From e8f0bdee5a33b17ceb9723a50258f4a11a6db0ac Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 23 Oct 2023 10:54:08 -0400 Subject: [PATCH] chore(deps): pin dependencies (#105) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/build-deploy.yml | 34 +++++++++++++++--------------- .github/workflows/security.yml | 2 +- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 5941156..ac987ce 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -35,15 +35,15 @@ jobs: name: ${{ needs.get-environment.outputs.environment }} steps: - name: Git clone the repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2 with: install: true - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} role-session-name: github-actions-store-public-ecr @@ -51,12 +51,12 @@ jobs: - name: Login to public Amazon ECR id: login-ecr-public - uses: aws-actions/amazon-ecr-login@v1 + uses: aws-actions/amazon-ecr-login@2fc7aceee09e9e4a7105c0d060c656fad0b4f63d # v1 with: registry-type: public - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} role-session-name: github-actions-store-build-push @@ -64,7 +64,7 @@ jobs: - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 + uses: aws-actions/amazon-ecr-login@2fc7aceee09e9e4a7105c0d060c656fad0b4f63d # v1 - name: Build, tag, and push image to Amazon ECR id: build-image @@ -88,14 +88,14 @@ jobs: - name: Fill in the new image ID in the Amazon ECS task definition id: task-def - uses: aws-actions/amazon-ecs-render-task-definition@v1 + uses: aws-actions/amazon-ecs-render-task-definition@61b0c00c3743b70987a73a1faf577f0d167d1574 # v1 with: task-definition: task-definition.json container-name: store image: ${{ steps.build-image.outputs.image }} - name: Deploy Amazon ECS task definition - uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + uses: aws-actions/amazon-ecs-deploy-task-definition@df9643053eda01f169e64a0e60233aacca83799a # v1 with: task-definition: ${{ steps.task-def.outputs.task-definition }} service: store @@ -109,15 +109,15 @@ jobs: name: ${{ needs.get-environment.outputs.environment }} steps: - name: Git clone the repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2 with: install: true - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} role-session-name: github-actions-store-public-ecr @@ -125,12 +125,12 @@ jobs: - name: Login to public Amazon ECR id: login-ecr-public - uses: aws-actions/amazon-ecr-login@v1 + uses: aws-actions/amazon-ecr-login@2fc7aceee09e9e4a7105c0d060c656fad0b4f63d # v1 with: registry-type: public - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} role-session-name: github-actions-store-build-push @@ -138,7 +138,7 @@ jobs: - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 + uses: aws-actions/amazon-ecr-login@2fc7aceee09e9e4a7105c0d060c656fad0b4f63d # v1 - name: Build, tag, and push image to Amazon ECR id: build-image @@ -161,14 +161,14 @@ jobs: - name: Fill in the new image ID in the Amazon ECS task definition id: task-def - uses: aws-actions/amazon-ecs-render-task-definition@v1 + uses: aws-actions/amazon-ecs-render-task-definition@61b0c00c3743b70987a73a1faf577f0d167d1574 # v1 with: task-definition: task-definition.json container-name: store-backend image: ${{ steps.build-image.outputs.image }} - name: Register Amazon ECS task definition for DB migration - uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + uses: aws-actions/amazon-ecs-deploy-task-definition@df9643053eda01f169e64a0e60233aacca83799a # v1 with: task-definition: ${{ steps.task-def.outputs.task-definition }} @@ -184,7 +184,7 @@ jobs: exit $terminated_status - name: Deploy Amazon ECS task definition - uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + uses: aws-actions/amazon-ecs-deploy-task-definition@df9643053eda01f169e64a0e60233aacca83799a # v1 with: task-definition: ${{ steps.task-def.outputs.task-definition }} service: store-backend diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index c180ed3..d52b119 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -17,7 +17,7 @@ jobs: matrix: language: [ 'generic', 'javascript' ] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: fetch-depth: 0 - uses: brave/security-action@main