_measure/action.yml | 2 +- .github/actions/gcp_login/action.yml | 4 ++-- .github/actions/pseudo_version/action.yml | 2 +- .github/actions/sonobuoy/action.yml | 4 ++-- .github/dependabot.yml | 6 ++++++ .github/docs/README.md | 6 +++--- .../templates/micro-service-image.yml.template | 11 ++++++----- .github/workflows/build-access-manager-image.yml | 2 +- .github/workflows/build-bootstrapper.yml | 4 ++-- .github/workflows/build-cli.yml | 2 +- .github/workflows/build-coreos-debug.yml | 11 ++++++----- .github/workflows/build-coreos.yml | 11 ++++++----- .github/workflows/build-joinservice-image.yml | 2 +- .github/workflows/build-kms-image.yml | 2 +- .github/workflows/build-micro-service-manual.yml | 2 +- .github/workflows/build-verification-service.yml | 2 +- .github/workflows/e2e-test-azure.yml | 4 ++-- .github/workflows/e2e-test-gcp.yml | 4 ++-- .github/workflows/e2e-test-manual.yml | 2 +- .github/workflows/test-integration.yml | 5 +++-- .github/workflows/test-lint.yml | 16 +++++++++++++--- .github/workflows/test-shellcheck.yml | 5 +++-- .github/workflows/test-unittest.yml | 5 +++-- .github/workflows/update-cli-reference.yml | 10 +++++----- 28 files changed, 82 insertions(+), 60 deletions(-) create mode 100644 .github/dependabot.yml diff --git a/.github/actions/azure_login/action.yml b/.github/actions/azure_login/action.yml index defdef998..1fe8829c6 100644 --- a/.github/actions/azure_login/action.yml +++ b/.github/actions/azure_login/action.yml @@ -24,6 +24,6 @@ runs: # As described at: # https://github.com/Azure/login#configure-deployment-credentials - name: Login to Azure - uses: azure/login@v1 + uses: azure/login@24848bc889cfc0a8313c2b3e378ac0d625b9bc16 with: creds: ${{ inputs.azure_credentials }} diff --git a/.github/actions/build_cli/action.yml b/.github/actions/build_cli/action.yml index 8d3f30387..dfe2ebef4 100644 --- a/.github/actions/build_cli/action.yml +++ b/.github/actions/build_cli/action.yml @@ -30,7 +30,7 @@ runs: # TODO: Replace with https://github.com/sigstore/sigstore-installer/tree/initial # once it has the functionality - name: Install Cosign - uses: sigstore/cosign-installer@main + uses: sigstore/cosign-installer@48866aa521d8bf870604709cd43ec2f602d03ff2 - name: Install Rekor run: | curl -LO https://github.com/sigstore/rekor/releases/download/v0.9.0/rekor-cli-linux-amd64 @@ -44,7 +44,7 @@ runs: shell: bash - name: Install Go - uses: actions/setup-go@v3 + uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a with: go-version: "1.18" - name: Build hack/pcr-reader @@ -90,7 +90,7 @@ runs: - name: Release CLI # GitHub endorsed release project. See: https://github.com/actions/create-release - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5 if: startsWith(github.ref, 'refs/tags/v') with: draft: true diff --git a/.github/actions/build_micro_service/action.yml b/.github/actions/build_micro_service/action.yml index e91fb499c..9d7407a5f 100644 --- a/.github/actions/build_micro_service/action.yml +++ b/.github/actions/build_micro_service/action.yml @@ -28,7 +28,7 @@ runs: - name: Docker metadata id: meta - uses: docker/metadata-action@v3 + uses: docker/metadata-action@b2391d37b4157fa4aa2e118d643f417910ff3242 with: images: | ghcr.io/${{ github.repository }}/${{ inputs.name }} @@ -40,11 +40,11 @@ runs: - name: Set up Docker Buildx id: docker-setup - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@f211e3e9ded2d9377c8cadc4489a4e38014bc4c9 - name: Log in to the Container registry id: docker-login - uses: docker/login-action@v1 + uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 with: registry: ghcr.io username: ${{ github.actor }} @@ -52,7 +52,7 @@ runs: - name: Build and push container image id: build-micro-service - uses: docker/build-push-action@v2 + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a with: context: . file: ${{ inputs.dockerfile }} diff --git a/.github/actions/constellation_create/action.yml b/.github/actions/constellation_create/action.yml index 5c067413d..dd4d110ea 100644 --- a/.github/actions/constellation_create/action.yml +++ b/.github/actions/constellation_create/action.yml @@ -61,7 +61,7 @@ runs: constellation create ${{ inputs.cloudProvider }} -c ${{ inputs.controlNodesCount }} -w ${{ inputs.workerNodesCount }} -t ${{ inputs.machineType }} --name e2e-test -y shell: bash - name: Upload constellation-state.json - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 with: name: constellation-state.json path: constellation-state.json diff --git a/.github/actions/constellation_measure/action.yml b/.github/actions/constellation_measure/action.yml index 690596f8b..68d71e794 100644 --- a/.github/actions/constellation_measure/action.yml +++ b/.github/actions/constellation_measure/action.yml @@ -60,7 +60,7 @@ runs: # TODO: Replace with https://github.com/sigstore/sigstore-installer/tree/initial # once it has the functionality - name: Install Cosign - uses: sigstore/cosign-installer@main + uses: sigstore/cosign-installer@48866aa521d8bf870604709cd43ec2f602d03ff2 if: ${{ inputs.cosignPublicKey != '' && inputs.cosignPrivateKey != '' && inputs.cosignPassword != '' }} - name: Install Rekor run: | diff --git a/.github/actions/gcp_login/action.yml b/.github/actions/gcp_login/action.yml index 80e20c77d..56dc9e327 100644 --- a/.github/actions/gcp_login/action.yml +++ b/.github/actions/gcp_login/action.yml @@ -10,11 +10,11 @@ runs: # As described at: # https://github.com/google-github-actions/setup-gcloud#service-account-key-json - name: Authorize GCP access - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@ceee102ec2387dd9e844e01b530ccd4ec87ce955 with: credentials_json: ${{ inputs.gcp_service_account_json }} - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v0 + uses: google-github-actions/setup-gcloud@877d4953d2c70a0ba7ef3290ae968eb24af233bb - name: Verify logged in run: gcloud info shell: bash diff --git a/.github/actions/pseudo_version/action.yml b/.github/actions/pseudo_version/action.yml index c967151cd..0e43c298f 100644 --- a/.github/actions/pseudo_version/action.yml +++ b/.github/actions/pseudo_version/action.yml @@ -8,7 +8,7 @@ runs: using: 'composite' steps: - name: Install Go - uses: actions/setup-go@v3 + uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a with: go-version: "1.18" - name: get pseudo version diff --git a/.github/actions/sonobuoy/action.yml b/.github/actions/sonobuoy/action.yml index 2e5ebdf33..6a135b563 100644 --- a/.github/actions/sonobuoy/action.yml +++ b/.github/actions/sonobuoy/action.yml @@ -28,13 +28,13 @@ runs: run: sonobuoy retrieve -x --kubeconfig constellation-admin.conf shell: bash - name: Upload test results - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 with: name: 'junit_01.xml' path: '**/junit_01.xml' if: ${{ always() && !env.ACT }} - name: Publish test results - uses: mikepenz/action-junit-report@v3 + uses: mikepenz/action-junit-report@1b47bb811362f3d8d753fc148cb7a13ec9e55570 if: ${{ !env.ACT }} with: report_paths: '**/junit_01.xml' diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..123014908 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,6 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" diff --git a/.github/docs/README.md b/.github/docs/README.md index b2e12ed6c..accc2fdeb 100644 --- a/.github/docs/README.md +++ b/.github/docs/README.md @@ -5,7 +5,7 @@ It is currently not possible to run a `workflow_dispatch` based workflow on a specific branch, while it is not yet available in `main` branch, from the WebUI. If you would like to test your pipeline changes on a branch, use the [GitHub CLI](https://github.com/cli/cli): ```bash -gh workflow run e2e-test.yml \ +gh workflow run e2e-test-manual.yml \ --ref feat/e2e_pipeline \ # On your specific branch! -F autoscale=false -F cloudProvider=gcp \ # With your ... -F controlNodesCount=1 -F workerNodesCount=2 \ # ... settings @@ -34,7 +34,7 @@ Using [nektos/act](https://github.com/nektos/act) you can run GitHub actions loc ### Specific Jobs ```bash -act -j e2e-test +act -j e2e-test-gcp ``` ### Simulate a `workflow_dispatch` event @@ -58,7 +58,7 @@ Create a new JSON file to describe the event ([relevant issue](https://github.co Then run act with the event as input: ```bash -act -j e2e-test --eventpath event.json +act -j e2e-test-manual --eventpath event.json ``` ### Authorizing GCP diff --git a/.github/templates/micro-service-image.yml.template b/.github/templates/micro-service-image.yml.template index e1fedaced..e577e48a4 100644 --- a/.github/templates/micro-service-image.yml.template +++ b/.github/templates/micro-service-image.yml.template @@ -20,11 +20,12 @@ jobs: contents: read packages: write steps: - - uses: actions/checkout@v1 + - name: Checkout + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Docker meta id: meta - uses: docker/metadata-action@v3 + uses: docker/metadata-action@b2391d37b4157fa4aa2e118d643f417910ff3242 with: images: | ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }} @@ -33,11 +34,11 @@ jobs: type=ref,event=branch - name: Set up Docker Buildx id: docker-setup - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@f211e3e9ded2d9377c8cadc4489a4e38014bc4c9 - name: Log in to the Container registry id: docker-login - uses: docker/login-action@v1 + uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -45,7 +46,7 @@ jobs: - name: Build and push constellation-{{ micro-service }} container image id: build-constellation-{{ micro-service }} - uses: docker/build-push-action@v2 + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a with: context: . file: {{ micro-service }}/Dockerfile diff --git a/.github/workflows/build-access-manager-image.yml b/.github/workflows/build-access-manager-image.yml index 9e195b13b..81a1ad072 100644 --- a/.github/workflows/build-access-manager-image.yml +++ b/.github/workflows/build-access-manager-image.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Check out repository id: checkout - uses: actions/checkout@v3 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Build and upload access-manager container image id: build-and-upload diff --git a/.github/workflows/build-bootstrapper.yml b/.github/workflows/build-bootstrapper.yml index fabaea097..92844488e 100644 --- a/.github/workflows/build-bootstrapper.yml +++ b/.github/workflows/build-bootstrapper.yml @@ -26,10 +26,10 @@ jobs: steps: - name: Checkout id: checkout - uses: actions/checkout@v2 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@f211e3e9ded2d9377c8cadc4489a4e38014bc4c9 - name: Install Dependencies id: prepare diff --git a/.github/workflows/build-cli.yml b/.github/workflows/build-cli.yml index 46f991cb1..36a522d5e 100644 --- a/.github/workflows/build-cli.yml +++ b/.github/workflows/build-cli.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Checkout id: checkout - uses: actions/checkout@v2 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Build cli uses: ./.github/actions/build_cli diff --git a/.github/workflows/build-coreos-debug.yml b/.github/workflows/build-coreos-debug.yml index 005856475..bf17e9c23 100644 --- a/.github/workflows/build-coreos-debug.yml +++ b/.github/workflows/build-coreos-debug.yml @@ -5,7 +5,7 @@ env: on: workflow_dispatch: jobs: - build-enclave: + build-coreos-debug: name: "Build CoreOS debug image using customized COSA" runs-on: [self-hosted, linux, nested-virt] permissions: @@ -23,14 +23,14 @@ jobs: steps: - name: Checkout id: checkout - uses: actions/checkout@v2 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b with: submodules: recursive token: ${{ secrets.CI_GITHUB_REPOSITORY }} - name: Log in to the Container registry id: docker-login - uses: docker/login-action@v1 + uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -45,12 +45,13 @@ jobs: rm azcopy.tar.gz echo "$(pwd)" >> $GITHUB_PATH - - uses: azure/login@v1 + - name: Login to Azure + uses: azure/login@24848bc889cfc0a8313c2b3e378ac0d625b9bc16 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Setup Go environment - uses: actions/setup-go@v2.2.0 + uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a with: go-version: "1.18" diff --git a/.github/workflows/build-coreos.yml b/.github/workflows/build-coreos.yml index c53a8b76c..6f308ac3f 100644 --- a/.github/workflows/build-coreos.yml +++ b/.github/workflows/build-coreos.yml @@ -33,7 +33,7 @@ on: required: true jobs: - build-enclave: + build-coreos: name: "Build CoreOS using customized COSA" runs-on: [self-hosted, linux, nested-virt] permissions: @@ -48,14 +48,14 @@ jobs: steps: - name: Checkout id: checkout - uses: actions/checkout@v2 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b with: submodules: recursive token: ${{ secrets.CI_GITHUB_REPOSITORY }} - name: Log in to the Container registry id: docker-login - uses: docker/login-action@v1 + uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -70,12 +70,13 @@ jobs: rm azcopy.tar.gz echo "$(pwd)" >> $GITHUB_PATH - - uses: azure/login@v1 + - name: Login to Azure + uses: azure/login@24848bc889cfc0a8313c2b3e378ac0d625b9bc16 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Setup Go environment - uses: actions/setup-go@v2.2.0 + uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a with: go-version: "1.18" diff --git a/.github/workflows/build-joinservice-image.yml b/.github/workflows/build-joinservice-image.yml index 65499783f..9ccba98f8 100644 --- a/.github/workflows/build-joinservice-image.yml +++ b/.github/workflows/build-joinservice-image.yml @@ -28,7 +28,7 @@ jobs: steps: - name: Check out repository id: checkout - uses: actions/checkout@v3 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Build and upload join-service container image id: build-and-upload diff --git a/.github/workflows/build-kms-image.yml b/.github/workflows/build-kms-image.yml index 824cfea88..b0e94e254 100644 --- a/.github/workflows/build-kms-image.yml +++ b/.github/workflows/build-kms-image.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Check out repository id: checkout - uses: actions/checkout@v3 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Build and upload KMS server container image id: build-and-upload diff --git a/.github/workflows/build-micro-service-manual.yml b/.github/workflows/build-micro-service-manual.yml index 18712529f..fb27305f4 100644 --- a/.github/workflows/build-micro-service-manual.yml +++ b/.github/workflows/build-micro-service-manual.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Check out repository id: checkout - uses: actions/checkout@v3 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # choose the correct Dockerfile depending on what micro-service is being build - name: Set Dockerfile variable diff --git a/.github/workflows/build-verification-service.yml b/.github/workflows/build-verification-service.yml index 56b5a7c53..e70e7382c 100644 --- a/.github/workflows/build-verification-service.yml +++ b/.github/workflows/build-verification-service.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Check out repository id: checkout - uses: actions/checkout@v3 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Build and upload verification-service container image id: build-and-upload diff --git a/.github/workflows/e2e-test-azure.yml b/.github/workflows/e2e-test-azure.yml index b8b0967d2..40f3c2349 100644 --- a/.github/workflows/e2e-test-azure.yml +++ b/.github/workflows/e2e-test-azure.yml @@ -3,7 +3,7 @@ name: e2e Test Azure on: workflow_dispatch: schedule: - - cron: '0 2 * * *' + - cron: '0 2 * * 2-6' jobs: e2e-test-azure: runs-on: [self-hosted, edgserver] @@ -12,7 +12,7 @@ jobs: options: --privileged steps: - name: Check out repository - uses: actions/checkout@v3 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b with: fetch-depth: 0 - name: Run Azure E2E test diff --git a/.github/workflows/e2e-test-gcp.yml b/.github/workflows/e2e-test-gcp.yml index 78951f9d6..de1f11bf5 100644 --- a/.github/workflows/e2e-test-gcp.yml +++ b/.github/workflows/e2e-test-gcp.yml @@ -3,7 +3,7 @@ name: e2e Test GCP on: workflow_dispatch: schedule: - - cron: '0 4 * * *' + - cron: '0 4 * * 2-6' jobs: e2e-test-gcp: runs-on: [self-hosted, edgserver] @@ -12,7 +12,7 @@ jobs: options: --privileged steps: - name: Check out repository - uses: actions/checkout@v3 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b with: fetch-depth: 0 - name: Run GCP E2E test diff --git a/.github/workflows/e2e-test-manual.yml b/.github/workflows/e2e-test-manual.yml index 6f9fd55f4..b51639a95 100644 --- a/.github/workflows/e2e-test-manual.yml +++ b/.github/workflows/e2e-test-manual.yml @@ -47,7 +47,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out repository - uses: actions/checkout@v3 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Run manual E2E test uses: ./.github/actions/e2e_test with: diff --git a/.github/workflows/test-integration.yml b/.github/workflows/test-integration.yml index 0c8d0c5b4..e002294eb 100644 --- a/.github/workflows/test-integration.yml +++ b/.github/workflows/test-integration.yml @@ -19,9 +19,10 @@ jobs: GOPRIVATE: github.com/edgelesssys/* CTEST_OUTPUT_ON_FAILURE: True steps: - - uses: actions/checkout@v2 + - name: Checkout + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Setup Go environment - uses: actions/setup-go@v2.1.4 + uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a with: go-version: "1.18" diff --git a/.github/workflows/test-lint.yml b/.github/workflows/test-lint.yml index d12baa599..ad6255db1 100644 --- a/.github/workflows/test-lint.yml +++ b/.github/workflows/test-lint.yml @@ -1,6 +1,9 @@ name: Golangci-lint on: + push: + branches: + - main pull_request: permissions: @@ -20,12 +23,19 @@ jobs: env: GOPRIVATE: github.com/edgelesssys/* steps: - - uses: actions/checkout@v2 + - name: Checkout + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Install Dependencies run: sudo apt-get update && sudo apt-get -y install libcryptsetup-dev - - name: golangci-lint - uses: golangci/golangci-lint-action@v2 + - name: Setup Go environment + uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a with: + go-version: "1.18" + + - name: golangci-lint + uses: golangci/golangci-lint-action@537aa1903e5d359d0b27dbc19ddd22c5087f3fbc + with: + # show only new issues if it's a pull request only-new-issues: true diff --git a/.github/workflows/test-shellcheck.yml b/.github/workflows/test-shellcheck.yml index f54597f0f..9bb835ca4 100644 --- a/.github/workflows/test-shellcheck.yml +++ b/.github/workflows/test-shellcheck.yml @@ -15,9 +15,10 @@ jobs: name: Shellcheck runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - name: Checkout + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Run ShellCheck - uses: ludeeus/action-shellcheck@master + uses: ludeeus/action-shellcheck@94e0aab03ca135d11a35e5bfc14e6746dc56e7e9 with: severity: error ignore_names: merge_config.sh diff --git a/.github/workflows/test-unittest.yml b/.github/workflows/test-unittest.yml index 0e3f2b277..54862e190 100644 --- a/.github/workflows/test-unittest.yml +++ b/.github/workflows/test-unittest.yml @@ -19,10 +19,11 @@ jobs: GOPRIVATE: github.com/edgelesssys/* CTEST_OUTPUT_ON_FAILURE: True steps: - - uses: actions/checkout@v2 + - name: Checkout + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Set up Go - uses: actions/setup-go@v2 + uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a with: go-version: 1.18 diff --git a/.github/workflows/update-cli-reference.yml b/.github/workflows/update-cli-reference.yml index 9036937e7..fc131e8fd 100644 --- a/.github/workflows/update-cli-reference.yml +++ b/.github/workflows/update-cli-reference.yml @@ -10,19 +10,19 @@ jobs: steps: - name: Checkout Constellation - uses: actions/checkout@v3 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b with: path: constellation - name: Checkout docs - uses: actions/checkout@v3 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b with: repository: edgelesssys/constellation-docs token: ${{ secrets.CI_GITHUB_REPOSITORY }} path: docs - name: Set up Go - uses: actions/setup-go@v2 + uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a with: go-version: 1.18 @@ -44,7 +44,7 @@ jobs: - name: Publish new reference (create new branch) if: ${{ env.EXISTS == 0 }} - uses: dmnemec/copy_file_to_another_repo_action@v1.1.1 + uses: dmnemec/copy_file_to_another_repo_action@c93037aa10fa8893de271f19978c980d0c1a9b37 env: API_TOKEN_GITHUB: ${{ secrets.CI_GITHUB_REPOSITORY }} with: @@ -58,7 +58,7 @@ jobs: - name: Publish new reference (update branch) if: ${{ env.EXISTS == 1 }} - uses: dmnemec/copy_file_to_another_repo_action@v1.1.1 + uses: dmnemec/copy_file_to_another_repo_action@c93037aa10fa8893de271f19978c980d0c1a9b37 env: API_TOKEN_GITHUB: ${{ secrets.CI_GITHUB_REPOSITORY }} with: