diff --git a/.github/workflows/actions-update.yml b/.github/workflows/actions-update.yml index 51fd019..9880f3b 100644 --- a/.github/workflows/actions-update.yml +++ b/.github/workflows/actions-update.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.6 with: # [Required] Access token with `workflow` scope. token: ${{ secrets.WORKFLOW_TOKEN }} diff --git a/.github/workflows/requirements-update.yml b/.github/workflows/requirements-update.yml index e5148e3..23d5268 100644 --- a/.github/workflows/requirements-update.yml +++ b/.github/workflows/requirements-update.yml @@ -25,12 +25,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.6 with: ref: development - name: Setup python - uses: actions/setup-python@v5 + uses: actions/setup-python@v5.1.0 with: python-version: '3.11' @@ -47,7 +47,7 @@ jobs: --output-file requirements.txt requirements.in - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@v6.0.5 with: token: ${{ secrets.GH_TOKEN }} base: development diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index 15a3d1c..4eb4e38 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -22,13 +22,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.6 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v3.3.0 - name: Login to DockerHub - uses: docker/login-action@v3 + uses: docker/login-action@v3.1.0 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_PASSWORD }} @@ -44,7 +44,7 @@ jobs: - name: Build the image id: buildimage - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v5.3.0 with: load: true context: ./ @@ -53,7 +53,7 @@ jobs: tags: ${{ steps.setimagename.outputs.imagename }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@0.21.0 with: image-ref: '${{ steps.setimagename.outputs.imagename }}' format: 'table' diff --git a/.github/workflows/test-image-build.yml b/.github/workflows/test-image-build.yml index b9700fe..f1bb53c 100644 --- a/.github/workflows/test-image-build.yml +++ b/.github/workflows/test-image-build.yml @@ -22,13 +22,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.6 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v3.3.0 - name: Login to DockerHub - uses: docker/login-action@v3 + uses: docker/login-action@v3.1.0 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_PASSWORD }} @@ -44,7 +44,7 @@ jobs: - name: Build the image id: buildimage - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v5.3.0 with: context: ./ file: ./Dockerfile