From 44d6e73525521ad343fe44c4c819cae02d36400d Mon Sep 17 00:00:00 2001 From: estebany-qd Date: Wed, 25 Mar 2026 11:14:19 -0500 Subject: [PATCH] ci: Pin all gh actions to commit SHAs --- .github/workflows/cd.yml | 20 ++++++++++---------- .github/workflows/test.yml | 8 ++++---- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 1c8b2ac..ab8fc26 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -17,10 +17,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Set up JDK 17 - uses: actions/setup-java@v3 + uses: actions/setup-java@17f84c3641ba7b8f6deff6309fc4c864478f5d62 # v3.14.1 with: java-version: '17' distribution: 'temurin' @@ -29,19 +29,19 @@ jobs: run: echo "api.version=1.44" > $HOME/.docker-java.properties - name: Build - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@a8f75513eafdebd8141bd1cd4e30fcd194af8dfa # v2.12.0 with: gradle-version: 8.5 arguments: build - name: Test - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@a8f75513eafdebd8141bd1cd4e30fcd194af8dfa # v2.12.0 with: gradle-version: 8.5 arguments: test --info - name: Test Results - uses: mikepenz/action-junit-report@v4 + uses: mikepenz/action-junit-report@db71d41eb79864e25ab0337e395c352e84523afe # v4.3.1 if: always() with: fail_on_failure: true @@ -49,7 +49,7 @@ jobs: report_paths: '**/build/test-results/test/TEST-*.xml' - name: Upload Jars - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: QdrantJava path: build/libs @@ -65,10 +65,10 @@ jobs: ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.ORG_GRADLE_PROJECT_SONATYPEPASSWORD }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Set up JDK 17 - uses: actions/setup-java@v3 + uses: actions/setup-java@17f84c3641ba7b8f6deff6309fc4c864478f5d62 # v3.14.1 with: java-version: '17' distribution: 'temurin' @@ -77,13 +77,13 @@ jobs: run: echo "api.version=1.44" > $HOME/.docker-java.properties - name: Publish package - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@a8f75513eafdebd8141bd1cd4e30fcd194af8dfa # v2.12.0 with: gradle-version: 8.5 arguments: publishToSonatype closeAndReleaseSonatypeStagingRepository - name: Deploy javadoc to Github Pages - uses: dev-vince/actions-publish-javadoc@v1.0.1 + uses: dev-vince/actions-publish-javadoc@4004c6ca5881690e83c49a28a0b16fcab089e860 # v1.0.1 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} java-version: "17" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8cd8238..d60987e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -19,10 +19,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Set up JDK 17 - uses: actions/setup-java@v3 + uses: actions/setup-java@17f84c3641ba7b8f6deff6309fc4c864478f5d62 # v3.14.1 with: java-version: '17' distribution: 'temurin' @@ -31,13 +31,13 @@ jobs: run: echo "api.version=1.44" > $HOME/.docker-java.properties - name: Build - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@a8f75513eafdebd8141bd1cd4e30fcd194af8dfa # v2.12.0 with: gradle-version: 8.5 arguments: build --info - name: Test - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@a8f75513eafdebd8141bd1cd4e30fcd194af8dfa # v2.12.0 with: gradle-version: 8.5 arguments: test --info