Skip to content

Commit

Permalink
Merge pull request #54 from DuendeSoftware/dh/pinned-dependencies
Browse files Browse the repository at this point in the history 
Pin GHA dependencies
  • Loading branch information
@damianh
damianh authored Nov 19, 2024
2 parents 5211621 + 7192461 commit fcf2d13
Show file tree
Hide file tree
Showing 10 changed files with 35 additions and 35 deletions.
8 changes: 4 additions & 4 deletions .github/workflow-gen/Program.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,7 @@ git tag -a {component.TagPrefix}-{contexts.Event.Input.Version} -m ""Release v{c
.Environment("nuget.org", "");

publishJob.Step()
.Uses("actions/download-artifact@v4")
.Uses("actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16") // 4.1.8
.With(("name", "artifacts"), ("path", "artifacts"));

publishJob.StepSetupDotNet();
Expand Down Expand Up @@ -192,7 +192,7 @@ public static void EnvDefaults(this Workflow workflow)
public static void StepSetupDotNet(this Job job)
=> job.Step()
.Name("Setup .NET")
.ActionsSetupDotNet(["6.0.x", "8.0.x", "9.0.x"]);
.ActionsSetupDotNet("3e891b0cb619bf60e2c25674b222b8940e2c1c25", ["6.0.x", "8.0.x", "9.0.x"]); // v4.1.0

public static Step IfRefMain(this Step step)
=> step.If("github.ref == 'refs/heads/main'");
Expand All @@ -210,7 +210,7 @@ public static void StepTestAndReport(this Job job, string componentName, string

job.Step()
.Name($"Test report - {testProject}")
.Uses("dorny/test-reporter@v1")
.Uses("dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5") // v1.9.1
.If("success() || failure()")
.With(
("name", $"Test Report - {testProject}"),
Expand Down Expand Up @@ -278,7 +278,7 @@ public static void StepUploadArtifacts(this Job job, string componentName)
job.Step()
.Name("Upload Artifacts")
.IfRefMain()
.Uses("actions/upload-artifact@v4")
.Uses("actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882") // 4.4.3
.With(
("name", "artifacts"),
("path", path),
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/access-token-management-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
with:
fetch-depth: 0
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand All @@ -46,7 +46,7 @@ jobs:
run: dotnet test -c Release test/AccessTokenManagement.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
- name: Test report - AccessTokenManagement.Tests
if: success() || failure()
uses: dorny/test-reporter@v1
uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
with:
name: Test Report - AccessTokenManagement.Tests
path: access-token-management/test/AccessTokenManagement.Tests/TestResults/Tests.trx
Expand Down Expand Up @@ -82,7 +82,7 @@ jobs:
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Artifacts
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: artifacts
path: access-token-management/artifacts/*.nupkg
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/access-token-management-release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
with:
fetch-depth: 0
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand Down Expand Up @@ -70,7 +70,7 @@ jobs:
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Artifacts
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: artifacts
path: access-token-management/artifacts/*.nupkg
Expand All @@ -84,12 +84,12 @@ jobs:
environment:
name: nuget.org
steps:
- uses: actions/download-artifact@v4
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: artifacts
path: artifacts
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/codeql.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,14 +18,14 @@ jobs:
uses: actions/checkout@v4

- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # 3.27.4
with:
languages: csharp

- name: Auto build
uses: github/codeql-action/autobuild@v3
uses: github/codeql-action/autobuild@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # 3.27.4

- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # 3.27.4
with:
category: "/language:csharp"
6 changes: 3 additions & 3 deletions .github/workflows/identity-model-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
with:
fetch-depth: 0
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand All @@ -46,7 +46,7 @@ jobs:
run: dotnet test -c Release test/IdentityModel.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
- name: Test report - IdentityModel.Tests
if: success() || failure()
uses: dorny/test-reporter@v1
uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
with:
name: Test Report - IdentityModel.Tests
path: identity-model/test/IdentityModel.Tests/TestResults/Tests.trx
Expand Down Expand Up @@ -80,7 +80,7 @@ jobs:
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Artifacts
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: artifacts
path: identity-model/artifacts/*.nupkg
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/identity-model-oidc-client-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
with:
fetch-depth: 0
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand All @@ -46,7 +46,7 @@ jobs:
run: dotnet test -c Release test/IdentityModel.OidcClient.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
- name: Test report - IdentityModel.OidcClient.Tests
if: success() || failure()
uses: dorny/test-reporter@v1
uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
with:
name: Test Report - IdentityModel.OidcClient.Tests
path: identity-model-oidc-client/test/IdentityModel.OidcClient.Tests/TestResults/Tests.trx
Expand Down Expand Up @@ -82,7 +82,7 @@ jobs:
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Artifacts
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: artifacts
path: identity-model-oidc-client/artifacts/*.nupkg
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/identity-model-oidc-client-release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
with:
fetch-depth: 0
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand Down Expand Up @@ -70,7 +70,7 @@ jobs:
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Artifacts
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: artifacts
path: identity-model-oidc-client/artifacts/*.nupkg
Expand All @@ -84,12 +84,12 @@ jobs:
environment:
name: nuget.org
steps:
- uses: actions/download-artifact@v4
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: artifacts
path: artifacts
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/identity-model-release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
with:
fetch-depth: 0
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand Down Expand Up @@ -68,7 +68,7 @@ jobs:
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Artifacts
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: artifacts
path: identity-model/artifacts/*.nupkg
Expand All @@ -82,12 +82,12 @@ jobs:
environment:
name: nuget.org
steps:
- uses: actions/download-artifact@v4
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: artifacts
path: artifacts
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/ignore-this-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
with:
fetch-depth: 0
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand All @@ -46,7 +46,7 @@ jobs:
run: dotnet test -c Release test/IgnoreThis.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
- name: Test report - IgnoreThis.Tests
if: success() || failure()
uses: dorny/test-reporter@v1
uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
with:
name: Test Report - IgnoreThis.Tests
path: ignore-this/test/IgnoreThis.Tests/TestResults/Tests.trx
Expand Down Expand Up @@ -80,7 +80,7 @@ jobs:
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Artifacts
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: artifacts
path: ignore-this/artifacts/*.nupkg
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/ignore-this-release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
with:
fetch-depth: 0
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand Down Expand Up @@ -68,7 +68,7 @@ jobs:
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Artifacts
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: artifacts
path: ignore-this/artifacts/*.nupkg
Expand All @@ -82,12 +82,12 @@ jobs:
environment:
name: nuget.org
steps:
- uses: actions/download-artifact@v4
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: artifacts
path: artifacts
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
with:
dotnet-version: |-
6.0.x
Expand Down

0 comments on commit fcf2d13

Please sign in to comment.