diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 05c4e7fb..d99c7aa6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,12 +13,12 @@ jobs: main: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 with: # We need to fetch all branches and commits so that Nx affected has a base to compare against. fetch-depth: 0 - - uses: nrwl/nx-set-shas@v4 - - uses: actions/setup-node@v4 + - uses: nrwl/nx-set-shas@40f1175ceec169e68c9857c27aa7c5063692aa9a # v4 + - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4 with: node-version: 18 cache: 'npm' diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index d2c42161..36f1191c 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -12,6 +12,6 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@v5 + - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 98e9e8d2..4a0d922d 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest # Release-please creates a PR that tracks all changes steps: - - uses: google-github-actions/release-please-action@v3 + - uses: google-github-actions/release-please-action@db8f2c60ee802b3748b512940dde88eabd7b7e01 # v3 id: release with: command: manifest @@ -29,12 +29,12 @@ jobs: if: ${{ needs.release-please.outputs.release_created }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 with: ref: ${{ needs.release-please.outputs.release_tag_name }} - name: Log in to the Container registry - uses: docker/login-action@v2 + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -42,7 +42,7 @@ jobs: - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@818d4b7b91585d195f67373fd9cb0332e31a7175 # v4 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} @@ -51,15 +51,15 @@ jobs: run: echo "::set-output name=date::$(date +'%Y-%m-%d')" - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3 with: platforms: linux/amd64,linux/arm64 - name: Build App Container - uses: docker/build-push-action@v4 + uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4 with: context: . file: ./packages/app/Dockerfile @@ -76,7 +76,7 @@ jobs: DATE=${{ steps.date.outputs.date }} - name: Build Fibonacci Service Container - uses: docker/build-push-action@v4 + uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4 with: context: . file: ./packages/fibonacci-service/Dockerfile