From bdbe7cc9e06dbca34757583f69e7bfe5ec68c9f8 Mon Sep 17 00:00:00 2001 From: Chiedo Date: Thu, 15 Oct 2020 08:45:27 -0400 Subject: [PATCH] Update some of the actions to Shas --- .github/allowed-actions.js | 22 +++++++++---------- .github/workflows/60-days-stale-check.yml | 2 +- .github/workflows/auto-label-prs.yml | 2 +- .github/workflows/browser-test.yml | 2 +- .github/workflows/check-all-english-links.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/crowdin.yml | 2 +- .github/workflows/merged-notification.yml | 2 +- .github/workflows/pa11y.yml | 4 ++-- .github/workflows/ping-staging-apps.yml | 4 ++-- .github/workflows/remove-unused-assets.yml | 2 +- .github/workflows/repo-sync.yml | 2 +- .../workflows/send-eng-issues-to-backlog.yml | 2 +- .../start-new-engineering-pr-workflow.yml | 2 +- .../workflows/sync-algolia-search-indices.yml | 6 ++--- .github/workflows/test-translations.yml | 10 ++++----- .github/workflows/test-windows.yml | 12 +++++----- .github/workflows/test.yml | 12 +++++----- .github/workflows/translations.yml | 4 ++-- .github/workflows/triage-issue-comments.yml | 2 +- .github/workflows/triage-stale-check.yml | 2 +- .github/workflows/update-graphql-files.yml | 4 ++-- 22 files changed, 52 insertions(+), 52 deletions(-) diff --git a/.github/allowed-actions.js b/.github/allowed-actions.js index bc4f94974250..b08c6a1acb09 100644 --- a/.github/allowed-actions.js +++ b/.github/allowed-actions.js @@ -4,17 +4,17 @@ // can be added it this list. module.exports = [ - 'actions/cache@v1', - 'actions/cache@v2', - 'actions/checkout@v2', - 'actions/github-script@0.9.0', - 'actions/github-script@v2.0.0', - 'actions/github-script@v2', - 'actions/github-script@v3', - 'actions/labeler@v2', - 'actions/setup-node@v1', - 'actions/setup-ruby@v1', - 'actions/stale@v3', + 'actions/cache@70655ec8323daeeaa7ef06d7c56e1b9191396cbe', + 'actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16', + 'actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675', + 'actions/github-script@5d03ada4b0a753e9460b312e61cc4f8fdeacf163', + 'actions/github-script@6e5ee1dc1cb3740e5e5e76ad668e3f526edbfe45', + 'actions/github-script@44b873bc975058192f5279ebe7579496381f575d', + 'actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9', + 'actions/labeler@5f867a63be70efff62b767459b009290364495eb', + 'actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d', + 'actions/setup-ruby@5f29a1cd8dfebf420691c4c9a0e832e2fae5a526', + 'actions/stale@44f9eae0adddf72dbf3eedfacc999f70afcec1a8', 'crowdin/github-action@1.0.10', 'dawidd6/action-delete-branch@v3', 'docker://chinthakagodawita/autoupdate-action:v1', diff --git a/.github/workflows/60-days-stale-check.yml b/.github/workflows/60-days-stale-check.yml index 6e6432808ec2..6b0c8a7f25ec 100644 --- a/.github/workflows/60-days-stale-check.yml +++ b/.github/workflows/60-days-stale-check.yml @@ -7,7 +7,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@v3 + - uses: actions/stale@44f9eae0adddf72dbf3eedfacc999f70afcec1a8 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: 'This issue is stale because it has been open 60 days with no activity.' diff --git a/.github/workflows/auto-label-prs.yml b/.github/workflows/auto-label-prs.yml index c88c53d88577..542204e49c70 100644 --- a/.github/workflows/auto-label-prs.yml +++ b/.github/workflows/auto-label-prs.yml @@ -7,6 +7,6 @@ jobs: if: github.repository == 'github/docs-internal' runs-on: ubuntu-latest steps: - - uses: actions/labeler@v2 + - uses: actions/labeler@5f867a63be70efff62b767459b009290364495eb with: repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/browser-test.yml b/.github/workflows/browser-test.yml index 91a7905d73c5..1d945e5b6ce7 100644 --- a/.github/workflows/browser-test.yml +++ b/.github/workflows/browser-test.yml @@ -25,7 +25,7 @@ jobs: # Even if if doesn't do anything - if: ${{ needs.see_if_should_skip.outputs.should_skip == 'false' }} name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - if: ${{ needs.see_if_should_skip.outputs.should_skip == 'false' }} name: Install diff --git a/.github/workflows/check-all-english-links.yml b/.github/workflows/check-all-english-links.yml index d04e007c5083..9b4dceb71ff7 100644 --- a/.github/workflows/check-all-english-links.yml +++ b/.github/workflows/check-all-english-links.yml @@ -10,7 +10,7 @@ jobs: if: github.repository == 'github/docs-internal' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - name: npm ci run: npm ci - name: npm run build diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e1337c1d0929..e4dda3ecec57 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - uses: github/codeql-action/init@v1 with: languages: javascript # comma separated list of values from {go, python, javascript, java, cpp, csharp} (not YET ruby, sorry!) diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml index 89b4f42689e6..6f0acaf6b495 100644 --- a/.github/workflows/crowdin.yml +++ b/.github/workflows/crowdin.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - name: Sync uses: crowdin/github-action@1.0.10 diff --git a/.github/workflows/merged-notification.yml b/.github/workflows/merged-notification.yml index 8e821a002009..2d8018caac36 100644 --- a/.github/workflows/merged-notification.yml +++ b/.github/workflows/merged-notification.yml @@ -7,7 +7,7 @@ jobs: if: github.event.repository.private == false && github.event.pull_request.merged && github.event.pull_request.base.ref == github.event.repository.default_branch runs-on: ubuntu-latest steps: - - uses: actions/github-script@v3 + - uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9 with: script: | github.issues.createComment({ diff --git a/.github/workflows/pa11y.yml b/.github/workflows/pa11y.yml index 8f2ed17b0481..c604cdc92f2b 100644 --- a/.github/workflows/pa11y.yml +++ b/.github/workflows/pa11y.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out repo - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - name: Get npm cache directory id: npm-cache @@ -16,7 +16,7 @@ jobs: echo "::set-output name=dir::$(npm config get cache)" - name: Cache node modules - uses: actions/cache@v2 + uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16 with: path: ${{ steps.npm-cache.outputs.dir }} key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} diff --git a/.github/workflows/ping-staging-apps.yml b/.github/workflows/ping-staging-apps.yml index b9ab3f2bb6a7..de9cae7893d8 100644 --- a/.github/workflows/ping-staging-apps.yml +++ b/.github/workflows/ping-staging-apps.yml @@ -12,10 +12,10 @@ jobs: env: HEROKU_API_TOKEN: ${{ secrets.HEROKU_API_TOKEN }} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - name: npm ci run: npm ci - name: npm run build run: npm run build - name: Run script - run: script/ping-staging-apps.js \ No newline at end of file + run: script/ping-staging-apps.js diff --git a/.github/workflows/remove-unused-assets.yml b/.github/workflows/remove-unused-assets.yml index 150bc0aebafc..88991b34523e 100644 --- a/.github/workflows/remove-unused-assets.yml +++ b/.github/workflows/remove-unused-assets.yml @@ -19,7 +19,7 @@ jobs: echo 'The repo is currently frozen! Exiting this workflow.' exit 1 # prevents further steps from running - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - name: npm ci run: npm ci - name: Run scripts diff --git a/.github/workflows/repo-sync.yml b/.github/workflows/repo-sync.yml index 2239456eb157..90429442f172 100644 --- a/.github/workflows/repo-sync.yml +++ b/.github/workflows/repo-sync.yml @@ -27,7 +27,7 @@ jobs: exit 1 # prevents further steps from running - name: Check out repo - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - name: Sync repo to branch uses: repo-sync/github-sync@v2 diff --git a/.github/workflows/send-eng-issues-to-backlog.yml b/.github/workflows/send-eng-issues-to-backlog.yml index 80a8d8542124..ce93bc12b272 100644 --- a/.github/workflows/send-eng-issues-to-backlog.yml +++ b/.github/workflows/send-eng-issues-to-backlog.yml @@ -12,7 +12,7 @@ jobs: steps: - name: Add issues with engineering label to project board if: contains(github.event.issue.labels.*.name, 'engineering') || contains(github.event.issue.labels.*.name, 'design') || contains(github.event.issue.labels.*.name, 'Design') - uses: actions/github-script@v2 + uses: actions/github-script@44b873bc975058192f5279ebe7579496381f575d with: github-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }} script: | diff --git a/.github/workflows/start-new-engineering-pr-workflow.yml b/.github/workflows/start-new-engineering-pr-workflow.yml index 03d75ccda9e8..6663028ec7a4 100644 --- a/.github/workflows/start-new-engineering-pr-workflow.yml +++ b/.github/workflows/start-new-engineering-pr-workflow.yml @@ -13,7 +13,7 @@ jobs: REGULAR_COLUMN_ID: 10095779 steps: - name: - uses: actions/github-script@v2 + uses: actions/github-script@44b873bc975058192f5279ebe7579496381f575d continue-on-error: true with: github-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }} diff --git a/.github/workflows/sync-algolia-search-indices.yml b/.github/workflows/sync-algolia-search-indices.yml index 9af47377fc86..fd258360b0ef 100644 --- a/.github/workflows/sync-algolia-search-indices.yml +++ b/.github/workflows/sync-algolia-search-indices.yml @@ -12,12 +12,12 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout - uses: actions/checkout@v2 - - uses: actions/setup-node@v1 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 + - uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d with: node-version: 14.x - name: cache node modules - uses: actions/cache@v1 + uses: actions/cache@70655ec8323daeeaa7ef06d7c56e1b9191396cbe with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} diff --git a/.github/workflows/test-translations.yml b/.github/workflows/test-translations.yml index 68daec80992c..58987a1ec210 100644 --- a/.github/workflows/test-translations.yml +++ b/.github/workflows/test-translations.yml @@ -12,12 +12,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out repo - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 with: ref: translations # check out the 'translations' branch - name: Setup node - uses: actions/setup-node@v1 + uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d with: node-version: 14.x @@ -27,7 +27,7 @@ jobs: echo "::set-output name=dir::$(npm config get cache)" - name: Cache node modules - uses: actions/cache@v2 + uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16 with: path: ${{ steps.npm-cache.outputs.dir }} key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} @@ -52,10 +52,10 @@ jobs: test-group: [content, meta, rendering, routing, unit, links-and-images] steps: - name: Check out repo - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - name: Setup node - uses: actions/setup-node@v1 + uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d with: node-version: 14.x diff --git a/.github/workflows/test-windows.yml b/.github/workflows/test-windows.yml index f2d845b30e23..cb030f82d302 100644 --- a/.github/workflows/test-windows.yml +++ b/.github/workflows/test-windows.yml @@ -15,10 +15,10 @@ jobs: runs-on: windows-latest steps: - name: Check out repo - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - name: Setup node - uses: actions/setup-node@v1 + uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d with: node-version: 14.x @@ -28,7 +28,7 @@ jobs: echo "::set-output name=dir::$(npm config get cache)" - name: Cache node modules - uses: actions/cache@v2 + uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16 with: path: ${{ steps.npm-cache.outputs.dir }} key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} @@ -52,10 +52,10 @@ jobs: test-group: [content, meta, rendering, routing, unit, links-and-images] steps: - name: Check out repo - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - name: Setup node - uses: actions/setup-node@v1 + uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d with: node-version: 14.x @@ -65,7 +65,7 @@ jobs: echo "::set-output name=dir::$(npm config get cache)" - name: Cache node modules - uses: actions/cache@v2 + uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16 with: path: ${{ steps.npm-cache.outputs.dir }} key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4b0e9cec9932..500bfab8a312 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -35,11 +35,11 @@ jobs: # Even if if doesn't do anything - if: ${{ needs.see_if_should_skip.outputs.should_skip == 'false' }} name: Check out repo - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - if: ${{ needs.see_if_should_skip.outputs.should_skip == 'false' }} name: Setup node - uses: actions/setup-node@v1 + uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d with: node-version: 14.x @@ -51,7 +51,7 @@ jobs: - if: ${{ needs.see_if_should_skip.outputs.should_skip == 'false' }} name: Cache node modules - uses: actions/cache@v2 + uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16 with: path: ${{ steps.npm-cache.outputs.dir }} key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} @@ -81,11 +81,11 @@ jobs: # Even if if doesn't do anything - if: ${{ needs.see_if_should_skip.outputs.should_skip == 'false' }} name: Check out repo - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - if: ${{ needs.see_if_should_skip.outputs.should_skip == 'false' }} name: Setup node - uses: actions/setup-node@v1 + uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d with: node-version: 14.x @@ -97,7 +97,7 @@ jobs: - if: ${{ needs.see_if_should_skip.outputs.should_skip == 'false' }} name: Cache node modules - uses: actions/cache@v2 + uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16 with: path: ${{ steps.npm-cache.outputs.dir }} key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} diff --git a/.github/workflows/translations.yml b/.github/workflows/translations.yml index b7c0f3b10a3e..084d401a56bd 100644 --- a/.github/workflows/translations.yml +++ b/.github/workflows/translations.yml @@ -24,7 +24,7 @@ jobs: branch: translations - if: ${{ steps.pr.outputs.number }} name: Check if already labeled - uses: actions/github-script@0.9.0 + uses: actions/github-script@5d03ada4b0a753e9460b312e61cc4f8fdeacf163 id: has-label with: script: | @@ -44,7 +44,7 @@ jobs: number: ${{ steps.pr.outputs.number }} - if: ${{ !steps.has-label.outputs.result }} name: Add automerge label - uses: actions/github-script@0.9.0 + uses: actions/github-script@5d03ada4b0a753e9460b312e61cc4f8fdeacf163 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/triage-issue-comments.yml b/.github/workflows/triage-issue-comments.yml index ac1e4494134c..4f037dd8a29d 100644 --- a/.github/workflows/triage-issue-comments.yml +++ b/.github/workflows/triage-issue-comments.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Check if the event originated from a team member - uses: actions/github-script@v2.0.0 + uses: actions/github-script@6e5ee1dc1cb3740e5e5e76ad668e3f526edbfe45 id: is-internal-contributor with: github-token: ${{secrets.GITHUB_TOKEN}} diff --git a/.github/workflows/triage-stale-check.yml b/.github/workflows/triage-stale-check.yml index 0b329c4ae923..c50cec628596 100644 --- a/.github/workflows/triage-stale-check.yml +++ b/.github/workflows/triage-stale-check.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/stale@v3 + - uses: actions/stale@44f9eae0adddf72dbf3eedfacc999f70afcec1a8 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-pr-message: 'This PR is stale because it has been open 7 days with no activity and will be automatically closed in 3 days. To keep this PR open, update the PR by adding a comment or pushing a commit.' diff --git a/.github/workflows/update-graphql-files.yml b/.github/workflows/update-graphql-files.yml index 92fa77606f73..7e382cd67a95 100644 --- a/.github/workflows/update-graphql-files.yml +++ b/.github/workflows/update-graphql-files.yml @@ -22,9 +22,9 @@ jobs: echo 'The repo is currently frozen! Exiting this workflow.' exit 1 # prevents further steps from running - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675 - name: Set up Ruby - uses: actions/setup-ruby@v1 + uses: actions/setup-ruby@5f29a1cd8dfebf420691c4c9a0e832e2fae5a526 with: ruby-version: '2.4' - name: Install Ruby dependencies