diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 414d27e..c1e80b2 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -19,7 +19,7 @@ jobs: outputs: docs_only: ${{ steps.filter.outputs.docs_only }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 - name: Detect docs-only changes @@ -70,7 +70,7 @@ jobs: needs: [changes] runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7 with: version: "0.9.x" @@ -87,7 +87,7 @@ jobs: needs: [changes] runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Build Railway image for scan run: docker build -f Dockerfile.railway -t pic-api:scan . - name: Scan image with Trivy @@ -106,7 +106,7 @@ jobs: needs: [changes] runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7 with: version: "0.9.x" @@ -135,7 +135,7 @@ jobs: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7 with: version: "0.9.x" @@ -184,7 +184,7 @@ jobs: needs: [changes, unit-test, integration-test] runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: pattern: coverage-* @@ -230,7 +230,7 @@ jobs: MODAL_TOKEN_ID: ${{ secrets.MODAL_TOKEN_ID }} MODAL_TOKEN_SECRET: ${{ secrets.MODAL_TOKEN_SECRET }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 2 - name: Determine rollback SHA @@ -255,7 +255,7 @@ jobs: needs: [deploy-modal] runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Install httpx run: pip install httpx - name: Run smoke tests @@ -278,7 +278,7 @@ jobs: MODAL_TOKEN_ID: ${{ secrets.MODAL_TOKEN_ID }} MODAL_TOKEN_SECRET: ${{ secrets.MODAL_TOKEN_SECRET }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: ref: ${{ needs.deploy-modal.outputs.rollback_sha }} - uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7 diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml index 4c58a43..2169d4a 100644 --- a/.github/workflows/deploy-staging.yml +++ b/.github/workflows/deploy-staging.yml @@ -15,7 +15,7 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7 with: version: "0.9.x" @@ -30,7 +30,7 @@ jobs: unit-test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7 with: version: "0.9.x" @@ -41,7 +41,7 @@ jobs: container-scan: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Build Railway image for scan run: docker build -f Dockerfile.railway -t pic-api:scan . - name: Scan image with Trivy @@ -68,7 +68,7 @@ jobs: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7 with: version: "0.9.x" @@ -116,7 +116,7 @@ jobs: MODAL_TOKEN_ID: ${{ secrets.STAGING_MODAL_TOKEN_ID }} MODAL_TOKEN_SECRET: ${{ secrets.STAGING_MODAL_TOKEN_SECRET }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7 with: version: "0.9.x"