From 831303cc8fd753191033c611a5cee51e1679a6fc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 3 Apr 2024 06:00:03 +0000 Subject: [PATCH] Pin dependencies --- .github/workflows/pr.yaml | 12 ++++++------ .github/workflows/push.yaml | 32 +++++++++++++++---------------- Dockerfile | 4 ++-- config/manager/kustomization.yaml | 2 +- 4 files changed, 25 insertions(+), 25 deletions(-) diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index 2ff3e18..390d875 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -16,11 +16,11 @@ jobs: echo "REPOSITORY_NAME=$(basename $GITHUB_REPOSITORY)" >> $GITHUB_ENV - name: Set up Go 1.x - uses: actions/setup-go@v2 + uses: actions/setup-go@bfdd3570ce990073878bf10f6b2d79082de49492 # v2 with: go-version: ^1.16 - name: Check out code into the Go module directory - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 # - uses: shivanshs9/setup-k8s-operator-sdk@v1 # with: @@ -54,15 +54,15 @@ jobs: run: make helmchart VERSION=0.0.1 IMG=quay.io/${{ github.repository_owner }}/$(basename $GITHUB_REPOSITORY):0.0.1 - name: Set up QEMU - uses: docker/setup-qemu-action@v1 + uses: docker/setup-qemu-action@27d0a4f181a40b142cce983c5393082c365d1480 # v1 with: platforms: all - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@f211e3e9ded2d9377c8cadc4489a4e38014bc4c9 # v1 - name: "Build Operator Image" - uses: docker/build-push-action@v2 + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a # v2 with: context: . file: ./Dockerfile @@ -71,7 +71,7 @@ jobs: tags: "quay.io/${{ github.repository_owner }}/${{ env.REPOSITORY_NAME }}:v0.0.1" - name: "Build Bundle Image" - uses: docker/build-push-action@v2 + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a # v2 with: context: . file: ./bundle.Dockerfile diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index 965ce92..9b7b67f 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -19,12 +19,12 @@ jobs: echo "REPOSITORY_NAME=$(basename $GITHUB_REPOSITORY)" >> $GITHUB_ENV - name: Set up Go 1.x - uses: actions/setup-go@v2 + uses: actions/setup-go@bfdd3570ce990073878bf10f6b2d79082de49492 # v2 with: go-version: ^1.16 - name: Check out code into the Go module directory - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 # - uses: shivanshs9/setup-k8s-operator-sdk@v1 # with: @@ -80,22 +80,22 @@ jobs: run: make helmchart VERSION=${BUNDLE_VERSION} IMG=quay.io/${{ github.repository_owner }}/$(basename $GITHUB_REPOSITORY):${OPERATOR_IMAGE_TAG} - name: Set up QEMU - uses: docker/setup-qemu-action@v1 + uses: docker/setup-qemu-action@27d0a4f181a40b142cce983c5393082c365d1480 # v1 with: platforms: all - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@f211e3e9ded2d9377c8cadc4489a4e38014bc4c9 # v1 - name: Login to DockerHub - uses: docker/login-action@v1 + uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 # v1 with: registry: quay.io/${{ github.repository_owner }} username: ${{ secrets.QUAY_USERNAME }} password: ${{ secrets.QUAY_PASSWORD }} - name: "Build and Push Operator Image" - uses: docker/build-push-action@v2 + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a # v2 with: context: . file: ./Dockerfile @@ -104,7 +104,7 @@ jobs: tags: "quay.io/${{ github.repository_owner }}/${{ env.REPOSITORY_NAME }}:${{ env.OPERATOR_IMAGE_TAG }}" - name: "Build and Push Bundle Image" - uses: docker/build-push-action@v2 + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a # v2 with: context: . file: ./bundle.Dockerfile @@ -135,7 +135,7 @@ jobs: echo "REPOSITORY_NAME=$(basename $GITHUB_REPOSITORY)" >> $GITHUB_ENV - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Get the version id: get_version @@ -148,7 +148,7 @@ jobs: git config --global user.email "$GITHUB_ACTOR@users.noreply.github.com" - name: checkout gh-pages - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 with: path: ./tmp/gh-pages ref: gh-pages @@ -174,7 +174,7 @@ jobs: echo "REPOSITORY_NAME=$(basename $GITHUB_REPOSITORY)" >> $GITHUB_ENV - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - run: | git fetch --prune --unshallow @@ -195,7 +195,7 @@ jobs: cat ${VERSION}-CHANGELOG.txt - name: Create Release - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1 with: body_path: ${{ env.VERSION }}-CHANGELOG.txt draft: false @@ -217,10 +217,10 @@ jobs: echo "CONTEXT_PATH=" - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: Set up Go 1.x - uses: actions/setup-go@v2 + uses: actions/setup-go@bfdd3570ce990073878bf10f6b2d79082de49492 # v2 with: go-version: ^1.16 @@ -246,7 +246,7 @@ jobs: echo "VERSION=${TAG:1}" >> $GITHUB_ENV - name: checkout community-operators-prod - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 with: repository: redhat-openshift-ecosystem/community-operators-prod path: ./tmp/community-operators-prod @@ -274,7 +274,7 @@ jobs: TAGS_TO_DIGESTS: ${OPERATOR_IMAGE_TAG} - name: Create Pull Request - uses: peter-evans/create-pull-request@v3 + uses: peter-evans/create-pull-request@18f7dc018cc2cd597073088f7c7591b9d1c02672 # v3 if: ${{ startsWith( env.first_release, 'true' ) }} with: path: ./tmp/community-operators-prod @@ -338,7 +338,7 @@ jobs: token: ${{ secrets.COMMUNITY_OPERATOR_PAT }} - name: Create Pull Request - uses: peter-evans/create-pull-request@v3 + uses: peter-evans/create-pull-request@18f7dc018cc2cd597073088f7c7591b9d1c02672 # v3 if: ${{ ! startsWith( env.first_release, 'true' ) }} with: path: ./tmp/community-operators-prod diff --git a/Dockerfile b/Dockerfile index 17489c6..3c7f840 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM golang:1.16 as builder +FROM golang:1.16@sha256:5f6a4662de3efc6d6bb812d02e9de3d8698eea16b8eb7281f03e6f3e8383018e as builder WORKDIR /workspace # Copy the Go Modules manifests @@ -19,7 +19,7 @@ RUN CGO_ENABLED=0 GOOS=linux go build -a -o manager main.go # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal@sha256:f30dbf77b075215f6c827c269c073b5e0973e5cea8dacdf7ecb6a19c868f37f2 WORKDIR / COPY --from=builder /workspace/manager . USER 65532:65532 diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 2adc2ec..58c3937 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -13,4 +13,4 @@ kind: Kustomization images: - name: controller newName: quay.io/raffaelespazzoli/global-load-balancer-operator - newTag: latest + newTag: latest@sha256:b019dd8aadaa2fdf04bf2ee04ef5e38b8e5e510dabdb69ff16bb0fac88d5dceb