diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e7060541e..93db0cf90 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -13,10 +13,10 @@ jobs: steps: - name: clone - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: install go - uses: actions/setup-go@v4 + uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4 with: # use version from go.mod file go-version-file: 'go.mod' diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 5e9521e2a..f876981ae 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,11 +35,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -50,7 +50,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -64,4 +64,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2 diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index e25a75f48..649405b1a 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -14,13 +14,13 @@ jobs: steps: - name: clone - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: # ensures we fetch tag history for the repository fetch-depth: 0 - name: install go - uses: actions/setup-go@v4 + uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4 with: # use version from go.mod file go-version-file: 'go.mod' @@ -40,7 +40,7 @@ jobs: make build-static-ci - name: publish - uses: elgohr/Publish-Docker-Github-Action@v5 + uses: elgohr/Publish-Docker-Github-Action@43dc228e327224b2eda11c8883232afd5b34943b # v5 with: name: target/vela-worker cache: true @@ -49,7 +49,7 @@ jobs: password: ${{ secrets.DOCKER_PASSWORD }} - name: publish-alpine - uses: elgohr/Publish-Docker-Github-Action@v5 + uses: elgohr/Publish-Docker-Github-Action@43dc228e327224b2eda11c8883232afd5b34943b # v5 with: name: target/vela-worker cache: true diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 7ee304e49..1b412e780 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -13,13 +13,13 @@ jobs: steps: - name: clone - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: # ensures we fetch tag history for the repository fetch-depth: 0 - name: install go - uses: actions/setup-go@v4 + uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4 with: # use version from go.mod file go-version-file: 'go.mod' @@ -34,7 +34,7 @@ jobs: make build-static-ci - name: publish - uses: elgohr/Publish-Docker-Github-Action@v5 + uses: elgohr/Publish-Docker-Github-Action@43dc228e327224b2eda11c8883232afd5b34943b # v5 with: name: target/vela-worker cache: true @@ -42,7 +42,7 @@ jobs: password: ${{ secrets.DOCKER_PASSWORD }} - name: publish-alpine - uses: elgohr/Publish-Docker-Github-Action@v5 + uses: elgohr/Publish-Docker-Github-Action@43dc228e327224b2eda11c8883232afd5b34943b # v5 with: name: target/vela-worker cache: true diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml index 3e5e9c8ee..6f496a32a 100644 --- a/.github/workflows/reviewdog.yml +++ b/.github/workflows/reviewdog.yml @@ -11,10 +11,10 @@ jobs: runs-on: ubuntu-latest steps: - name: clone - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: install go - uses: actions/setup-go@v4 + uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4 with: # use version from go.mod file go-version-file: 'go.mod' @@ -22,7 +22,7 @@ jobs: check-latest: true - name: golangci-lint - uses: reviewdog/action-golangci-lint@v2 + uses: reviewdog/action-golangci-lint@24d4af2fc93f5b2b296229e8b0c0f658d25707af # v2 with: github_token: ${{ secrets.github_token }} golangci_lint_flags: "--config=.golangci.yml --verbose" @@ -34,10 +34,10 @@ jobs: runs-on: ubuntu-latest steps: - name: clone - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: install go - uses: actions/setup-go@v4 + uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4 with: # use version from go.mod file go-version-file: 'go.mod' @@ -45,7 +45,7 @@ jobs: check-latest: true - name: golangci-lint - uses: reviewdog/action-golangci-lint@v2 + uses: reviewdog/action-golangci-lint@24d4af2fc93f5b2b296229e8b0c0f658d25707af # v2 with: github_token: ${{ secrets.github_token }} golangci_lint_flags: "--config=.golangci.yml --verbose" diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml index c514c3b06..5e22b7298 100644 --- a/.github/workflows/spec.yml +++ b/.github/workflows/spec.yml @@ -13,10 +13,10 @@ jobs: steps: - name: clone - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: install go - uses: actions/setup-go@v4 + uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4 with: # use version from go.mod file go-version-file: 'go.mod' diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 6c8f37e05..53ab50da6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -13,10 +13,10 @@ jobs: steps: - name: clone - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: install go - uses: actions/setup-go@v4 + uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4 with: # use version from go.mod file go-version-file: 'go.mod' @@ -28,7 +28,7 @@ jobs: go test -covermode=atomic -coverprofile=coverage.out ./... - name: coverage - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3 with: token: ${{ secrets.CODECOV_TOKEN }} file: coverage.out diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index c6a681a06..f1ea6efd6 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -13,10 +13,10 @@ jobs: steps: - name: clone - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: install go - uses: actions/setup-go@v4 + uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4 with: # use version from go.mod file go-version-file: 'go.mod' diff --git a/Dockerfile b/Dockerfile index a5b5726d5..2d4c800ab 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ # # Use of this source code is governed by the LICENSE file in this repository. -FROM alpine:3.18.3@sha256:c5c5fda71656f28e49ac9c5416b3643eaa6a108a8093151d6d1afc9463be8e33 as certs +FROM alpine:3.18.3@sha256:7144f7bab3d4c2648d7e59409f15ec52a18006a128c733fcff20d3a4a54ba44a as certs RUN apk add --update --no-cache ca-certificates diff --git a/Dockerfile-alpine b/Dockerfile-alpine index e66160cc9..1da261240 100644 --- a/Dockerfile-alpine +++ b/Dockerfile-alpine @@ -2,7 +2,7 @@ # # Use of this source code is governed by the LICENSE file in this repository. -FROM alpine:3.18.3@sha256:c5c5fda71656f28e49ac9c5416b3643eaa6a108a8093151d6d1afc9463be8e33 +FROM alpine:3.18.3@sha256:7144f7bab3d4c2648d7e59409f15ec52a18006a128c733fcff20d3a4a54ba44a RUN apk add --update --no-cache ca-certificates diff --git a/go.mod b/go.mod index c85855467..4e7c5f4d6 100644 --- a/go.mod +++ b/go.mod @@ -8,9 +8,9 @@ require ( github.com/docker/docker v20.10.25+incompatible github.com/docker/go-units v0.5.0 github.com/gin-gonic/gin v1.9.1 - github.com/go-vela/sdk-go v0.20.2-0.20230824133536-0b0212b996f5 - github.com/go-vela/server v0.20.1-0.20230831135557-46337cfce67d - github.com/go-vela/types v0.20.2-0.20230822144153-14b37585731d + github.com/go-vela/sdk-go v0.20.3 + github.com/go-vela/server v0.20.3 + github.com/go-vela/types v0.20.3 github.com/golang-jwt/jwt/v5 v5.0.0 github.com/google/go-cmp v0.5.9 github.com/joho/godotenv v1.5.1 @@ -63,7 +63,7 @@ require ( github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/google/gnostic-models v0.6.8 // indirect - github.com/google/go-github/v54 v54.0.0 // indirect + github.com/google/go-github/v53 v53.2.0 // indirect github.com/google/go-querystring v1.1.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/uuid v1.3.1 // indirect diff --git a/go.sum b/go.sum index 497e3e1fc..b9ad5a62a 100644 --- a/go.sum +++ b/go.sum @@ -145,12 +145,12 @@ github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91 github.com/go-playground/validator/v10 v10.14.0 h1:vgvQWe3XCz3gIeFDm/HnTIbj6UGmg/+t63MyGU2n5js= github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-vela/sdk-go v0.20.2-0.20230824133536-0b0212b996f5 h1:PfGWo9Yzv6xfHYSYYArlsrWfs3cvOlBopCjHyHi/SPs= -github.com/go-vela/sdk-go v0.20.2-0.20230824133536-0b0212b996f5/go.mod h1:j7DFviaUd+XArpFr9KoHLWwUXRyFYAiZvPPF42gktoA= -github.com/go-vela/server v0.20.1-0.20230831135557-46337cfce67d h1:xgrejztRM+VM2uOLNGZubkIk11wbsg0qTcyAHO5Kpbo= -github.com/go-vela/server v0.20.1-0.20230831135557-46337cfce67d/go.mod h1:h4i/+HUpfh+kViIpf2016fJXZxVFz6B9EECA28qp/fg= -github.com/go-vela/types v0.20.2-0.20230822144153-14b37585731d h1:ag6trc3Ev+7hzifeWy0M9rHHjrO9nFCYgW8dlKdZ4j4= -github.com/go-vela/types v0.20.2-0.20230822144153-14b37585731d/go.mod h1:AXO4oQSygOBQ02fPapsKjQHkx2aQO3zTu7clpvVbXBY= +github.com/go-vela/sdk-go v0.20.3 h1:/PSTIT6BsYglr56ldmdQJgM/QYZ0EZG7PDLyAEw1bYc= +github.com/go-vela/sdk-go v0.20.3/go.mod h1:1cdzmLOXEsSfQp8dDhD6FXsFpxwBIyPGUI/wrEB4E/I= +github.com/go-vela/server v0.20.3 h1:RPpPpEBMIclimfZgOhUCmZkrJ59g5hYNB3ctFR5N6fs= +github.com/go-vela/server v0.20.3/go.mod h1:lWZ2MNrBrW37OaQXsnqfp/vGvKzjk21QGodHfaQZmYQ= +github.com/go-vela/types v0.20.3 h1:vrX9pFTzTHbtfjHdbAwp9Ii3hWx3OSZ8qTINyaq2j2k= +github.com/go-vela/types v0.20.3/go.mod h1:AXO4oQSygOBQ02fPapsKjQHkx2aQO3zTu7clpvVbXBY= github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= @@ -201,8 +201,8 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-github/v54 v54.0.0 h1:OZdXwow4EAD5jEo5qg+dGFH2DpkyZvVsAehjvJuUL/c= -github.com/google/go-github/v54 v54.0.0/go.mod h1:Sw1LXWHhXRZtzJ9LI5fyJg9wbQzYvFhW8W5P2yaAQ7s= +github.com/google/go-github/v53 v53.2.0 h1:wvz3FyF53v4BK+AsnvCmeNhf8AkTaeh2SoYu/XUvTtI= +github.com/google/go-github/v53 v53.2.0/go.mod h1:XhFRObz+m/l+UCm9b7KSIC3lT3NWSXGt7mOsAWEloao= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=