diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 8fe154918..f1463df56 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -45,7 +45,7 @@ jobs: - name: Generate GitHub App Token for Workflow Trigger id: generate-token - uses: actions/create-github-app-token@v1 + uses: actions/create-github-app-token@d72941d797fd3113feb6b93fd0dec494b13a2547 # v1.12.0 with: app-id: ${{ secrets.DECO_WORKFLOW_TRIGGER_APP_ID }} private-key: ${{ secrets.DECO_WORKFLOW_TRIGGER_PRIVATE_KEY }} @@ -81,7 +81,7 @@ jobs: steps: - name: Auto-approve Check for Merge Queue - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0 with: script: | await github.rest.checks.create({ diff --git a/.github/workflows/next-changelog.yml b/.github/workflows/next-changelog.yml index b9f1792f1..b321edd6e 100755 --- a/.github/workflows/next-changelog.yml +++ b/.github/workflows/next-changelog.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Fetch list of changed files id: changed-files diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 0f653b118..87cc251b5 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -11,15 +11,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up JDK 11 - uses: actions/setup-java@v1 + uses: actions/setup-java@b6e674f4b717d7b0ae3baee0fbe79f498905dfde # v1.4.4 with: java-version: 11 - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 - name: Cache Maven packages - uses: actions/cache@v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: ~/.m2 key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} @@ -39,15 +39,15 @@ jobs: steps: - name: Set up JDK - uses: actions/setup-java@v1 + uses: actions/setup-java@b6e674f4b717d7b0ae3baee0fbe79f498905dfde # v1.4.4 with: java-version: ${{ matrix.java-version }} - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 - name: Cache Maven packages - uses: actions/cache@v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: ~/.m2 key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bc12b2d9f..6cad41bf7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,10 +20,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 - name: Set up Java for publishing to Maven Central Repository - uses: actions/setup-java@v3 + uses: actions/setup-java@17f84c3641ba7b8f6deff6309fc4c864478f5d62 # v3.14.1 with: java-version: 8 server-id: central @@ -68,7 +68,7 @@ jobs: # This step also runs ONLY on tag pushes (real release) - name: Create GitHub release if: "startsWith(github.ref, 'refs/tags/')" - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15 with: files: databricks-sdk-java/target/*.jar body_path: /tmp/release-notes/release-notes.md \ No newline at end of file diff --git a/.github/workflows/tagging.yml b/.github/workflows/tagging.yml index 03b4afa65..215afba43 100755 --- a/.github/workflows/tagging.yml +++ b/.github/workflows/tagging.yml @@ -37,13 +37,13 @@ jobs: steps: - name: Generate GitHub App Token id: generate-token - uses: actions/create-github-app-token@v3 + uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 with: app-id: ${{ secrets.DECO_SDK_TAGGING_APP_ID }} private-key: ${{ secrets.DECO_SDK_TAGGING_PRIVATE_KEY }} - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 with: fetch-depth: 0 token: ${{ steps.generate-token.outputs.token }}