diff --git a/.github/workflows/acceptance-test.yml b/.github/workflows/acceptance-test.yml index 98d012cb8..783b6bdcc 100644 --- a/.github/workflows/acceptance-test.yml +++ b/.github/workflows/acceptance-test.yml @@ -19,7 +19,7 @@ jobs: outputs: go-version: ${{ steps.get-go-version.outputs.go-version }} steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: 'Determine Go version' id: get-go-version # We use .go-version as our source of truth for current Go @@ -40,12 +40,12 @@ jobs: # Packer GH Token for API Rate Limiting PACKER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - - uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - name: IAM Assume Role - uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 + uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2.2.0 with: role-to-assume: ${{ env.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} @@ -70,7 +70,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Send slack notification on failure - uses: slackapi/slack-github-action@007b2c3c751a190b6f0f040e47ed024deaa72844 # v1.23.0 + uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0 with: payload: | { diff --git a/.github/workflows/auto-close-stale-issues.yml b/.github/workflows/auto-close-stale-issues.yml index 40b04dec1..af4a089df 100644 --- a/.github/workflows/auto-close-stale-issues.yml +++ b/.github/workflows/auto-close-stale-issues.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@a20b814fb01b71def3bd6f56e7494d667ddf28da # v8.0.0 + - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8.0.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} days-before-issue-stale: 23 diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 657b9c39e..b713ef623 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -26,7 +26,7 @@ jobs: outputs: go-version: ${{ steps.get-go-version.outputs.go-version }} steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: 'Determine Go version' id: get-go-version # We use .go-version as our source of truth for current Go @@ -44,7 +44,7 @@ jobs: product-prerelease-version: ${{ steps.set-product-version.outputs.prerelease-product-version }} set-ld-flags: ${{ steps.set-ld-flags.outputs.set-ld-flags }} steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: set product version id: set-product-version uses: hashicorp/actions-set-product-version@v1 @@ -67,7 +67,7 @@ jobs: filepath: ${{ steps.generate-metadata-file.outputs.filepath }} steps: - name: 'Checkout directory' - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Generate metadata file id: generate-metadata-file uses: hashicorp/actions-generate-metadata@main @@ -105,7 +105,7 @@ jobs: GOPRIVATE: "github.com/hashicorp" GO111MODULE: on steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Go Build env: PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} @@ -142,7 +142,7 @@ jobs: GO111MODULE: on steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Go Build env: PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} @@ -204,7 +204,7 @@ jobs: GO111MODULE: on steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Go Build env: PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} @@ -234,7 +234,7 @@ jobs: env: version: ${{ needs.set-product-version.outputs.product-version }} steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Docker Build (Action) uses: hashicorp/actions-docker-build@v1 with: diff --git a/.github/workflows/check-plugin-docs.yml b/.github/workflows/check-plugin-docs.yml index c43ae9cb3..00ba2851e 100644 --- a/.github/workflows/check-plugin-docs.yml +++ b/.github/workflows/check-plugin-docs.yml @@ -23,9 +23,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Setup Node - uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 + uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0 with: node-version: '16.x' - name: Install Dependencies diff --git a/.github/workflows/create-release-branch.yml b/.github/workflows/create-release-branch.yml index 0d1f4f395..780087058 100644 --- a/.github/workflows/create-release-branch.yml +++ b/.github/workflows/create-release-branch.yml @@ -4,7 +4,7 @@ jobs: create-branch: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: hashicorp/actions-create-release-branch@v1 with: token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} diff --git a/.github/workflows/go-test.yml b/.github/workflows/go-test.yml index 93f8eeb1a..2f426d16a 100644 --- a/.github/workflows/go-test.yml +++ b/.github/workflows/go-test.yml @@ -24,7 +24,7 @@ jobs: outputs: go-version: ${{ steps.get-go-version.outputs.go-version }} steps: - - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: 'Determine Go version' id: get-go-version run: | @@ -36,8 +36,8 @@ jobs: runs-on: ubuntu-latest name: Linux go tests steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - - uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: TESTARGS="-coverprofile=coverage.txt -covermode=atomic" make ci @@ -47,8 +47,8 @@ jobs: runs-on: macos-latest name: Darwin go tests steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - - uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: go test ./... -coverprofile=coverage.txt -covermode=atomic @@ -58,8 +58,8 @@ jobs: runs-on: windows-latest name: Windows go tests steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - - uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: go test ./... -coverprofile=coverage.txt -covermode=atomic diff --git a/.github/workflows/go-validate.yml b/.github/workflows/go-validate.yml index d67b3aa51..a3c45f794 100644 --- a/.github/workflows/go-validate.yml +++ b/.github/workflows/go-validate.yml @@ -20,7 +20,7 @@ jobs: outputs: go-version: ${{ steps.get-go-version.outputs.go-version }} steps: - - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: 'Determine Go version' id: get-go-version run: | @@ -32,8 +32,8 @@ jobs: runs-on: ubuntu-latest name: Go Mod Tidy steps: - - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 - - uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: go mod tidy @@ -43,10 +43,10 @@ jobs: runs-on: ubuntu-latest name: Lint steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: fetch-depth: 0 - - uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: echo "$GITHUB_SHA" @@ -59,8 +59,8 @@ jobs: runs-on: ubuntu-latest name: Fmt check steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - - uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: make fmt-check @@ -70,8 +70,8 @@ jobs: runs-on: ubuntu-latest name: Generate check steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - - uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: make generate-check diff --git a/.github/workflows/issue-comment-created.yml b/.github/workflows/issue-comment-created.yml index f250dc1f1..e28ac0d09 100644 --- a/.github/workflows/issue-comment-created.yml +++ b/.github/workflows/issue-comment-created.yml @@ -14,7 +14,7 @@ jobs: issues: write # for actions-ecosystem/action-remove-labels to remove issue labels runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions-ecosystem/action-remove-labels@2ce5d41b4b6aa8503e285553f75ed56e0a40bae0 # v1.3.0 with: github_token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/issue-migrator.yml b/.github/workflows/issue-migrator.yml index 9acc66ee6..58eed27f2 100644 --- a/.github/workflows/issue-migrator.yml +++ b/.github/workflows/issue-migrator.yml @@ -12,7 +12,7 @@ jobs: if: startsWith(github.event.label.name, 'remote-plugin/') runs-on: ubuntu-latest steps: - - uses: bflad/action-migrate-issue@main # TSCCR: no entry for repository "bflad/action-migrate-issue" + - uses: bflad/action-migrate-issue@main # TSCCR: no entry for repository "bflad/action-migrate-issue" with: source-issue-comment: | This issue has been migrated to {target-issue-url} due to the [Packer Plugin split](https://github.com/hashicorp/packer/issues/8610#issuecomment-770034737). diff --git a/.github/workflows/issues-opened.yml b/.github/workflows/issues-opened.yml index 57a8cd0cb..86adfacef 100644 --- a/.github/workflows/issues-opened.yml +++ b/.github/workflows/issues-opened.yml @@ -13,8 +13,8 @@ jobs: issues: write # for github/issue-labeler to create or remove labels runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - - uses: github/issue-labeler@e24a3eb6b2e28c8904d086302a2b760647f5f45c # v3.1 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: github/issue-labeler@98b5412841f6c4b0b3d9c29d53c13fad16bd7de2 # v3.2 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" configuration-path: .github/labeler-issue-triage.yml @@ -27,7 +27,7 @@ jobs: if: contains(github.event.issue.labels.*.name, 'question') runs-on: ubuntu-latest steps: - - uses: actions-ecosystem/action-create-comment@v1.0.2 # TSCCR: no entry for repository "actions-ecosystem/action-create-comment" + - uses: actions-ecosystem/action-create-comment@v1.0.2 # TSCCR: no entry for repository "actions-ecosystem/action-create-comment" with: github_token: ${{ secrets.GITHUB_TOKEN }} body: | @@ -39,7 +39,7 @@ jobs: If no activity is taken on this question within 30 days it will be automatically closed. If you find the forum to be more helpful or if you've found the answer to your question elsewhere please feel free to post a response and close the issue. - - uses: actions-ecosystem/action-add-labels@v1.1.3 # TSCCR: no entry for repository "actions-ecosystem/action-add-labels" + - uses: actions-ecosystem/action-add-labels@v1.1.3 # TSCCR: no entry for repository "actions-ecosystem/action-add-labels" with: github_token: ${{ secrets.GITHUB_TOKEN }} labels: needs-reply diff --git a/.github/workflows/jira.yml b/.github/workflows/jira.yml index e0e82a97f..a0fe240ed 100644 --- a/.github/workflows/jira.yml +++ b/.github/workflows/jira.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Login - uses: atlassian/gajira-login@45fd029b9f1d6d8926c6f04175aa80c0e42c9026 # v3.0.1 + uses: atlassian/gajira-login@ca13f8850ea309cf44a6e4e0c49d9aa48ac3ca4c # v3 env: JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} @@ -61,7 +61,7 @@ jobs: - name: Create ticket id: create-ticket if: steps.search.outputs.issue == '' && github.event.label.name == 'sync to jira' && steps.set-ticket-type.outputs.type != 'Invalid' - uses: atlassian/gajira-create@59e177c4f6451399df5b4911c2211104f171e669 # v3.0.1 + uses: atlassian/gajira-create@1ff0b6bd115a780592b47bfbb63fc4629132e6ec # v3 with: project: HPR issuetype: "${{ steps.set-ticket-type.outputs.type }}" @@ -74,7 +74,7 @@ jobs: - name: Add tracking comment if: steps.create-ticket.outputs.issue != '' && steps.set-ticket-type.outputs.type != 'Invalid' - uses: actions-ecosystem/action-create-comment@v1.0.0 # TSCCR: no entry for repository "actions-ecosystem/action-create-comment" + uses: actions-ecosystem/action-create-comment@v1.0.0 # TSCCR: no entry for repository "actions-ecosystem/action-create-comment" with: github_token: ${{ secrets.GITHUB_TOKEN }} body: | diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml index 77f57ab0a..f1f17b358 100644 --- a/.github/workflows/lock.yml +++ b/.github/workflows/lock.yml @@ -15,7 +15,7 @@ jobs: pull-requests: write # for dessant/lock-threads to lock PRs runs-on: ubuntu-latest steps: - - uses: dessant/lock-threads@c1b35aecc5cdb1a34539d14196df55838bb2f836 # v4.0.0 + - uses: dessant/lock-threads@be8aa5be94131386884a6da4189effda9b14aa21 # v4.0.1 with: github-token: ${{ github.token }} issue-comment: > diff --git a/.github/workflows/nightly-release.yml b/.github/workflows/nightly-release.yml index ea388be05..72a1ee350 100644 --- a/.github/workflows/nightly-release.yml +++ b/.github/workflows/nightly-release.yml @@ -24,7 +24,7 @@ jobs: needs: build-artifacts runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Download built artifacts uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: @@ -38,7 +38,7 @@ jobs: echo "BUILD_OUTPUT_LIST=$(cat tmp2.txt | tr '\n' ',' | perl -ple 'chop')" >> $GITHUB_ENV rm -rf tmp.txt && rm -rf tmp2.txt - name: Advance nightly tag - uses: actions/github-script@ffc2c79a5b2490bd33e0a41c1de74b877714d736 # v3 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -62,7 +62,7 @@ jobs: - name: Create a nightly GitHub prerelease id: create_prerelease continue-on-error: true - uses: ncipollo/release-action@v1 # TSCCR: no entry for repository "ncipollo/release-action" + uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # v1.12.0 with: name: nightly artifacts: "${{ env.BUILD_OUTPUT_LIST }}" @@ -85,7 +85,7 @@ jobs: - name: Retry failed nightly GitHub prerelease id: create_prerelease_retry if: steps.create_prerelease.outcome == 'failure' - uses: ncipollo/release-action@v1 # TSCCR: no entry for repository "ncipollo/release-action" + uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # v1.12.0 with: name: nightly artifacts: "${{ env.BUILD_OUTPUT_LIST }}" @@ -101,7 +101,7 @@ jobs: run: | echo "prerelease_id=${{ steps.create_prerelease_retry.outputs.id }}" >> $GITHUB_ENV - name: Publish nightly GitHub prerelease - uses: eregon/publish-release@v1 # TSCCR: no entry for repository "eregon/publish-release" + uses: eregon/publish-release@46913fa2b3f7edc7345ae3c17f6d1b093a54916d # v1.0.5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -117,7 +117,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Send slack notification on failure - uses: slackapi/slack-github-action@007b2c3c751a190b6f0f040e47ed024deaa72844 # v1.23.0 + uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0 with: payload: | {