use sha-versions for most gh actions

PiperOrigin-RevId: 564692809
This commit is contained in:
Evgenii Kliuchnikov 2023-09-12 05:48:59 -07:00 committed by Copybara-Service
parent 91d1b2d623
commit 63402aa8af
4 changed files with 17 additions and 16 deletions

View File

@ -233,14 +233,14 @@ jobs:
sudo apt install -y ${EXTRA_PACKAGES} sudo apt install -y ${EXTRA_PACKAGES}
- name: Checkout the source - name: Checkout the source
uses: actions/checkout@v4 uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
with: with:
submodules: false submodules: false
fetch-depth: 1 fetch-depth: 1
#- name: Checkout VC9 for Python #- name: Checkout VC9 for Python
# if: ${{ runner.os == 'Windows' && matrix.build_system == 'python' && matrix.python_version == '2.7' }} # if: ${{ runner.os == 'Windows' && matrix.build_system == 'python' && matrix.python_version == '2.7' }}
# uses: actions/checkout@v4 # uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
# with: # with:
# repository: reider-roque/sulley-win-installer # repository: reider-roque/sulley-win-installer
# path: third_party/VCForPython27 # path: third_party/VCForPython27
@ -338,7 +338,7 @@ jobs:
cd integration cd integration
mvn -B verify mvn -B verify
- uses: actions/setup-python@v4 - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
if: ${{ matrix.build_system == 'python' }} if: ${{ matrix.build_system == 'python' }}
with: with:
python-version: ${{ matrix.python_version }} python-version: ${{ matrix.python_version }}
@ -367,7 +367,7 @@ jobs:
steps: steps:
- name: Checkout the source - name: Checkout the source
uses: actions/checkout@v4 uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
with: with:
submodules: false submodules: false
fetch-depth: 1 fetch-depth: 1

View File

@ -31,11 +31,11 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
# Initializes the CodeQL tools for scanning. # Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL - name: Initialize CodeQL
uses: github/codeql-action/init@v2 uses: github/codeql-action/init@43750fe4fc4f068f04f2215206e6f6a29c78c763 # v2.14.4
with: with:
languages: ${{ matrix.language }} languages: ${{ matrix.language }}
# CodeQL is currently crashing on files with large lists: # CodeQL is currently crashing on files with large lists:
@ -47,7 +47,7 @@ jobs:
- if: matrix.language == 'cpp' - if: matrix.language == 'cpp'
name: Build CPP name: Build CPP
uses: github/codeql-action/autobuild@v2 uses: github/codeql-action/autobuild@43750fe4fc4f068f04f2215206e6f6a29c78c763 # v2.14.4
- if: matrix.language == 'cpp' || matrix.language == 'java' - if: matrix.language == 'cpp' || matrix.language == 'java'
name: Build Java name: Build Java
@ -57,7 +57,7 @@ jobs:
- if: matrix.language == 'javascript' - if: matrix.language == 'javascript'
name: Build JS name: Build JS
uses: github/codeql-action/autobuild@v2 uses: github/codeql-action/autobuild@43750fe4fc4f068f04f2215206e6f6a29c78c763 # v2.14.4
- if: matrix.language == 'cpp' || matrix.language == 'python' - if: matrix.language == 'cpp' || matrix.language == 'python'
name: Build Python name: Build Python
@ -65,7 +65,7 @@ jobs:
python setup.py build_ext python setup.py build_ext
- name: Perform CodeQL Analysis - name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2 uses: github/codeql-action/analyze@43750fe4fc4f068f04f2215206e6f6a29c78c763 # v2.14.4
with: with:
category: "/language:${{matrix.language}}" category: "/language:${{matrix.language}}"
ref: "${{ github.ref != 'master' && github.ref || '/refs/heads/master' }}" ref: "${{ github.ref != 'master' && github.ref || '/refs/heads/master' }}"

View File

@ -28,7 +28,7 @@ jobs:
fuzz-seconds: 600 fuzz-seconds: 600
dry-run: false dry-run: false
- name: Upload Crash - name: Upload Crash
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
if: failure() if: failure()
with: with:
name: artifacts name: artifacts

View File

@ -13,6 +13,8 @@ on:
- v*.*.* - v*.*.*
release: release:
types: [ published ] types: [ published ]
pull_request:
types: [opened, reopened, labeled, synchronize]
concurrency: concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }} group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
@ -46,12 +48,12 @@ jobs:
steps: steps:
- name: Checkout the source - name: Checkout the source
uses: actions/checkout@v4 uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
with: with:
submodules: false submodules: false
fetch-depth: 1 fetch-depth: 1
- uses: actions/cache@v3 - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
id: cache-vcpkg id: cache-vcpkg
with: with:
path: vcpkg path: vcpkg
@ -100,14 +102,13 @@ jobs:
cmake --build out --config Release --target install cmake --build out --config Release --target install
cp LICENSE prefix/bin/LICENSE.brotli cp LICENSE prefix/bin/LICENSE.brotli
- name: Upload artifacts - name: Upload artifacts
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with: with:
name: brotli-${{matrix.triplet}} name: brotli-${{matrix.triplet}}
path: | path: |
prefix/bin/* prefix/bin/*
- name: Package release zip - name: Package release zip
if: github.event_name == 'release'
shell: 'powershell' shell: 'powershell'
run: | run: |
Compress-Archive -Path prefix\bin\* ` Compress-Archive -Path prefix\bin\* `
@ -115,7 +116,7 @@ jobs:
- name: Upload binaries to release - name: Upload binaries to release
if: github.event_name == 'release' if: github.event_name == 'release'
uses: AButler/upload-release-assets@v2.0 uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15
with: with:
files: brotli-${{matrix.triplet}}.zip files: brotli-${{matrix.triplet}}.zip
repo-token: ${{ secrets.GITHUB_TOKEN }} tag_name: dev/null