ワークフローのサードパーティーアクションのバージョンをコミットハッシュで固定する #2215

fkoyama · 2025-01-06T04:44:26Z

この Pull request で実施したこと

ワークフローで利用しているサードパーティーのアクションをコミットハッシュを使って指定するように修正しました。
コミットハッシュでアクションのバージョンを固定することで、サプライチェーン攻撃によって意図しないアクションが実行されることを防ぎます。

この Pull request では実施していないこと

なし

Issues や Discussions 、関連する Web サイトなどへのリンク

https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#using-third-party-actions

.github/workflows/build-and-release-documents.yml

github-actions · 2025-01-06T08:40:01Z

Test Result 📝

Test was a success.
Completed in 33916ms with 262 passed, 0 failed and 0 skipped.

Coverage 📐

Summary


Generated on:	01/06/2025 - 08:39:59
Coverage date:	01/06/2025 - 08:39:47 - 01/06/2025 - 08:39:55
Parser:	MultiReport (6x Cobertura)
Assemblies:	8
Classes:	139
Files:	134
Line coverage:	40.7% (1824 of 4475)
Covered lines:	1824
Uncovered lines:	2651
Coverable lines:	4475
Total lines:	10114
Branch coverage:	48% (247 of 514)
Covered branches:	247
Total branches:	514
Method coverage:	Feature is only available for sponsors
Tag:	98_12629262153

Dressca.ApplicationCore - 94.3%

Name	Line	Branch
Dressca.ApplicationCore	94.3%	80.6%
Dressca.ApplicationCore.Accounting.Account	100%	100%
Dressca.ApplicationCore.Accounting.AccountItem	100%
Dressca.ApplicationCore.ApplicationCoreServicesExtensions	100%
Dressca.ApplicationCore.ApplicationService.AssetApplicationService	100%	70%
Dressca.ApplicationCore.ApplicationService.CatalogApplicationService	100%	83.3%
Dressca.ApplicationCore.ApplicationService.CatalogBrandNotExistingInReposit oryException	100%
Dressca.ApplicationCore.ApplicationService.CatalogCategoryNotExistingInRepo sitoryException	100%
Dressca.ApplicationCore.ApplicationService.CatalogItemNotExistingInReposito ryException	100%
Dressca.ApplicationCore.ApplicationService.OrderApplicationService	100%	75%
Dressca.ApplicationCore.ApplicationService.ShoppingApplicationService	100%	78.5%
Dressca.ApplicationCore.ApplicationService.TransactionScopeManager	100%	100%
Dressca.ApplicationCore.Assets.Asset	94.4%	100%
Dressca.ApplicationCore.Assets.AssetNotFoundException	100%
Dressca.ApplicationCore.Assets.AssetTypes	100%	100%
Dressca.ApplicationCore.Authorization.NotConnectedUserStore	0%
Dressca.ApplicationCore.Authorization.PermissionDeniedException	100%
Dressca.ApplicationCore.Authorization.Roles	100%
Dressca.ApplicationCore.Baskets.Basket	100%	100%
Dressca.ApplicationCore.Baskets.BasketItem	84.2%	75%
Dressca.ApplicationCore.Baskets.CatalogItemNotExistingInBasketException	100%
Dressca.ApplicationCore.Catalog.CatalogBrand	84.6%	100%
Dressca.ApplicationCore.Catalog.CatalogCategory	84.6%	100%
Dressca.ApplicationCore.Catalog.CatalogDomainService	100%	60%
Dressca.ApplicationCore.Catalog.CatalogItem	75.9%	66.6%
Dressca.ApplicationCore.Catalog.CatalogItemAsset	92.8%	75%
Dressca.ApplicationCore.Events	100%
Dressca.ApplicationCore.Ordering.Address	100%	100%
Dressca.ApplicationCore.Ordering.CatalogItemOrdered	100%	100%
Dressca.ApplicationCore.Ordering.EmptyBasketOnCheckoutException	100%
Dressca.ApplicationCore.Ordering.NullBasketOnCheckoutException	100%
Dressca.ApplicationCore.Ordering.Order	100%	87.5%
Dressca.ApplicationCore.Ordering.OrderFactory	100%
Dressca.ApplicationCore.Ordering.OrderItem	88.2%	25%
Dressca.ApplicationCore.Ordering.OrderItemAsset	85.7%	75%
Dressca.ApplicationCore.Ordering.OrderNotFoundException	100%
Dressca.ApplicationCore.Ordering.ShipTo	100%	75%
Dressca.ApplicationCore.Resources.LogMessages	92.5%	100%
Dressca.ApplicationCore.Resources.Messages	88.8%	100%

Dressca.EfInfrastructure - 16.3%

Name	Line	Branch
Dressca.EfInfrastructure	16.3%	40.9%
Dressca.EfInfrastructure.Configurations.Assets.AssetConfiguration	100%
Dressca.EfInfrastructure.Configurations.Baskets.BasketConfiguration	100%
Dressca.EfInfrastructure.Configurations.Baskets.BasketItemConfiguration	100%
Dressca.EfInfrastructure.Configurations.Catalog.CatalogBrandConfiguration	100%
Dressca.EfInfrastructure.Configurations.Catalog.CatalogCategoryConfiguratio n	100%
Dressca.EfInfrastructure.Configurations.Catalog.CatalogItemAssetConfigurati on	100%
Dressca.EfInfrastructure.Configurations.Catalog.CatalogItemConfiguration	100%
Dressca.EfInfrastructure.Configurations.Ordering.OrderConfiguration	100%
Dressca.EfInfrastructure.Configurations.Ordering.OrderItemAssetConfiguratio n	100%
Dressca.EfInfrastructure.Configurations.Ordering.OrderItemConfiguration	100%
Dressca.EfInfrastructure.DresscaDbContext	83.7%	50%
Dressca.EfInfrastructure.EfAssetRepository	0%	0%
Dressca.EfInfrastructure.EfBasketRepository	69.6%	50%
Dressca.EfInfrastructure.EfCatalogBrandRepository	20%	50%
Dressca.EfInfrastructure.EfCatalogCategoryRepository	20%	50%
Dressca.EfInfrastructure.EfCatalogRepository	33.3%	50%
Dressca.EfInfrastructure.EfInfrastructureServicesExtension	81.8%	50%
Dressca.EfInfrastructure.EfOrderRepository	100%	50%
Dressca.EfInfrastructure.Events	0%
Dressca.EfInfrastructure.HealthChecksBuilderExtensions	60%
Dressca.EfInfrastructure.Migrations.DresscaDbContextModelSnapshot	0%
Dressca.EfInfrastructure.Migrations.InitialCreate	0%
Dressca.EfInfrastructure.Resources.Messages	0%	0%

Dressca.Store.Assets.StaticFiles - 9.4%

Name	Line	Branch
Dressca.Store.Assets.StaticFiles	9.4%	0%
Dressca.Store.Assets.StaticFiles.Events	0%
Dressca.Store.Assets.StaticFiles.Resources.LogMessages	0%	0%
Dressca.Store.Assets.StaticFiles.StaticFileAssetStore	0%	0%
Dressca.Store.Assets.StaticFiles.StaticFileAssetStoreServicesExtension	100%

Dressca.SystemCommon - 78.2%

Name	Line	Branch
Dressca.SystemCommon	78.2%	84.6%
Dressca.SystemCommon.BusinessError	100%	83.3%
Dressca.SystemCommon.BusinessErrorCollection	88.8%	100%
Dressca.SystemCommon.BusinessException	93.7%	100%
Dressca.SystemCommon.PagedList`1	0%	0%
Dressca.SystemCommon.Resources.Messages	55.5%	100%
Dressca.SystemCommon.Text.Json.DefaultJsonSerializerOptions	100%
System.ObjectExtensions	100%	50%
System.StringExtentions	100%	100%

Dressca.Web - 27.9%

Name	Line	Branch
Dressca.Web	27.9%	17.6%
__OptionValidationGeneratedAttributes	0%	0%
__OptionValidationStaticInstances	0%
Dressca.Web.Authorization.DummyAuthenticationHandler	0%
Dressca.Web.Authorization.StatusCodeMapAuthorizationMiddlewareResultHandler	0%	0%
Dressca.Web.Configuration.CookieSettingsValidator	0%	0%
Dressca.Web.Configuration.CookieSettings	0%	0%
Dressca.Web.Configuration.ValidateWebServerOptions	0%	0%
Dressca.Web.Configuration.WebServerOptions	0%
Dressca.Web.Controllers.ActionNameHelper	75%	50%
Dressca.Web.Controllers.ErrorController	8.3%	0%
Dressca.Web.Events	100%
Dressca.Web.HealthChecks.HealthCheckDescriptionProvider	7.8%	25%
Dressca.Web.Resources.LogMessages	55.5%	100%
Dressca.Web.Resources.Messages	54.1%	100%
Dressca.Web.Runtime.BusinessExceptionDevelopmentFilter	100%	50%
Dressca.Web.Runtime.BusinessExceptionFilter	100%	50%
Dressca.Web.Runtime.BusinessExceptionFilterBase	100%	83.3%
Dressca.Web.Runtime.DbUpdateConcurrencyExceptionDevelopmentFilter	100%	50%
Dressca.Web.Runtime.DbUpdateConcurrencyExceptionFilter	100%	50%
Dressca.Web.Runtime.DbUpdateConcurrencyExceptionFilterBase	100%	75%

Dressca.Web.Consumer - 41.5%

Name	Line	Branch
Dressca.Web.Consumer	41.5%	24%
__OptionValidationGeneratedAttributes	0%	0%
__OptionValidationStaticInstances	0%
Dressca.Web.Consumer.Assets.AssetExtensions	87.5%	50%
Dressca.Web.Consumer.Baskets.BuyerIdFilterAttribute	96.5%	58.3%
Dressca.Web.Consumer.Baskets.HttpContextExtensions	100%	100%
Dressca.Web.Consumer.Configuration.CookieSettingsValidator	0%	0%
Dressca.Web.Consumer.Configuration.CookieSettings	100%	100%
Dressca.Web.Consumer.Configuration.ValidateWebServerOptions	0%	0%
Dressca.Web.Consumer.Configuration.WebServerOptions	100%
Dressca.Web.Consumer.Controllers.ApiModel.FindCatalogItemsQuery	0%
Dressca.Web.Consumer.Controllers.AssetsController	0%	0%
Dressca.Web.Consumer.Controllers.BasketItemsController	34.3%	37.5%
Dressca.Web.Consumer.Controllers.CatalogBrandsController	0%	0%
Dressca.Web.Consumer.Controllers.CatalogCategoriesController	0%	0%
Dressca.Web.Consumer.Controllers.CatalogItemsController	0%	0%
Dressca.Web.Consumer.Controllers.OrdersController	88.2%	50%
Dressca.Web.Consumer.Events	0%
Dressca.Web.Consumer.Mapper.BasketItemMapper	0%	0%
Dressca.Web.Consumer.Mapper.BasketMapper	9.5%	25%
Dressca.Web.Consumer.Mapper.CatalogBrandMapper	0%	0%
Dressca.Web.Consumer.Mapper.CatalogCategoryMapper	0%	0%
Dressca.Web.Consumer.Mapper.CatalogItemMapper	0%	0%
Dressca.Web.Consumer.Mapper.CatalogItemSummaryResponseMapper	0%	0%
Dressca.Web.Consumer.Mapper.DtoMapperServicesExtension	100%
Dressca.Web.Consumer.Mapper.OrderMapper	95.1%	50%
Dressca.Web.Consumer.Resources.LogMessages	0%	0%
Dressca.Web.Consumer.Resources.Messages	0%	0%
Program	80.8%	75%

Dressca.Web.Consumer.Dto - 58.4%

Name	Line	Branch
Dressca.Web.Consumer.Dto	58.4%	****
Dressca.Web.Consumer.Dto.Accounting.AccountResponse	100%
Dressca.Web.Consumer.Dto.Baskets.BasketItemResponse	0%
Dressca.Web.Consumer.Dto.Baskets.BasketResponse	0%
Dressca.Web.Consumer.Dto.Baskets.PostBasketItemsRequest	100%
Dressca.Web.Consumer.Dto.Baskets.PutBasketItemsRequest	0%
Dressca.Web.Consumer.Dto.Catalog.CatalogBrandResponse	0%
Dressca.Web.Consumer.Dto.Catalog.CatalogCategoryResponse	0%
Dressca.Web.Consumer.Dto.Catalog.CatalogItemResponse	0%
Dressca.Web.Consumer.Dto.Catalog.CatalogItemSummaryResponse	100%
Dressca.Web.Consumer.Dto.Ordering.OrderItemResponse	100%
Dressca.Web.Consumer.Dto.Ordering.OrderResponse	100%
Dressca.Web.Consumer.Dto.Ordering.PostOrderRequest	100%

Maris.Logging.Testing - 94.2%

Name	Line	Branch
Maris.Logging.Testing	94.2%	100%
Maris.Logging.Testing.Xunit.TestLoggerManager	100%	100%
Maris.Logging.Testing.Xunit.XunitLogger	76.4%	100%
Maris.Logging.Testing.Xunit.XunitLoggerProvider	100%	100%
Microsoft.Extensions.DependencyInjection.TestLoggerServiceCollectionExtensi ons	100%
Microsoft.Extensions.Logging.FakeLoggingBuilderExtensions	100%
Microsoft.Extensions.Logging.XunitLoggingBuilderExtensions	100%

Fumika Koyama added 7 commits January 6, 2025 10:33

samples-dressca-consumer-backend.ci.ymlのアクションのバージョンをコミットハッシュで指定。

f2ac241

samples-dressca-admin-backend.ci.ymlのアクションのバージョンをコミットハッシュで指定。

56ef651

samples-console-app-with-di.ci.ymlのアクションのバージョンをコミットハッシュで指定。

23492e2

samples-azure-ad-b2c-auth-ci.ymlのアクションのバージョンをコミットハッシュで指定。

7317436

remove-old-artifacts.ymlのバージョンをコミットハッシュで指定。

a281eb5

check-openapi-generator-update.ymlのアクションのバージョンをコミットハッシュで指定。

c69f269

build-and-release-documents.ymlのアクションのバージョンをコミットハッシュで指定。

3bdda41

fkoyama self-assigned this Jan 6, 2025

Fumika Koyama added 2 commits January 6, 2025 14:03

lintエラーに対応。

97202bc

lintエラーに対応。

d66f57d

fkoyama added the CI/CD Github Actionsなどの修正 label Jan 6, 2025

tsuna-can-se requested changes Jan 6, 2025

View reviewed changes

.github/workflows/build-and-release-documents.yml Outdated Show resolved Hide resolved

azure/webapps-deployのバージョンを修正。

7d4e0d7

tsuna-can-se approved these changes Jan 6, 2025

View reviewed changes

tsuna-can-se merged commit 59b89da into main Jan 6, 2025
13 checks passed

tsuna-can-se deleted the feature/ワークフローのサードパーティーアクションをコミットハッシュで固定する branch January 6, 2025 08:47

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ワークフローのサードパーティーアクションのバージョンをコミットハッシュで固定する #2215

ワークフローのサードパーティーアクションのバージョンをコミットハッシュで固定する #2215

fkoyama commented Jan 6, 2025

github-actions bot commented Jan 6, 2025

ワークフローのサードパーティーアクションのバージョンをコミットハッシュで固定する #2215

ワークフローのサードパーティーアクションのバージョンをコミットハッシュで固定する #2215

Conversation

fkoyama commented Jan 6, 2025

この Pull request で実施したこと

この Pull request では実施していないこと

Issues や Discussions 、関連する Web サイトなどへのリンク

github-actions bot commented Jan 6, 2025

Test Result 📝

Coverage 📐