Skip to content

Commit

Permalink
chore: pin actions to digests (#6984)
Browse files Browse the repository at this point in the history
  • Loading branch information
@pmalek
pmalek authored Jan 15, 2025
1 parent 27133cf commit aae23d4
Show file tree
Hide file tree
Showing 23 changed files with 124 additions and 124 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/_conformance_tests.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,12 @@ jobs:
expression_routes: "true"
steps:
- name: checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

- name: setup golang
uses: actions/setup-go@v4
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4
with:
go-version: '^1.20'

Expand All @@ -34,7 +34,7 @@ jobs:

- name: collect test report
if: ${{ always() }}
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: tests-report
path: conformance-tests.xml
22 changes: 11 additions & 11 deletions .github/workflows/_docker_build.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,19 +27,19 @@ jobs:
tags: ${{ steps.merge-tags.outputs.tags }}
steps:
- name: checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

- name: Parse semver string
if: ${{ inputs.tag != '' }}
id: parse-semver-tag
uses: booxmedialtd/[email protected]
uses: booxmedialtd/ws-action-parse-semver@7784200024d6b3fc01253e617ec0168daf603de3 # v1.4.7
with:
input_string: ${{ inputs.tag }}
version_extractor_regex: 'v(.*)$'

- uses: benjlevesque/[email protected]
- uses: benjlevesque/short-sha@36eb8c530990ceac5ddf3c0bc32d02c677ae9706 # v2.2
id: short-sha

- name: Add standard tag
Expand Down Expand Up @@ -78,18 +78,18 @@ jobs:
image: kong/kubernetes-ingress-controller:${{ steps.meta.outputs.version }}
steps:
- name: checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

- name: Set up QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2

- name: Cache Docker layers
uses: actions/cache@v3
uses: actions/cache@f4b3439a656ba812b8cb417d2d49f9c810103092 # v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
Expand All @@ -98,7 +98,7 @@ jobs:
- name: Docker meta
id: meta
uses: docker/[email protected]
uses: docker/metadata-action@818d4b7b91585d195f67373fd9cb0332e31a7175 # v4.6.0
with:
images: kong/kubernetes-ingress-controller
flavor: |
Expand All @@ -107,7 +107,7 @@ jobs:

- name: Build
id: docker-build-dockerhub
uses: docker/build-push-action@v4
uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4
with:
push: false
file: Dockerfile
Expand All @@ -124,7 +124,7 @@ jobs:
# Build locally with outputs set to `type=docker,dest=/tmp/image.tar` to save the image as a `kic-image` artifact.
- name: Build locally
id: docker-build-local
uses: docker/build-push-action@v4
uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4
with:
load: true
file: Dockerfile
Expand All @@ -139,7 +139,7 @@ jobs:
REPO_INFO=https://github.com/${{ github.repository }}.git
- name: Upload image artifact
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: kic-image
path: /tmp/image.tar
36 changes: 18 additions & 18 deletions .github/workflows/_e2e_tests.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ jobs:
outputs:
test_names: ${{ steps.set_test_names.outputs.test_names }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

Expand Down Expand Up @@ -90,7 +90,7 @@ jobs:
steps:
- name: Download built image artifact
if: ${{ inputs.load-local-image }}
uses: actions/download-artifact@v3
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
with:
name: kic-image
path: /tmp
Expand All @@ -102,16 +102,16 @@ jobs:
docker image ls -a
- name: checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

- name: setup golang
uses: actions/setup-go@v4
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4
with:
go-version: '^1.20'

- uses: Kong/kong-license@master
- uses: Kong/kong-license@c4decf08584f84ff8fe8e7cd3c463e0192f6111b # master
id: license
with:
password: ${{ secrets.PULP_PASSWORD }}
Expand Down Expand Up @@ -140,14 +140,14 @@ jobs:

- name: upload diagnostics
if: ${{ always() }}
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: "diagnostics-e2e-tests-${{ matrix.test }}-${{ matrix.kubernetes-version }}"
path: /tmp/ktf-diag*
if-no-files-found: ignore

- name: collect test report
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: tests-report
path: "*-tests.xml"
Expand All @@ -167,16 +167,16 @@ jobs:
test: ${{ fromJSON(needs.setup-e2e-tests.outputs.test_names) }}
steps:
- name: checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

- name: setup golang
uses: actions/setup-go@v4
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4
with:
go-version: '^1.20'

- uses: Kong/kong-license@master
- uses: Kong/kong-license@c4decf08584f84ff8fe8e7cd3c463e0192f6111b # master
continue-on-error: true
id: license
with:
Expand All @@ -203,14 +203,14 @@ jobs:

- name: upload diagnostics
if: ${{ always() }}
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: "diagnostics-e2e-gke-tests-${{ matrix.test }}-${{ matrix.kubernetes-version }}"
path: /tmp/ktf-diag*
if-no-files-found: ignore

- name: collect test report
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: tests-report
path: "*-tests.xml"
Expand All @@ -233,7 +233,7 @@ jobs:
steps:
- name: Download built image artifact
if: ${{ inputs.load-local-image }}
uses: actions/download-artifact@v3
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
with:
name: kic-image
path: /tmp
Expand All @@ -245,16 +245,16 @@ jobs:
docker image ls -a
- name: checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

- name: setup golang
uses: actions/setup-go@v4
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4
with:
go-version: '^1.20'

- uses: Kong/kong-license@master
- uses: Kong/kong-license@c4decf08584f84ff8fe8e7cd3c463e0192f6111b # master
id: license
with:
password: ${{ secrets.PULP_PASSWORD }}
Expand All @@ -274,14 +274,14 @@ jobs:

- name: upload diagnostics
if: ${{ always() }}
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: diagnostics-e2e-tests
path: /tmp/ktf-diag*
if-no-files-found: ignore

- name: collect test report
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: tests-report
path: "*-tests.xml"
8 changes: 4 additions & 4 deletions .github/workflows/_envtest_tests.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

- name: setup golang
uses: actions/setup-go@v4
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4
with:
go-version: '^1.20'

Expand All @@ -23,14 +23,14 @@ jobs:
GOTESTSUM_JUNITFILE: envtest-tests.xml

- name: collect test coverage
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: coverage
path: coverage.envtest.out

- name: collect test report
if: always()
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: tests-report
path: envtest-tests.xml
12 changes: 6 additions & 6 deletions .github/workflows/_integration_tests.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ jobs:
feature_gates: "GatewayAlpha=true,FillIDs=true"

steps:
- uses: Kong/kong-license@master
- uses: Kong/kong-license@c4decf08584f84ff8fe8e7cd3c463e0192f6111b # master
id: license
with:
password: ${{ secrets.PULP_PASSWORD }}
Expand All @@ -99,12 +99,12 @@ jobs:
fi
- name: checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

- name: setup golang
uses: actions/setup-go@v4
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4
with:
go-version: '^1.20'

Expand All @@ -129,22 +129,22 @@ jobs:

- name: collect test coverage
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: coverage
path: coverage.*.out

- name: upload diagnostics
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: diagnostics-integration-tests-${{ matrix.name }}
path: /tmp/ktf-diag*
if-no-files-found: ignore

- name: collect test report
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3
with:
name: tests-report
path: integration-tests-${{ matrix.name }}.xml
4 changes: 2 additions & 2 deletions .github/workflows/_linters.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

- name: Setup go
uses: actions/setup-go@v4
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4
with:
go-version: '^1.20'

Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/_test_reports.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,19 +22,19 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

- name: collect test coverage artifacts
id: download-coverage
uses: actions/download-artifact@v3
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
with:
name: coverage
path: coverage

- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
uses: codecov/codecov-action@ab904c41d6ece82784817410c45d8b8c02684457 # v3
with:
name: combined-coverage
token: ${{ secrets.CODECOV_TOKEN }}
Expand All @@ -47,20 +47,20 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: checkout repository
uses: actions/checkout@v3
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
with:
fetch-depth: 0

- name: download tests report
id: download-coverage
uses: actions/download-artifact@v3
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
with:
name: tests-report
path: report

- name: Upload test results to BuildPulse for flaky test detection
if: ${{ !cancelled() }}
uses: buildpulse/[email protected]
uses: buildpulse/buildpulse-action@d0d30f53585cf16b2e01811a5a753fd47968654a # v0.11.0
with:
account: 962416
repository: 127765544
Expand Down
Loading

1 comment on commit aae23d4

@github-actions
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Performance Alert ⚠️

Possible performance regression was detected for benchmark 'Go Benchmark'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.50.

Benchmark suite Current: aae23d4 Previous: 0f5b67e Ratio
BenchmarkDefaultContentToDBLessConfigConverter_Convert 148.1 ns/op 0 B/op 0 allocs/op 79.33 ns/op 0 B/op 0 allocs/op 1.87
BenchmarkDefaultContentToDBLessConfigConverter_Convert - ns/op 148.1 ns/op 79.33 ns/op 1.87

This comment was automatically generated by workflow using github-action-benchmark.

CC: @Kong/k8s-maintainers

Please sign in to comment.