Skip to content
This repository has been archived by the owner on Jun 25, 2024. It is now read-only.

Commit

Permalink
Merge pull request #42 from hashicorp/tsccr-auto-pinning/trusted/2023…
Browse files Browse the repository at this point in the history
…-09-13

SEC-090: Automated trusted workflow pinning (2023-09-13)
  • Loading branch information
NodyHub authored Sep 13, 2023
2 parents 928a0ad + bd1aa0f commit 1dc1322
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 11 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/actionlint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,6 @@ jobs:
actionlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
- name: "Check workflow files"
uses: docker://docker.mirror.hashicorp.services/rhysd/actionlint:latest
20 changes: 10 additions & 10 deletions .github/workflows/go-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@ jobs:
check-vendor:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v3.5.1
- uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # https://github.com/actions/setup-go/releases/tag/v3.5.0
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version-file: go.mod
- run: go mod tidy
Expand All @@ -20,13 +20,13 @@ jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
cache: true
cache-dependency-path: go.sum
go-version-file: go.mod
- uses: golangci/golangci-lint-action@v3.6.0
- uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0
with:
version: v1.50.0
args: --timeout 3m00s
Expand All @@ -37,8 +37,8 @@ jobs:
outputs:
go-version: ${{ steps.go-version.outputs.go-version }}
steps:
- uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v3.5.1
- uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # https://github.com/actions/setup-go/releases/tag/v3.5.0
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version-file: go.mod
- id: go-version
Expand All @@ -61,11 +61,11 @@ jobs:
GOTESTSUM_RELEASE: 1.8.2

steps:
- uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v3.5.1
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
- name: Start Services
run: |-
docker compose -f .github/services/go-tests/docker-compose.yml up --detach --no-color --wait
- uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version-file: './go.mod'
- name: Install gotestsum
Expand Down Expand Up @@ -96,7 +96,7 @@ jobs:
-tags="$GOTAGS" -p 2 \
-cover -coverprofile=coverage.txt \
"$PACKAGE_NAMES"
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: test-results
path: "/tmp/test-results"
Expand Down

0 comments on commit 1dc1322

Please # to comment.