[#425] Pin GitHub Action versions
Previously versions were using tags. By pinning them to SHAs, it ensures the versions cannot be changed. Also note that I used the latest release, so many of the actions received a version bump as part of this change.
This commit is contained in:
Carter Jernigan
Carter Jernigan
parent
8cab95ee96
commit
06b2b524c6
|
|
@ -8,7 +8,7 @@ runs:
|
|||
run: |
|
||||
echo "home=${HOME}" >> "$GITHUB_ENV"
|
||||
- name: Set up Java
|
||||
uses: actions/setup-java@v2
|
||||
uses: actions/setup-java@f69f00b5e5324696b07f6b1c92f0470a6df00780
|
||||
with:
|
||||
distribution: 'zulu'
|
||||
java-version: 17
|
||||
|
|
@ -24,13 +24,13 @@ runs:
|
|||
echo "org.gradle.daemon=false" >> ~/.gradle/gradle.properties
|
||||
- name: Gradle Wrapper Cache
|
||||
id: gradle-wrapper-cache
|
||||
uses: actions/cache@v2.1.7
|
||||
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
|
||||
with:
|
||||
path: ~/.gradle/wrapper
|
||||
key: ${{ runner.os }}-gradle-wrapper-${{ hashFiles(format('{0}{1}', github.workspace, '/gradle/wrapper/gradle-wrapper.properties')) }}
|
||||
- name: Gradle Dependency Cache
|
||||
id: gradle-dependency-cache
|
||||
uses: actions/cache@v2.1.7
|
||||
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
|
||||
with:
|
||||
path: ~/.gradle/caches/modules-2
|
||||
key: ${{ runner.os }}-gradle-deps-${{ hashFiles(format('{0}{1}', github.workspace, '/gradle.properties')) }}
|
||||
|
|
@ -41,7 +41,7 @@ runs:
|
|||
- name: Gradle Build Cache Main
|
||||
id: gradle-build-cache-main
|
||||
if: github.event.pull_request.head.sha == ''
|
||||
uses: actions/cache@v2.1.7
|
||||
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
|
||||
with:
|
||||
path: |
|
||||
~/.gradle/caches/build-cache-1
|
||||
|
|
@ -52,7 +52,7 @@ runs:
|
|||
- name: Gradle Build Cache Pull Request
|
||||
id: gradle-build-cache-pr
|
||||
if: github.event.pull_request.head.sha != ''
|
||||
uses: actions/cache@v2.1.7
|
||||
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
|
||||
with:
|
||||
path: |
|
||||
~/.gradle/caches/build-cache-1
|
||||
|
|
@ -62,7 +62,7 @@ runs:
|
|||
${{ runner.os }}-gradle-build
|
||||
- name: Rust Cache
|
||||
id: rust-cache
|
||||
uses: actions/cache@v2.1.7
|
||||
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
|
||||
with:
|
||||
path: |
|
||||
sdk-lib/target
|
||||
|
|
|
|||
|
|
@ -20,12 +20,12 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
# Gradle Wrapper validation can be flaky
|
||||
# https://github.com/gradle/wrapper-validation-action/issues/40
|
||||
- name: Gradle Wrapper Validation
|
||||
timeout-minutes: 1
|
||||
uses: gradle/wrapper-validation-action@v1.0.4
|
||||
uses: gradle/wrapper-validation-action@e6e38bacfdf1a337459f332974bb2327a31aaf4b
|
||||
|
||||
deploy_release:
|
||||
environment: deployment
|
||||
|
|
@ -36,7 +36,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
- name: Setup
|
||||
id: setup
|
||||
timeout-minutes: 30
|
||||
|
|
@ -83,7 +83,7 @@ jobs:
|
|||
zip -r ${BINARIES_ZIP_PATH} . -i *build/outputs/*
|
||||
- name: Upload Artifacts
|
||||
if: ${{ always() }}
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
|
||||
timeout-minutes: 1
|
||||
with:
|
||||
name: Release binaries
|
||||
|
|
|
|||
|
|
@ -28,12 +28,12 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
# Gradle Wrapper validation can be flaky
|
||||
# https://github.com/gradle/wrapper-validation-action/issues/40
|
||||
- name: Gradle Wrapper Validation
|
||||
timeout-minutes: 1
|
||||
uses: gradle/wrapper-validation-action@v1.0.4
|
||||
uses: gradle/wrapper-validation-action@e6e38bacfdf1a337459f332974bb2327a31aaf4b
|
||||
|
||||
deploy_snapshot:
|
||||
environment: deployment
|
||||
|
|
@ -44,7 +44,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
- name: Setup
|
||||
id: setup
|
||||
timeout-minutes: 30
|
||||
|
|
@ -81,7 +81,7 @@ jobs:
|
|||
zip -r ${BINARIES_ZIP_PATH} . -i *build/outputs/*
|
||||
- name: Upload Artifacts
|
||||
if: ${{ always() }}
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
|
||||
timeout-minutes: 1
|
||||
with:
|
||||
name: Snapshot binaries
|
||||
|
|
|
|||
|
|
@ -22,12 +22,12 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
# Gradle Wrapper validation can be flaky
|
||||
# https://github.com/gradle/wrapper-validation-action/issues/40
|
||||
- name: Gradle Wrapper Validation
|
||||
timeout-minutes: 1
|
||||
uses: gradle/wrapper-validation-action@v1.0.4
|
||||
uses: gradle/wrapper-validation-action@e6e38bacfdf1a337459f332974bb2327a31aaf4b
|
||||
|
||||
prime_cache:
|
||||
runs-on: ubuntu-latest
|
||||
|
|
@ -37,7 +37,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
- name: Setup
|
||||
id: setup
|
||||
timeout-minutes: 30
|
||||
|
|
@ -64,7 +64,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
- name: Setup
|
||||
id: setup
|
||||
timeout-minutes: 5
|
||||
|
|
@ -85,7 +85,7 @@ jobs:
|
|||
zip -r ${REPORTS_ZIP_PATH} . -i build/reports/detekt/\*
|
||||
- name: Upload Artifacts
|
||||
if: ${{ always() }}
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
|
||||
timeout-minutes: 1
|
||||
with:
|
||||
name: Detekt static analysis results
|
||||
|
|
@ -99,7 +99,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
- name: Setup
|
||||
id: setup
|
||||
timeout-minutes: 5
|
||||
|
|
@ -120,7 +120,7 @@ jobs:
|
|||
zip -r ${REPORTS_ZIP_PATH} . -i build/reports/ktlint/\*
|
||||
- name: Upload Artifacts
|
||||
if: ${{ always() }}
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
|
||||
timeout-minutes: 1
|
||||
with:
|
||||
name: Ktlint static analysis results
|
||||
|
|
@ -134,7 +134,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
- name: Setup
|
||||
id: setup
|
||||
timeout-minutes: 5
|
||||
|
|
@ -155,7 +155,7 @@ jobs:
|
|||
mkdir ${ARTIFACTS_DIR_PATH}
|
||||
zip -r ${LINT_ZIP_PATH} . -i \*build/reports/\*
|
||||
- name: Upload Artifacts
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
|
||||
timeout-minutes: 1
|
||||
with:
|
||||
name: Android Lint static analysis results
|
||||
|
|
@ -170,7 +170,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
- name: Setup
|
||||
id: setup
|
||||
timeout-minutes: 5
|
||||
|
|
@ -181,7 +181,7 @@ jobs:
|
|||
./gradlew assembleDebug assembleAndroidTest
|
||||
- name: Authenticate to Google Cloud for Firebase Test Lab
|
||||
id: auth_test_lab
|
||||
uses: google-github-actions/auth@v0.5.0
|
||||
uses: google-github-actions/auth@8d125895b958610ec414ca4dae010257eaa814d3
|
||||
with:
|
||||
create_credentials_file: true
|
||||
project_id: ${{ secrets.FIREBASE_TEST_LAB_PROJECT }}
|
||||
|
|
@ -206,7 +206,7 @@ jobs:
|
|||
|
||||
zip -r ${TEST_RESULTS_ZIP_PATH} . -i build/fladle/\* \*/build/outputs/androidTest-results/\*
|
||||
- name: Upload Artifacts
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
|
||||
timeout-minutes: 1
|
||||
with:
|
||||
name: Test Android modules results
|
||||
|
|
@ -220,7 +220,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
- name: Setup
|
||||
id: setup
|
||||
timeout-minutes: 5
|
||||
|
|
@ -252,7 +252,7 @@ jobs:
|
|||
zip -r ${BINARIES_ZIP_PATH} . -i demo-app/build/outputs/apk/\*/release/\*.apk demo-app/build/outputs/bundle/\*/release/\*.aab
|
||||
zip -r ${MAPPINGS_ZIP_PATH} . -i demo-app/build/outputs/mapping/\*/mapping.txt
|
||||
- name: Upload Artifacts
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
|
||||
timeout-minutes: 1
|
||||
with:
|
||||
name: Demo app release binaries
|
||||
|
|
@ -269,14 +269,14 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
timeout-minutes: 1
|
||||
uses: actions/checkout@v2.4.0
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
|
||||
- name: Setup
|
||||
id: setup
|
||||
timeout-minutes: 5
|
||||
uses: ./.github/actions/setup
|
||||
- name: Authenticate to Google Cloud for Firebase Test Lab
|
||||
id: auth_test_lab
|
||||
uses: google-github-actions/auth@v0.5.0
|
||||
uses: google-github-actions/auth@8d125895b958610ec414ca4dae010257eaa814d3
|
||||
with:
|
||||
create_credentials_file: true
|
||||
project_id: ${{ secrets.FIREBASE_TEST_LAB_PROJECT }}
|
||||
|
|
@ -284,7 +284,7 @@ jobs:
|
|||
workload_identity_provider: ${{ secrets.FIREBASE_TEST_LAB_WORKLOAD_IDENTITY_PROVIDER }}
|
||||
access_token_lifetime: '900s'
|
||||
- name: Download a single artifact
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
|
||||
with:
|
||||
name: Release binaries
|
||||
- name: Robo test
|
||||
|
|
|
|||
Loading…
Reference in New Issue