Skip to content

Commit

Permalink
Update github-actions (#75)
Browse files Browse the repository at this point in the history 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
  • Loading branch information
@renovate
renovate[bot] authored Jan 26, 2025
1 parent 761ceed commit 09edfa7
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 20 deletions.
22 changes: 11 additions & 11 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350
- uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e
with:
disable-sudo: true
egress-policy: block
Expand All @@ -24,17 +24,17 @@ jobs:
raw.githubusercontent.com:443
- name: Checkout repo
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
uses: actions/setup-go@5a083d0e9a84784eb32078397cf5459adecb4c40
with:
go-version-file: ./go.mod

# Linting
- name: Linting
uses: golangci/golangci-lint-action@58eda26a511c265ee35b3ee4b101fb8adfd76480
uses: golangci/golangci-lint-action@7ec71f69b140deafe2ba0c477db8aacd59cdfe55
with:
version: latest
args: --config=./.github/.golangci.yml ./...
Expand All @@ -48,7 +48,7 @@ jobs:
matrix:
go: [ '1.22', '1.21' ]
steps:
- uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350
- uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e
with:
disable-sudo: true
egress-policy: block
Expand All @@ -59,11 +59,11 @@ jobs:
sum.golang.org:443
- name: Checkout repo
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
uses: actions/setup-go@5a083d0e9a84784eb32078397cf5459adecb4c40
with:
go-version: ${{ matrix.go }}

Expand All @@ -75,7 +75,7 @@ jobs:
name: Analyze
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350
- uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e
with:
disable-sudo: true
egress-policy: block
Expand All @@ -92,11 +92,11 @@ jobs:
storage.googleapis.com:443
- name: Checkout repo
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
uses: actions/setup-go@5a083d0e9a84784eb32078397cf5459adecb4c40
with:
go-version-file: ./go.mod

Expand All @@ -106,7 +106,7 @@ jobs:

# Codecov
- name: Codecov
uses: codecov/codecov-action@adfacf2d276b158264c48ff298490fbdf13e4fb6
uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/codeql.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,24 +23,24 @@ jobs:
fail-fast: false

steps:
- uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350
- uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443 github.com:443 objects.githubusercontent.com:443 proxy.golang.org:443 storage.googleapis.com:443 sum.golang.org:443 uploads.github.com:443
- name: Checkout repository
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@db7177a1c66bea89f5e7ce32d0ea48bea4a0d460
uses: github/codeql-action/init@e7c0c9d71b7bd108fd12e06b56fc58d3d154164d
with:
languages: go

- name: Autobuild
uses: github/codeql-action/autobuild@db7177a1c66bea89f5e7ce32d0ea48bea4a0d460
uses: github/codeql-action/autobuild@e7c0c9d71b7bd108fd12e06b56fc58d3d154164d

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@db7177a1c66bea89f5e7ce32d0ea48bea4a0d460
uses: github/codeql-action/analyze@e7c0c9d71b7bd108fd12e06b56fc58d3d154164d
8 changes: 4 additions & 4 deletions .github/workflows/scorecards.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
id-token: write

steps:
- uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350
- uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e
with:
disable-sudo: true
egress-policy: block
Expand All @@ -38,12 +38,12 @@ jobs:
www.bestpractices.dev:443
- name: "Checkout code"
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@e48dbb732fab761267783321dfa71e2a5c6e263d
uses: ossf/scorecard-action@63f6b6a8289d09d3fda95e91b03933bcaff7040e
with:
results_file: results.sarif
results_format: sarif
Expand All @@ -69,6 +69,6 @@ jobs:

# required for Code scanning alerts
- name: "Upload SARIF results to code scanning"
uses: github/codeql-action/upload-sarif@db7177a1c66bea89f5e7ce32d0ea48bea4a0d460
uses: github/codeql-action/upload-sarif@e7c0c9d71b7bd108fd12e06b56fc58d3d154164d
with:
sarif_file: results.sarif

0 comments on commit 09edfa7

Please sign in to comment.