From ab0a3f4a032f199bc9d75c5fdf8ad4aeb23c80f3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 23 Jun 2026 17:05:49 +0000 Subject: [PATCH] chore(deps): pin dependencies --- .github/workflows/synkronus-cli-docker.yml | 36 +++++++++++----------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/synkronus-cli-docker.yml b/.github/workflows/synkronus-cli-docker.yml index bc783ec4e..6103750b3 100644 --- a/.github/workflows/synkronus-cli-docker.yml +++ b/.github/workflows/synkronus-cli-docker.yml @@ -31,7 +31,7 @@ jobs: version: ${{ steps.version.outputs.version }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 0 @@ -47,7 +47,7 @@ jobs: echo "Building synkronus-cli with version: ${VERSION}" - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version: '1.25.x' cache-dependency-path: synkronus-cli/go.sum @@ -65,7 +65,7 @@ jobs: CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags="${LD_FLAGS}" -o "${ROOT}/docker-dist/synk-linux-arm64" ./cmd/synkronus - name: Upload docker build context artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: synkronus-cli-docker-dist path: docker-dist/ @@ -82,10 +82,10 @@ jobs: digest: ${{ steps.push.outputs.digest }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Download docker build context - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 with: name: synkronus-cli-docker-dist path: docker-dist/ @@ -99,7 +99,7 @@ jobs: - name: Log in to Github Container Registry if: github.event_name != 'pull_request' - uses: redhat-actions/podman-login@v1 + uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 with: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} @@ -107,7 +107,7 @@ jobs: - name: Compute image metadata (scratch tag) id: meta - uses: docker/metadata-action@v6 + uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6 with: images: | ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} @@ -116,7 +116,7 @@ jobs: - name: Build image with Buildah id: build-image - uses: redhat-actions/buildah-build@v2 + uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 with: image: ${{ env.IMAGE_NAME }} tags: ${{ steps.meta.outputs.tag-names }} @@ -129,7 +129,7 @@ jobs: - name: Push image to registry id: push if: github.event_name != 'pull_request' - uses: redhat-actions/push-to-registry@v2 + uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2 with: image: ${{ steps.build-image.outputs.image }} tags: ${{ steps.build-image.outputs.tags }} @@ -146,10 +146,10 @@ jobs: digest: ${{ steps.push.outputs.digest }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Download docker build context - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 with: name: synkronus-cli-docker-dist path: docker-dist/ @@ -163,7 +163,7 @@ jobs: - name: Log in to Github Container Registry if: github.event_name != 'pull_request' - uses: redhat-actions/podman-login@v1 + uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 with: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} @@ -171,7 +171,7 @@ jobs: - name: Compute image metadata (scratch tag) id: meta - uses: docker/metadata-action@v6 + uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6 with: images: | ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} @@ -180,7 +180,7 @@ jobs: - name: Build image with Buildah id: build-image - uses: redhat-actions/buildah-build@v2 + uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 with: image: ${{ env.IMAGE_NAME }} tags: ${{ steps.meta.outputs.tag-names }} @@ -193,7 +193,7 @@ jobs: - name: Push image to registry id: push if: github.event_name != 'pull_request' - uses: redhat-actions/push-to-registry@v2 + uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2 with: image: ${{ steps.build-image.outputs.image }} tags: ${{ steps.build-image.outputs.tags }} @@ -211,7 +211,7 @@ jobs: attestations: write steps: - name: Log in to Github Container Registry (docker) - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -219,7 +219,7 @@ jobs: - name: Compute image tags and labels id: tags - uses: docker/metadata-action@v6 + uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6 with: images: | ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} @@ -283,7 +283,7 @@ jobs: echo "digest=${DIGEST}" >> "${GITHUB_OUTPUT}" - name: Generate artifact attestation - uses: actions/attest-build-provenance@v1 + uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1 with: subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} subject-digest: ${{ steps.manifest-digest.outputs.digest }}