diff --git a/.gitea/workflows/cd.yaml b/.gitea/workflows/cd.yaml index 726315a..14aed4a 100644 --- a/.gitea/workflows/cd.yaml +++ b/.gitea/workflows/cd.yaml @@ -41,7 +41,7 @@ jobs: has_helmfile: ${{ steps.check-helmfile.outputs.exists }} has_k8s: ${{ steps.check-k8s.outputs.exists }} steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Check if helmfile.yaml exists id: check-helmfile run: | @@ -68,15 +68,15 @@ jobs: needs: detect-service-type if: needs.detect-service-type.outputs.has_k8s == 'true' steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: ref: ${{ inputs.deploy_branch }} - uses: ./.gitea/actions/extract-namespace-from-repo-name id: namespace with: repo: ${{ github.repository }} - - uses: azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4 - - uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4 + - uses: azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4.0.1 + - uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4.0.2 with: method: kubeconfig kubeconfig: ${{ secrets.KUBECONFIG }} @@ -119,16 +119,16 @@ jobs: needs.detect-service-type.outputs.has_k8s == 'true' && inputs.skip_helm_deployment != 'true' steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: ref: ${{ inputs.deploy_branch }} - uses: ./.gitea/actions/extract-namespace-from-repo-name id: namespace with: repo: ${{ github.repository }} - - uses: azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4 + - uses: azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4.0.1 - uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4 - - uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4 + - uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4.0.2 with: method: kubeconfig kubeconfig: ${{ secrets.KUBECONFIG }} @@ -156,14 +156,14 @@ jobs: echo "No custom secrets to create" fi - name: Deploy Helm - uses: helmfile/helmfile-action@f64d5db9f8660aae0205b5fcfc56577d44acefab # v2 + uses: helmfile/helmfile-action@6867d18430fbe251b9c1a498e26b6c45fe6ed9db # v2.2.0 with: helmfile-args: apply # Summary job that always runs to show what was deployed deployment-summary: runs-on: ubuntu-latest - needs: [detect-service-type, deploy-k8s, deploy-helm] + needs: [ detect-service-type, deploy-k8s, deploy-helm ] if: always() steps: - name: Deployment Summary diff --git a/.gitea/workflows/ci.yaml b/.gitea/workflows/ci.yaml index f6e1581..4cb4128 100644 --- a/.gitea/workflows/ci.yaml +++ b/.gitea/workflows/ci.yaml @@ -26,7 +26,7 @@ jobs: has_helmfile: ${{ steps.check-helmfile.outputs.exists }} has_k8s: ${{ steps.check-k8s.outputs.exists }} steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Check if helmfile.yaml exists id: check-helmfile run: | @@ -53,18 +53,18 @@ jobs: needs: detect-service-type if: needs.detect-service-type.outputs.has_k8s == 'true' steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: ./.gitea/actions/extract-namespace-from-repo-name id: namespace with: repo: ${{ github.repository }} - - uses: azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4 - - uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4 + - uses: azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4.0.1 + - uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4.0.2 with: method: kubeconfig kubeconfig: ${{ secrets.KUBECONFIG }} - name: Validate k8s manifests - uses: azure/k8s-lint@6aefe5066f95e73d2b140d8835cc95583b886989 # v3 + uses: azure/k8s-lint@6aefe5066f95e73d2b140d8835cc95583b886989 # v3.0.1 with: namespace: ${{ steps.namespace.outputs.namespace }} lintType: dryrun @@ -78,26 +78,26 @@ jobs: needs.detect-service-type.outputs.has_k8s == 'true' && inputs.skip_helm_validation != 'true' steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: ./.gitea/actions/extract-namespace-from-repo-name id: namespace with: repo: ${{ github.repository }} - - uses: azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4 + - uses: azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4.0.1 - uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4 - - uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4 + - uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4.0.2 with: method: kubeconfig kubeconfig: ${{ secrets.KUBECONFIG }} - name: Validate Helm - uses: helmfile/helmfile-action@37b026692c13757b2852cd7449e6e82eccc345d3 # v2.1.1 + uses: helmfile/helmfile-action@6867d18430fbe251b9c1a498e26b6c45fe6ed9db # v2.2.0 with: helmfile-args: diff # Summary job that always runs to show what was validated ci-summary: runs-on: ubuntu-latest - needs: [detect-service-type, validate-k8s, validate-helm] + needs: [ detect-service-type, validate-k8s, validate-helm ] if: always() steps: - name: CI Summary diff --git a/.gitea/workflows/release.yaml b/.gitea/workflows/release.yaml index 15d144e..a4dab39 100644 --- a/.gitea/workflows/release.yaml +++ b/.gitea/workflows/release.yaml @@ -13,7 +13,7 @@ jobs: name: Release runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - name: Increment tag