diff --git a/.github/workflows/catalog-test.yaml b/.github/workflows/catalog-test.yaml index 9bb44e20ffc..11be9bcc710 100644 --- a/.github/workflows/catalog-test.yaml +++ b/.github/workflows/catalog-test.yaml @@ -17,7 +17,7 @@ jobs: container: image: ghcr.io/truecharts/devcontainer:3.1.10@sha256:c239addf725eb5cedf79517f8089fdafdc32b5270d1893ee87ae6e511b9bcae3 steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 name: Checkout with: fetch-depth: 100 diff --git a/.github/workflows/charts-lint.yaml b/.github/workflows/charts-lint.yaml index c2464d72f76..fdeb3aae282 100644 --- a/.github/workflows/charts-lint.yaml +++ b/.github/workflows/charts-lint.yaml @@ -22,13 +22,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout [master] - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 1 ref: master - name: Checkout [commit] - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} diff --git a/.github/workflows/charts-release.yaml b/.github/workflows/charts-release.yaml index d3e586ec3f3..5ae57ade2f7 100644 --- a/.github/workflows/charts-release.yaml +++ b/.github/workflows/charts-release.yaml @@ -17,13 +17,13 @@ jobs: image: ghcr.io/truecharts/devcontainer:3.1.10@sha256:c239addf725eb5cedf79517f8089fdafdc32b5270d1893ee87ae6e511b9bcae3 steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: token: ${{ secrets.BOT_TOKEN }} fetch-depth: 1 - name: Checkout Helm-Staging - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 1 repository: truecharts/helm-staging @@ -92,7 +92,7 @@ jobs: GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}" - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: token: ${{ secrets.BOT_TOKEN }} fetch-depth: 0 @@ -124,7 +124,7 @@ jobs: find . -name '*.sh' | xargs chmod +x - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' with: @@ -238,7 +238,7 @@ jobs: git push - name: Checkout Catalog - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' with: diff --git a/.github/workflows/charts-test.yaml b/.github/workflows/charts-test.yaml index 173e24f6faa..b7e20398b1f 100644 --- a/.github/workflows/charts-test.yaml +++ b/.github/workflows/charts-test.yaml @@ -50,7 +50,7 @@ jobs: detected6: ${{ steps.list-changed.outputs.detected6 }} steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -115,7 +115,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -175,7 +175,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -233,7 +233,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -291,7 +291,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -349,7 +349,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} @@ -407,7 +407,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 1 ref: ${{ inputs.checkoutCommit }} diff --git a/.github/workflows/daily.yaml b/.github/workflows/daily.yaml index 736d52f067e..dad481a6aa5 100644 --- a/.github/workflows/daily.yaml +++ b/.github/workflows/daily.yaml @@ -20,7 +20,7 @@ jobs: image: ghcr.io/truecharts/devcontainer:3.1.10@sha256:c239addf725eb5cedf79517f8089fdafdc32b5270d1893ee87ae6e511b9bcae3 steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: token: ${{ secrets.BOT_TOKEN }} fetch-depth: 1 @@ -55,7 +55,7 @@ jobs: done - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: repository: truecharts/website path: website @@ -248,7 +248,7 @@ jobs: helm repo update - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: token: ${{ secrets.BOT_TOKEN }} fetch-depth: 1 @@ -257,7 +257,7 @@ jobs: run: git config --global --add safe.directory "$GITHUB_WORKSPACE" - name: Checkout website - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 1 repository: truecharts/website @@ -377,7 +377,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: token: ${{ secrets.BOT_TOKEN }} fetch-depth: 1 diff --git a/.github/workflows/pr-validate.yaml b/.github/workflows/pr-validate.yaml index 1cacd072fca..efd2d11e0d4 100644 --- a/.github/workflows/pr-validate.yaml +++ b/.github/workflows/pr-validate.yaml @@ -17,7 +17,7 @@ jobs: addedOrModifiedCharts: ${{ steps.collect-changes.outputs.addedOrModifiedCharts }} steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 - name: Collect changes id: collect-changes @@ -57,7 +57,7 @@ jobs: head-commit-message: ${{ steps.get_head_commit_message.outputs.headCommitMsg }} steps: - name: Get repo - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: ref: ${{ github.event.pull_request.head.sha }} - name: verbose head git commit message diff --git a/.github/workflows/prune.yaml b/.github/workflows/prune.yaml index 5f4adea90c2..323e59c2b56 100644 --- a/.github/workflows/prune.yaml +++ b/.github/workflows/prune.yaml @@ -9,7 +9,7 @@ jobs: name: "prune old releases" steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: fetch-depth: 0 - uses: actions/delete-package-versions@0d39a63126868f5eefaa47169615edd3c0f61e20 # v4 diff --git a/.github/workflows/renovate-bump.yaml b/.github/workflows/renovate-bump.yaml index 5265c39d2b8..6effcd28553 100644 --- a/.github/workflows/renovate-bump.yaml +++ b/.github/workflows/renovate-bump.yaml @@ -14,12 +14,12 @@ jobs: container: image: ghcr.io/truecharts/devcontainer:3.1.10@sha256:c239addf725eb5cedf79517f8089fdafdc32b5270d1893ee87ae6e511b9bcae3 steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 name: Checkout with: fetch-depth: 0 token: ${{ secrets.BOT_TOKEN }} - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 name: Checkout with: fetch-depth: 0 diff --git a/.github/workflows/schedule-sync-labels.yaml b/.github/workflows/schedule-sync-labels.yaml index fe10b9f5fe3..8cd2d0dea5e 100644 --- a/.github/workflows/schedule-sync-labels.yaml +++ b/.github/workflows/schedule-sync-labels.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 with: token: ${{ secrets.BOT_TOKEN }}