mirror of
https://github.com/taiki-e/install-action.git
synced 2026-04-08 18:05:42 +08:00
Enable "Require actions to be pinned to a full-length commit SHA"
actions policy
This commit is contained in:
Taiki Endo
16
.github/workflows/ci.yml
vendored
16
.github/workflows/ci.yml
vendored
@@ -33,20 +33,20 @@ concurrency:
|
||||
|
||||
jobs:
|
||||
miri:
|
||||
uses: taiki-e/github-actions/.github/workflows/miri.yml@main
|
||||
uses: taiki-e/github-actions/.github/workflows/miri.yml@606d6c78d69927c489d319133073a03157928a7a # main
|
||||
with:
|
||||
# NB: sync with test job's --exclude option
|
||||
args: --exclude install-action-internal-codegen
|
||||
msrv:
|
||||
uses: taiki-e/github-actions/.github/workflows/msrv.yml@main
|
||||
uses: taiki-e/github-actions/.github/workflows/msrv.yml@606d6c78d69927c489d319133073a03157928a7a # main
|
||||
test-manifest-schema:
|
||||
uses: taiki-e/github-actions/.github/workflows/test.yml@main
|
||||
uses: taiki-e/github-actions/.github/workflows/test.yml@606d6c78d69927c489d319133073a03157928a7a # main
|
||||
with:
|
||||
# NB: sync with miri job's --exclude option
|
||||
test-args: --exclude install-action-internal-codegen
|
||||
no-std: false
|
||||
tidy:
|
||||
uses: taiki-e/github-actions/.github/workflows/tidy.yml@main
|
||||
uses: taiki-e/github-actions/.github/workflows/tidy.yml@606d6c78d69927c489d319133073a03157928a7a # main
|
||||
permissions:
|
||||
contents: write # for creating branch for pr
|
||||
pull-requests: write # unused (used in `codegen-automerge: true` case)
|
||||
@@ -95,7 +95,7 @@ jobs:
|
||||
runs-on: ${{ matrix.os }}
|
||||
timeout-minutes: 60
|
||||
steps:
|
||||
- uses: taiki-e/checkout-action@v1
|
||||
- uses: taiki-e/checkout-action@83ed61bfbe2b8abbb3c66e8b65b1335484c70009 # v1.4.1
|
||||
# cross attempts to install rust-src when Cargo.toml is available even if `cross --version`
|
||||
- run: rm -- Cargo.toml
|
||||
- name: Generate tool list
|
||||
@@ -154,7 +154,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 60
|
||||
steps:
|
||||
- uses: taiki-e/checkout-action@v1
|
||||
- uses: taiki-e/checkout-action@83ed61bfbe2b8abbb3c66e8b65b1335484c70009 # v1.4.1
|
||||
# cross attempts to install rust-src when Cargo.toml is available even if `cross --version`
|
||||
- run: rm -- Cargo.toml
|
||||
- run: env
|
||||
@@ -187,7 +187,7 @@ jobs:
|
||||
runs-on: ubuntu-24.04-arm
|
||||
timeout-minutes: 60
|
||||
steps:
|
||||
- uses: taiki-e/checkout-action@v1
|
||||
- uses: taiki-e/checkout-action@83ed61bfbe2b8abbb3c66e8b65b1335484c70009 # v1.4.1
|
||||
# cross attempts to install rust-src when Cargo.toml is available even if `cross --version`
|
||||
- run: rm -- Cargo.toml
|
||||
- run: env
|
||||
@@ -298,7 +298,7 @@ jobs:
|
||||
env:
|
||||
CONTAINER: ${{ matrix.container }}
|
||||
if: startsWith(matrix.container, 'centos')
|
||||
- uses: taiki-e/checkout-action@v1
|
||||
- uses: taiki-e/checkout-action@83ed61bfbe2b8abbb3c66e8b65b1335484c70009 # v1.4.1
|
||||
# cross attempts to install rust-src when Cargo.toml is available even if `cross --version`
|
||||
- run: rm -- Cargo.toml
|
||||
- name: Generate tool list
|
||||
|
||||
2
.github/workflows/manifest.yml
vendored
2
.github/workflows/manifest.yml
vendored
@@ -33,7 +33,7 @@ concurrency:
|
||||
|
||||
jobs:
|
||||
manifest:
|
||||
uses: taiki-e/github-actions/.github/workflows/gen.yml@main
|
||||
uses: taiki-e/github-actions/.github/workflows/gen.yml@606d6c78d69927c489d319133073a03157928a7a # main
|
||||
permissions:
|
||||
contents: write # for creating branch for pr
|
||||
pull-requests: write # for gh pr review --approve
|
||||
|
||||
12
.github/workflows/release.yml
vendored
12
.github/workflows/release.yml
vendored
@@ -38,8 +38,8 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 60
|
||||
steps:
|
||||
- uses: taiki-e/checkout-action@v1
|
||||
- uses: taiki-e/install-action@v2
|
||||
- uses: taiki-e/checkout-action@83ed61bfbe2b8abbb3c66e8b65b1335484c70009 # v1.4.1
|
||||
- uses: taiki-e/install-action@7bc99eee1f1b8902a125006cf790a1f4c8461e63 # v2.69.8
|
||||
with:
|
||||
tool: parse-changelog
|
||||
fallback: none
|
||||
@@ -207,8 +207,8 @@ jobs:
|
||||
permissions:
|
||||
contents: write # for taiki-e/create-gh-release-action
|
||||
steps:
|
||||
- uses: taiki-e/checkout-action@v1
|
||||
- uses: taiki-e/install-action@v2
|
||||
- uses: taiki-e/checkout-action@83ed61bfbe2b8abbb3c66e8b65b1335484c70009 # v1.4.1
|
||||
- uses: taiki-e/install-action@7bc99eee1f1b8902a125006cf790a1f4c8461e63 # v2.69.8
|
||||
with:
|
||||
tool: parse-changelog
|
||||
fallback: none
|
||||
@@ -423,7 +423,7 @@ jobs:
|
||||
PREPARE_REV: ${{ needs.prepare.outputs.rev }}
|
||||
# Note that if we use secrets.GITHUB_TOKEN, the pushed commit/tag cannot trigger other workflows.
|
||||
PUSH_TOKEN: ${{ steps.push-token.outputs.token }}
|
||||
- uses: taiki-e/create-gh-release-action@v1
|
||||
- uses: taiki-e/create-gh-release-action@c5baa0b5dc700cf06439d87935e130220a6882d9 # v1.9.3
|
||||
with:
|
||||
changelog: CHANGELOG.md
|
||||
title: $version
|
||||
@@ -432,7 +432,7 @@ jobs:
|
||||
|
||||
release-manifest-schema:
|
||||
if: github.repository_owner == 'taiki-e' && inputs.target == 'install-action-manifest-schema'
|
||||
uses: taiki-e/github-actions/.github/workflows/rust-release.yml@main
|
||||
uses: taiki-e/github-actions/.github/workflows/rust-release.yml@606d6c78d69927c489d319133073a03157928a7a # main
|
||||
permissions:
|
||||
contents: write # for taiki-e/create-gh-release-action
|
||||
id-token: write # for rust-lang/crates-io-auth-action
|
||||
|
||||
Reference in New Issue
Block a user