actions/fluxcd-flux2
3
0
Fork 0
mirror of https://github.com/fluxcd/flux2.git synced 2026-04-15 16:25:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

build: Pin GitHub Actions

Browse source 
The main benefit of pinning GitHub actions is the determinism it brings
in terms of what version of a given action will be executed. This is
a step towards having hermetic builds.

Once pinned to a commit, dependabot will automatically issue PRs to update
to newer versions.

Pinned versions is the only security metric from OpenSSF scorecard that
this repository currently have a zero score.

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
This commit is contained in:
Paulo Gomes 2022-11-17 15:33:59 +00:00
parent d4ba6c4f44
commit d0e6fcad3f
No known key found for this signature in database
GPG key ID: 9995233870E99BEE
8 changed files with 43 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

6
.github/workflows/update.yaml vendored
View file

@ -18,9 +18,9 @@ jobs:
pull-requests: write
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
- name: Setup Go
uses: actions/setup-go@v3
uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f
with:
go-version: 1.19.x
- name: Update component versions
@ -75,7 +75,7 @@ jobs:
- name: Create Pull Request
id: cpr
uses: peter-evans/create-pull-request@v4
uses: peter-evans/create-pull-request@b4d51739f96fca8047ad065eccef63442d8e99f7 # v4
with:
token: ${{ secrets.BOT_GITHUB_TOKEN }}
commit-message: |