From 8422a6a6741bd4d1fc6bce9fe63583ed6a575607 Mon Sep 17 00:00:00 2001 From: daz Date: Thu, 14 Nov 2024 11:41:16 -0700 Subject: [PATCH 1/7] Avoid running workflow on forks --- .github/workflows/ci-update-dist.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci-update-dist.yml b/.github/workflows/ci-update-dist.yml index 80c20f3..05d9b2c 100644 --- a/.github/workflows/ci-update-dist.yml +++ b/.github/workflows/ci-update-dist.yml @@ -14,6 +14,9 @@ permissions: jobs: update-dist: + # Only run for the Gradle repository; otherwise when users create pull requests from their `main` branch + # it would erroneously update `dist` on their branch (and the pull request) + if: github.repository == 'gradle/actions' permissions: contents: write runs-on: ubuntu-latest @@ -45,9 +48,6 @@ jobs: # Important: The push event will not trigger any other workflows, see # https://github.com/stefanzweifel/git-auto-commit-action?tab=readme-ov-file#commits-made-by-this-action-do-not-trigger-new-workflow-runs - name: Commit & push changes - # Only run for the Gradle repository; otherwise when users create pull requests from their `main` branch - # it would erroneously update `dist` on their branch (and the pull request) - if: github.repository == 'gradle/actions' uses: stefanzweifel/git-auto-commit-action@v5 with: commit_message: '[bot] Update dist directory' From d0efa7b0e710fcf06320f076c779166abd964a20 Mon Sep 17 00:00:00 2001 From: daz Date: Thu, 14 Nov 2024 12:03:24 -0700 Subject: [PATCH 2/7] Avoid duplicate actions/setup-java --- .../integ-test-build-scan-publish.yml | 5 --- .../integ-test-inject-develocity.yml | 20 ----------- ...integ-test-restore-configuration-cache.yml | 35 ------------------- 3 files changed, 60 deletions(-) diff --git a/.github/workflows/integ-test-build-scan-publish.yml b/.github/workflows/integ-test-build-scan-publish.yml index 5afe83e..64db85a 100644 --- a/.github/workflows/integ-test-build-scan-publish.yml +++ b/.github/workflows/integ-test-build-scan-publish.yml @@ -34,11 +34,6 @@ jobs: - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: 11 - name: Setup Gradle id: setup-gradle uses: ./setup-gradle diff --git a/.github/workflows/integ-test-inject-develocity.yml b/.github/workflows/integ-test-inject-develocity.yml index 4c0d47a..6c7ac26 100644 --- a/.github/workflows/integ-test-inject-develocity.yml +++ b/.github/workflows/integ-test-inject-develocity.yml @@ -50,11 +50,6 @@ jobs: - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: 11 - name: Setup Gradle id: setup-gradle uses: ./setup-gradle @@ -94,11 +89,6 @@ jobs: uses: actions/checkout@v4 - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: 8 - name: Setup Gradle id: setup-gradle uses: ./setup-gradle @@ -144,11 +134,6 @@ jobs: - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: 8 - name: Setup Gradle id: setup-gradle uses: ./setup-gradle @@ -179,11 +164,6 @@ jobs: uses: actions/checkout@v4 - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: 8 - name: Setup Gradle id: setup-gradle uses: ./setup-gradle diff --git a/.github/workflows/integ-test-restore-configuration-cache.yml b/.github/workflows/integ-test-restore-configuration-cache.yml index ad02016..666a7b3 100644 --- a/.github/workflows/integ-test-restore-configuration-cache.yml +++ b/.github/workflows/integ-test-restore-configuration-cache.yml @@ -39,11 +39,6 @@ jobs: - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java to ensure consistency - uses: actions/setup-java@v4 - with: - distribution: 'liberica' - java-version: 17 - name: Setup Gradle uses: ./setup-gradle with: @@ -72,11 +67,6 @@ jobs: - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java to ensure consistency - uses: actions/setup-java@v4 - with: - distribution: 'liberica' - java-version: 17 - name: Setup Gradle uses: ./setup-gradle with: @@ -114,11 +104,6 @@ jobs: - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java to ensure consistency - uses: actions/setup-java@v4 - with: - distribution: 'liberica' - java-version: 17 - name: Setup Gradle uses: ./setup-gradle with: @@ -155,11 +140,6 @@ jobs: - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java to ensure consistency - uses: actions/setup-java@v4 - with: - distribution: 'liberica' - java-version: 17 - name: Setup Gradle with no extracted cache entries restored uses: ./setup-gradle env: @@ -187,11 +167,6 @@ jobs: - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java to ensure consistency - uses: actions/setup-java@v4 - with: - distribution: 'liberica' - java-version: 17 - name: Setup Gradle uses: ./setup-gradle with: @@ -220,11 +195,6 @@ jobs: - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java to ensure consistency - uses: actions/setup-java@v4 - with: - distribution: 'liberica' - java-version: 17 - name: Setup Gradle uses: ./setup-gradle with: @@ -253,11 +223,6 @@ jobs: - name: Initialize integ-test uses: ./.github/actions/init-integ-test - - name: Setup Java to ensure consistency - uses: actions/setup-java@v4 - with: - distribution: 'liberica' - java-version: 17 - name: Setup Gradle uses: ./setup-gradle with: From d30cc9ecf2bdbb78312abaf1746ad4e5190b4a38 Mon Sep 17 00:00:00 2001 From: daz Date: Thu, 14 Nov 2024 12:19:48 -0700 Subject: [PATCH 3/7] Pin actions/checkout@v4 --- .github/workflows/ci-check-and-unit-test.yml | 2 +- .github/workflows/ci-check-no-dist-update.yml | 2 +- .github/workflows/ci-codeql.yml | 2 +- .github/workflows/ci-init-script-check.yml | 2 +- .github/workflows/ci-integ-test.yml | 2 +- .github/workflows/ci-update-dist.yml | 2 +- .github/workflows/ci-validate-wrappers.yml | 2 +- .github/workflows/demo-job-summary.yml | 10 +++---- .../workflows/demo-pr-build-scan-comment.yml | 8 +++--- .../integ-test-build-scan-publish.yml | 2 +- .../workflows/integ-test-cache-cleanup.yml | 6 ++--- .../workflows/integ-test-caching-config.yml | 12 ++++----- .../workflows/integ-test-dependency-graph.yml | 10 +++---- ...eg-test-dependency-submission-failures.yml | 6 ++--- .../integ-test-dependency-submission.yml | 26 +++++++++---------- .../integ-test-detect-toolchains.yml | 4 +-- .../integ-test-inject-develocity.yml | 8 +++--- .../integ-test-provision-gradle-versions.yml | 4 +-- ...integ-test-restore-configuration-cache.yml | 14 +++++----- ...test-restore-containerized-gradle-home.yml | 4 +-- .../integ-test-restore-custom-gradle-home.yml | 6 ++--- .../integ-test-restore-gradle-home.yml | 10 +++---- .../integ-test-restore-java-toolchain.yml | 4 +-- .../integ-test-sample-gradle-plugin.yml | 4 +-- .../integ-test-sample-kotlin-dsl.yml | 4 +-- .../integ-test-wrapper-validation.yml | 10 +++---- .github/workflows/update-checksums-file.yml | 2 +- 27 files changed, 84 insertions(+), 84 deletions(-) diff --git a/.github/workflows/ci-check-and-unit-test.yml b/.github/workflows/ci-check-and-unit-test.yml index fdea756..2d59218 100644 --- a/.github/workflows/ci-check-and-unit-test.yml +++ b/.github/workflows/ci-check-and-unit-test.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: actions/setup-node@v4 with: node-version: 20 diff --git a/.github/workflows/ci-check-no-dist-update.yml b/.github/workflows/ci-check-no-dist-update.yml index 5704984..a7048d4 100644 --- a/.github/workflows/ci-check-no-dist-update.yml +++ b/.github/workflows/ci-check-no-dist-update.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/ci-codeql.yml b/.github/workflows/ci-codeql.yml index e0c9814..f810429 100644 --- a/.github/workflows/ci-codeql.yml +++ b/.github/workflows/ci-codeql.yml @@ -35,7 +35,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/ci-init-script-check.yml b/.github/workflows/ci-init-script-check.yml index bd2dd1a..d26028f 100644 --- a/.github/workflows/ci-init-script-check.yml +++ b/.github/workflows/ci-init-script-check.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Java uses: actions/setup-java@v4 with: diff --git a/.github/workflows/ci-integ-test.yml b/.github/workflows/ci-integ-test.yml index 4a5cc31..df7129a 100644 --- a/.github/workflows/ci-integ-test.yml +++ b/.github/workflows/ci-integ-test.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Build and upload distribution if: ${{ needs.determine-suite.outputs.suite != 'full' }} uses: ./.github/actions/build-dist diff --git a/.github/workflows/ci-update-dist.yml b/.github/workflows/ci-update-dist.yml index 05d9b2c..d4fcca6 100644 --- a/.github/workflows/ci-update-dist.yml +++ b/.github/workflows/ci-update-dist.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: token: ${{ secrets.BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/ci-validate-wrappers.yml b/.github/workflows/ci-validate-wrappers.yml index ba24392..b82fb3b 100644 --- a/.github/workflows/ci-validate-wrappers.yml +++ b/.github/workflows/ci-validate-wrappers.yml @@ -11,7 +11,7 @@ jobs: validation: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: gradle/actions/wrapper-validation@v4 with: allow-checksums: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 diff --git a/.github/workflows/demo-job-summary.yml b/.github/workflows/demo-job-summary.yml index 14bdd3e..0c3e005 100644 --- a/.github/workflows/demo-job-summary.yml +++ b/.github/workflows/demo-job-summary.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Build and upload distribution uses: ./.github/actions/build-dist @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -62,7 +62,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -82,7 +82,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -103,7 +103,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/demo-pr-build-scan-comment.yml b/.github/workflows/demo-pr-build-scan-comment.yml index c9c230f..a0506dd 100644 --- a/.github/workflows/demo-pr-build-scan-comment.yml +++ b/.github/workflows/demo-pr-build-scan-comment.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Build and upload distribution uses: ./.github/actions/build-dist @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -42,7 +42,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -62,7 +62,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-build-scan-publish.yml b/.github/workflows/integ-test-build-scan-publish.yml index 64db85a..3fa471a 100644 --- a/.github/workflows/integ-test-build-scan-publish.yml +++ b/.github/workflows/integ-test-build-scan-publish.yml @@ -30,7 +30,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-cache-cleanup.yml b/.github/workflows/integ-test-cache-cleanup.yml index 40790e4..6adee5c 100644 --- a/.github/workflows/integ-test-cache-cleanup.yml +++ b/.github/workflows/integ-test-cache-cleanup.yml @@ -31,7 +31,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -54,7 +54,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -77,7 +77,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-caching-config.yml b/.github/workflows/integ-test-caching-config.yml index 09c5c5b..7cb0199 100644 --- a/.github/workflows/integ-test-caching-config.yml +++ b/.github/workflows/integ-test-caching-config.yml @@ -30,7 +30,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -61,7 +61,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -90,7 +90,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -114,7 +114,7 @@ jobs: runs-on: ubuntu-latest # This test only runs on Ubuntu steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -145,7 +145,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -169,7 +169,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-dependency-graph.yml b/.github/workflows/integ-test-dependency-graph.yml index 8a4aad4..e08d385 100644 --- a/.github/workflows/integ-test-dependency-graph.yml +++ b/.github/workflows/integ-test-dependency-graph.yml @@ -26,7 +26,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -45,7 +45,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -62,7 +62,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -80,7 +80,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -123,7 +123,7 @@ jobs: runs-on: ubuntu-latest # Test is not compatible with Windows steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-dependency-submission-failures.yml b/.github/workflows/integ-test-dependency-submission-failures.yml index 84d9a60..49ff863 100644 --- a/.github/workflows/integ-test-dependency-submission-failures.yml +++ b/.github/workflows/integ-test-dependency-submission-failures.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -55,7 +55,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -86,7 +86,7 @@ jobs: contents: read steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-dependency-submission.yml b/.github/workflows/integ-test-dependency-submission.yml index 4fbb992..557a2ca 100644 --- a/.github/workflows/integ-test-dependency-submission.yml +++ b/.github/workflows/integ-test-dependency-submission.yml @@ -33,7 +33,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -58,7 +58,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -82,7 +82,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -104,7 +104,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -124,7 +124,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -172,7 +172,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -193,7 +193,7 @@ jobs: runs-on: ubuntu-latest # Test is not compatible with Windows steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -240,7 +240,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -256,7 +256,7 @@ jobs: runs-on: ubuntu-latest # Test is not compatible with Windows steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -293,7 +293,7 @@ jobs: runs-on: ubuntu-latest # Test is not compatible with Windows steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -334,7 +334,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -366,7 +366,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -385,7 +385,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-detect-toolchains.yml b/.github/workflows/integ-test-detect-toolchains.yml index 5bdc3bf..ce61598 100644 --- a/.github/workflows/integ-test-detect-toolchains.yml +++ b/.github/workflows/integ-test-detect-toolchains.yml @@ -30,7 +30,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -60,7 +60,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-inject-develocity.yml b/.github/workflows/integ-test-inject-develocity.yml index 6c7ac26..cae6bf8 100644 --- a/.github/workflows/integ-test-inject-develocity.yml +++ b/.github/workflows/integ-test-inject-develocity.yml @@ -46,7 +46,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -86,7 +86,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test - name: Setup Gradle @@ -130,7 +130,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -161,7 +161,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test - name: Setup Gradle diff --git a/.github/workflows/integ-test-provision-gradle-versions.yml b/.github/workflows/integ-test-provision-gradle-versions.yml index dcad38f..46a6f8d 100644 --- a/.github/workflows/integ-test-provision-gradle-versions.yml +++ b/.github/workflows/integ-test-provision-gradle-versions.yml @@ -33,7 +33,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -95,7 +95,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-restore-configuration-cache.yml b/.github/workflows/integ-test-restore-configuration-cache.yml index 666a7b3..1881fcc 100644 --- a/.github/workflows/integ-test-restore-configuration-cache.yml +++ b/.github/workflows/integ-test-restore-configuration-cache.yml @@ -35,7 +35,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -63,7 +63,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -100,7 +100,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -136,7 +136,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -163,7 +163,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -191,7 +191,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -219,7 +219,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-restore-containerized-gradle-home.yml b/.github/workflows/integ-test-restore-containerized-gradle-home.yml index 067104d..5410c30 100644 --- a/.github/workflows/integ-test-restore-containerized-gradle-home.yml +++ b/.github/workflows/integ-test-restore-containerized-gradle-home.yml @@ -23,7 +23,7 @@ jobs: container: fedora:latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -42,7 +42,7 @@ jobs: container: fedora:latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-restore-custom-gradle-home.yml b/.github/workflows/integ-test-restore-custom-gradle-home.yml index d5a9ec0..facfaaf 100644 --- a/.github/workflows/integ-test-restore-custom-gradle-home.yml +++ b/.github/workflows/integ-test-restore-custom-gradle-home.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -44,7 +44,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -66,7 +66,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-restore-gradle-home.yml b/.github/workflows/integ-test-restore-gradle-home.yml index 34af46a..19754fa 100644 --- a/.github/workflows/integ-test-restore-gradle-home.yml +++ b/.github/workflows/integ-test-restore-gradle-home.yml @@ -31,7 +31,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -54,7 +54,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -77,7 +77,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -100,7 +100,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -125,7 +125,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-restore-java-toolchain.yml b/.github/workflows/integ-test-restore-java-toolchain.yml index a3e8e87..11f91ab 100644 --- a/.github/workflows/integ-test-restore-java-toolchain.yml +++ b/.github/workflows/integ-test-restore-java-toolchain.yml @@ -30,7 +30,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -53,7 +53,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-sample-gradle-plugin.yml b/.github/workflows/integ-test-sample-gradle-plugin.yml index c8db19f..a0fcbf6 100644 --- a/.github/workflows/integ-test-sample-gradle-plugin.yml +++ b/.github/workflows/integ-test-sample-gradle-plugin.yml @@ -30,7 +30,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -52,7 +52,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-sample-kotlin-dsl.yml b/.github/workflows/integ-test-sample-kotlin-dsl.yml index ce38171..f589331 100644 --- a/.github/workflows/integ-test-sample-kotlin-dsl.yml +++ b/.github/workflows/integ-test-sample-kotlin-dsl.yml @@ -30,7 +30,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -52,7 +52,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test diff --git a/.github/workflows/integ-test-wrapper-validation.yml b/.github/workflows/integ-test-wrapper-validation.yml index 523e85d..d54bc42 100644 --- a/.github/workflows/integ-test-wrapper-validation.yml +++ b/.github/workflows/integ-test-wrapper-validation.yml @@ -25,7 +25,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -48,7 +48,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -77,7 +77,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -110,7 +110,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize integ-test uses: ./.github/actions/init-integ-test @@ -140,7 +140,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 # Checkout the repository with no wrappers + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # Checkout the repository with no wrappers with: sparse-checkout: | .github/actions diff --git a/.github/workflows/update-checksums-file.yml b/.github/workflows/update-checksums-file.yml index b40f0a3..3421049 100644 --- a/.github/workflows/update-checksums-file.yml +++ b/.github/workflows/update-checksums-file.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Node.js uses: actions/setup-node@v4 From e726a1247296aadf84bce96b212c2cd4bee1e3fa Mon Sep 17 00:00:00 2001 From: daz Date: Thu, 14 Nov 2024 12:21:03 -0700 Subject: [PATCH 4/7] Pin actions/setup-java@v4 --- .github/actions/init-integ-test/action.yml | 2 +- .github/workflows/ci-init-script-check.yml | 2 +- .github/workflows/integ-test-detect-toolchains.yml | 4 ++-- .github/workflows/integ-test-provision-gradle-versions.yml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/actions/init-integ-test/action.yml b/.github/actions/init-integ-test/action.yml index b1838d9..dc309a5 100644 --- a/.github/actions/init-integ-test/action.yml +++ b/.github/actions/init-integ-test/action.yml @@ -4,7 +4,7 @@ runs: using: "composite" steps: - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: distribution: 'temurin' java-version: 11 diff --git a/.github/workflows/ci-init-script-check.yml b/.github/workflows/ci-init-script-check.yml index d26028f..cc2734d 100644 --- a/.github/workflows/ci-init-script-check.yml +++ b/.github/workflows/ci-init-script-check.yml @@ -24,7 +24,7 @@ jobs: - name: Checkout sources uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: distribution: temurin java-version: 11 diff --git a/.github/workflows/integ-test-detect-toolchains.yml b/.github/workflows/integ-test-detect-toolchains.yml index ce61598..c83f58b 100644 --- a/.github/workflows/integ-test-detect-toolchains.yml +++ b/.github/workflows/integ-test-detect-toolchains.yml @@ -65,12 +65,12 @@ jobs: uses: ./.github/actions/init-integ-test - name: Setup Java 20 - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: distribution: 'temurin' java-version: 20 - name: Setup Java 16 - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: distribution: 'temurin' java-version: 16 diff --git a/.github/workflows/integ-test-provision-gradle-versions.yml b/.github/workflows/integ-test-provision-gradle-versions.yml index 46a6f8d..96ddb50 100644 --- a/.github/workflows/integ-test-provision-gradle-versions.yml +++ b/.github/workflows/integ-test-provision-gradle-versions.yml @@ -100,7 +100,7 @@ jobs: uses: ./.github/actions/init-integ-test - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: distribution: temurin java-version: ${{ matrix.java-version }} From d191577859af709214569121f90841ab0642f73a Mon Sep 17 00:00:00 2001 From: daz Date: Thu, 14 Nov 2024 12:23:02 -0700 Subject: [PATCH 5/7] Pin actions/setup-node@v4 --- .github/actions/build-dist/action.yml | 2 +- .github/workflows/ci-check-and-unit-test.yml | 2 +- .github/workflows/ci-update-dist.yml | 2 +- .github/workflows/update-checksums-file.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/actions/build-dist/action.yml b/.github/actions/build-dist/action.yml index d4b9e0d..d9b71e6 100644 --- a/.github/actions/build-dist/action.yml +++ b/.github/actions/build-dist/action.yml @@ -3,7 +3,7 @@ name: 'Build and upload distribution' runs: using: "composite" steps: - - uses: actions/setup-node@v4 + - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: 20 cache: npm diff --git a/.github/workflows/ci-check-and-unit-test.yml b/.github/workflows/ci-check-and-unit-test.yml index 2d59218..9c1be34 100644 --- a/.github/workflows/ci-check-and-unit-test.yml +++ b/.github/workflows/ci-check-and-unit-test.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Checkout sources uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: 20 cache: npm diff --git a/.github/workflows/ci-update-dist.yml b/.github/workflows/ci-update-dist.yml index d4fcca6..c8db2a3 100644 --- a/.github/workflows/ci-update-dist.yml +++ b/.github/workflows/ci-update-dist.yml @@ -27,7 +27,7 @@ jobs: token: ${{ secrets.BOT_GITHUB_TOKEN }} - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: 20 cache: npm diff --git a/.github/workflows/update-checksums-file.yml b/.github/workflows/update-checksums-file.yml index 3421049..220c37c 100644 --- a/.github/workflows/update-checksums-file.yml +++ b/.github/workflows/update-checksums-file.yml @@ -22,7 +22,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: 20 cache: npm From b12c3a65f2a58dc660d23433faca5cf97f741663 Mon Sep 17 00:00:00 2001 From: daz Date: Thu, 14 Nov 2024 12:35:29 -0700 Subject: [PATCH 6/7] Pin version of 3rd party actions --- .github/actions/build-dist/action.yml | 2 +- .github/actions/init-integ-test/action.yml | 2 +- .github/workflows/ci-check-no-dist-update.yml | 2 +- .github/workflows/ci-codeql.yml | 4 ++-- .github/workflows/ci-update-dist.yml | 2 +- .github/workflows/integ-test-build-scan-publish.yml | 2 +- .github/workflows/integ-test-caching-config.yml | 4 ++-- .github/workflows/integ-test-inject-develocity.yml | 6 +++--- .github/workflows/integ-test-provision-gradle-versions.yml | 6 +++--- .github/workflows/update-checksums-file.yml | 2 +- 10 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/actions/build-dist/action.yml b/.github/actions/build-dist/action.yml index d9b71e6..8dddc6e 100644 --- a/.github/actions/build-dist/action.yml +++ b/.github/actions/build-dist/action.yml @@ -23,7 +23,7 @@ runs: cp -r sources/dist . - name: Upload distribution - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: dist path: dist/ diff --git a/.github/actions/init-integ-test/action.yml b/.github/actions/init-integ-test/action.yml index dc309a5..0e7c21c 100644 --- a/.github/actions/init-integ-test/action.yml +++ b/.github/actions/init-integ-test/action.yml @@ -17,7 +17,7 @@ runs: # Downloads a 'dist' directory artifact that was uploaded in an earlier 'build-dist' step - name: Download dist if: ${{ env.SKIP_DIST != 'true' && !env.ACT }} - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: dist path: dist/ diff --git a/.github/workflows/ci-check-no-dist-update.yml b/.github/workflows/ci-check-no-dist-update.yml index a7048d4..93f3a45 100644 --- a/.github/workflows/ci-check-no-dist-update.yml +++ b/.github/workflows/ci-check-no-dist-update.yml @@ -21,7 +21,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@v45 + uses: tj-actions/changed-files@4edd678ac3f81e2dc578756871e4d00c19191daf # v45.0.4 with: files: | dist/** diff --git a/.github/workflows/ci-codeql.yml b/.github/workflows/ci-codeql.yml index f810429..a8ea4dd 100644 --- a/.github/workflows/ci-codeql.yml +++ b/.github/workflows/ci-codeql.yml @@ -39,7 +39,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4 with: languages: ${{ matrix.language }} config: | @@ -47,4 +47,4 @@ jobs: - sources/src - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4 diff --git a/.github/workflows/ci-update-dist.yml b/.github/workflows/ci-update-dist.yml index c8db2a3..c121c20 100644 --- a/.github/workflows/ci-update-dist.yml +++ b/.github/workflows/ci-update-dist.yml @@ -48,7 +48,7 @@ jobs: # Important: The push event will not trigger any other workflows, see # https://github.com/stefanzweifel/git-auto-commit-action?tab=readme-ov-file#commits-made-by-this-action-do-not-trigger-new-workflow-runs - name: Commit & push changes - uses: stefanzweifel/git-auto-commit-action@v5 + uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 with: commit_message: '[bot] Update dist directory' file_pattern: dist diff --git a/.github/workflows/integ-test-build-scan-publish.yml b/.github/workflows/integ-test-build-scan-publish.yml index 3fa471a..759314d 100644 --- a/.github/workflows/integ-test-build-scan-publish.yml +++ b/.github/workflows/integ-test-build-scan-publish.yml @@ -49,7 +49,7 @@ jobs: run: gradle help - name: Check Build Scan url if: ${{ !steps.gradle.outputs.build-scan-url }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | core.setFailed('No Build Scan detected') diff --git a/.github/workflows/integ-test-caching-config.yml b/.github/workflows/integ-test-caching-config.yml index 7cb0199..22a52f5 100644 --- a/.github/workflows/integ-test-caching-config.yml +++ b/.github/workflows/integ-test-caching-config.yml @@ -104,7 +104,7 @@ jobs: run: ./gradlew help - name: Check Build Scan url is captured if: ${{ !steps.gradle.outputs.build-scan-url }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | core.setFailed('No Build Scan detected') @@ -128,7 +128,7 @@ jobs: run: ./gradlew help - name: Check Build Scan url is captured if: ${{ !steps.gradle.outputs.build-scan-url }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | core.setFailed('No Build Scan detected') diff --git a/.github/workflows/integ-test-inject-develocity.yml b/.github/workflows/integ-test-inject-develocity.yml index cae6bf8..c05265e 100644 --- a/.github/workflows/integ-test-inject-develocity.yml +++ b/.github/workflows/integ-test-inject-develocity.yml @@ -62,7 +62,7 @@ jobs: run: gradle help - name: Check Build Scan url if: ${{ !steps.gradle.outputs.build-scan-url }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | core.setFailed('No Build Scan detected') @@ -107,7 +107,7 @@ jobs: run: "[ ${#GRADLE_ENTERPRISE_ACCESS_KEY} -gt 500 ] || (echo 'GRADLE_ENTERPRISE_ACCESS_KEY does not look like a short lived token'; exit 1)" - name: Check Build Scan url if: ${{ !steps.gradle.outputs.build-scan-url }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | core.setFailed('No Build Scan detected') @@ -179,7 +179,7 @@ jobs: run: gradle help - name: Check Build Scan url if: ${{ !steps.gradle.outputs.build-scan-url }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | core.setFailed('No Build Scan detected') diff --git a/.github/workflows/integ-test-provision-gradle-versions.yml b/.github/workflows/integ-test-provision-gradle-versions.yml index 96ddb50..3ca7d35 100644 --- a/.github/workflows/integ-test-provision-gradle-versions.yml +++ b/.github/workflows/integ-test-provision-gradle-versions.yml @@ -69,7 +69,7 @@ jobs: run: gradle help - name: Check current version output parameter if: ${{ !startsWith(steps.gradle-current.outputs.gradle-version , '8.') }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | core.setFailed('Gradle version parameter not set correctly: value was "${{ steps.gradle-current.outputs.gradle-version }}"') @@ -112,7 +112,7 @@ jobs: gradle-version: ${{ matrix.gradle }} - name: Check output parameter if: ${{ steps.setup-gradle.outputs.gradle-version != matrix.gradle }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | core.setFailed('Gradle version parameter not set correctly: value was "${{ steps.setup-gradle.outputs.gradle-version }}"') @@ -122,7 +122,7 @@ jobs: run: gradle help "-DgradleVersionCheck=${{matrix.gradle}}" - name: Check Build Scan url if: ${{ !steps.gradle.outputs.build-scan-url }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | core.setFailed('No Build Scan detected') diff --git a/.github/workflows/update-checksums-file.yml b/.github/workflows/update-checksums-file.yml index 220c37c..b5dfafa 100644 --- a/.github/workflows/update-checksums-file.yml +++ b/.github/workflows/update-checksums-file.yml @@ -39,7 +39,7 @@ jobs: # If there are no changes, this action will not create a pull request - name: Create or update pull request - uses: peter-evans/create-pull-request@v7 + uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 with: branch: bot/wrapper-checksums-update commit-message: Update known wrapper checksums From b6bc8c2f1700682a6d6b4e8631e671eb4963f19a Mon Sep 17 00:00:00 2001 From: daz Date: Thu, 14 Nov 2024 13:05:02 -0700 Subject: [PATCH 7/7] Pin gradle/actions versions --- .github/workflows/ci-check-and-unit-test.yml | 3 ++- .github/workflows/ci-init-script-check.yml | 3 ++- .github/workflows/ci-validate-wrappers.yml | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci-check-and-unit-test.yml b/.github/workflows/ci-check-and-unit-test.yml index 9c1be34..7558d8a 100644 --- a/.github/workflows/ci-check-and-unit-test.yml +++ b/.github/workflows/ci-check-and-unit-test.yml @@ -24,7 +24,8 @@ jobs: cache: npm cache-dependency-path: sources/package-lock.json - name: Setup Gradle - uses: gradle/actions/setup-gradle@v4 # Use a released version to avoid breakages + # Use a released version to avoid breakages + uses: gradle/actions/setup-gradle@473878a77f1b98e2b5ac4af93489d1656a80a5ed # v4.2.0 env: ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing with: diff --git a/.github/workflows/ci-init-script-check.yml b/.github/workflows/ci-init-script-check.yml index cc2734d..00907e1 100644 --- a/.github/workflows/ci-init-script-check.yml +++ b/.github/workflows/ci-init-script-check.yml @@ -29,7 +29,8 @@ jobs: distribution: temurin java-version: 11 - name: Setup Gradle - uses: gradle/actions/setup-gradle@v4 # Use a released version to avoid breakages + # Use a released version to avoid breakages + uses: gradle/actions/setup-gradle@473878a77f1b98e2b5ac4af93489d1656a80a5ed # v4.2.0 env: ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing - name: Run integration tests diff --git a/.github/workflows/ci-validate-wrappers.yml b/.github/workflows/ci-validate-wrappers.yml index b82fb3b..b941422 100644 --- a/.github/workflows/ci-validate-wrappers.yml +++ b/.github/workflows/ci-validate-wrappers.yml @@ -12,6 +12,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: gradle/actions/wrapper-validation@v4 + - uses: gradle/actions/wrapper-validation@473878a77f1b98e2b5ac4af93489d1656a80a5ed # v4.2.0 with: allow-checksums: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855