Skip to content

Commit

Permalink
Pin tibdex/github-app-token action (#31115)
Browse files Browse the repository at this point in the history
This is a 3rd-party action with access to some moderately privileged
GitHub Applications private tokens.  If tibdex were compromised
for any reason, we don't want to accidentally pick up an unexpected
malicious update to v1.
  • Loading branch information
wadells authored Aug 30, 2023
1 parent d4efd17 commit 8c20be8
Show file tree
Hide file tree
Showing 6 changed files with 6 additions and 6 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/backport.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
steps:
- name: Generate GitHub Token
id: generate_token
uses: tibdex/github-app-token@v1
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 # v1.8.0
with:
app_id: ${{ secrets.REVIEWERS_APP_ID }}
private_key: ${{ secrets.REVIEWERS_PRIVATE_KEY }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/bloat.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ jobs:

- name: Generate GitHub Token
id: generate_token
uses: tibdex/github-app-token@v1
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 # v1.8.0
with:
app_id: ${{ secrets.REVIEWERS_APP_ID }}
private_key: ${{ secrets.REVIEWERS_PRIVATE_KEY }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/check.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ jobs:
steps:
- name: Generate GitHub Token
id: generate_token
uses: tibdex/github-app-token@v1
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 # v1.8.0
with:
app_id: ${{ secrets.REVIEWERS_APP_ID }}
private_key: ${{ secrets.REVIEWERS_PRIVATE_KEY }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/flaky-tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ jobs:

- name: Generate GitHub Token
id: generate_token
uses: tibdex/github-app-token@v1
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 # v1.8.0
with:
app_id: ${{ secrets.REVIEWERS_APP_ID }}
private_key: ${{ secrets.REVIEWERS_PRIVATE_KEY }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/post-release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ jobs:
- name: Generate Github token
id: generate_token
uses: tibdex/github-app-token@v1
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 # v1.8.0
with:
app_id: ${{ vars.APP_ID }}
private_key: ${{ secrets.PRIVATE_KEY }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/update-ami-ids.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
steps:
- name: Generate Github token
id: generate_token
uses: tibdex/github-app-token@v1
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 # v1.8.0
with:
app_id: ${{ vars.APP_ID }}
private_key: ${{ secrets.PRIVATE_KEY }}
Expand Down

0 comments on commit 8c20be8

Please sign in to comment.