From 9a67686d51eac9b3f6eb259b7613a3f25af0a2db Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 12 Jun 2026 10:00:34 +0000 Subject: [PATCH] Pin dependencies --- .github/workflows/dev.yml | 4 ++-- .github/workflows/nightly.yaml | 4 ++-- .github/workflows/test.yml | 4 ++-- .github/workflows/upload_oci.yml | 4 ++-- Containerfile | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index 6bfa608..dc17ae7 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -27,7 +27,7 @@ jobs: VERSION: ${{ steps.version.outputs.VERSION }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: submodules: recursive @@ -61,7 +61,7 @@ jobs: image_tag: ${{ steps.meta.outputs.image_tag }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Compute image metadata id: meta run: | diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml index 709994c..5a3ab18 100644 --- a/.github/workflows/nightly.yaml +++ b/.github/workflows/nightly.yaml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: submodules: recursive build: @@ -40,7 +40,7 @@ jobs: image_tag: ${{ steps.meta.outputs.image_tag }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Compute image tag id: meta run: | diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 92c5d4e..b2d37fc 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -18,9 +18,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Install oras - uses: oras-project/setup-oras@v1 + uses: oras-project/setup-oras@22ce207df3b08e061f537244349aac6ae1d214f6 # v1 with: version: 1.2.2 - name: Validate image tag diff --git a/.github/workflows/upload_oci.yml b/.github/workflows/upload_oci.yml index 35969cc..f83dc1c 100644 --- a/.github/workflows/upload_oci.yml +++ b/.github/workflows/upload_oci.yml @@ -37,12 +37,12 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4.1.1 with: submodules: true - - uses: oras-project/setup-oras@v1 + - uses: oras-project/setup-oras@22ce207df3b08e061f537244349aac6ae1d214f6 # v1 - run: oras version - name: Install python-gardenlinux-lib uses: gardenlinux/python-gardenlinux-lib/.github/actions/setup@19c1b24c01faab81a7fe24713748dd172d00904a - name: Install cosign - uses: sigstore/cosign-installer@v3.9.1 + uses: sigstore/cosign-installer@398d4b0eeef1380460a10c8013a76f728fb906ac # v3.9.1 with: cosign-release: 'v2.4.1' - name: Set flavor version reference diff --git a/Containerfile b/Containerfile index c4ae04f..edd1ecc 100644 --- a/Containerfile +++ b/Containerfile @@ -1,3 +1,3 @@ -FROM ghcr.io/gardenlinux/builder:d6d24ba1aec66889a2acab83aedcb00e869abfcd +FROM ghcr.io/gardenlinux/builder:d6d24ba1aec66889a2acab83aedcb00e869abfcd@sha256:3dc78daebb56605baf105d2f20a6e8b94137237c1c2587b80d571fbb5c9f49ab RUN sed 's/version="$2"/version=\$(echo \$2 | cut -d. -f 1-2)/' -i /builder/bootstrap