From 56df7ad1033c309e833f37b0124c7b4e853362b2 Mon Sep 17 00:00:00 2001 From: tobiasKaminsky Date: Fri, 16 Dec 2022 10:18:51 +0100 Subject: [PATCH] Pin versions Signed-off-by: tobiasKaminsky --- .github/workflows/analysis.yml | 4 ++-- .github/workflows/assembleFlavors.yml | 4 ++-- .github/workflows/autoApproveDependabot.yml | 2 +- .github/workflows/check.yml | 4 ++-- .github/workflows/detectSnapshot.yml | 2 +- .github/workflows/gradle-wrapper-validation.yml | 4 ++-- .github/workflows/qa.yml | 4 ++-- .github/workflows/screenShotTest.yml | 17 ++++++++--------- .github/workflows/unit-tests.yml | 13 ++++++------- 9 files changed, 26 insertions(+), 28 deletions(-) diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 6a3ce2ebc4..1f99e39fed 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -28,12 +28,12 @@ jobs: echo "::set-output name=pr::${{ github.event.pull_request.number }}" echo "::set-output name=repo::${{ github.event.pull_request.head.repo.full_name }}" fi - - uses: actions/checkout@v3 + - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3 with: repository: ${{ steps.get-vars.outputs.repo }} ref: ${{ steps.get-vars.outputs.branch }} - name: Set up JDK 11 - uses: actions/setup-java@v3 + uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b # v3 with: distribution: "temurin" java-version: 11 diff --git a/.github/workflows/assembleFlavors.yml b/.github/workflows/assembleFlavors.yml index 8979c1442f..6bec7e9545 100644 --- a/.github/workflows/assembleFlavors.yml +++ b/.github/workflows/assembleFlavors.yml @@ -15,9 +15,9 @@ jobs: matrix: flavor: [ Generic, Gplay, Huawei ] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3 - name: set up JDK 11 - uses: actions/setup-java@v3 + uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b # v3 with: distribution: "temurin" java-version: 11 diff --git a/.github/workflows/autoApproveDependabot.yml b/.github/workflows/autoApproveDependabot.yml index 1946010fd3..8deb91bf16 100644 --- a/.github/workflows/autoApproveDependabot.yml +++ b/.github/workflows/autoApproveDependabot.yml @@ -10,7 +10,7 @@ jobs: auto-approve: runs-on: ubuntu-latest steps: - - uses: hmarr/auto-approve-action@v3.1.0 + - uses: hmarr/auto-approve-action@de8ae18c173c131e182d4adf2c874d8d2308a85b # v3.1.0 if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]' with: github-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 0c38dfa7c3..63f970d6ca 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -15,9 +15,9 @@ jobs: matrix: task: [ detekt, spotlessKotlinCheck ] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3 - name: Set up JDK 11 - uses: actions/setup-java@v3 + uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b # v3 with: distribution: "temurin" java-version: 11 diff --git a/.github/workflows/detectSnapshot.yml b/.github/workflows/detectSnapshot.yml index c529840486..d1c3c754ed 100644 --- a/.github/workflows/detectSnapshot.yml +++ b/.github/workflows/detectSnapshot.yml @@ -12,6 +12,6 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3 - name: Detect SNAPSHOT run: scripts/analysis/detectSNAPSHOT.sh diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index d0d8f814e2..0e649b2e9e 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -12,5 +12,5 @@ jobs: name: "Validation" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: gradle/wrapper-validation-action@v1 + - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3 + - uses: gradle/wrapper-validation-action@55e685c48d84285a5b0418cd094606e199cca3b6 # v1 diff --git a/.github/workflows/qa.yml b/.github/workflows/qa.yml index 59c3b803ab..7c228a5d0a 100644 --- a/.github/workflows/qa.yml +++ b/.github/workflows/qa.yml @@ -15,10 +15,10 @@ jobs: - name: Check if secrets are available run: echo "::set-output name=ok::${{ secrets.KS_PASS != '' }}" id: check-secrets - - uses: actions/checkout@v3 + - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3 if: ${{ steps.check-secrets.outputs.ok == 'true' }} - name: set up JDK 11 - uses: actions/setup-java@v3 + uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b # v3 if: ${{ steps.check-secrets.outputs.ok == 'true' }} with: distribution: "temurin" diff --git a/.github/workflows/screenShotTest.yml b/.github/workflows/screenShotTest.yml index ac36160e9c..74b646102b 100644 --- a/.github/workflows/screenShotTest.yml +++ b/.github/workflows/screenShotTest.yml @@ -18,17 +18,17 @@ jobs: color: [ blue ] api-level: [ 27 ] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3 - name: Gradle cache - uses: actions/cache@v3 + uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3 with: path: | ~/.gradle/caches ~/.gradle/wrapper key: gradle-${{ runner.os }}-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('**/gradle/wrapper/gradle-wrapper.properties') }} - name: AVD cache - uses: actions/cache@v3 + uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3 id: avd-cache with: path: | @@ -36,14 +36,14 @@ jobs: ~/.android/adb* key: avd-${{ matrix.api-level }} - - uses: actions/setup-java@v3 + - uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b # v3 with: distribution: "temurin" java-version: 11 - name: create AVD and generate snapshot for caching if: steps.avd-cache.outputs.cache-hit != 'true' - uses: reactivecircus/android-emulator-runner@v2 + uses: reactivecircus/android-emulator-runner@50986b1464923454c95e261820bc626f38490ec0 # v2 with: api-level: ${{ matrix.api-level }} force-avd-creation: false @@ -64,12 +64,12 @@ jobs: - name: Delete old comments env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} if: ${{ always() }} run: scripts/deleteOldComments.sh "${{ matrix.color }}-${{ matrix.scheme }}" "Screenshot" ${{github.event.number}} - name: Run screenshot tests - uses: reactivecircus/android-emulator-runner@v2 + uses: reactivecircus/android-emulator-runner@50986b1464923454c95e261820bc626f38490ec0 # v2 with: api-level: ${{ matrix.api-level }} force-avd-creation: false @@ -82,8 +82,7 @@ jobs: if: ${{ failure() }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: - scripts/uploadReport.sh "${{ secrets.LOG_USERNAME }}" "${{ secrets.LOG_PASSWORD }}" ${{github.event.number}} "${{ matrix.color }}-${{ matrix.scheme }}" "Screenshot" ${{github.event.number}} + run: scripts/uploadReport.sh "${{ secrets.LOG_USERNAME }}" "${{ secrets.LOG_PASSWORD }}" ${{github.event.number}} "${{ matrix.color }}-${{ matrix.scheme }}" "Screenshot" ${{github.event.number}} - name: Archive Espresso results uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb if: ${{ always() }} diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index a64c5f69ef..f3e3baf73e 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -14,29 +14,28 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3 - name: Set up JDK 11 - uses: actions/setup-java@v3 + uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b # v3 with: distribution: "temurin" java-version: 11 - name: Delete old comments env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} if: ${{ always() }} run: scripts/deleteOldComments.sh "test" "Unit" ${{github.event.number}} - name: Run unit tests with coverage - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@3fbe033aaae657f011f88f29be9e65ed26bd29ef # v2 with: arguments: jacocoTestGplayDebugUnitTest - name: Upload failing results if: ${{ failure() }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: - scripts/uploadReport.sh "${{ secrets.LOG_USERNAME }}" "${{ secrets.LOG_PASSWORD }}" ${{github.event.number}} "test" "Unit" ${{github.event.number}} + run: scripts/uploadReport.sh "${{ secrets.LOG_USERNAME }}" "${{ secrets.LOG_PASSWORD }}" ${{github.event.number}} "test" "Unit" ${{github.event.number}} - name: Upload coverage to codecov - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70 # v3 with: token: ${{ secrets.CODECOV_TOKEN }} flags: unit