diff --git a/.github/actions/publish-site-report/action.yml b/.github/actions/publish-site-report/action.yml index 272d671e4f..1e3799e460 100644 --- a/.github/actions/publish-site-report/action.yml +++ b/.github/actions/publish-site-report/action.yml @@ -32,7 +32,7 @@ runs: shell: bash run: mvn -B surefire-report:report-only -f pom.xml -Daggregate=true -Denforcer.skip=true - name: Publish Site Report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: ${{ inputs.output-zip-file }} path: | diff --git a/.github/workflows/bigtable-pr.yml b/.github/workflows/bigtable-pr.yml index 4ab4db7838..b5e6b9dba7 100644 --- a/.github/workflows/bigtable-pr.yml +++ b/.github/workflows/bigtable-pr.yml @@ -107,7 +107,7 @@ jobs: ./cicd/run-unit-tests \ --modules-to-build="BIGTABLE" - name: Upload Unit Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-unit-test-results @@ -117,7 +117,7 @@ jobs: **/surefire-reports/html/** retention-days: 1 - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v6.0.1 + uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 with: token: ${{ secrets.CODECOV_TOKEN }} slug: GoogleCloudPlatform/DataflowTemplates @@ -145,7 +145,7 @@ jobs: --it-artifact-bucket="cloud-teleport-testing-it-gitactions" \ --it-private-connectivity="datastream-connect-2" - name: Upload Smoke Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-smoke-test-results @@ -177,7 +177,7 @@ jobs: --it-artifact-bucket="cloud-teleport-testing-it-gitactions" \ --it-private-connectivity="datastream-connect-2" - name: Upload Integration Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-integration-test-results @@ -187,7 +187,7 @@ jobs: **/surefire-reports/html/** retention-days: 10 # Increased retention similar to Spanner - name: Integration Test report on GitHub - uses: dorny/test-reporter@v3 + uses: dorny/test-reporter@a43b3a5f7366b97d083190328d2c652e1a8b6aa2 # v3.0.0 if: always() with: name: Integration Test report on GitHub diff --git a/.github/workflows/bqmonitor-pr.yml b/.github/workflows/bqmonitor-pr.yml index 3a202c5135..38ea49672b 100644 --- a/.github/workflows/bqmonitor-pr.yml +++ b/.github/workflows/bqmonitor-pr.yml @@ -50,7 +50,7 @@ jobs: - name: Checkout Code uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.11' - name: Install dependencies and run tests @@ -99,7 +99,7 @@ jobs: --it-private-connectivity="datastream-connect-2" \ --test="BigQueryAnomalyDetectionIT" - name: Upload Integration Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() with: name: surefire-integration-test-results diff --git a/.github/workflows/cleanup-spanner-test-infra.yml b/.github/workflows/cleanup-spanner-test-infra.yml index 5972c650ed..85451d608a 100644 --- a/.github/workflows/cleanup-spanner-test-infra.yml +++ b/.github/workflows/cleanup-spanner-test-infra.yml @@ -35,7 +35,7 @@ jobs: - name: Checkout Code uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.12' - name: Install dependencies @@ -63,7 +63,7 @@ jobs: - name: Checkout Code uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.12' - name: Install dependencies diff --git a/.github/workflows/datastream-pr.yml b/.github/workflows/datastream-pr.yml index 8a08263034..50270e6a38 100644 --- a/.github/workflows/datastream-pr.yml +++ b/.github/workflows/datastream-pr.yml @@ -110,7 +110,7 @@ jobs: ./cicd/run-unit-tests \ --modules-to-build="DATASTREAM" - name: Upload Unit Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-unit-test-results @@ -120,7 +120,7 @@ jobs: **/surefire-reports/html/** retention-days: 1 - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v6.0.1 + uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 with: token: ${{ secrets.CODECOV_TOKEN }} slug: GoogleCloudPlatform/DataflowTemplates @@ -148,7 +148,7 @@ jobs: --it-artifact-bucket="cloud-teleport-testing-it-gitactions" \ --it-private-connectivity="datastream-connect-2" - name: Upload Smoke Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-smoke-test-results @@ -180,7 +180,7 @@ jobs: --it-artifact-bucket="cloud-teleport-testing-it-gitactions" \ --it-private-connectivity="datastream-connect-2" - name: Upload Integration Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-integration-test-results @@ -190,7 +190,7 @@ jobs: **/surefire-reports/html/** retention-days: 1 - name: Integration Test report on GitHub - uses: dorny/test-reporter@v3 + uses: dorny/test-reporter@a43b3a5f7366b97d083190328d2c652e1a8b6aa2 # v3.0.0 if: always() with: name: Integration Test report on GitHub diff --git a/.github/workflows/java-pr.yml b/.github/workflows/java-pr.yml index f0244ba7ac..10594790ed 100644 --- a/.github/workflows/java-pr.yml +++ b/.github/workflows/java-pr.yml @@ -114,7 +114,7 @@ jobs: - name: Run Unit Tests run: ./cicd/run-unit-tests - name: Upload Unit Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-unit-test-results @@ -124,7 +124,7 @@ jobs: **/surefire-reports/html/** retention-days: 1 - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v6.0.1 + uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 with: token: ${{ secrets.CODECOV_TOKEN }} slug: GoogleCloudPlatform/DataflowTemplates @@ -153,7 +153,7 @@ jobs: --it-artifact-bucket="cloud-teleport-testing-it-gitactions" \ --it-private-connectivity="datastream-connect-2" - name: Upload Smoke Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-smoke-test-results @@ -188,7 +188,7 @@ jobs: --it-artifact-bucket="cloud-teleport-testing-it-gitactions" \ --it-private-connectivity="datastream-connect-2" - name: Upload Integration Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-integration-test-results @@ -198,7 +198,7 @@ jobs: **/surefire-reports/html/** retention-days: 1 - name: Integration Test report on GitHub - uses: dorny/test-reporter@v3 + uses: dorny/test-reporter@a43b3a5f7366b97d083190328d2c652e1a8b6aa2 # v3.0.0 if: always() with: name: Integration Test report on GitHub diff --git a/.github/workflows/kafka-pr.yml b/.github/workflows/kafka-pr.yml index 1d979d2238..929d267c94 100644 --- a/.github/workflows/kafka-pr.yml +++ b/.github/workflows/kafka-pr.yml @@ -110,7 +110,7 @@ jobs: ./cicd/run-unit-tests \ --modules-to-build="KAFKA" - name: Upload Unit Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-unit-test-results @@ -120,7 +120,7 @@ jobs: **/surefire-reports/html/** retention-days: 1 - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v6.0.1 + uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 with: token: ${{ secrets.CODECOV_TOKEN }} slug: GoogleCloudPlatform/DataflowTemplates @@ -148,7 +148,7 @@ jobs: --it-artifact-bucket="cloud-teleport-testing-it-gitactions" \ --it-private-connectivity="datastream-connect-2" - name: Upload Smoke Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-smoke-test-results @@ -181,7 +181,7 @@ jobs: --it-integration-test-parallelism=4 \ --it-private-connectivity="datastream-connect-2" - name: Upload Integration Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-integration-test-results @@ -191,7 +191,7 @@ jobs: **/surefire-reports/html/** retention-days: 1 - name: Integration Test report on GitHub - uses: dorny/test-reporter@v3 + uses: dorny/test-reporter@a43b3a5f7366b97d083190328d2c652e1a8b6aa2 # v3.0.0 if: always() with: name: Integration Test report on GitHub diff --git a/.github/workflows/label-dependabot-prs.yml b/.github/workflows/label-dependabot-prs.yml index 8c551ede48..fbd9bdd83a 100644 --- a/.github/workflows/label-dependabot-prs.yml +++ b/.github/workflows/label-dependabot-prs.yml @@ -29,7 +29,7 @@ jobs: if: ${{ github.actor == 'dependabot[bot]' }} steps: - name: Add extra labels to Dependabot PRs - uses: actions-ecosystem/action-add-labels@v1.1.3 + uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3 with: github_token: ${{ secrets.GITHUB_TOKEN }} labels: ignore-for-release \ No newline at end of file diff --git a/.github/workflows/load-tests.yml b/.github/workflows/load-tests.yml index 24b4a6f094..324f593480 100644 --- a/.github/workflows/load-tests.yml +++ b/.github/workflows/load-tests.yml @@ -42,7 +42,7 @@ jobs: HOST_IP: ${{ steps.variables.outputs.hostIP }} - name: Create Github issue on failure if: failure() - uses: JasonEtco/create-an-issue@v2 + uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2.9.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} JOB_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} @@ -50,7 +50,7 @@ jobs: with: filename: .github/ISSUE_TEMPLATE/load-test-failure-issue-template.md - name: Upload Load Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-test-results @@ -60,7 +60,7 @@ jobs: **/surefire-reports/html/** retention-days: 1 - name: Integration Test report on GitHub - uses: dorny/test-reporter@v3 + uses: dorny/test-reporter@a43b3a5f7366b97d083190328d2c652e1a8b6aa2 # v3.0.0 if: always() with: name: Integration Test report on GitHub diff --git a/.github/workflows/run-it-tests-beam-snapshots.yml b/.github/workflows/run-it-tests-beam-snapshots.yml index 66486e8e3b..ab98ff2d2c 100644 --- a/.github/workflows/run-it-tests-beam-snapshots.yml +++ b/.github/workflows/run-it-tests-beam-snapshots.yml @@ -134,7 +134,7 @@ jobs: shell: bash - name: Upload Integration Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-integration-test-results-beam-snapshots diff --git a/.github/workflows/spanner-failure-injection-tests.yml b/.github/workflows/spanner-failure-injection-tests.yml index 98c5d6c80f..120d3fdfa5 100644 --- a/.github/workflows/spanner-failure-injection-tests.yml +++ b/.github/workflows/spanner-failure-injection-tests.yml @@ -48,7 +48,7 @@ jobs: --it-cloud-proxy-host="10.128.0.16" \ --test="${{ github.event.inputs.test_name }}" - name: Upload Test Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-test-results @@ -58,7 +58,7 @@ jobs: **/surefire-reports/html/** retention-days: 20 - name: Failure Injection Test report on GitHub - uses: dorny/test-reporter@v3 + uses: dorny/test-reporter@a43b3a5f7366b97d083190328d2c652e1a8b6aa2 # v3.0.0 if: always() with: name: Failure Injection Test report on GitHub diff --git a/.github/workflows/spanner-load-tests.yml b/.github/workflows/spanner-load-tests.yml index bdcb8cda85..6090695243 100644 --- a/.github/workflows/spanner-load-tests.yml +++ b/.github/workflows/spanner-load-tests.yml @@ -59,7 +59,7 @@ jobs: --lt-export-table="template_performance_metrics" \ --test="${{ github.event.inputs.specific_test }}" - name: Upload Load Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-load-test-results @@ -69,7 +69,7 @@ jobs: **/surefire-reports/html/** retention-days: 30 - name: Load Test report on GitHub - uses: dorny/test-reporter@v3 + uses: dorny/test-reporter@a43b3a5f7366b97d083190328d2c652e1a8b6aa2 # v3.0.0 if: always() with: name: Load Test report on GitHub @@ -111,7 +111,7 @@ jobs: --lt-export-table="template_performance_metrics" \ --test="${{ github.event.inputs.specific_test }}" - name: Upload Load Test Observer Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-observer-test-results diff --git a/.github/workflows/spanner-pr.yml b/.github/workflows/spanner-pr.yml index f2fa92f333..5afc800d14 100644 --- a/.github/workflows/spanner-pr.yml +++ b/.github/workflows/spanner-pr.yml @@ -123,7 +123,7 @@ jobs: ./cicd/run-unit-tests \ --modules-to-build="SPANNER" - name: Upload Unit Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-unit-test-results @@ -133,7 +133,7 @@ jobs: **/surefire-reports/html/** retention-days: 1 - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v6.0.1 + uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 with: token: ${{ secrets.CODECOV_TOKEN }} slug: GoogleCloudPlatform/DataflowTemplates @@ -164,7 +164,7 @@ jobs: --it-private-connectivity="datastream-connect-2" \ --it-cloud-proxy-host="10.128.0.16" - name: Upload Smoke Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-smoke-test-results @@ -204,7 +204,7 @@ jobs: --it-cloud-proxy-host="10.128.0.16" \ --test="${{ github.event.inputs.specific_test }}" - name: Upload Integration Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-integration-test-results @@ -214,7 +214,7 @@ jobs: **/surefire-reports/html/** retention-days: 10 - name: Integration Test report on GitHub - uses: dorny/test-reporter@v3 + uses: dorny/test-reporter@a43b3a5f7366b97d083190328d2c652e1a8b6aa2 # v3.0.0 if: always() with: name: Integration Test report on GitHub diff --git a/.github/workflows/spanner-staging-tests.yml b/.github/workflows/spanner-staging-tests.yml index 6b74083f6d..f4b925e39f 100644 --- a/.github/workflows/spanner-staging-tests.yml +++ b/.github/workflows/spanner-staging-tests.yml @@ -64,7 +64,7 @@ jobs: --it-artifact-bucket="dataflow-testing-it-spanner-staging" \ --it-spanner-host=${{ inputs.spannerHost }} - name: Upload Integration Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-test-results @@ -74,7 +74,7 @@ jobs: **/surefire-reports/html/** retention-days: 20 - name: Integration Test report on GitHub - uses: dorny/test-reporter@v3 + uses: dorny/test-reporter@a43b3a5f7366b97d083190328d2c652e1a8b6aa2 # v3.0.0 if: always() with: name: Integration Test report on GitHub diff --git a/.github/workflows/spanner-terraform-validator.yml b/.github/workflows/spanner-terraform-validator.yml index 99f592725d..deb3a5e18a 100644 --- a/.github/workflows/spanner-terraform-validator.yml +++ b/.github/workflows/spanner-terraform-validator.yml @@ -28,11 +28,11 @@ jobs: - v2/spanner-to-sourcedb/terraform/samples - v2/cdc-data-generator/terraform/samples steps: - - uses: hashicorp/setup-terraform@v4 + - uses: hashicorp/setup-terraform@dfe3c3f87815947d99a8997f908cb6525fc44e9e # v4.0.1 - name: Checkout Code - uses: actions/checkout@v6.0.3 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Verify Terraform formatting - uses: dflook/terraform-fmt-check@v2 + uses: dflook/terraform-fmt-check@59168426e242f665bf7b70644d706224e665056a # v2.2.3-dockerhub with: path: ${{ matrix.terraform_paths }} - name: Verify Terraform template and required structure diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 60171eac8b..d59223bdad 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -19,7 +19,7 @@ jobs: pull-requests: write steps: - - uses: actions/stale@v10 + - uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: 'This issue has been marked as stale due to 180 days of inactivity. It will be closed in 1 week if no further activity occurs. If you think that’s incorrect or this pull request requires a review, please simply write any comment. If closed, you can revive the issue at any time. Thank you for your contributions.' diff --git a/.github/workflows/update-docs.yml b/.github/workflows/update-docs.yml index 5937c468ad..8988ec0584 100644 --- a/.github/workflows/update-docs.yml +++ b/.github/workflows/update-docs.yml @@ -16,10 +16,10 @@ jobs: if: github.repository == 'GoogleCloudPlatform/DataflowTemplates' steps: - name: Checkout code - uses: actions/checkout@v6.0.3 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up JDK 17 - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: java-version: '17' distribution: 'temurin' @@ -54,7 +54,7 @@ jobs: exit 1 - name: Add ignore-for-release label to PR - uses: actions-ecosystem/action-add-labels@v1.1.3 + uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3 with: github_token: ${{ secrets.GITHUB_TOKEN }} labels: ignore-for-release diff --git a/.github/workflows/update-python-deps.yml b/.github/workflows/update-python-deps.yml index da1dee4490..926572b6cf 100644 --- a/.github/workflows/update-python-deps.yml +++ b/.github/workflows/update-python-deps.yml @@ -16,10 +16,10 @@ jobs: if: github.repository == 'GoogleCloudPlatform/DataflowTemplates' steps: - name: Checkout code - uses: actions/checkout@v6.0.3 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.11' @@ -48,7 +48,7 @@ jobs: labels: package-upgrade - name: Add ignore-for-release label to PR - uses: actions-ecosystem/action-add-labels@v1.1.3 + uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3 with: github_token: ${{ secrets.GITHUB_TOKEN }} labels: ignore-for-release diff --git a/.github/workflows/upload-jar.yml b/.github/workflows/upload-jar.yml index 3749982cf5..c4f2529e6d 100644 --- a/.github/workflows/upload-jar.yml +++ b/.github/workflows/upload-jar.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Set up Java - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: java-version: '11' distribution: 'temurin' diff --git a/.github/workflows/upload-python-package.yml b/.github/workflows/upload-python-package.yml index 7a85c40f4d..c7fa4ab823 100644 --- a/.github/workflows/upload-python-package.yml +++ b/.github/workflows/upload-python-package.yml @@ -34,7 +34,7 @@ jobs: uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.11' diff --git a/.github/workflows/yaml-pr.yml b/.github/workflows/yaml-pr.yml index 5d7947a7f6..5d2b94b8ab 100644 --- a/.github/workflows/yaml-pr.yml +++ b/.github/workflows/yaml-pr.yml @@ -136,7 +136,7 @@ jobs: ./cicd/run-unit-tests \ --modules-to-build="YAML" - name: Upload Unit Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-unit-test-results @@ -146,7 +146,7 @@ jobs: **/surefire-reports/html/** retention-days: 1 - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v6.0.1 + uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 with: token: ${{ secrets.CODECOV_TOKEN }} slug: GoogleCloudPlatform/DataflowTemplates @@ -175,7 +175,7 @@ jobs: --it-artifact-bucket="cloud-teleport-testing-it-gitactions" \ --it-private-connectivity="datastream-connect-2" - name: Upload Smoke Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-smoke-test-results @@ -210,7 +210,7 @@ jobs: --it-artifact-bucket="cloud-teleport-testing-it-gitactions" \ --it-private-connectivity="datastream-connect-2" - name: Upload Integration Tests Report - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: always() # always run even if the previous step fails with: name: surefire-integration-test-results @@ -220,7 +220,7 @@ jobs: **/surefire-reports/html/** retention-days: 1 - name: Integration Test report on GitHub - uses: dorny/test-reporter@v3 + uses: dorny/test-reporter@a43b3a5f7366b97d083190328d2c652e1a8b6aa2 # v3.0.0 if: always() with: name: Integration Test report on GitHub