From e3a7ee49277257e8067de1bcf46b8d3fb5aac9f3 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Fri, 15 Sep 2023 14:30:18 -0400 Subject: [PATCH] Pin to exact GH actions, preventing ACE in CI Also updates actions. --- .github/actions/bitcoin/action.yml | 2 +- .github/actions/build-dependencies/action.yml | 6 +++--- .github/actions/monero-wallet-rpc/action.yml | 2 +- .github/actions/monero/action.yml | 2 +- .github/actions/test-dependencies/action.yml | 2 +- .github/workflows/coins-tests.yml | 2 +- .github/workflows/common-tests.yml | 2 +- .github/workflows/coordinator-tests.yml | 2 +- .github/workflows/crypto-tests.yml | 2 +- .github/workflows/daily-deny.yml | 6 +++--- .github/workflows/full-stack-tests.yml | 2 +- .github/workflows/lint.yml | 12 ++++++------ .github/workflows/message-queue-tests.yml | 2 +- .github/workflows/monero-tests.yaml | 4 ++-- .github/workflows/monthly-nightly-update.yml | 4 ++-- .github/workflows/no-std.yml | 2 +- .github/workflows/processor-tests.yml | 2 +- .github/workflows/reproducible-runtime.yml | 2 +- .github/workflows/tests.yml | 6 +++--- 19 files changed, 32 insertions(+), 32 deletions(-) diff --git a/.github/actions/bitcoin/action.yml b/.github/actions/bitcoin/action.yml index 8dc8c781..471024e5 100644 --- a/.github/actions/bitcoin/action.yml +++ b/.github/actions/bitcoin/action.yml @@ -12,7 +12,7 @@ runs: steps: - name: Bitcoin Daemon Cache id: cache-bitcoind - uses: actions/cache@v3 + uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 with: path: bitcoin.tar.gz key: bitcoind-${{ runner.os }}-${{ runner.arch }}-${{ inputs.version }} diff --git a/.github/actions/build-dependencies/action.yml b/.github/actions/build-dependencies/action.yml index 63a8375d..45d24293 100644 --- a/.github/actions/build-dependencies/action.yml +++ b/.github/actions/build-dependencies/action.yml @@ -21,7 +21,7 @@ runs: using: "composite" steps: - name: Install Protobuf - uses: arduino/setup-protoc@v2.0.0 + uses: arduino/setup-protoc@a8b67ba40b37d35169e222f3bb352603327985b6 with: repo-token: ${{ inputs.github-token }} @@ -33,11 +33,11 @@ runs: solc-select use 0.8.16 - name: Install Rust - uses: dtolnay/rust-toolchain@master + uses: dtolnay/rust-toolchain@5cb429dd810e16ff67df78472fa81cf760f4d1c0 with: toolchain: ${{ inputs.rust-toolchain }} components: ${{ inputs.rust-components }} targets: wasm32-unknown-unknown, riscv32imac-unknown-none-elf # - name: Cache Rust - # uses: Swatinem/rust-cache@v2 + # uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43 diff --git a/.github/actions/monero-wallet-rpc/action.yml b/.github/actions/monero-wallet-rpc/action.yml index d7929850..4a5b48fd 100644 --- a/.github/actions/monero-wallet-rpc/action.yml +++ b/.github/actions/monero-wallet-rpc/action.yml @@ -12,7 +12,7 @@ runs: steps: - name: Monero Wallet RPC Cache id: cache-monero-wallet-rpc - uses: actions/cache@v3 + uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 with: path: monero-wallet-rpc key: monero-wallet-rpc-${{ runner.os }}-${{ runner.arch }}-${{ inputs.version }} diff --git a/.github/actions/monero/action.yml b/.github/actions/monero/action.yml index 907e05f7..78393189 100644 --- a/.github/actions/monero/action.yml +++ b/.github/actions/monero/action.yml @@ -12,7 +12,7 @@ runs: steps: - name: Monero Daemon Cache id: cache-monerod - uses: actions/cache@v3 + uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 with: path: monerod key: monerod-${{ runner.os }}-${{ runner.arch }}-${{ inputs.version }} diff --git a/.github/actions/test-dependencies/action.yml b/.github/actions/test-dependencies/action.yml index ab604ed7..748d21a7 100644 --- a/.github/actions/test-dependencies/action.yml +++ b/.github/actions/test-dependencies/action.yml @@ -26,7 +26,7 @@ runs: github-token: ${{ inputs.github-token }} - name: Install Foundry - uses: foundry-rs/foundry-toolchain@v1 + uses: foundry-rs/foundry-toolchain@cb603ca0abb544f301eaed59ac0baf579aa6aecf with: version: nightly diff --git a/.github/workflows/coins-tests.yml b/.github/workflows/coins-tests.yml index 0a3ccf02..25500374 100644 --- a/.github/workflows/coins-tests.yml +++ b/.github/workflows/coins-tests.yml @@ -21,7 +21,7 @@ jobs: test-coins: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Test Dependencies uses: ./.github/actions/test-dependencies diff --git a/.github/workflows/common-tests.yml b/.github/workflows/common-tests.yml index 023ab283..d749e198 100644 --- a/.github/workflows/common-tests.yml +++ b/.github/workflows/common-tests.yml @@ -17,7 +17,7 @@ jobs: test-common: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Test Dependencies uses: ./.github/actions/test-dependencies diff --git a/.github/workflows/coordinator-tests.yml b/.github/workflows/coordinator-tests.yml index c4395286..cc1fd379 100644 --- a/.github/workflows/coordinator-tests.yml +++ b/.github/workflows/coordinator-tests.yml @@ -33,7 +33,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Install Build Dependencies uses: ./.github/actions/build-dependencies diff --git a/.github/workflows/crypto-tests.yml b/.github/workflows/crypto-tests.yml index cf371f5d..e36bd6f9 100644 --- a/.github/workflows/crypto-tests.yml +++ b/.github/workflows/crypto-tests.yml @@ -19,7 +19,7 @@ jobs: test-crypto: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Test Dependencies uses: ./.github/actions/test-dependencies diff --git a/.github/workflows/daily-deny.yml b/.github/workflows/daily-deny.yml index 460f4b5a..4ff49e81 100644 --- a/.github/workflows/daily-deny.yml +++ b/.github/workflows/daily-deny.yml @@ -9,16 +9,16 @@ jobs: name: Run cargo deny runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Advisory Cache - uses: actions/cache@v3 + uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 with: path: ~/.cargo/advisory-db key: rust-advisory-db - name: Install cargo - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@5cb429dd810e16ff67df78472fa81cf760f4d1c0 - name: Install cargo deny run: cargo install --locked cargo-deny diff --git a/.github/workflows/full-stack-tests.yml b/.github/workflows/full-stack-tests.yml index e4046307..f764bc83 100644 --- a/.github/workflows/full-stack-tests.yml +++ b/.github/workflows/full-stack-tests.yml @@ -13,7 +13,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Install Build Dependencies uses: ./.github/actions/build-dependencies diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index c0f327dc..0354f66d 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -11,7 +11,7 @@ jobs: clippy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Get nightly version to use id: nightly @@ -30,16 +30,16 @@ jobs: deny: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Advisory Cache - uses: actions/cache@v3 + uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 with: path: ~/.cargo/advisory-db key: rust-advisory-db - name: Install cargo - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@5cb429dd810e16ff67df78472fa81cf760f4d1c0 - name: Install cargo deny run: cargo install --locked cargo-deny @@ -50,14 +50,14 @@ jobs: fmt: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Get nightly version to use id: nightly run: echo "version=$(cat .github/nightly-version)" >> $GITHUB_OUTPUT - name: Install rustfmt - uses: dtolnay/rust-toolchain@master + uses: dtolnay/rust-toolchain@5cb429dd810e16ff67df78472fa81cf760f4d1c0 with: toolchain: ${{ steps.nightly.outputs.version }} components: rustfmt diff --git a/.github/workflows/message-queue-tests.yml b/.github/workflows/message-queue-tests.yml index a13efc7e..bdc5f233 100644 --- a/.github/workflows/message-queue-tests.yml +++ b/.github/workflows/message-queue-tests.yml @@ -27,7 +27,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Install Build Dependencies uses: ./.github/actions/build-dependencies diff --git a/.github/workflows/monero-tests.yaml b/.github/workflows/monero-tests.yaml index 6c3aa1e4..5b954fc4 100644 --- a/.github/workflows/monero-tests.yaml +++ b/.github/workflows/monero-tests.yaml @@ -20,7 +20,7 @@ jobs: unit-tests: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Test Dependencies uses: ./.github/actions/test-dependencies @@ -40,7 +40,7 @@ jobs: version: [v0.17.3.2, v0.18.2.0] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Test Dependencies uses: ./.github/actions/test-dependencies diff --git a/.github/workflows/monthly-nightly-update.yml b/.github/workflows/monthly-nightly-update.yml index daeb5763..05b3e412 100644 --- a/.github/workflows/monthly-nightly-update.yml +++ b/.github/workflows/monthly-nightly-update.yml @@ -9,7 +9,7 @@ jobs: name: Update nightly runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac with: submodules: "recursive" @@ -28,7 +28,7 @@ jobs: git push -u origin $(date +"nightly-%Y-%m") - name: Pull Request - uses: actions/github-script@v6 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 with: script: | const { repo, owner } = context.repo; diff --git a/.github/workflows/no-std.yml b/.github/workflows/no-std.yml index 3791eb38..e8223273 100644 --- a/.github/workflows/no-std.yml +++ b/.github/workflows/no-std.yml @@ -23,7 +23,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Install Build Dependencies uses: ./.github/actions/build-dependencies diff --git a/.github/workflows/processor-tests.yml b/.github/workflows/processor-tests.yml index 8c16481d..fa6db151 100644 --- a/.github/workflows/processor-tests.yml +++ b/.github/workflows/processor-tests.yml @@ -33,7 +33,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Install Build Dependencies uses: ./.github/actions/build-dependencies diff --git a/.github/workflows/reproducible-runtime.yml b/.github/workflows/reproducible-runtime.yml index ca3311e2..6648d3e4 100644 --- a/.github/workflows/reproducible-runtime.yml +++ b/.github/workflows/reproducible-runtime.yml @@ -27,7 +27,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Install Build Dependencies uses: ./.github/actions/build-dependencies diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 4705652d..b888b337 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -29,7 +29,7 @@ jobs: test-infra: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Test Dependencies uses: ./.github/actions/test-dependencies @@ -49,7 +49,7 @@ jobs: test-substrate: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Test Dependencies uses: ./.github/actions/test-dependencies @@ -72,7 +72,7 @@ jobs: test-serai-client: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - name: Test Dependencies uses: ./.github/actions/test-dependencies