From 1752156ad3c84e4392a890d000d16dd062e760f4 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 26 Jul 2023 07:37:26 +0000 Subject: [PATCH] chore(deps): pin dependencies --- .github/workflows/airgap-test.yml | 4 +-- .github/workflows/build.yml | 36 +++++++++---------- .github/workflows/cargo-file-checks.yml | 2 +- .github/workflows/fossa.yml | 4 +-- .github/workflows/release-drafter.yml | 2 +- .github/workflows/release.yml | 10 +++--- .github/workflows/security-audit-cron.yml | 4 +-- .github/workflows/security-audit-reactive.yml | 4 +-- .github/workflows/source-code-checks.yml | 18 +++++----- .github/workflows/tests.yml | 12 +++---- 10 files changed, 48 insertions(+), 48 deletions(-) diff --git a/.github/workflows/airgap-test.yml b/.github/workflows/airgap-test.yml index c9400c54..b8a63055 100644 --- a/.github/workflows/airgap-test.yml +++ b/.github/workflows/airgap-test.yml @@ -11,7 +11,7 @@ jobs: name: Test Suite runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.5.0 + - uses: actions/checkout@e2f20e631ae6d7dd3b768f56a5d2af784dd54791 # v2.5.0 - name: Run registry run: | export CONTAINER_ID=$(docker run -d -p 5000:5000 --name registry registry:2) @@ -40,5 +40,5 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 - run: shellcheck $(find scripts/ -name '*.sh') \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index cb3f84db..71bac9d4 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -61,13 +61,13 @@ jobs: # update the spec file to ensure that. sudo sed -i "s/-dynamic-linker.*/-no-dynamic-linker -nostdlib %{shared:-shared} %{static:-static} %{rdynamic:-no-export-dynamic}/g" /usr/lib/${{ matrix.targetarch }}-linux-musl/musl-gcc.specs - - uses: sigstore/cosign-installer@v3 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3 - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Setup rust toolchain - uses: actions-rs/toolchain@v1 + uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1 with: toolchain: stable @@ -88,13 +88,13 @@ jobs: - run: zip -j9 kwctl-linux-${{ matrix.targetarch }}.zip kwctl-linux-${{ matrix.targetarch }} kwctl-linux-${{ matrix.targetarch }}.sig kwctl-linux-${{ matrix.targetarch }}.pem - name: Upload binary - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2 with: name: kwctl-linux-${{ matrix.targetarch }} path: kwctl-linux-${{ matrix.targetarch }}.zip - name: Install SBOM generator tool - uses: kubewarden/github-actions/sbom-generator-installer@v2 + uses: kubewarden/github-actions/sbom-generator-installer@d849020c9137340c2373d1cbc9cc571b2b18c17e # v2 - name: Generate SBOM run: | @@ -110,7 +110,7 @@ jobs: kwctl-linux-${{ matrix.targetarch }}-sbom.spdx.json - name: Upload kwctl SBOM files - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2 with: name: kwctl-linux-${{ matrix.targetarch }}-sbom path: | @@ -119,7 +119,7 @@ jobs: kwctl-linux-${{ matrix.targetarch }}-sbom.spdx.sig - name: Upload kwctl air gap scripts - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2 with: name: kwctl-airgap-scripts path: | @@ -135,12 +135,12 @@ jobs: permissions: id-token: write steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - - uses: sigstore/cosign-installer@v3 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3 - name: Setup rust toolchain - uses: actions-rs/toolchain@v1 + uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1 with: toolchain: stable target: ${{ matrix.targetarch }}-apple-darwin @@ -159,13 +159,13 @@ jobs: - run: zip -j9 kwctl-darwin-${{ matrix.targetarch }}.zip kwctl-darwin-${{ matrix.targetarch }} kwctl-darwin-${{ matrix.targetarch }}.sig kwctl-darwin-${{ matrix.targetarch }}.pem - name: Upload binary - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2 with: name: kwctl-darwin-${{ matrix.targetarch }} path: kwctl-darwin-${{ matrix.targetarch }}.zip - name: Install SBOM generator tool - uses: kubewarden/github-actions/sbom-generator-installer@v2 + uses: kubewarden/github-actions/sbom-generator-installer@d849020c9137340c2373d1cbc9cc571b2b18c17e # v2 with: sbom-generator-arch: darwin-amd64 @@ -183,7 +183,7 @@ jobs: kwctl-darwin-${{ matrix.targetarch }}-sbom.spdx.json - name: Upload kwctl SBOM files - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2 with: name: kwctl-darwin-${{ matrix.targetarch }}-sbom path: | @@ -197,12 +197,12 @@ jobs: permissions: id-token: write steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - - uses: sigstore/cosign-installer@v3 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3 - name: Setup rust toolchain - uses: actions-rs/toolchain@v1 + uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1 with: toolchain: stable - run: rustup target add x86_64-pc-windows-msvc @@ -220,7 +220,7 @@ jobs: shell: bash - name: Upload binary - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2 with: name: kwctl-windows-x86_64 path: kwctl-windows-x86_64.exe.zip @@ -242,7 +242,7 @@ jobs: cosign sign-blob --yes --output-certificate kwctl-windows-x86_64-sbom.spdx.cert --output-signature kwctl-windows-x86_64-sbom.spdx.sig kwctl-windows-x86_64-sbom.spdx.json - name: Upload kwctl SBOM files - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2 with: name: kwctl-windows-x86_64-sbom path: | diff --git a/.github/workflows/cargo-file-checks.yml b/.github/workflows/cargo-file-checks.yml index d59215bf..4fdc3558 100644 --- a/.github/workflows/cargo-file-checks.yml +++ b/.github/workflows/cargo-file-checks.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Download source code - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Check cargo file version run: | CARGO_VERSION=$(sed -n 's,^version = \"\(.*\)\",\1,p' Cargo.toml) diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml index f4570af5..2a3a8057 100644 --- a/.github/workflows/fossa.yml +++ b/.github/workflows/fossa.yml @@ -13,7 +13,7 @@ jobs: fossa-scan: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: fossas/fossa-action@v1.3.1 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: fossas/fossa-action@f61a4c0c263690f2ddb54b9822a719c25a7b608f # v1.3.1 with: api-key: ${{secrets.FOSSA_API_TOKEN}} diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 2621aa82..e1511655 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-latest steps: # Drafts your next Release notes as Pull Requests are merged into "master" - - uses: release-drafter/release-drafter@v5 + - uses: release-drafter/release-drafter@65c5fb495d1e69aa8c08a3317bc44ff8aabe9772 # v5 # (Optional) specify config name to use, relative to .github/. Default: release-drafter.yml # with: # config-name: my-config.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8e299222..fba8f878 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,14 +21,14 @@ jobs: steps: - name: Download all artifact id: download - uses: actions/download-artifact@v2 + uses: actions/download-artifact@cbed621e49e4c01b044d60f6c80ea4ed6328b281 # v2 - name: Retrieve tag name run: | echo TAG_NAME=$(echo ${{ github.ref }} | sed -e "s|refs/tags/||") >> $GITHUB_ENV - name: Get release ID from the release created by release drafter - uses: actions/github-script@v6 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6 with: script: | let releases = await github.rest.repos.listReleases({ @@ -45,7 +45,7 @@ jobs: core.setFailed(`Draft release not found`) - name: Upload release assets - uses: actions/github-script@v6 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6 env: DOWNLOAD_PATH: "${{steps.download.outputs.download-path}}" with: @@ -77,7 +77,7 @@ jobs: - name: Get previous release tag id: get_previous_release_tag - uses: actions/github-script@v6 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6 with: script: | let release = await github.rest.repos.getLatestRelease({ @@ -92,7 +92,7 @@ jobs: core.setFailed("Cannot find latest release") - name: Publish release - uses: actions/github-script@v6 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6 with: script: | const {RELEASE_ID} = process.env diff --git a/.github/workflows/security-audit-cron.yml b/.github/workflows/security-audit-cron.yml index d3f63038..676414bd 100644 --- a/.github/workflows/security-audit-cron.yml +++ b/.github/workflows/security-audit-cron.yml @@ -10,7 +10,7 @@ jobs: audit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 - - uses: actions-rs/audit-check@v1 + - uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1 + - uses: actions-rs/audit-check@35b7b53b1e25b55642157ac01b4adceb5b9ebef3 # v1 with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/security-audit-reactive.yml b/.github/workflows/security-audit-reactive.yml index 1f2fba3a..ceb980da 100644 --- a/.github/workflows/security-audit-reactive.yml +++ b/.github/workflows/security-audit-reactive.yml @@ -12,7 +12,7 @@ jobs: security_audit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 - - uses: actions-rs/audit-check@v1 + - uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1 + - uses: actions-rs/audit-check@35b7b53b1e25b55642157ac01b4adceb5b9ebef3 # v1 with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/source-code-checks.yml b/.github/workflows/source-code-checks.yml index 8baef0a1..22add8fe 100644 --- a/.github/workflows/source-code-checks.yml +++ b/.github/workflows/source-code-checks.yml @@ -11,27 +11,27 @@ jobs: name: Check runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions-rs/toolchain@v1 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 + - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1 with: profile: minimal toolchain: stable override: true - - uses: actions-rs/cargo@v1 + - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1 with: command: check fmt: name: Rustfmt runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions-rs/toolchain@v1 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 + - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1 with: profile: minimal toolchain: stable override: true - run: rustup component add rustfmt - - uses: actions-rs/cargo@v1 + - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1 with: command: fmt args: --all -- --check @@ -39,14 +39,14 @@ jobs: name: Clippy runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions-rs/toolchain@v1 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 + - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1 with: profile: minimal toolchain: stable override: true - run: rustup component add clippy - - uses: actions-rs/cargo@v1 + - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1 with: command: clippy args: -- -D warnings diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 7b31ed51..8a00a0df 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -11,13 +11,13 @@ jobs: name: Test suite runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions-rs/toolchain@v1 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 + - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1 with: profile: minimal toolchain: stable override: true - - uses: actions-rs/cargo@v1 + - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1 with: command: test args: --workspace @@ -25,14 +25,14 @@ jobs: name: E2E tests runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Setup BATS - uses: mig4/setup-bats@v1 + uses: mig4/setup-bats@af9a00deb21b5d795cabfeaa8d9060410377686d # v1 with: bats-version: 1.5.0 - - uses: sigstore/cosign-installer@v3 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3 - name: run e2e tests run: make e2e-test