Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): Bump the actions group across 1 directory with 11 updates #113

Closed
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions .github/workflows/ci-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,20 +28,20 @@ jobs:
name: lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: './go.mod'
check-latest: true
- name: golangci-lint
uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
with:
version: v1.59

yamllint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Set up Python
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
with:
Expand All @@ -58,17 +58,17 @@ jobs:
actionlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Check workflow files
uses: reviewdog/action-actionlint@4f8f9963ca57a41e5fd5b538dd79dbfbd3e0b38a # v1.54.0
uses: reviewdog/action-actionlint@7eeec1dd160c2301eb28e1568721837d084558ad # v1.57.0
# TODO(asraa): Re-enable shellcheck from actionlint
with:
actionlint_flags: -color -shellcheck=

test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: './go.mod'
Expand All @@ -84,7 +84,7 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: './go.mod'
Expand All @@ -103,7 +103,7 @@ jobs:
name: Shellcheck
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # v2.0.0
env:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/cosign-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,13 +29,13 @@ jobs:
runs-on: ubuntu-latest
steps:
# Install cosign
- uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0
- uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0

# Set up a repository server with python
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
with:
python-version: '3.x'
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 2
- run: |
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/create-signing-events.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

on:
# disabled during migration
#schedule:

Check warning on line 5 in .github/workflows/create-signing-events.yml

View workflow job for this annotation

GitHub Actions / yamllint

[comments] missing starting space in comment

Check warning on line 5 in .github/workflows/create-signing-events.yml

View workflow job for this annotation

GitHub Actions / yamllint

[comments] missing starting space in comment
# - cron: '17 1,7,13,19 * * *'
workflow_dispatch:

Expand All @@ -16,7 +16,7 @@
actions: 'write' # for dispatching signing event workflow
steps:
- name: Create signing events for offline version bumps
uses: theupdateframework/tuf-on-ci/actions/create-signing-events@89d2dad3c8b626dde7a9e65b036ca35d11ab8b2a # v0.12.0
uses: theupdateframework/tuf-on-ci/actions/create-signing-events@27c49c016591c7cfea57f6b15296f714a5c4a5f6 # v0.13.0
with:
token: ${{ secrets.TUF_ON_CI_TOKEN || secrets.GITHUB_TOKEN }}

Expand All @@ -28,7 +28,7 @@
issues: 'write' # for modifying Issues
steps:
- name: Update the issue for the workflow
uses: theupdateframework/tuf-on-ci/actions/update-issue@89d2dad3c8b626dde7a9e65b036ca35d11ab8b2a # v0.12.0
uses: theupdateframework/tuf-on-ci/actions/update-issue@27c49c016591c7cfea57f6b15296f714a5c4a5f6 # v0.13.0
with:
token: ${{ secrets.TUF_ON_CI_TOKEN || secrets.GITHUB_TOKEN }}
success: ${{ !contains(needs.*.result, 'failure') }}
10 changes: 5 additions & 5 deletions .github/workflows/custom-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ jobs:
python -m sigstore verify github --cert-identity $IDENTITY --bundle artifact.sigstore.json artifact

- name: Upload the bundle for other clients to verify
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: bundle
path: artifact.sigstore.json
Expand All @@ -51,7 +51,7 @@ jobs:
cosign:
runs-on: ubuntu-latest
steps:
- uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0
- uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0

- name: Download initial root
run: curl -o root.json ${METADATA_URL}/1.root.json
Expand Down Expand Up @@ -111,7 +111,7 @@ jobs:
runs-on: ubuntu-latest
needs: [sigstore-python]
steps:
- uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4

- name: Install sigstore-js
run: npm install -g @sigstore/cli
Expand Down Expand Up @@ -141,15 +141,15 @@ jobs:
needs: [sigstore-python]
steps:
- name: Set up JDK
uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
with:
java-version: 17
distribution: 'temurin'

- name: Setup Gradle
uses: gradle/actions/setup-gradle@v4

- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
repository: "sigstore/sigstore-java"
fetch-tags: true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/delegation-pop-verify.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ jobs:
PR_NUMBER: ${{ github.event.pull_request.number }}
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/deploy-to-gcs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
tar --directory repository -xvf artifact.tar

# NOTE: This gcloud project/account is NOT the tuf-on-ci online signing account
- uses: google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2 # v2.1.4
- uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
with:
token_format: access_token
workload_identity_provider: projects/306323169285/locations/global/workloadIdentityPools/github-actions-pool/providers/github-actions-provider
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/initialize.yml
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ jobs:
check_branch:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
- name: Check if remote branch exists
Expand All @@ -64,7 +64,7 @@ jobs:
permissions:
id-token: 'write'
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
# TODO(https://github.com/sigstore/root-signing/issues/98): Use a common configuration checked into source control
Expand All @@ -82,7 +82,7 @@ jobs:
go-version-file: './go.mod'
check-latest: true
# Setup OIDC->SA auth for signing with KMS
- uses: google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2 # v2.1.4
- uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
id: auth
with:
token_format: 'access_token'
Expand All @@ -108,7 +108,7 @@ jobs:
run: |
./scripts/step-1.5.sh ${{ inputs.revoke_key }}
- name: Upload new repository
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: ${{ inputs.repo }}
path: ${{ inputs.repo }}
Expand All @@ -121,7 +121,7 @@ jobs:
pull-requests: 'write'
contents: 'write'
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
ref: ${{ inputs.branch }}
fetch-depth: 0
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/online-sign.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@

on:
# disabled during migration
#schedule:

Check warning on line 7 in .github/workflows/online-sign.yml

View workflow job for this annotation

GitHub Actions / yamllint

[comments] missing starting space in comment

Check warning on line 7 in .github/workflows/online-sign.yml

View workflow job for this annotation

GitHub Actions / yamllint

[comments] missing starting space in comment
# - cron: '17 1,7,13,19 * * *'
#push:

Check warning on line 9 in .github/workflows/online-sign.yml

View workflow job for this annotation

GitHub Actions / yamllint

[comments] missing starting space in comment

Check warning on line 9 in .github/workflows/online-sign.yml

View workflow job for this annotation

GitHub Actions / yamllint

[comments] missing starting space in comment
# branches: [ main ]
# paths: ['metadata/**', '!metadata/timestamp.json', '!metadata/snapshot.json']
workflow_dispatch:
Expand All @@ -20,7 +20,7 @@
actions: 'write' # for dispatching publish workflow
steps:
- id: online-sign
uses: theupdateframework/tuf-on-ci/actions/online-sign@89d2dad3c8b626dde7a9e65b036ca35d11ab8b2a # v0.12.0
uses: theupdateframework/tuf-on-ci/actions/online-sign@27c49c016591c7cfea57f6b15296f714a5c4a5f6 # v0.13.0
with:
token: ${{ secrets.TUF_ON_CI_TOKEN || secrets.GITHUB_TOKEN }}
gcp_workload_identity_provider: 'projects/163070369698/locations/global/workloadIdentityPools/github-actions-pool/providers/github-actions-provider'
Expand All @@ -35,7 +35,7 @@
issues: 'write' # for modifying Issues
steps:
- name: Update the issue for the workflow
uses: theupdateframework/tuf-on-ci/actions/update-issue@89d2dad3c8b626dde7a9e65b036ca35d11ab8b2a # v0.12.0
uses: theupdateframework/tuf-on-ci/actions/update-issue@27c49c016591c7cfea57f6b15296f714a5c4a5f6 # v0.13.0
with:
token: ${{ secrets.TUF_ON_CI_TOKEN || secrets.GITHUB_TOKEN }}
success: ${{ !contains(needs.*.result, 'failure') }}
4 changes: 2 additions & 2 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
runs-on: ubuntu-latest
steps:
- id: build-and-upload-repository
uses: theupdateframework/tuf-on-ci/actions/upload-repository@89d2dad3c8b626dde7a9e65b036ca35d11ab8b2a # v0.12.0
uses: theupdateframework/tuf-on-ci/actions/upload-repository@27c49c016591c7cfea57f6b15296f714a5c4a5f6 # v0.13.0
with:
gh_pages: true
ref: ${{ inputs.ref }}
Expand Down Expand Up @@ -45,13 +45,13 @@

# disabled during migration
# (when enabling remember to add to update-issue.needs)
#deploy-to-gcs:

Check warning on line 48 in .github/workflows/publish.yml

View workflow job for this annotation

GitHub Actions / yamllint

[comments] missing starting space in comment

Check warning on line 48 in .github/workflows/publish.yml

View workflow job for this annotation

GitHub Actions / yamllint

[comments] missing starting space in comment
# needs: [test-deployed-pages]
# permissions:
# id-token: 'write' # for authenticating with OIDC
# uses: ./.github/workflows/deploy-to-gcs.yml

#test-deployed-gcs:

Check warning on line 54 in .github/workflows/publish.yml

View workflow job for this annotation

GitHub Actions / yamllint

[comments] missing starting space in comment

Check warning on line 54 in .github/workflows/publish.yml

View workflow job for this annotation

GitHub Actions / yamllint

[comments] missing starting space in comment
# needs: [deploy-to-gcs]
# if: always() && !failure() && !cancelled()
# permissions:
Expand All @@ -67,7 +67,7 @@
issues: 'write' # for modifying Issues
steps:
- name: Update the issue for the workflow
uses: theupdateframework/tuf-on-ci/actions/update-issue@89d2dad3c8b626dde7a9e65b036ca35d11ab8b2a # v0.12.0
uses: theupdateframework/tuf-on-ci/actions/update-issue@27c49c016591c7cfea57f6b15296f714a5c4a5f6 # v0.13.0
with:
token: ${{ secrets.TUF_ON_CI_TOKEN || secrets.GITHUB_TOKEN }}
success: ${{ !contains(needs.*.result, 'failure') }}
6 changes: 3 additions & 3 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,15 +31,15 @@ jobs:
outputs:
hashes: ${{ steps.hash.outputs.hashes }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1

- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: './go.mod'
check-latest: true

- uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0
- uses: anchore/sbom-action/download-syft@ab9d16d4b419c9d1a02df5213fa0ebe965ca5a57 # v0.17.1
- uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
- uses: anchore/sbom-action/download-syft@61119d458adab75f756bc0b9e4bde25725f86a7a # v0.17.2
- uses: imjasonh/setup-ko@3aebd0597dc1e9d1a26bcfdb7cbeb19c131d3037 # v0.7

- name: Set LDFLAGS
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/reuseable-snapshot-timestamp.yml
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ jobs:
permissions:
id-token: 'write'
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
ref: ${{ inputs.branch }}
Expand All @@ -91,7 +91,7 @@ jobs:
go-version-file: './go.mod'
check-latest: true
# Setup OIDC->SA auth
- uses: google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2 # v2.1.4
- uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
id: auth
with:
token_format: 'access_token'
Expand Down Expand Up @@ -141,7 +141,7 @@ jobs:
git format-patch HEAD^ -o snapshot-timestamp

- name: Upload snapshot and timestamp
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: snapshot-timestamp
path: snapshot-timestamp
Expand Down Expand Up @@ -178,7 +178,7 @@ jobs:
pull-requests: 'write'
contents: 'write'
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
ref: ${{ inputs.branch }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/review-snapshot-timestamp.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.SIGSTORE_REVIEW_BOT_FINE_GRAINED_PAT }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- run: |
set -euo pipefail
./.github/workflows/scripts/review-pull-request.sh
2 changes: 1 addition & 1 deletion .github/workflows/signing-event.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,6 @@ jobs:

steps:
- name: Signing event
uses: theupdateframework/tuf-on-ci/actions/signing-event@89d2dad3c8b626dde7a9e65b036ca35d11ab8b2a # v0.12.0
uses: theupdateframework/tuf-on-ci/actions/signing-event@27c49c016591c7cfea57f6b15296f714a5c4a5f6 # v0.13.0
with:
token: ${{ secrets.TUF_ON_CI_TOKEN || secrets.GITHUB_TOKEN }}
2 changes: 1 addition & 1 deletion .github/workflows/stable-snapshot-timestamp.yml
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ jobs:
env:
FORCE_SNAPSHOT: ${{ inputs.force_snapshot }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
- name: Determine whether to run a snapshot/timestamp
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/stable-timestamp.yml
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ jobs:
env:
FORCE_TIMESTAMP: ${{ inputs.force_timestamp }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
- name: Determine whether to create a timestamp
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/sync-ceremony-to-main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ jobs:
contents: 'write'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
ref: ${{ github.event.repository.default_branch }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/sync-main-to-preprod-and-prod.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,15 +42,15 @@ jobs:
permissions:
id-token: 'write'
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: './go.mod'
check-latest: true
# Setup OIDC->SA auth
- uses: google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2 # v2.1.4
- uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
id: auth
with:
token_format: 'access_token'
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/sync-main-to-preprod.yml
Original file line number Diff line number Diff line change
Expand Up @@ -36,15 +36,15 @@ jobs:
id-token: 'write'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: './go.mod'
check-latest: true
# Setup OIDC->SA auth
- uses: google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2 # v2.1.4
- uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
id: auth
with:
token_format: 'access_token'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/sync-preprod-to-prod.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:
id-token: 'write'
steps:
# Setup OIDC->SA auth
- uses: google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2 # v2.1.4
- uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
id: auth
with:
token_format: 'access_token'
Expand Down
Loading
Loading