From 5bb83fe0c5d0dd37108ee74b4a53efe905d7f38f Mon Sep 17 00:00:00 2001 From: Grische <2787581+grische@users.noreply.github.com> Date: Mon, 13 Jan 2025 11:14:25 +0100 Subject: [PATCH 1/2] github: pin create-github-app-token to v1 we don't need to pin official actions to specific hashes --- .github/workflows/backport.yml | 4 ++-- .github/workflows/bump-modules.yml | 4 ++-- .github/workflows/update-targets.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index c299401..9b6d0a6 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -14,9 +14,9 @@ jobs: steps: - name: Clone Firmware uses: actions/checkout@v4 # v4 - + - name: Get Github App Token - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 + uses: actions/create-github-app-token@v1 # v1 id: app-token with: app-id: ${{ vars.APP_ID }} diff --git a/.github/workflows/bump-modules.yml b/.github/workflows/bump-modules.yml index 2ee8cd4..dc0696d 100644 --- a/.github/workflows/bump-modules.yml +++ b/.github/workflows/bump-modules.yml @@ -12,7 +12,7 @@ jobs: uses: actions/checkout@v4 # v4 - name: Get Github App Token - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 + uses: actions/create-github-app-token@v1 # v1 id: app-token with: app-id: ${{ vars.APP_ID }} @@ -27,7 +27,7 @@ jobs: - name: Configure Git User and E-Mail run: git config --global user.name "${{ env.COMMIT_NAME }}" && git config --global user.email "${{ env.COMMIT_EMAIL }}" env: - COMMIT_NAME: ${{ steps.app-token.outputs.app-slug }}[bot] + COMMIT_NAME: ${{ steps.app-token.outputs.app-slug }}[bot] COMMIT_EMAIL: ${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com - name: Get update branch name diff --git a/.github/workflows/update-targets.yml b/.github/workflows/update-targets.yml index 7e8e882..0526e68 100644 --- a/.github/workflows/update-targets.yml +++ b/.github/workflows/update-targets.yml @@ -21,7 +21,7 @@ jobs: uses: actions/checkout@v4 # v4 - name: Get Github App Token - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 + uses: actions/create-github-app-token@v1 # v1 id: app-token with: app-id: ${{ vars.APP_ID }} From 6ab59e803938323b9fdd221040207da679e94ae5 Mon Sep 17 00:00:00 2001 From: Grische <2787581+grische@users.noreply.github.com> Date: Mon, 13 Jan 2025 11:15:31 +0100 Subject: [PATCH 2/2] github: pin download/upload artifacts to v4 --- .github/workflows/firmware.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/firmware.yml b/.github/workflows/firmware.yml index ba74e89..bf7ebc1 100644 --- a/.github/workflows/firmware.yml +++ b/.github/workflows/firmware.yml @@ -60,7 +60,7 @@ jobs: make BROKEN=1 GLUON_TARGETS=${{ matrix.target }} BUILD_NUMBER=${{ github.event.pull_request.number && format('pr{0}', github.event.pull_request.number) || github.run_id && format('run{0}', github.run_id) }} V=s echo "status=success" >> $GITHUB_OUTPUT - name: Upload firmware ${{ matrix.target }} - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@v4 # v4 if: steps.compile.outputs.status == 'success' with: name: ${{ matrix.target }}_output @@ -72,7 +72,7 @@ jobs: if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') steps: - name: Download all artifacts - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@v4 # v4 - name: Display structure of artifacts run: ls -R - name: Create tar.gz files