diff --git a/.github/workflows/cleanup-registry.yml b/.github/workflows/cleanup-registry.yml index 02937bd..d73982c 100644 --- a/.github/workflows/cleanup-registry.yml +++ b/.github/workflows/cleanup-registry.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Delete old versions - uses: snok/container-retention-policy@482ce28159f65a8bfad986da1fedcef40169aa75 # v2.0.0 + uses: snok/container-retention-policy@2ebfab771446f9cde79044dab61eec867ac1d62b # v2.1.1 with: image-names: ${{ env.IMAGE_NAMES }} cut-off: 2 days ago UTC diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index ba6001a..9627237 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -39,7 +39,7 @@ jobs: needs: metadata steps: - name: Checkout code - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Start deployment uses: bobheadxi/deployments@88ce5600046c82542f8246ac287d0a53c461bca3 # v1.4.0 @@ -49,7 +49,7 @@ jobs: env: ${{ needs.metadata.outputs.stage }} - name: Deploy - uses: appleboy/ssh-action@b60142998894e495c513803efc6d5d72a72c968a # v0.1.8 + uses: appleboy/ssh-action@334f9259f2f8eb3376d33fa4c684fff373f2c2a6 # v0.1.10 env: STAGE: ${{ needs.metadata.outputs.stage }} with: @@ -63,7 +63,7 @@ jobs: docker-compose up -d - name: Finalize Sentry release - uses: getsentry/action-release@586b62368d564f25d694ce05fcb9cf53de65ac4f # v1.3.1 + uses: getsentry/action-release@4744f6a65149f441c5f396d5b0877307c0db52c7 # v1.4.1 env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ vars.SENTRY_ORG_NAME }} @@ -102,7 +102,7 @@ jobs: done - name: Update Continuous Delivery check run - uses: guidojw/actions/update-check-run@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/update-check-run@870d7c8de5aeb08420bb88d8fbddb0222a9eac61 # v1.4.0 with: app_id: ${{ vars.GH_APP_ID }} private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 8e3a6fc..a2fd943 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -12,14 +12,14 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Add problem matchers run: | echo '::add-matcher::.github/problem-matchers/tsc.json' - name: Build test image - uses: guidojw/actions/build-docker-image@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/build-docker-image@870d7c8de5aeb08420bb88d8fbddb0222a9eac61 # v1.4.0 with: name: app @@ -29,7 +29,7 @@ jobs: needs: build steps: - name: Checkout code - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Add problem matchers run: | @@ -41,7 +41,7 @@ jobs: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) 1.6.23 - name: Load test image - uses: guidojw/actions/load-docker-image@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/load-docker-image@870d7c8de5aeb08420bb88d8fbddb0222a9eac61 # v1.4.0 with: name: app diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml index 84dd7df..f331605 100644 --- a/.github/workflows/publish-image.yml +++ b/.github/workflows/publish-image.yml @@ -41,15 +41,15 @@ jobs: needs: metadata steps: - name: Checkout code - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: fetch-depth: 0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4b4e9c3e2d4531116a6f8ba8e71fc6e2cb6e6c8c # v2.5.0 + uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1 # v2.9.1 - name: Login to GitHub Container Registry - uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # tag=v2.1.0 + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 with: registry: ${{ vars.DOCKER_REGISTRY_URL }} username: ${{ github.repository_owner }} @@ -57,7 +57,7 @@ jobs: - name: Build and push image id: build_push_image - uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4.0.0 + uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1 with: push: true context: . @@ -77,7 +77,7 @@ jobs: - name: Create Sentry release if: ${{ !(github.event_name == 'workflow_dispatch' && github.workflow == 'Publish Image') }} - uses: getsentry/action-release@586b62368d564f25d694ce05fcb9cf53de65ac4f # v1.3.1 + uses: getsentry/action-release@4744f6a65149f441c5f396d5b0877307c0db52c7 # v1.4.1 env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ vars.SENTRY_ORG_NAME }} @@ -108,7 +108,7 @@ jobs: done - name: Update Publish Image check run - uses: guidojw/actions/update-check-run@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/update-check-run@870d7c8de5aeb08420bb88d8fbddb0222a9eac61 # v1.4.0 with: app_id: ${{ vars.GH_APP_ID }} private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}