Skip to content

Commit 8ef606e

Browse files
Abhishek ValabojuAbhishek Valaboju
Abhishek Valaboju
authored and
Abhishek Valaboju
committed
Pin GH Actions to commit sha
1 parent 304102a commit 8ef606e

3 files changed

Lines changed: 5 additions & 5 deletions

File tree

.github/workflows/fossa.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,13 +20,13 @@ jobs:
2020
# The FOSSA token is shared between all repos in Rancher's GH org. It can be
2121
# used directly and there is no need to request specific access to EIO.
2222
- name: Read FOSSA token
23-
uses: rancher-eio/read-vault-secrets@main
23+
uses: rancher-eio/read-vault-secrets@0da85151ad1f19ed7986c41587e45aac1ace74b6 # v3
2424
with:
2525
secrets: |
2626
secret/data/github/org/rancher/fossa/push token | FOSSA_API_KEY_PUSH_ONLY
2727
2828
- name: FOSSA scan
29-
uses: fossas/fossa-action@main
29+
uses: fossas/fossa-action@c414b9ad82eaad041e47a7cf62a4f02411f427a0 # v1.8.0
3030
with:
3131
api-key: ${{ env.FOSSA_API_KEY_PUSH_ONLY }}
3232
# Only runs the scan and do not provide/returns any results back to the

.github/workflows/release.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ jobs:
3737
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
3838

3939
- name: Load Secrets from Vault
40-
uses: rancher-eio/read-vault-secrets@main
40+
uses: rancher-eio/read-vault-secrets@0da85151ad1f19ed7986c41587e45aac1ace74b6 # v3
4141
with:
4242
secrets: |
4343
secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials username | DOCKER_USERNAME ;
@@ -47,7 +47,7 @@ jobs:
4747
secret/data/github/repo/${{ github.repository }}/rancher-prime-registry/credentials password | PRIME_REGISTRY_PASSWORD
4848
4949
- name: Publish manifest
50-
uses: rancher/ecm-distro-tools/actions/publish-image@master
50+
uses: rancher/ecm-distro-tools/actions/publish-image@575bb831c67edd950bfedb59d41dd127bd0005d6 # v0.65.2
5151
with:
5252
image: cis-operator
5353
tag: ${{ github.ref_name }}${{ matrix.tag-suffix }}

.github/workflows/renovate-vault.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ permissions:
4141

4242
jobs:
4343
call-workflow:
44-
uses: rancher/renovate-config/.github/workflows/renovate-vault.yml@release
44+
uses: rancher/renovate-config/.github/workflows/renovate-vault.yml@c88cbe41a49d02648b9bf83aa5a64902151323fa # release
4545
with:
4646
configMigration: ${{ inputs.configMigration || 'true' }}
4747
logLevel: ${{ inputs.logLevel || 'info' }}

0 commit comments

Comments
 (0)