diff --git a/.github/workflows/benchmark.yaml b/.github/workflows/benchmark.yaml index f7e0f11a7..d13dadc9a 100644 --- a/.github/workflows/benchmark.yaml +++ b/.github/workflows/benchmark.yaml @@ -20,14 +20,14 @@ jobs: platform: [ubuntu-latest] runs-on: ${{ matrix.platform }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed with: go-version: ${{ matrix.go-version }} cache: false - - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version: ${{ matrix.node-version }} cache: yarn diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 800e0873b..27376fd6e 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -36,7 +36,7 @@ jobs: build-mode: none steps: - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/docker-main.yaml b/.github/workflows/docker-main.yaml index 8e4115b1d..abbe3fe83 100644 --- a/.github/workflows/docker-main.yaml +++ b/.github/workflows/docker-main.yaml @@ -15,13 +15,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Set up QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf - name: Set up Docker Buildx - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 - name: Login to DockerHub uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 @@ -75,7 +75,7 @@ jobs: needs: publish steps: - name: Checkout Gitops Repo - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: repository: pomerium/gitops-argocd token: ${{ secrets.APPARITOR_GITHUB_TOKEN }} diff --git a/.github/workflows/docker-version-branches.yaml b/.github/workflows/docker-version-branches.yaml index 315be5656..367eabaa1 100644 --- a/.github/workflows/docker-version-branches.yaml +++ b/.github/workflows/docker-version-branches.yaml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Docker meta id: meta @@ -29,7 +29,7 @@ jobs: uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf - name: Set up Docker Buildx - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 - name: Login to DockerHub uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 5ede286f2..b5ac502a2 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -11,16 +11,16 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed with: go-version: 1.23.x cache: false - run: make deps-build - - uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 + - uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 with: version: v1.60.1 args: --timeout=10m diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 80837fbed..9ab476bae 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -20,18 +20,18 @@ jobs: tag: ${{ steps.tagName.outputs.tag }} steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Unshallow run: git fetch --prune --unshallow - name: Set up Node.js - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version: 16.x - name: Set up Go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed with: go-version: 1.23.x cache: false @@ -45,13 +45,13 @@ jobs: password: ${{ secrets.DOCKERHUB_TOKEN }} - name: gcloud authenticate - uses: google-github-actions/auth@62cf5bd3e4211a0a0b51f2c6d6a37129d828611d + uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f with: project_id: ${{ secrets.GCP_PRODUCTION_PROJECT_ID }} credentials_json: ${{ secrets.GCP_SERVICE_ACCOUNT }} - name: gcloud sdk - uses: google-github-actions/setup-gcloud@f0990588f1e5b5af6827153b93673613abdc6ec7 + uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a - name: Gcloud login run: gcloud auth configure-docker @@ -121,7 +121,7 @@ jobs: needs: goreleaser steps: - name: Checkout Gitops Repo - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: repository: pomerium/gitops-argocd token: ${{ secrets.APPARITOR_GITHUB_TOKEN }} diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 4aa691c1c..0b85bb3ae 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -19,14 +19,14 @@ jobs: authenticate-flow: [stateful, stateless] runs-on: ${{ matrix.platform }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed with: go-version: ${{ matrix.go-version }} cache: false - - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version: ${{ matrix.node-version }} cache: yarn @@ -58,13 +58,13 @@ jobs: platform: [ubuntu-latest, macos-latest] runs-on: ${{ matrix.platform }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed with: go-version: ${{ matrix.go-version }} - - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version: ${{ matrix.node-version }} cache: yarn @@ -76,7 +76,7 @@ jobs: make build - name: save binary - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 with: path: bin/pomerium* name: pomerium ${{ github.run_id }} ${{ matrix.platform }} @@ -85,7 +85,7 @@ jobs: - name: test run: make cover - - uses: jandelgado/gcov2lcov-action@c680c0f7c7442485f1749eb2a13e54a686e76eb5 + - uses: jandelgado/gcov2lcov-action@4e1989767862652e6ca8d3e2e61aabe6d43be28b if: matrix.platform == 'ubuntu-latest' name: convert coverage to lcov with: @@ -93,7 +93,7 @@ jobs: outfile: coverage.lcov - name: upload to coveralls - uses: coverallsapp/github-action@643bc377ffa44ace6394b2b5d0d3950076de9f63 + uses: coverallsapp/github-action@cfd0633edbd2411b532b808ba7a8b5e04f76d2c8 if: matrix.platform == 'ubuntu-latest' with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -102,10 +102,10 @@ jobs: build-docker: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 - name: Docker Build uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 @@ -120,16 +120,16 @@ jobs: runs-on: ubuntu-latest if: github.event_name == 'pull_request' steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: fetch-depth: 0 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed with: go-version: 1.23.x cache: false - - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 + - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b with: python-version: "3.x" @@ -145,5 +145,5 @@ jobs: runs-on: ubuntu-latest if: github.event_name == 'pull_request' steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - run: ./scripts/check-docker-images