From afa775006f4dbc07d2a523c7cc0e52cedb3dc2c8 Mon Sep 17 00:00:00 2001 From: Darin Kotter Date: Tue, 25 Mar 2025 12:04:19 -0600 Subject: [PATCH] Update all actions we use in our workflows to pull from specific pinned commits --- .github/workflows/build-release-zip.yml | 6 +++--- .github/workflows/phpcs.yml | 4 ++-- .github/workflows/stable.yml | 8 ++++++-- .github/workflows/testing.yml | 10 +++++----- 4 files changed, 16 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build-release-zip.yml b/.github/workflows/build-release-zip.yml index 404fc03..b3058f3 100644 --- a/.github/workflows/build-release-zip.yml +++ b/.github/workflows/build-release-zip.yml @@ -12,7 +12,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Build run: | @@ -22,7 +22,7 @@ jobs: - name: Upload the ZIP file as an artifact if: ${{ github.event_name == 'workflow_dispatch' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 with: name: ${{ github.event.repository.name }} path: release @@ -30,7 +30,7 @@ jobs: - name: Upload release asset if: ${{ github.event_name == 'release' }} - uses: actions/upload-release-asset@v1 + uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # v1.0.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index c1f9472..0a6d89c 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -15,10 +15,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set PHP version - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 # v2.32.0 with: php-version: '7.4' tools: composer:v2 diff --git a/.github/workflows/stable.yml b/.github/workflows/stable.yml index 6950a25..9fda9bd 100644 --- a/.github/workflows/stable.yml +++ b/.github/workflows/stable.yml @@ -1,4 +1,5 @@ name: Build Stable branch + on: push: branches: @@ -8,16 +9,19 @@ jobs: release: name: Push (merge) to trunk runs-on: ubuntu-latest + steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: Build run: | composer install --no-dev composer build-zip rm -rf ./release && unzip ${{ github.event.repository.name }}.zip -d ./release + - name: Release to Stable - uses: s0/git-publish-subdir-action@develop + uses: s0/git-publish-subdir-action@ac113f6bfe8896e85a373534242c949a7ea74c98 # develop env: REPO: self BRANCH: stable diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index 8dcc92c..4e64eb1 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -30,10 +30,10 @@ jobs: steps: - name: Check out source code - uses: actions/checkout@v3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up PHP environment - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 # v2.32.0 with: php-version: '${{ matrix.php }}' extensions: gd, imagick, mysql, zip @@ -43,10 +43,10 @@ jobs: COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Install Composer dependencies & cache dependencies - uses: "ramsey/composer-install@v2" + uses: ramsey/composer-install@a2636af0004d1c0499ffca16ac0b4cc94df70565 # v3.1.0 env: COMPOSER_ROOT_VERSION: dev-${{ github.event.repository.default_branch }} - + - name: Configure DB environment run: | echo "MYSQL_HOST=127.0.0.1" >> $GITHUB_ENV @@ -55,7 +55,7 @@ jobs: echo "WP_CLI_TEST_DBROOTPASS=root" >> $GITHUB_ENV echo "WP_CLI_TEST_DBNAME=wp_cli_test" >> $GITHUB_ENV echo "WP_CLI_TEST_DBUSER=wp_cli_test" >> $GITHUB_ENV - echo "WP_CLI_TEST_DBPASS=password1" >> $GITHUB_ENV + echo "WP_CLI_TEST_DBPASS=password1" >> $GITHUB_ENV echo "WP_CLI_TEST_DBHOST=127.0.0.1:${{ job.services.mysql.ports['3306'] }}" >> $GITHUB_ENV - name: Prepare test database