mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
deps: update GitHub action dependencies (#2437)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
This commit is contained in:
parent
0f5039f2e9
commit
a1c84cb080
@ -62,7 +62,7 @@ runs:
|
|||||||
|
|
||||||
- name: Build and push container image
|
- name: Build and push container image
|
||||||
id: build-micro-service
|
id: build-micro-service
|
||||||
uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1
|
uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1
|
||||||
with:
|
with:
|
||||||
context: .
|
context: .
|
||||||
file: ${{ inputs.dockerfile }}
|
file: ${{ inputs.dockerfile }}
|
||||||
|
@ -200,7 +200,7 @@ runs:
|
|||||||
- name: Upload boot logs
|
- name: Upload boot logs
|
||||||
if: always() && !env.ACT
|
if: always() && !env.ACT
|
||||||
continue-on-error: true
|
continue-on-error: true
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: serial-logs-${{ inputs.artifactNameSuffix }}
|
name: serial-logs-${{ inputs.artifactNameSuffix }}
|
||||||
path: |
|
path: |
|
||||||
|
10
.github/actions/e2e_benchmark/action.yml
vendored
10
.github/actions/e2e_benchmark/action.yml
vendored
@ -23,7 +23,7 @@ runs:
|
|||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Setup python
|
- name: Setup python
|
||||||
uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
|
uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1
|
||||||
with:
|
with:
|
||||||
python-version: "3.10"
|
python-version: "3.10"
|
||||||
|
|
||||||
@ -39,7 +39,7 @@ runs:
|
|||||||
install kubestr /usr/local/bin
|
install kubestr /usr/local/bin
|
||||||
|
|
||||||
- name: Checkout k8s-bench-suite
|
- name: Checkout k8s-bench-suite
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
repository: "edgelesssys/k8s-bench-suite"
|
repository: "edgelesssys/k8s-bench-suite"
|
||||||
@ -93,7 +93,7 @@ runs:
|
|||||||
|
|
||||||
- name: Upload raw FIO benchmark results
|
- name: Upload raw FIO benchmark results
|
||||||
if: (!env.ACT)
|
if: (!env.ACT)
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
path: "out/fio-constellation-${{ inputs.cloudProvider }}.json"
|
path: "out/fio-constellation-${{ inputs.cloudProvider }}.json"
|
||||||
name: "fio-constellation-${{ inputs.cloudProvider }}.json"
|
name: "fio-constellation-${{ inputs.cloudProvider }}.json"
|
||||||
@ -114,7 +114,7 @@ runs:
|
|||||||
|
|
||||||
- name: Upload raw knb benchmark results
|
- name: Upload raw knb benchmark results
|
||||||
if: (!env.ACT)
|
if: (!env.ACT)
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
path: "out/knb-constellation-${{ inputs.cloudProvider }}.json"
|
path: "out/knb-constellation-${{ inputs.cloudProvider }}.json"
|
||||||
name: "knb-constellation-${{ inputs.cloudProvider }}.json"
|
name: "knb-constellation-${{ inputs.cloudProvider }}.json"
|
||||||
@ -166,7 +166,7 @@ runs:
|
|||||||
|
|
||||||
- name: Upload benchmark results to action run
|
- name: Upload benchmark results to action run
|
||||||
if: (!env.ACT)
|
if: (!env.ACT)
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
path: |
|
path: |
|
||||||
benchmarks/constellation-${{ inputs.cloudProvider }}.json
|
benchmarks/constellation-${{ inputs.cloudProvider }}.json
|
||||||
|
2
.github/actions/e2e_sonobuoy/action.yml
vendored
2
.github/actions/e2e_sonobuoy/action.yml
vendored
@ -44,7 +44,7 @@ runs:
|
|||||||
|
|
||||||
- name: Upload test results
|
- name: Upload test results
|
||||||
if: always() && !env.ACT
|
if: always() && !env.ACT
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: "sonobuoy-logs-${{ inputs.artifactNameSuffix }}.tar.gz"
|
name: "sonobuoy-logs-${{ inputs.artifactNameSuffix }}.tar.gz"
|
||||||
path: "*_sonobuoy_*.tar.gz"
|
path: "*_sonobuoy_*.tar.gz"
|
||||||
|
@ -10,7 +10,7 @@ runs:
|
|||||||
using: "composite"
|
using: "composite"
|
||||||
steps:
|
steps:
|
||||||
- name: Upload artifact
|
- name: Upload artifact
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
|
||||||
with:
|
with:
|
||||||
name: terraform-logs-${{ inputs.artifactNameSuffix }}
|
name: terraform-logs-${{ inputs.artifactNameSuffix }}
|
||||||
path: terraform.log
|
path: terraform.log
|
||||||
|
@ -11,7 +11,7 @@ jobs:
|
|||||||
runs-on: ubuntu-22.04
|
runs-on: ubuntu-22.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ github.head_ref }}
|
ref: ${{ github.head_ref }}
|
||||||
path: constellation
|
path: constellation
|
||||||
@ -50,7 +50,7 @@ jobs:
|
|||||||
echo "ovmfPath=${ovmfPath}" | tee -a "$GITHUB_OUTPUT"
|
echo "ovmfPath=${ovmfPath}" | tee -a "$GITHUB_OUTPUT"
|
||||||
popd || exit 1
|
popd || exit 1
|
||||||
|
|
||||||
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
repository: virtee/sev-snp-measure-go.git
|
repository: virtee/sev-snp-measure-go.git
|
||||||
ref: e42b6f8991ed5a671d5d1e02a6b61f6373f9f8d8
|
ref: e42b6f8991ed5a671d5d1e02a6b61f6373f9f8d8
|
||||||
|
4
.github/workflows/build-bazel-container.yml
vendored
4
.github/workflows/build-bazel-container.yml
vendored
@ -17,7 +17,7 @@ jobs:
|
|||||||
packages: write
|
packages: write
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
|
|
||||||
- name: Determine version
|
- name: Determine version
|
||||||
id: version
|
id: version
|
||||||
@ -48,7 +48,7 @@ jobs:
|
|||||||
password: ${{ secrets.GITHUB_TOKEN }}
|
password: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
- name: Build and push container image
|
- name: Build and push container image
|
||||||
uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1
|
uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1
|
||||||
with:
|
with:
|
||||||
context: ./bazel/container
|
context: ./bazel/container
|
||||||
file: ./bazel/container/Containerfile
|
file: ./bazel/container/Containerfile
|
||||||
|
2
.github/workflows/build-binaries.yml
vendored
2
.github/workflows/build-binaries.yml
vendored
@ -22,7 +22,7 @@ jobs:
|
|||||||
runs-on: [self-hosted, bazel-cached]
|
runs-on: [self-hosted, bazel-cached]
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
10
.github/workflows/build-ccm-gcp.yml
vendored
10
.github/workflows/build-ccm-gcp.yml
vendored
@ -19,10 +19,10 @@ jobs:
|
|||||||
latest: ${{ steps.find-latest.outputs.latest }}
|
latest: ${{ steps.find-latest.outputs.latest }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout Constellation
|
- name: Checkout Constellation
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
|
|
||||||
- name: Checkout kubernetes/cloud-provider-gcp
|
- name: Checkout kubernetes/cloud-provider-gcp
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
repository: "kubernetes/cloud-provider-gcp"
|
repository: "kubernetes/cloud-provider-gcp"
|
||||||
path: "cloud-provider-gcp"
|
path: "cloud-provider-gcp"
|
||||||
@ -65,10 +65,10 @@ jobs:
|
|||||||
version: ${{ fromJson(needs.find-ccm-versions.outputs.versions) }}
|
version: ${{ fromJson(needs.find-ccm-versions.outputs.versions) }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout Constellation
|
- name: Checkout Constellation
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
|
|
||||||
- name: Checkout kubernetes/cloud-provider-gcp
|
- name: Checkout kubernetes/cloud-provider-gcp
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
repository: "kubernetes/cloud-provider-gcp"
|
repository: "kubernetes/cloud-provider-gcp"
|
||||||
path: "cloud-provider-gcp"
|
path: "cloud-provider-gcp"
|
||||||
@ -113,7 +113,7 @@ jobs:
|
|||||||
|
|
||||||
- name: Build and push container image
|
- name: Build and push container image
|
||||||
id: build
|
id: build
|
||||||
uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1
|
uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1
|
||||||
with:
|
with:
|
||||||
context: ./cloud-provider-gcp
|
context: ./cloud-provider-gcp
|
||||||
push: ${{ github.ref_name == 'main' }}
|
push: ${{ github.ref_name == 'main' }}
|
||||||
|
6
.github/workflows/build-gcp-guest-agent.yml
vendored
6
.github/workflows/build-gcp-guest-agent.yml
vendored
@ -69,7 +69,7 @@ jobs:
|
|||||||
|
|
||||||
- name: Checkout GoogleCloudPlatform/guest-agent
|
- name: Checkout GoogleCloudPlatform/guest-agent
|
||||||
if: steps.needs-build.outputs.out == 'true'
|
if: steps.needs-build.outputs.out == 'true'
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
repository: "GoogleCloudPlatform/guest-agent"
|
repository: "GoogleCloudPlatform/guest-agent"
|
||||||
ref: refs/tags/${{ steps.latest-release.outputs.latest }}
|
ref: refs/tags/${{ steps.latest-release.outputs.latest }}
|
||||||
@ -77,7 +77,7 @@ jobs:
|
|||||||
|
|
||||||
- name: Checkout Constellation
|
- name: Checkout Constellation
|
||||||
if: steps.needs-build.outputs.out == 'true'
|
if: steps.needs-build.outputs.out == 'true'
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
path: "constellation"
|
path: "constellation"
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
@ -114,7 +114,7 @@ jobs:
|
|||||||
- name: Build and push container image
|
- name: Build and push container image
|
||||||
if: steps.needs-build.outputs.out == 'true'
|
if: steps.needs-build.outputs.out == 'true'
|
||||||
id: build
|
id: build
|
||||||
uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1
|
uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1
|
||||||
with:
|
with:
|
||||||
context: ./guest-agent
|
context: ./guest-agent
|
||||||
file: ./constellation/3rdparty/gcp-guest-agent/Dockerfile
|
file: ./constellation/3rdparty/gcp-guest-agent/Dockerfile
|
||||||
|
@ -20,7 +20,7 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Check out repository
|
- name: Check out repository
|
||||||
id: checkout
|
id: checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
@ -62,7 +62,7 @@ jobs:
|
|||||||
runs-on: ubuntu-22.04
|
runs-on: ubuntu-22.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ github.head_ref }}
|
ref: ${{ github.head_ref }}
|
||||||
|
|
||||||
|
22
.github/workflows/build-os-image.yml
vendored
22
.github/workflows/build-os-image.yml
vendored
@ -59,7 +59,7 @@ jobs:
|
|||||||
cliApiBasePath: ${{ steps.image-version.outputs.cliApiBasePath }}
|
cliApiBasePath: ${{ steps.image-version.outputs.cliApiBasePath }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.ref || github.head_ref }}
|
ref: ${{ inputs.ref || github.head_ref }}
|
||||||
|
|
||||||
@ -153,7 +153,7 @@ jobs:
|
|||||||
attestation_variant: qemu-vtpm
|
attestation_variant: qemu-vtpm
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.ref || github.head_ref }}
|
ref: ${{ inputs.ref || github.head_ref }}
|
||||||
|
|
||||||
@ -179,13 +179,13 @@ jobs:
|
|||||||
echo "::endgroup::"
|
echo "::endgroup::"
|
||||||
|
|
||||||
- name: Upload raw OS image as artifact
|
- name: Upload raw OS image as artifact
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: image-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
name: image-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
||||||
path: ${{ steps.build.outputs.image-dir }}/constellation.raw
|
path: ${{ steps.build.outputs.image-dir }}/constellation.raw
|
||||||
|
|
||||||
- name: Upload individual OS parts as artifacts
|
- name: Upload individual OS parts as artifacts
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: parts-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
name: parts-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
||||||
path: |
|
path: |
|
||||||
@ -227,7 +227,7 @@ jobs:
|
|||||||
ATTESTATION_VARIANT: ${{ matrix.attestation_variant }}
|
ATTESTATION_VARIANT: ${{ matrix.attestation_variant }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.ref || github.head_ref }}
|
ref: ${{ inputs.ref || github.head_ref }}
|
||||||
|
|
||||||
@ -344,7 +344,7 @@ jobs:
|
|||||||
echo "::endgroup::"
|
echo "::endgroup::"
|
||||||
|
|
||||||
- name: Upload image lookup table as artifact
|
- name: Upload image lookup table as artifact
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: lookup-table
|
name: lookup-table
|
||||||
path: ${{ github.workspace }}/image/mkosi.output.*/*/image-upload*.json
|
path: ${{ github.workspace }}/image/mkosi.output.*/*/image-upload*.json
|
||||||
@ -376,7 +376,7 @@ jobs:
|
|||||||
attestation_variant: qemu-vtpm
|
attestation_variant: qemu-vtpm
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.ref || github.head_ref }}
|
ref: ${{ inputs.ref || github.head_ref }}
|
||||||
|
|
||||||
@ -522,7 +522,7 @@ jobs:
|
|||||||
echo "::endgroup::"
|
echo "::endgroup::"
|
||||||
|
|
||||||
- name: Upload expected measurements as artifact
|
- name: Upload expected measurements as artifact
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: measurements
|
name: measurements
|
||||||
path: pcrs-${{ matrix.csp }}-${{ matrix.attestation_variant }}.json
|
path: pcrs-${{ matrix.csp }}-${{ matrix.attestation_variant }}.json
|
||||||
@ -536,7 +536,7 @@ jobs:
|
|||||||
runs-on: ubuntu-22.04
|
runs-on: ubuntu-22.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.ref || github.head_ref }}
|
ref: ${{ inputs.ref || github.head_ref }}
|
||||||
|
|
||||||
@ -616,7 +616,7 @@ jobs:
|
|||||||
contents: read
|
contents: read
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.ref || github.head_ref }}
|
ref: ${{ inputs.ref || github.head_ref }}
|
||||||
|
|
||||||
@ -636,7 +636,7 @@ jobs:
|
|||||||
run: bazel run //image/upload -- info --verbose mkosi.output.*/*/image-upload*.json
|
run: bazel run //image/upload -- info --verbose mkosi.output.*/*/image-upload*.json
|
||||||
|
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.ref || github.head_ref }}
|
ref: ${{ inputs.ref || github.head_ref }}
|
||||||
|
|
||||||
|
@ -19,7 +19,7 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Check out repository
|
- name: Check out repository
|
||||||
id: checkout
|
id: checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
2
.github/workflows/check-links.yml
vendored
2
.github/workflows/check-links.yml
vendored
@ -20,7 +20,7 @@ jobs:
|
|||||||
runs-on: ubuntu-22.04
|
runs-on: ubuntu-22.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
8
.github/workflows/codeql.yml
vendored
8
.github/workflows/codeql.yml
vendored
@ -34,7 +34,7 @@ jobs:
|
|||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
|
|
||||||
- name: Setup Go environment
|
- name: Setup Go environment
|
||||||
if: matrix.language == 'go'
|
if: matrix.language == 'go'
|
||||||
@ -44,7 +44,7 @@ jobs:
|
|||||||
cache: false
|
cache: false
|
||||||
|
|
||||||
- name: Initialize CodeQL
|
- name: Initialize CodeQL
|
||||||
uses: github/codeql-action/init@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4
|
uses: github/codeql-action/init@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1
|
||||||
with:
|
with:
|
||||||
languages: ${{ matrix.language }}
|
languages: ${{ matrix.language }}
|
||||||
|
|
||||||
@ -64,9 +64,9 @@ jobs:
|
|||||||
|
|
||||||
- name: Build
|
- name: Build
|
||||||
if: matrix.language == 'python'
|
if: matrix.language == 'python'
|
||||||
uses: github/codeql-action/autobuild@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4
|
uses: github/codeql-action/autobuild@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1
|
||||||
|
|
||||||
- name: Perform CodeQL Analysis
|
- name: Perform CodeQL Analysis
|
||||||
uses: github/codeql-action/analyze@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4
|
uses: github/codeql-action/analyze@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1
|
||||||
with:
|
with:
|
||||||
category: "/language:${{ matrix.language }}"
|
category: "/language:${{ matrix.language }}"
|
||||||
|
2
.github/workflows/docs-vale.yml
vendored
2
.github/workflows/docs-vale.yml
vendored
@ -16,7 +16,7 @@ jobs:
|
|||||||
runs-on: ubuntu-22.04
|
runs-on: ubuntu-22.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
@ -24,7 +24,7 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
id: checkout
|
id: checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
# Don't trigger in forks, use head on pull requests, use default otherwise.
|
# Don't trigger in forks, use head on pull requests, use default otherwise.
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || github.event.pull_request.head.sha || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || github.event.pull_request.head.sha || '' }}
|
||||||
|
2
.github/workflows/e2e-mini.yml
vendored
2
.github/workflows/e2e-mini.yml
vendored
@ -29,7 +29,7 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
id: checkout
|
id: checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.ref || github.event.workflow_run.head_branch || github.head_ref }}
|
ref: ${{ inputs.ref || github.event.workflow_run.head_branch || github.head_ref }}
|
||||||
|
|
||||||
|
6
.github/workflows/e2e-test-daily.yml
vendored
6
.github/workflows/e2e-test-daily.yml
vendored
@ -21,7 +21,7 @@ jobs:
|
|||||||
image-release-stable: ${{ steps.relabel-output.outputs.image-release-stable }}
|
image-release-stable: ${{ steps.relabel-output.outputs.image-release-stable }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
@ -58,7 +58,7 @@ jobs:
|
|||||||
needs: [find-latest-image]
|
needs: [find-latest-image]
|
||||||
steps:
|
steps:
|
||||||
- name: Check out repository
|
- name: Check out repository
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
@ -138,7 +138,7 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
id: checkout
|
id: checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
8
.github/workflows/e2e-test-manual.yml
vendored
8
.github/workflows/e2e-test-manual.yml
vendored
@ -158,13 +158,13 @@ jobs:
|
|||||||
|
|
||||||
- name: Checkout head
|
- name: Checkout head
|
||||||
if: inputs.imageVersion == '' && inputs.git-ref == 'head'
|
if: inputs.imageVersion == '' && inputs.git-ref == 'head'
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
- name: Checkout ref
|
- name: Checkout ref
|
||||||
if: inputs.imageVersion == '' && inputs.git-ref != 'head'
|
if: inputs.imageVersion == '' && inputs.git-ref != 'head'
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.git-ref }}
|
ref: ${{ inputs.git-ref }}
|
||||||
|
|
||||||
@ -217,13 +217,13 @@ jobs:
|
|||||||
|
|
||||||
- name: Checkout head
|
- name: Checkout head
|
||||||
if: inputs.git-ref == 'head'
|
if: inputs.git-ref == 'head'
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
- name: Checkout ref
|
- name: Checkout ref
|
||||||
if: inputs.git-ref != 'head'
|
if: inputs.git-ref != 'head'
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.git-ref }}
|
ref: ${{ inputs.git-ref }}
|
||||||
|
|
||||||
|
2
.github/workflows/e2e-test-release.yml
vendored
2
.github/workflows/e2e-test-release.yml
vendored
@ -177,7 +177,7 @@ jobs:
|
|||||||
run: brew install coreutils kubectl bash
|
run: brew install coreutils kubectl bash
|
||||||
|
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
ref: ${{ inputs.ref || github.head_ref }}
|
ref: ${{ inputs.ref || github.head_ref }}
|
||||||
|
6
.github/workflows/e2e-test-weekly.yml
vendored
6
.github/workflows/e2e-test-weekly.yml
vendored
@ -21,7 +21,7 @@ jobs:
|
|||||||
image-release-stable: ${{ steps.relabel-output.outputs.image-release-stable }}
|
image-release-stable: ${{ steps.relabel-output.outputs.image-release-stable }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
@ -197,7 +197,7 @@ jobs:
|
|||||||
needs: [find-latest-image]
|
needs: [find-latest-image]
|
||||||
steps:
|
steps:
|
||||||
- name: Check out repository
|
- name: Check out repository
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
@ -299,7 +299,7 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
id: checkout
|
id: checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
6
.github/workflows/e2e-upgrade.yml
vendored
6
.github/workflows/e2e-upgrade.yml
vendored
@ -122,14 +122,14 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
if: inputs.gitRef == 'head'
|
if: inputs.gitRef == 'head'
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
- name: Checkout ref
|
- name: Checkout ref
|
||||||
if: inputs.gitRef != 'head'
|
if: inputs.gitRef != 'head'
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
ref: ${{ inputs.gitRef }}
|
ref: ${{ inputs.gitRef }}
|
||||||
@ -270,7 +270,7 @@ jobs:
|
|||||||
|
|
||||||
- name: Always upload logs
|
- name: Always upload logs
|
||||||
if: always()
|
if: always()
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: upgrade-logs
|
name: upgrade-logs
|
||||||
path: |
|
path: |
|
||||||
|
8
.github/workflows/e2e-windows.yml
vendored
8
.github/workflows/e2e-windows.yml
vendored
@ -16,7 +16,7 @@ jobs:
|
|||||||
runs-on: ubuntu-22.04
|
runs-on: ubuntu-22.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
@ -28,7 +28,7 @@ jobs:
|
|||||||
enterpriseCLI: true
|
enterpriseCLI: true
|
||||||
|
|
||||||
- name: Upload CLI artifact
|
- name: Upload CLI artifact
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
path: "bazel-bin/cli/cli_enterprise_windows_amd64"
|
path: "bazel-bin/cli/cli_enterprise_windows_amd64"
|
||||||
name: "constell-exe"
|
name: "constell-exe"
|
||||||
@ -39,7 +39,7 @@ jobs:
|
|||||||
needs: build-cli
|
needs: build-cli
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
@ -153,7 +153,7 @@ jobs:
|
|||||||
inputs.scheduled
|
inputs.scheduled
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
6
.github/workflows/on-release.yml
vendored
6
.github/workflows/on-release.yml
vendored
@ -26,7 +26,7 @@ jobs:
|
|||||||
WORKING_BRANCH: ${{ env.WORKING_BRANCH }}
|
WORKING_BRANCH: ${{ env.WORKING_BRANCH }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0 # fetch all history
|
fetch-depth: 0 # fetch all history
|
||||||
|
|
||||||
@ -53,7 +53,7 @@ jobs:
|
|||||||
latest: ${{ steps.input-passthrough.outputs.latest }}${{ steps.check-last-release.outputs.latest }}
|
latest: ${{ steps.input-passthrough.outputs.latest }}${{ steps.check-last-release.outputs.latest }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
|
|
||||||
- name: Override latest
|
- name: Override latest
|
||||||
if: github.event.inputs.latest == 'true'
|
if: github.event.inputs.latest == 'true'
|
||||||
@ -127,7 +127,7 @@ jobs:
|
|||||||
contents: read
|
contents: read
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
|
|
||||||
- name: Remove temporary branch
|
- name: Remove temporary branch
|
||||||
run: git push origin --delete "${WORKING_BRANCH}"
|
run: git push origin --delete "${WORKING_BRANCH}"
|
||||||
|
2
.github/workflows/purge-main.yml
vendored
2
.github/workflows/purge-main.yml
vendored
@ -18,7 +18,7 @@ jobs:
|
|||||||
contents: read
|
contents: read
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ github.head_ref }}
|
ref: ${{ github.head_ref }}
|
||||||
|
|
||||||
|
16
.github/workflows/release-cli.yml
vendored
16
.github/workflows/release-cli.yml
vendored
@ -72,7 +72,7 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
id: checkout
|
id: checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.ref || github.head_ref }}
|
ref: ${{ inputs.ref || github.head_ref }}
|
||||||
|
|
||||||
@ -92,7 +92,7 @@ jobs:
|
|||||||
cosignPassword: ${{ inputs.key == 'release' && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
cosignPassword: ${{ inputs.key == 'release' && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
||||||
|
|
||||||
- name: Upload CLI as artifact (unix)
|
- name: Upload CLI as artifact (unix)
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
if : ${{ matrix.os != 'windows' }}
|
if : ${{ matrix.os != 'windows' }}
|
||||||
with:
|
with:
|
||||||
name: constellation-${{ matrix.os }}-${{ matrix.arch }}
|
name: constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||||
@ -101,7 +101,7 @@ jobs:
|
|||||||
build/constellation-${{ matrix.os }}-${{ matrix.arch }}.sig
|
build/constellation-${{ matrix.os }}-${{ matrix.arch }}.sig
|
||||||
|
|
||||||
- name: Upload CLI as artifact (windows)
|
- name: Upload CLI as artifact (windows)
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
if : ${{ matrix.os == 'windows' }}
|
if : ${{ matrix.os == 'windows' }}
|
||||||
with:
|
with:
|
||||||
name: constellation-${{ matrix.os }}-${{ matrix.arch }}
|
name: constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||||
@ -120,7 +120,7 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
id: checkout
|
id: checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.ref || github.head_ref }}
|
ref: ${{ inputs.ref || github.head_ref }}
|
||||||
|
|
||||||
@ -198,7 +198,7 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
id: checkout
|
id: checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ inputs.ref || github.head_ref }}
|
ref: ${{ inputs.ref || github.head_ref }}
|
||||||
|
|
||||||
@ -238,13 +238,13 @@ jobs:
|
|||||||
COSIGN_PASSWORD: ${{ inputs.key == 'release' && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
COSIGN_PASSWORD: ${{ inputs.key == 'release' && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
||||||
|
|
||||||
- name: Upload Constellation CLI SBOM
|
- name: Upload Constellation CLI SBOM
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: constellation.spdx.sbom
|
name: constellation.spdx.sbom
|
||||||
path: constellation.spdx.sbom
|
path: constellation.spdx.sbom
|
||||||
|
|
||||||
- name: Upload Constellation CLI SBOM's signature
|
- name: Upload Constellation CLI SBOM's signature
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: constellation.spdx.sbom.sig
|
name: constellation.spdx.sbom.sig
|
||||||
path: constellation.spdx.sbom.sig
|
path: constellation.spdx.sbom.sig
|
||||||
@ -258,7 +258,7 @@ jobs:
|
|||||||
- provenance-subjects
|
- provenance-subjects
|
||||||
# This must not be pinned to digest. See:
|
# This must not be pinned to digest. See:
|
||||||
# https://github.com/slsa-framework/slsa-github-generator#referencing-slsa-builders-and-generators
|
# https://github.com/slsa-framework/slsa-github-generator#referencing-slsa-builders-and-generators
|
||||||
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.8.0
|
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.9.0
|
||||||
with:
|
with:
|
||||||
base64-subjects: "${{ needs.provenance-subjects.outputs.provenance-subjects }}"
|
base64-subjects: "${{ needs.provenance-subjects.outputs.provenance-subjects }}"
|
||||||
|
|
||||||
|
10
.github/workflows/release.yml
vendored
10
.github/workflows/release.yml
vendored
@ -33,7 +33,7 @@ jobs:
|
|||||||
RELEASE_BRANCH: ${{ steps.version-info.outputs.RELEASE_BRANCH }}
|
RELEASE_BRANCH: ${{ steps.version-info.outputs.RELEASE_BRANCH }}
|
||||||
WORKING_BRANCH: ${{ steps.version-info.outputs.WORKING_BRANCH }}
|
WORKING_BRANCH: ${{ steps.version-info.outputs.WORKING_BRANCH }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
|
|
||||||
- name: Working branch
|
- name: Working branch
|
||||||
run: echo "WORKING_BRANCH=$(git branch --show-current)" | tee -a "$GITHUB_ENV"
|
run: echo "WORKING_BRANCH=$(git branch --show-current)" | tee -a "$GITHUB_ENV"
|
||||||
@ -85,7 +85,7 @@ jobs:
|
|||||||
MAJOR_MINOR: ${{ needs.verify-inputs.outputs.MAJOR_MINOR }}
|
MAJOR_MINOR: ${{ needs.verify-inputs.outputs.MAJOR_MINOR }}
|
||||||
BRANCH: docs/${{ needs.verify-inputs.outputs.MAJOR_MINOR }}
|
BRANCH: docs/${{ needs.verify-inputs.outputs.MAJOR_MINOR }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: main
|
ref: main
|
||||||
|
|
||||||
@ -123,7 +123,7 @@ jobs:
|
|||||||
WORKING_BRANCH: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
WORKING_BRANCH: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||||
|
|
||||||
@ -161,7 +161,7 @@ jobs:
|
|||||||
WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }}
|
WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||||
|
|
||||||
@ -212,7 +212,7 @@ jobs:
|
|||||||
WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }}
|
WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||||
|
|
||||||
|
6
.github/workflows/reproducible-builds.yml
vendored
6
.github/workflows/reproducible-builds.yml
vendored
@ -24,7 +24,7 @@ jobs:
|
|||||||
runs-on: ${{ matrix.runner }}
|
runs-on: ${{ matrix.runner }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
@ -57,13 +57,13 @@ jobs:
|
|||||||
run: shasum -a 256 "${binary}" | tee "${binary}.sha256"
|
run: shasum -a 256 "${binary}" | tee "${binary}.sha256"
|
||||||
|
|
||||||
- name: Upload binary artifact
|
- name: Upload binary artifact
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: "binaries-${{ matrix.target }}"
|
name: "binaries-${{ matrix.target }}"
|
||||||
path: "${{ env.binary }}"
|
path: "${{ env.binary }}"
|
||||||
|
|
||||||
- name: Upload hash artifact
|
- name: Upload hash artifact
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: "sha256sums"
|
name: "sha256sums"
|
||||||
path: "${{ env.binary }}.sha256"
|
path: "${{ env.binary }}.sha256"
|
||||||
|
8
.github/workflows/scorecard.yml
vendored
8
.github/workflows/scorecard.yml
vendored
@ -18,25 +18,25 @@ jobs:
|
|||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
persist-credentials: false
|
persist-credentials: false
|
||||||
|
|
||||||
- name: Run analysis
|
- name: Run analysis
|
||||||
uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0
|
uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0
|
||||||
with:
|
with:
|
||||||
results_file: results.sarif
|
results_file: results.sarif
|
||||||
results_format: sarif
|
results_format: sarif
|
||||||
publish_results: true
|
publish_results: true
|
||||||
|
|
||||||
- name: Upload artifact
|
- name: Upload artifact
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||||
with:
|
with:
|
||||||
name: SARIF file
|
name: SARIF file
|
||||||
path: results.sarif
|
path: results.sarif
|
||||||
retention-days: 5
|
retention-days: 5
|
||||||
|
|
||||||
- name: Upload to code-scanning
|
- name: Upload to code-scanning
|
||||||
uses: github/codeql-action/upload-sarif@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4
|
uses: github/codeql-action/upload-sarif@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1
|
||||||
with:
|
with:
|
||||||
sarif_file: results.sarif
|
sarif_file: results.sarif
|
||||||
|
2
.github/workflows/test-integration.yml
vendored
2
.github/workflows/test-integration.yml
vendored
@ -25,7 +25,7 @@ jobs:
|
|||||||
CTEST_OUTPUT_ON_FAILURE: True
|
CTEST_OUTPUT_ON_FAILURE: True
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
2
.github/workflows/test-operator-codegen.yml
vendored
2
.github/workflows/test-operator-codegen.yml
vendored
@ -21,7 +21,7 @@ jobs:
|
|||||||
runs-on: ubuntu-22.04
|
runs-on: ubuntu-22.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
2
.github/workflows/test-tfsec.yml
vendored
2
.github/workflows/test-tfsec.yml
vendored
@ -23,7 +23,7 @@ jobs:
|
|||||||
pull-requests: write
|
pull-requests: write
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
2
.github/workflows/test-tidy.yml
vendored
2
.github/workflows/test-tidy.yml
vendored
@ -17,7 +17,7 @@ jobs:
|
|||||||
contents: read
|
contents: read
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
# No token available for forks, so we can't push changes
|
# No token available for forks, so we can't push changes
|
||||||
|
2
.github/workflows/test-unittest.yml
vendored
2
.github/workflows/test-unittest.yml
vendored
@ -30,7 +30,7 @@ jobs:
|
|||||||
pull-requests: write
|
pull-requests: write
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
|
2
.github/workflows/versionsapi.yml
vendored
2
.github/workflows/versionsapi.yml
vendored
@ -115,7 +115,7 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Check out repository
|
- name: Check out repository
|
||||||
id: checkout
|
id: checkout
|
||||||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||||
with:
|
with:
|
||||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user