chore(ci): lockdown untrusted workflows to sha #130

heitorlessa · 2022-07-24T12:53:29Z

Issue number: #129

Summary

Please provide a summary of what's being changed

Syncs up security workflow created in Python to enforce untrusted GitHub Actions workflows fail CI.

Tasks:

Please share what the user experience looks like before and after this change

Please leave checklist items unchecked if they do not apply to your change.

Is this a breaking change?

RFC issue number:

Checklist:

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: We value your time and bandwidth. As such, any pull requests created on non-triaged issues might not be successful.

Signed-off-by: heitorlessa <lessa@amazon.co.uk>

heitorlessa added 4 commits July 24, 2022 14:40

chore(ci): lockdown untrusted workflows to sha

5b674fc

chore(ci): use untrusted workflows with sha

d65b607

Signed-off-by: heitorlessa <lessa@amazon.co.uk>

chore(ci): upgrade checkout action to v3

2c8b7d5

Signed-off-by: heitorlessa <lessa@amazon.co.uk>

chore(ci): upgrade setup-python to v4

fe6ff71

Signed-off-by: heitorlessa <lessa@amazon.co.uk>

auto-assign bot requested a review from amirkaws July 24, 2022 12:53

auto-assign bot assigned sliedig Jul 24, 2022

sliedig self-requested a review July 24, 2022 13:08

sliedig approved these changes Jul 24, 2022

View reviewed changes

sliedig merged commit bb63e04 into aws-powertools:develop Jul 24, 2022

heitorlessa deleted the chore/enforce-github-actions-sha branch July 24, 2022 13:13