Merge pull request #2634 from nextcloud/chore/noid/ghActionHashes

Add hashes to github action versions
This commit is contained in:
Andy Scherzinger 2022-12-16 15:47:03 +01:00 committed by GitHub
commit 46687a2f75
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 148 additions and 134 deletions

View File

@ -28,12 +28,12 @@ jobs:
echo "::set-output name=pr::${{ github.event.pull_request.number }}" echo "::set-output name=pr::${{ github.event.pull_request.number }}"
echo "::set-output name=repo::${{ github.event.pull_request.head.repo.full_name }}" echo "::set-output name=repo::${{ github.event.pull_request.head.repo.full_name }}"
fi fi
- uses: actions/checkout@v3 - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
with: with:
repository: ${{ steps.get-vars.outputs.repo }} repository: ${{ steps.get-vars.outputs.repo }}
ref: ${{ steps.get-vars.outputs.branch }} ref: ${{ steps.get-vars.outputs.branch }}
- name: Set up JDK 11 - name: Set up JDK 11
uses: actions/setup-java@v3 uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b # v3
with: with:
distribution: "temurin" distribution: "temurin"
java-version: 11 java-version: 11

View File

@ -4,6 +4,9 @@ on:
pull_request: pull_request:
branches: [ master, stable-* ] branches: [ master, stable-* ]
# Declare default permissions as read only.
permissions: read-all
jobs: jobs:
flavor: flavor:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -12,9 +15,9 @@ jobs:
matrix: matrix:
flavor: [ Generic, Gplay ] flavor: [ Generic, Gplay ]
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
- name: set up JDK 11 - name: set up JDK 11
uses: actions/setup-java@v3 uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b # v3
with: with:
distribution: "temurin" distribution: "temurin"
java-version: 11 java-version: 11
@ -23,7 +26,7 @@ jobs:
echo "org.gradle.jvmargs=-Xmx2g -XX:MaxMetaspaceSize=512m -XX:+HeapDumpOnOutOfMemoryError" >> gradle.properties echo "org.gradle.jvmargs=-Xmx2g -XX:MaxMetaspaceSize=512m -XX:+HeapDumpOnOutOfMemoryError" >> gradle.properties
./gradlew assemble${{ matrix.flavor }} ./gradlew assemble${{ matrix.flavor }}
- name: Archive apk - name: Archive apk
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # v3
if: ${{ always() }} if: ${{ always() }}
with: with:
name: Nextcloud-APK name: Nextcloud-APK

View File

@ -3,11 +3,14 @@ on:
pull_request_target: pull_request_target:
branches: [ master, stable-* ] branches: [ master, stable-* ]
permissions:
pull-requests: write
jobs: jobs:
auto-approve: auto-approve:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: hmarr/auto-approve-action@v3.1.0 - uses: hmarr/auto-approve-action@de8ae18c173c131e182d4adf2c874d8d2308a85b # v3.1.0
if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]' if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]'
with: with:
github-token: "${{ secrets.GITHUB_TOKEN }}" github-token: "${{ secrets.GITHUB_TOKEN }}"

View File

@ -4,6 +4,9 @@ on:
pull_request: pull_request:
branches: [ master, stable-* ] branches: [ master, stable-* ]
# Declare default permissions as read only.
permissions: read-all
jobs: jobs:
check: check:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -12,9 +15,9 @@ jobs:
matrix: matrix:
task: [ detekt, ktlintCheck ] task: [ detekt, ktlintCheck ]
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
- name: Set up JDK 11 - name: Set up JDK 11
uses: actions/setup-java@v3 uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b # v3
with: with:
distribution: "temurin" distribution: "temurin"
java-version: 11 java-version: 11

View File

@ -23,7 +23,7 @@ jobs:
steps: steps:
- name: Add reaction on start - name: Add reaction on start
uses: peter-evans/create-or-update-comment@v2 uses: peter-evans/create-or-update-comment@5adcb0bb0f9fb3f95ef05400558bdb3f329ee808 # v2
with: with:
token: ${{ secrets.COMMAND_BOT_PAT }} token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }} repository: ${{ github.event.repository.full_name }}
@ -31,18 +31,18 @@ jobs:
reaction-type: "+1" reaction-type: "+1"
- name: Checkout the latest code - name: Checkout the latest code
uses: actions/checkout@v3 uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
with: with:
fetch-depth: 0 fetch-depth: 0
token: ${{ secrets.COMMAND_BOT_PAT }} token: ${{ secrets.COMMAND_BOT_PAT }}
- name: Automatic Rebase - name: Automatic Rebase
uses: cirrus-actions/rebase@1.7 uses: cirrus-actions/rebase@6e572f08c244e2f04f9beb85a943eb618218714d # 1.7
env: env:
GITHUB_TOKEN: ${{ secrets.COMMAND_BOT_PAT }} GITHUB_TOKEN: ${{ secrets.COMMAND_BOT_PAT }}
- name: Add reaction on failure - name: Add reaction on failure
uses: peter-evans/create-or-update-comment@v2 uses: peter-evans/create-or-update-comment@5adcb0bb0f9fb3f95ef05400558bdb3f329ee808 # v2
if: failure() if: failure()
with: with:
token: ${{ secrets.COMMAND_BOT_PAT }} token: ${{ secrets.COMMAND_BOT_PAT }}

View File

@ -15,6 +15,6 @@ jobs:
steps: steps:
- name: Run check - name: Run check
uses: xt0rted/block-autosquash-commits-action@v2 uses: xt0rted/block-autosquash-commits-action@79880c36b4811fe549cfffe20233df88876024e7 # v2
with: with:
repo-token: ${{ secrets.GITHUB_TOKEN }} repo-token: ${{ secrets.GITHUB_TOKEN }}

View File

@ -4,10 +4,13 @@ on:
pull_request: pull_request:
branches: [ master, stable-* ] branches: [ master, stable-* ]
# Declare default permissions as read only.
permissions: read-all
jobs: jobs:
validation: validation:
name: "Validation" name: "Validation"
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
- uses: gradle/wrapper-validation-action@v1 - uses: gradle/wrapper-validation-action@55e685c48d84285a5b0418cd094606e199cca3b6 # v1

View File

@ -4,6 +4,10 @@ on:
pull_request: pull_request:
branches: [ master, stable-* ] branches: [ master, stable-* ]
permissions:
pull-requests: write
contents: read
jobs: jobs:
qa: qa:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -11,11 +15,11 @@ jobs:
- name: Check if secrets are available - name: Check if secrets are available
run: echo "::set-output name=ok::${{ secrets.KS_PASS != '' }}" run: echo "::set-output name=ok::${{ secrets.KS_PASS != '' }}"
id: check-secrets id: check-secrets
- uses: actions/checkout@v3 - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
if: ${{ steps.check-secrets.outputs.ok == 'true' }} if: ${{ steps.check-secrets.outputs.ok == 'true' }}
- name: set up JDK 11 - name: set up JDK 11
uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b # v3
if: ${{ steps.check-secrets.outputs.ok == 'true' }} if: ${{ steps.check-secrets.outputs.ok == 'true' }}
uses: actions/setup-java@v3
with: with:
distribution: "temurin" distribution: "temurin"
java-version: 11 java-version: 11

View File

@ -22,7 +22,5 @@ jobs:
only-labels: 'bug,needs info' only-labels: 'bug,needs info'
exempt-issue-labels: 'no-stale' exempt-issue-labels: 'no-stale'
stale-issue-message: >- stale-issue-message: >-
This bug report did not receive an update in the last 4 weeks. This bug report did not receive an update in the last 4 weeks. Please take a look again and update the issue with new details, otherwise the issue will be automatically closed in 2 weeks. Thank you!
Please take a look again and update the issue with new details,
otherwise the issue will be automatically closed in 2 weeks. Thank you!
exempt-all-pr-milestones: true exempt-all-pr-milestones: true