diff --git a/.github/workflows/cleanup-registry.yml b/.github/workflows/cleanup-registry.yml index f0e0418c4..ad0567018 100644 --- a/.github/workflows/cleanup-registry.yml +++ b/.github/workflows/cleanup-registry.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Delete old versions - uses: snok/container-retention-policy@04c70fd030033036d69c0057e0d125bf25820544 # v2.1.2 + uses: snok/container-retention-policy@b56f4ff7539c1f94f01e5dc726671cd619aa8072 # v2.2.1 with: image-names: ${{ env.IMAGE_NAMES }} cut-off: 2 days ago UTC diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index 4323f4f01..313c6748f 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -131,14 +131,14 @@ jobs: ref: ${{ needs.merge.outputs.sha }} - name: Start deployment - uses: bobheadxi/deployments@88ce5600046c82542f8246ac287d0a53c461bca3 # v1.4.0 + uses: bobheadxi/deployments@648679e8e4915b27893bd7dbc35cb504dc915bc8 # v1.5.0 id: start_deployment with: step: start env: ${{ needs.metadata.outputs.stage }} - name: Deploy - uses: appleboy/ssh-action@55dabf81b49d4120609345970c91507e2d734799 # v1.0.0 + uses: appleboy/ssh-action@029f5b4aeeeb58fdfe1410a5d17f967dacf36262 # v1.0.3 env: STAGE: ${{ needs.metadata.outputs.stage }} with: @@ -160,7 +160,7 @@ jobs: docker-compose up -d - name: Finalize Sentry release - uses: getsentry/action-release@4744f6a65149f441c5f396d5b0877307c0db52c7 # v1.4.1 + uses: getsentry/action-release@e769183448303de84c5a06aaaddf9da7be26d6c7 # v1.7.0 env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ vars.SENTRY_ORG_NAME }} @@ -171,7 +171,7 @@ jobs: set_commits: skip - name: Finish deployment - uses: bobheadxi/deployments@88ce5600046c82542f8246ac287d0a53c461bca3 # v1.4.0 + uses: bobheadxi/deployments@648679e8e4915b27893bd7dbc35cb504dc915bc8 # v1.5.0 if: steps.start_deployment.conclusion == 'success' && always() with: step: finish @@ -199,7 +199,7 @@ jobs: done - name: Update Continuous Delivery check run - uses: guidojw/actions/update-check-run@870d7c8de5aeb08420bb88d8fbddb0222a9eac61 # v1.4.0 + uses: guidojw/actions/update-check-run@c9efd29142fa8dee171af69eb081fc24d703cfc1 # v1.4.5 with: app_id: ${{ vars.GH_APP_ID }} private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index cc889a3e9..ce0b207a7 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -27,7 +27,7 @@ jobs: echo '::add-matcher::.github/problem-matchers/tsc.json' - name: Build test image - uses: guidojw/actions/build-docker-image@870d7c8de5aeb08420bb88d8fbddb0222a9eac61 # v1.4.0 + uses: guidojw/actions/build-docker-image@c9efd29142fa8dee171af69eb081fc24d703cfc1 # v1.4.5 with: name: app @@ -51,7 +51,7 @@ jobs: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) 1.6.25 - name: Load test image - uses: guidojw/actions/load-docker-image@870d7c8de5aeb08420bb88d8fbddb0222a9eac61 # v1.4.0 + uses: guidojw/actions/load-docker-image@c9efd29142fa8dee171af69eb081fc24d703cfc1 # v1.4.5 with: name: app diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml index 1e4346d1a..adef4db9a 100644 --- a/.github/workflows/publish-image.yml +++ b/.github/workflows/publish-image.yml @@ -74,7 +74,7 @@ jobs: - name: Build and push image id: build_push_image - uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1 + uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 with: push: true context: . @@ -94,7 +94,7 @@ jobs: - name: Create Sentry release if: ${{ !(github.event_name == 'workflow_dispatch' && github.workflow == 'Publish Image') }} - uses: getsentry/action-release@4744f6a65149f441c5f396d5b0877307c0db52c7 # v1.4.1 + uses: getsentry/action-release@e769183448303de84c5a06aaaddf9da7be26d6c7 # v1.7.0 env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ vars.SENTRY_ORG_NAME }} @@ -125,7 +125,7 @@ jobs: done - name: Update Publish Image check run - uses: guidojw/actions/update-check-run@870d7c8de5aeb08420bb88d8fbddb0222a9eac61 # v1.4.0 + uses: guidojw/actions/update-check-run@c9efd29142fa8dee171af69eb081fc24d703cfc1 # v1.4.5 with: app_id: ${{ vars.GH_APP_ID }} private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}