Skip to content

Commit

Permalink
Merge pull request #1374 from Devils-Knight/comment
Browse files Browse the repository at this point in the history 
Add version comment for pinned actions
  • Loading branch information
@varunsh-coder
varunsh-coder committed Nov 7, 2022
2 parents 8daceb1 + f6256ca commit ffdfe27
Show file tree
Hide file tree
Showing 11 changed files with 29 additions and 29 deletions.
2 changes: 1 addition & 1 deletion pinactions.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ func pinAction(action, jobName, inputYaml string) (string, bool) {
return inputYaml, updated
}

pinnedAction := fmt.Sprintf("%s@%s", leftOfAt[0], commitSHA)
pinnedAction := fmt.Sprintf("%s@%s # %s", leftOfAt[0], commitSHA, tagOrBranch)
updated = !strings.EqualFold(action, pinnedAction)
inputYaml = strings.ReplaceAll(inputYaml, action, pinnedAction)
return inputYaml, updated
Expand Down
2 changes: 1 addition & 1 deletion testfiles/pinactions/output/basic.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:

steps:
- name: Close Issue
uses: peter-evans/close-issue@a700eac5bf2a1c7a8cb6da0c13f93ed96fd53dbe
uses: peter-evans/close-issue@a700eac5bf2a1c7a8cb6da0c13f93ed96fd53dbe # v1
with:
issue-number: 1
comment: Auto-closing issue
8 changes: 4 additions & 4 deletions testfiles/pinactions/output/branch.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
- name: Publish to Registry
uses: elgohr/Publish-Docker-Github-Action@8217e91c0369a5342a4ef2d612de87492410a666
uses: elgohr/Publish-Docker-Github-Action@8217e91c0369a5342a4ef2d612de87492410a666 # master
with:
name: docker.pkg.github.com/elgohr/publish-docker-github-action/publish-docker-github-action
username: ${{ github.actor }}
Expand All @@ -15,8 +15,8 @@ jobs:
build1:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
- uses: borales/actions-yarn@4965e1a0f0ae9c422a9a5748ebd1fb5e097d22b9
- uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
- uses: borales/actions-yarn@4965e1a0f0ae9c422a9a5748ebd1fb5e097d22b9 # v2.3.0
with:
auth-token: ${{ secrets.GITHUB_TOKEN }}
registry-url: npm.pkg.github.com
2 changes: 1 addition & 1 deletion testfiles/pinactions/output/dockeraction.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9
uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9 # v1
- name: Integration test
uses: docker://ghcr.io/step-security/integration-test/int:latest
env:
Expand Down
10 changes: 5 additions & 5 deletions testfiles/pinactions/output/localaction.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,10 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e
- uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e # v1
with:
node-version: 12.x
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9 # v1
- run: npm ci
- run: npm run build
- run: npm run format-check
Expand All @@ -32,7 +32,7 @@ jobs:
steps:
# Clone this repo
- name: Checkout
uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9
uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9 # v1

# Basic checkout
- name: Checkout basic
Expand Down Expand Up @@ -150,7 +150,7 @@ jobs:
steps:
# Clone this repo
- name: Checkout
uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9
uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9 # v1

# Basic checkout using git
- name: Checkout basic
Expand Down Expand Up @@ -182,7 +182,7 @@ jobs:
steps:
# Clone this repo
- name: Checkout
uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9
uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9 # v1

# Basic checkout using git
- name: Checkout basic
Expand Down
6 changes: 3 additions & 3 deletions testfiles/pinactions/output/multipleactions.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,13 @@ jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9
- uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9 # v1
- uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e # v1
with:
node-version: 10
- run: npm install
- run: npm test
- uses: JS-DevTools/npm-publish@0f451a94170d1699fd50710966d48fb26194d939
- uses: JS-DevTools/npm-publish@0f451a94170d1699fd50710966d48fb26194d939 # v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
registry: https://npm.pkg.github.com
8 changes: 4 additions & 4 deletions testfiles/pinactions/output/multiplejobs.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ jobs:
name: build, pack & publish
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9 # v1

# - name: Setup dotnet
# uses: actions/setup-dotnet@v1
Expand All @@ -18,7 +18,7 @@ jobs:
# Publish
- name: publish on version change
id: publish_nuget
uses: brandedoutcast/publish-nuget@c12b8546b67672ee38ac87bea491ac94a587f7cc
uses: brandedoutcast/publish-nuget@c12b8546b67672ee38ac87bea491ac94a587f7cc # v2
with:
PROJECT_FILE_PATH: Core/Core.csproj
NUGET_KEY: ${{ secrets.GITHUB_TOKEN }}
Expand All @@ -27,7 +27,7 @@ jobs:
name: build, pack & publish
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9 # v1

# - name: Setup dotnet
# uses: actions/setup-dotnet@v1
Expand All @@ -37,7 +37,7 @@ jobs:
# Publish
- name: publish on version change
id: publish_nuget
uses: rohith/publish-nuget@c12b8546b67672ee38ac87bea491ac94a587f7cc
uses: rohith/publish-nuget@c12b8546b67672ee38ac87bea491ac94a587f7cc # v2
with:
PROJECT_FILE_PATH: Core/Core.csproj
NUGET_KEY: ${{ secrets.GITHUB_TOKEN }}
Expand Down
6 changes: 3 additions & 3 deletions testfiles/secureworkflow/output/allscenarios.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@7206db2ec98c5538323a6d70e51f965d55c11c87
uses: step-security/harden-runner@7206db2ec98c5538323a6d70e51f965d55c11c87 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9
- uses: github/super-linter@34b2f8032d759425f6b42ea2e52231b33ae05401
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9 # v1
- uses: github/super-linter@34b2f8032d759425f6b42ea2e52231b33ae05401 # v3
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DISABLE_ERRORS: true
4 changes: 2 additions & 2 deletions testfiles/secureworkflow/output/missingaction.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@7206db2ec98c5538323a6d70e51f965d55c11c87
uses: step-security/harden-runner@7206db2ec98c5538323a6d70e51f965d55c11c87 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

- uses: actions/missingaction@v2
- uses: github/super-linter@34b2f8032d759425f6b42ea2e52231b33ae05401
- uses: github/super-linter@34b2f8032d759425f6b42ea2e52231b33ae05401 # v3
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DISABLE_ERRORS: true
4 changes: 2 additions & 2 deletions testfiles/secureworkflow/output/nohardenrunner.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ jobs:
statuses: write # for github/super-linter to mark status of each linter run
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9
- uses: github/super-linter@34b2f8032d759425f6b42ea2e52231b33ae05401
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9 # v1
- uses: github/super-linter@34b2f8032d759425f6b42ea2e52231b33ae05401 # v3
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DISABLE_ERRORS: true
6 changes: 3 additions & 3 deletions testfiles/secureworkflow/output/noperms.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@7206db2ec98c5538323a6d70e51f965d55c11c87
uses: step-security/harden-runner@7206db2ec98c5538323a6d70e51f965d55c11c87 # v1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9
- uses: github/super-linter@34b2f8032d759425f6b42ea2e52231b33ae05401
- uses: actions/checkout@544eadc6bf3d226fd7a7a9f0dc5b5bf7ca0675b9 # v1
- uses: github/super-linter@34b2f8032d759425f6b42ea2e52231b33ae05401 # v3
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DISABLE_ERRORS: true

0 comments on commit ffdfe27

Please sign in to comment.