From 112a15b3e3f6ea0b396810f79dbe15d4d7a85524 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Thu, 30 May 2024 10:22:58 -0700 Subject: [PATCH] chore: github action version bumps (#61) * chore: update actions/checkout to v4.1.5 * chore: update actions/setup-node to v4.0.2 * chore: update actions/upload-artifact to v4.3.3 * chore: update aws-actions/configure-aws-credentials to v4.0.2 * chore: update dawidd6/action-download-artifact to v3.1.4 * chore: update denoland/setup-deno to v1.1.4 * chore: update signed-commits to changesets-signed-commits@1.2.3 * chore: update github-app-token-issuer to v2.3.19 * chore: update utils/wait-for-workflows to v2.3.19 * chore: update sonarsource/sonarqube-scan-action to v2.1.0 --- .github/workflows/cd.yml | 11 ++++++----- .github/workflows/lint.yaml | 6 +++--- .github/workflows/sonar-scan.yaml | 12 ++++++------ .github/workflows/test-package.yaml | 6 +++--- .github/workflows/test.yaml | 8 ++++---- 5 files changed, 22 insertions(+), 21 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 23ac5b4..5df8b41 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -18,27 +18,28 @@ jobs: contents: read steps: - name: Assume role capable of getting token from gati - uses: aws-actions/configure-aws-credentials@8c3f20df09ac63af7b3ae3d7c91f105f857d8497 # v4.0.0 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: role-to-assume: ${{ secrets.AWS_OIDC_FUNCTIONS_TOOLKIT_CI_CHANGESET_TOKEN_ISSUER_ROLE_ARN }} role-duration-seconds: '900' aws-region: ${{ secrets.AWS_REGION }} + mask-aws-account-id: true - name: Get github token from gati id: gati - uses: smartcontractkit/chainlink-github-actions/github-app-token-issuer@main + uses: smartcontractkit/chainlink-github-actions/github-app-token-issuer@fc3e0df622521019f50d772726d6bf8dc919dd38 # v2.3.19 with: url: ${{ secrets.LAMBDA_FUNCTIONS_URL }} - name: Checkout the repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: # This sets up the local git config so that the changesets action # can commit changes to the repo on behalf of the GitHub Actions bot. token: ${{ steps.gati.outputs.access-token }} - name: Setup node - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: cache: npm node-version: '18' @@ -54,7 +55,7 @@ jobs: - name: Create Release Pull Request or Publish to NPM id: changesets - uses: smartcontractkit/.github/actions/signed-commits@2ad717a39e5007bcdc4168e970ca21983c046a0e # changesets-signed-commits@1.0.2 + uses: smartcontractkit/.github/actions/signed-commits@ff80d56f5301dc8a65f66c4d47d746ee956beed9 # changesets-signed-commits@1.2.3 with: publish: npx changeset publish env: diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 171b156..395e8f8 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -6,10 +6,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Set up Node.js - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: 18 @@ -21,7 +21,7 @@ jobs: - name: Upload ESLint report if: always() - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: eslint-report path: ./eslint-report.json diff --git a/.github/workflows/sonar-scan.yaml b/.github/workflows/sonar-scan.yaml index df8f06b..0b71d0b 100644 --- a/.github/workflows/sonar-scan.yaml +++ b/.github/workflows/sonar-scan.yaml @@ -13,12 +13,12 @@ jobs: if: always() steps: - name: Checkout Repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: ref: ${{ github.event.pull_request.head.sha || github.event.merge_group.head_sha }} - name: Wait for workflows - uses: smartcontractkit/chainlink-github-actions/utils/wait-for-workflows@main + uses: smartcontractkit/chainlink-github-actions/utils/wait-for-workflows@fc3e0df622521019f50d772726d6bf8dc919dd38 # v2.3.19 with: max-timeout: '900' polling-interval: '30' @@ -35,12 +35,12 @@ jobs: if: always() steps: - name: Checkout the repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: fetch-depth: 0 # fetches all history for all tags and branches to provide more metadata for sonar reports - name: Download ESLint report - uses: dawidd6/action-download-artifact@v2.28.0 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 with: workflow: lint.yaml workflow_conclusion: '' @@ -48,7 +48,7 @@ jobs: if_no_artifact_found: warn - name: Download tests report - uses: dawidd6/action-download-artifact@v2.28.0 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 with: workflow: test.yaml workflow_conclusion: '' @@ -68,7 +68,7 @@ jobs: - name: SonarQube Scan if: always() - uses: sonarsource/sonarqube-scan-action@v2.0.1 + uses: sonarsource/sonarqube-scan-action@86fe81775628f1c6349c28baab87881a2170f495 # v2.1.0 with: args: > -Dsonar.javascript.lcov.reportPaths=${{ steps.sonarqube_report_paths.outputs.sonarqube_coverage_report_paths }} diff --git a/.github/workflows/test-package.yaml b/.github/workflows/test-package.yaml index cbc8f21..6954bed 100644 --- a/.github/workflows/test-package.yaml +++ b/.github/workflows/test-package.yaml @@ -11,10 +11,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Set up Node.js - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: 18 @@ -22,7 +22,7 @@ jobs: run: npm install # npm install instead of npm ci is used to prevent unsupported platform errors due to the fsevents sub-dependency --no-optional - name: Setup Deno - uses: denoland/setup-deno@0df5d9c641efdff149993c321fc27c11c5df8623 # v1.1.3 + uses: denoland/setup-deno@041b854f97b325bd60e53e9dc2de9cb9f9ac0cba # v1.1.4 with: deno-version: '1.36.2' diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index aa09b72..69371d5 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -14,10 +14,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Set up Node.js - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: 18 @@ -25,7 +25,7 @@ jobs: run: npm install # npm install instead of npm ci is used to prevent unsupported platform errors due to the fsevents sub-dependency - name: Setup Deno - uses: denoland/setup-deno@0df5d9c641efdff149993c321fc27c11c5df8623 # v1.1.3 + uses: denoland/setup-deno@041b854f97b325bd60e53e9dc2de9cb9f9ac0cba # v1.1.4 with: deno-version: '1.36.2' @@ -35,7 +35,7 @@ jobs: - name: Upload test coverage report if: always() - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: unit-tests-coverage path: ./coverage/lcov.info