Skip to content

Commit

Permalink
AAE-18110 - Use pinned SHA
Browse files Browse the repository at this point in the history
  • Loading branch information
@Giovanni007
Giovanni007 committed Nov 21, 2023
1 parent 1a57cd1 commit b80c048
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 21 deletions.
32 changes: 16 additions & 16 deletions .github/workflows/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,17 +28,17 @@ jobs:
pre-checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Check dependabot build
uses: Activiti/Activiti/.github/actions/check-ext-build@8.0.0-alpha.10
uses: Activiti/Activiti/.github/actions/check-ext-build@4db084fcbb13a288f3b66ac08fc50a5ab7f144ed # 8.0.0-alpha.10
- name: Setup Helm Docs
uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v3.2.1
uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@3741d4445541db169728841ebedb8725b51f0b45 # v3.2.1
- name: Run Checkov
uses: bridgecrewio/checkov-action@v12.1839.0
uses: bridgecrewio/checkov-action@e1bb78184f5dd3690fb1089d6c4f51295f9dff48 # v12.1839.0
with:
framework: kubernetes
- name: pre-commit
uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v3.8.0
uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@9cf7c9d178e9ab74bf533217febe4dafe73247f4 # v3.8.0
with:
skip_checkout: true
- name: Ensure SHA pinned actions
Expand All @@ -48,10 +48,10 @@ jobs:
runs-on: ubuntu-latest
needs: pre-checks
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- name: Build
uses: Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v3.2.1
uses: Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@3741d4445541db169728841ebedb8725b51f0b45 # v3.2.1
with:
chart-dir: ${{ env.CHART_DIR }}

Expand All @@ -67,23 +67,23 @@ jobs:
outputs:
version: ${{ steps.calculate-next-internal-version.outputs.next-prerelease }}
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- name: Parse next release
id: helm-parse-next-release
uses: Alfresco/alfresco-build-tools/.github/actions/helm-parse-next-release@v3.2.1
uses: Alfresco/alfresco-build-tools/.github/actions/helm-parse-next-release@3741d4445541db169728841ebedb8725b51f0b45 # v3.2.1
with:
chart-dir: ${{ env.CHART_DIR }}

- id: calculate-next-internal-version
name: Calculate next internal release
uses: Alfresco/alfresco-build-tools/.github/actions/calculate-next-internal-version@v3.2.1
uses: Alfresco/alfresco-build-tools/.github/actions/calculate-next-internal-version@3741d4445541db169728841ebedb8725b51f0b45 # v3.2.1
with:
next-version: ${{ steps.helm-parse-next-release.outputs.next-release }}

- id: helm-release-and-publish
name: Release and publish helm chart
uses: Alfresco/alfresco-build-tools/.github/actions/helm-release-and-publish@v3.2.1
uses: Alfresco/alfresco-build-tools/.github/actions/helm-release-and-publish@3741d4445541db169728841ebedb8725b51f0b45 # v3.2.1
with:
version: ${{ steps.calculate-next-internal-version.outputs.next-prerelease }}
chart-dir: ${{ env.CHART_DIR }}
Expand All @@ -103,15 +103,15 @@ jobs:
VERSION: ${{ needs.publish.outputs.version }}
DEVELOPMENT_BRANCH: ${{ github.ref_name }}
steps:
- uses: Activiti/activiti-scripts/.github/actions/wait-for-chart@develop
- uses: Activiti/activiti-scripts/.github/actions/wait-for-chart@000995bdf3eae49f78ff39c462226208039ef1a8 # 8.1.0
with:
chart-name: ${{ env.CHART_NAME }}
version: ${{ env.VERSION }}
helm-repo-name: ${{ env.HELM_REPO_NAME }}
helm-repo-url: ${{ env.HELM_REPO_BASE_URL }}
- uses: actions/checkout@v4
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v3.2.1
- uses: Alfresco/alfresco-build-tools/.github/actions/jx-updatebot-pr@v3.2.1
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@3741d4445541db169728841ebedb8725b51f0b45 # v3.2.1
- uses: Alfresco/alfresco-build-tools/.github/actions/jx-updatebot-pr@3741d4445541db169728841ebedb8725b51f0b45 # v3.2.1
env:
GH_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }}
with:
Expand All @@ -131,7 +131,7 @@ jobs:
if: always() && failure() && github.event_name == 'push'
steps:
- name: Slack Notification
uses: Alfresco/alfresco-build-tools/.github/actions/send-slack-notification@v3.2.1
uses: Alfresco/alfresco-build-tools/.github/actions/send-slack-notification@3741d4445541db169728841ebedb8725b51f0b45 # v3.2.1
with:
channel-id: 'eng-hxp-studio-activiti-gh-notifs'
token: ${{ secrets.SLACK_NOTIFICATION_BOT_TOKEN }}
10 changes: 5 additions & 5 deletions .github/workflows/rc.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,17 +20,17 @@ jobs:
env:
VERSION: ${{ github.ref_name }}
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- id: helm-package-chart
name: Package Helm chart
uses: Alfresco/alfresco-build-tools/.github/actions/helm-package-chart@v3.2.1
uses: Alfresco/alfresco-build-tools/.github/actions/helm-package-chart@3741d4445541db169728841ebedb8725b51f0b45 # v3.2.1
with:
chart-dir: ${{ env.CHART_DIR }}

- id: helm-publish-chart
name: Publish Helm chart
uses: Alfresco/alfresco-build-tools/.github/actions/helm-publish-chart@v3.2.1
uses: Alfresco/alfresco-build-tools/.github/actions/helm-publish-chart@3741d4445541db169728841ebedb8725b51f0b45 # v3.2.1
with:
chart-package: ${{ steps.helm-package-chart.outputs.package-file-path }}
helm-charts-repo: ${{ env.HELM_REPO }}
Expand All @@ -40,7 +40,7 @@ jobs:
token: ${{ secrets.BOT_GITHUB_TOKEN }}
git-username: ${{ secrets.BOT_GITHUB_USERNAME }}

- uses: Activiti/activiti-scripts/.github/actions/wait-for-chart@develop
- uses: Activiti/activiti-scripts/.github/actions/wait-for-chart@000995bdf3eae49f78ff39c462226208039ef1a8 # 8.1.0
with:
chart-name: ${{ env.CHART_NAME }}
version: ${{ env.VERSION }}
Expand All @@ -54,7 +54,7 @@ jobs:
if: always() && failure() && github.event_name == 'push'
steps:
- name: Slack Notification
uses: Alfresco/alfresco-build-tools/.github/actions/send-slack-notification@v3.2.1
uses: Alfresco/alfresco-build-tools/.github/actions/send-slack-notification@3741d4445541db169728841ebedb8725b51f0b45 # v3.2.1
with:
channel-id: 'eng-hxp-studio-releases-gh-notifs'
token: ${{ secrets.SLACK_NOTIFICATION_BOT_TOKEN }}

0 comments on commit b80c048

Please sign in to comment.