From f31e204eb5881f282ef8f85e5f705983ea33b5eb Mon Sep 17 00:00:00 2001 From: EncasedAmber <68903568+EncasedAmber@users.noreply.github.com> Date: Thu, 4 Aug 2022 21:11:24 -0700 Subject: [PATCH 1/3] Create codeql-analysis.yml --- .github/workflows/codeql-analysis.yml | 72 +++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 000000000000..cc47a5fb972c --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,72 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: [ "main" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '17 7 * * 0' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'javascript' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 From eefa0a122714bb648227d6f540806b2cd4f4d4dd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 5 Oct 2022 02:29:21 +0000 Subject: [PATCH 2/3] Bump actions/github-script Bumps [actions/github-script](https://github.com/actions/github-script) from 2b34a689ec86a68d8ab9478298f91d5401337b7d to 6.3.1. This release includes the previously tagged commit. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/2b34a689ec86a68d8ab9478298f91d5401337b7d...7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- .github/workflows/automerge-dependencies.yml | 2 +- .github/workflows/azure-preview-env-deploy.yml | 2 +- .github/workflows/azure-prod-build-deploy.yml | 2 +- .github/workflows/azure-staging-build-deploy.yml | 2 +- .github/workflows/check-for-spammy-issues.yml | 2 +- .github/workflows/confirm-internal-staff-work-in-docs.yml | 2 +- .github/workflows/copy-api-issue-to-internal.yml | 2 +- .github/workflows/first-responder-docs-content.yml | 4 ++-- .github/workflows/hubber-contribution-help.yml | 2 +- .github/workflows/merged-notification.yml | 2 +- .../move-existing-issues-to-the-correct-repo.yml | 2 +- .../workflows/move-new-issues-to-correct-docs-repo.yml | 2 +- .github/workflows/move-reopened-issues-to-triage.yaml | 2 +- .../workflows/notify-when-maintainers-cannot-edit.yaml | 2 +- .github/workflows/os-ready-for-review.yml | 2 +- .github/workflows/repo-sync-stalls.yml | 2 +- .github/workflows/repo-sync.yml | 8 ++++---- .github/workflows/test.yml | 2 +- .github/workflows/transfer-api-issue-to-openapi.yml | 2 +- .github/workflows/transfer-to-localization-repo.yml | 2 +- .github/workflows/triage-issue-comments.yml | 2 +- .github/workflows/triage-unallowed-contributions.yml | 2 +- 22 files changed, 26 insertions(+), 26 deletions(-) diff --git a/.github/workflows/automerge-dependencies.yml b/.github/workflows/automerge-dependencies.yml index 31ccf83f0fc9..5873570e4963 100644 --- a/.github/workflows/automerge-dependencies.yml +++ b/.github/workflows/automerge-dependencies.yml @@ -68,7 +68,7 @@ jobs: # Because we get far too much spam ;_; - name: Lock conversations - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd env: PR_NUMBER: ${{ github.event.pull_request.number }} with: diff --git a/.github/workflows/azure-preview-env-deploy.yml b/.github/workflows/azure-preview-env-deploy.yml index b103ec6afe80..055bbeeb83b0 100644 --- a/.github/workflows/azure-preview-env-deploy.yml +++ b/.github/workflows/azure-preview-env-deploy.yml @@ -108,7 +108,7 @@ jobs: - if: ${{ env.IS_INTERNAL_BUILD == 'true' }} name: Determine which docs-early-access branch to clone id: 'check-early-access' - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd env: BRANCH_NAME: ${{ env.BRANCH_NAME }} with: diff --git a/.github/workflows/azure-prod-build-deploy.yml b/.github/workflows/azure-prod-build-deploy.yml index 5bc19ff2d266..321daffad36b 100644 --- a/.github/workflows/azure-prod-build-deploy.yml +++ b/.github/workflows/azure-prod-build-deploy.yml @@ -98,7 +98,7 @@ jobs: # Watch canary slot instances to see when all the instances are ready - name: Check that canary slot is ready - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd env: CHECK_INTERVAL: 10000 with: diff --git a/.github/workflows/azure-staging-build-deploy.yml b/.github/workflows/azure-staging-build-deploy.yml index e8bc318d7874..194d38692601 100644 --- a/.github/workflows/azure-staging-build-deploy.yml +++ b/.github/workflows/azure-staging-build-deploy.yml @@ -114,7 +114,7 @@ jobs: # Watch deployment slot instances to see when all the instances are ready - name: Check that deployment slot is ready - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd env: CHECK_INTERVAL: 10000 with: diff --git a/.github/workflows/check-for-spammy-issues.yml b/.github/workflows/check-for-spammy-issues.yml index b325dd08bd70..c0255a33e737 100644 --- a/.github/workflows/check-for-spammy-issues.yml +++ b/.github/workflows/check-for-spammy-issues.yml @@ -17,7 +17,7 @@ jobs: if: github.repository == 'github/docs' runs-on: ubuntu-latest steps: - - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + - uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd with: github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }} script: | diff --git a/.github/workflows/confirm-internal-staff-work-in-docs.yml b/.github/workflows/confirm-internal-staff-work-in-docs.yml index 81fa3788b5f4..82fbf8de16fe 100644 --- a/.github/workflows/confirm-internal-staff-work-in-docs.yml +++ b/.github/workflows/confirm-internal-staff-work-in-docs.yml @@ -23,7 +23,7 @@ jobs: if: github.repository == 'github/docs' && github.actor != 'docs-bot' steps: - id: membership_check - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd env: TEAM_CONTENT_REPO: ${{ secrets.TEAM_CONTENT_REPO }} with: diff --git a/.github/workflows/copy-api-issue-to-internal.yml b/.github/workflows/copy-api-issue-to-internal.yml index 13bac002f1c0..0009df731f10 100644 --- a/.github/workflows/copy-api-issue-to-internal.yml +++ b/.github/workflows/copy-api-issue-to-internal.yml @@ -19,7 +19,7 @@ jobs: if: (github.event.label.name == 'rest-description' || github.event.label.name == 'graphql-description') && github.repository == 'github/docs' steps: - name: Check if this run was triggered by a member of the docs team - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd id: triggered-by-member with: github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}} diff --git a/.github/workflows/first-responder-docs-content.yml b/.github/workflows/first-responder-docs-content.yml index 1726c9ac960b..83c0d189bfe2 100644 --- a/.github/workflows/first-responder-docs-content.yml +++ b/.github/workflows/first-responder-docs-content.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Check if the event originated from a team member - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd id: set-result with: github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}} @@ -71,7 +71,7 @@ jobs: steps: - name: Remove card from project - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd with: github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}} result-encoding: string diff --git a/.github/workflows/hubber-contribution-help.yml b/.github/workflows/hubber-contribution-help.yml index 9877c5ec99f4..1a2ac4e884be 100644 --- a/.github/workflows/hubber-contribution-help.yml +++ b/.github/workflows/hubber-contribution-help.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - id: membership_check - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd with: github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }} script: | diff --git a/.github/workflows/merged-notification.yml b/.github/workflows/merged-notification.yml index 8604b4223b5d..64cfd2070610 100644 --- a/.github/workflows/merged-notification.yml +++ b/.github/workflows/merged-notification.yml @@ -18,7 +18,7 @@ jobs: if: github.repository == 'github/docs' && github.event.pull_request.merged && github.event.pull_request.base.ref == github.event.repository.default_branch && github.event.pull_request.user.login != 'Octomerger' runs-on: ubuntu-latest steps: - - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + - uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd with: script: | github.issues.createComment({ diff --git a/.github/workflows/move-existing-issues-to-the-correct-repo.yml b/.github/workflows/move-existing-issues-to-the-correct-repo.yml index 05b994a52574..15f4de16dffe 100644 --- a/.github/workflows/move-existing-issues-to-the-correct-repo.yml +++ b/.github/workflows/move-existing-issues-to-the-correct-repo.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - id: move_to_correct_repo - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd env: TEAM_ENGINEERING_REPO: ${{ secrets.TEAM_ENGINEERING_REPO }} TEAM_CONTENT_REPO: ${{ secrets.TEAM_CONTENT_REPO }} diff --git a/.github/workflows/move-new-issues-to-correct-docs-repo.yml b/.github/workflows/move-new-issues-to-correct-docs-repo.yml index 1c2c36282163..98dc3360a03a 100644 --- a/.github/workflows/move-new-issues-to-correct-docs-repo.yml +++ b/.github/workflows/move-new-issues-to-correct-docs-repo.yml @@ -21,7 +21,7 @@ jobs: if: github.repository == 'github/docs-internal' steps: - id: move_to_correct_repo - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd env: TEAM_ENGINEERING_REPO: ${{ secrets.TEAM_ENGINEERING_REPO }} TEAM_CONTENT_REPO: ${{ secrets.TEAM_CONTENT_REPO }} diff --git a/.github/workflows/move-reopened-issues-to-triage.yaml b/.github/workflows/move-reopened-issues-to-triage.yaml index 28b297639887..df97ee7292df 100644 --- a/.github/workflows/move-reopened-issues-to-triage.yaml +++ b/.github/workflows/move-reopened-issues-to-triage.yaml @@ -17,7 +17,7 @@ jobs: if: github.repository == 'github/docs' runs-on: ubuntu-latest steps: - - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + - uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd with: script: | const issueNumber = context.issue.number; diff --git a/.github/workflows/notify-when-maintainers-cannot-edit.yaml b/.github/workflows/notify-when-maintainers-cannot-edit.yaml index 85edabb89b2b..63b5cd2e8224 100644 --- a/.github/workflows/notify-when-maintainers-cannot-edit.yaml +++ b/.github/workflows/notify-when-maintainers-cannot-edit.yaml @@ -17,7 +17,7 @@ jobs: if: github.repository == 'github/docs' runs-on: ubuntu-latest steps: - - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + - uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd with: script: | const query = ` diff --git a/.github/workflows/os-ready-for-review.yml b/.github/workflows/os-ready-for-review.yml index 18fb56f88d2a..09d09822a464 100644 --- a/.github/workflows/os-ready-for-review.yml +++ b/.github/workflows/os-ready-for-review.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check if this run was triggered by a member of the docs team - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd id: triggered-by-member with: github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}} diff --git a/.github/workflows/repo-sync-stalls.yml b/.github/workflows/repo-sync-stalls.yml index f23356765124..5e8ef56d847c 100644 --- a/.github/workflows/repo-sync-stalls.yml +++ b/.github/workflows/repo-sync-stalls.yml @@ -18,7 +18,7 @@ jobs: steps: - if: github.repository == 'github/docs-internal' || github.repository == 'github/docs' name: Check if repo sync is stalled - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd with: script: | let pulls; diff --git a/.github/workflows/repo-sync.yml b/.github/workflows/repo-sync.yml index ea5a074de51b..09c483dad484 100644 --- a/.github/workflows/repo-sync.yml +++ b/.github/workflows/repo-sync.yml @@ -41,7 +41,7 @@ jobs: - name: Close pull request if unwanted if: ${{ github.repository == 'github/docs' && steps.find-pull-request.outputs.number }} - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd with: github-token: ${{ secrets.DOCS_BOT_SPAM_VISION }} script: | @@ -147,7 +147,7 @@ jobs: # Because we get far too much spam ;_; - name: Lock conversations if: ${{ github.repository == 'github/docs' && steps.find-pull-request.outputs.number }} - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd with: script: | try { @@ -165,7 +165,7 @@ jobs: # There are cases where the branch becomes out-of-date in between the time this workflow began and when the pull request is created/updated - name: Update branch if: ${{ steps.find-pull-request.outputs.number }} - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd with: github-token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }} script: | @@ -214,7 +214,7 @@ jobs: - name: Check pull request file count after updating if: ${{ steps.find-pull-request.outputs.number }} - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd id: pr-files env: PR_NUMBER: ${{ steps.find-pull-request.outputs.number }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 80b06b48ee56..adcd5a88c810 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -74,7 +74,7 @@ jobs: - name: Figure out which docs-early-access branch to checkout, if internal repo if: ${{ github.repository == 'github/docs-internal' }} id: check-early-access - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd env: BRANCH_NAME: ${{ github.head_ref || github.ref_name }} with: diff --git a/.github/workflows/transfer-api-issue-to-openapi.yml b/.github/workflows/transfer-api-issue-to-openapi.yml index b7875594cdc5..6248e139b721 100644 --- a/.github/workflows/transfer-api-issue-to-openapi.yml +++ b/.github/workflows/transfer-api-issue-to-openapi.yml @@ -19,7 +19,7 @@ jobs: if: github.event.label.name == 'rest-schema' && github.repository == 'github/docs' steps: - name: Check if this run was triggered by a member of the docs team - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd id: triggered-by-member with: github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}} diff --git a/.github/workflows/transfer-to-localization-repo.yml b/.github/workflows/transfer-to-localization-repo.yml index a7fd81d4c380..3e193ddf5776 100644 --- a/.github/workflows/transfer-to-localization-repo.yml +++ b/.github/workflows/transfer-to-localization-repo.yml @@ -19,7 +19,7 @@ jobs: if: (github.event.label.name == 'localization ' && github.repository == 'github/docs') steps: - name: Check if this run was triggered by a member of the docs team - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd id: triggered-by-member with: github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}} diff --git a/.github/workflows/triage-issue-comments.yml b/.github/workflows/triage-issue-comments.yml index 4741204e58c5..6bdb7b8359ad 100644 --- a/.github/workflows/triage-issue-comments.yml +++ b/.github/workflows/triage-issue-comments.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Check if the event originated from a team member - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd id: is-internal-contributor with: result-encoding: string diff --git a/.github/workflows/triage-unallowed-contributions.yml b/.github/workflows/triage-unallowed-contributions.yml index fe146e1d54bd..5f105c488725 100644 --- a/.github/workflows/triage-unallowed-contributions.yml +++ b/.github/workflows/triage-unallowed-contributions.yml @@ -76,7 +76,7 @@ jobs: # explaining this to the PR author - name: "Comment about changes we can't accept" if: ${{ steps.filter.outputs.notAllowed }} - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d + uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd with: script: | const badFilesArr = [ From ea5b867c51e8da382e58ffefc7d0358056f90e0a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Feb 2023 02:02:02 +0000 Subject: [PATCH 3/3] Bump docker/setup-buildx-action from 1.6.0 to 2.4.1 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1.6.0 to 2.4.1. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/94ab11c41e45d028884a99163086648e898eed25...f03ac48505955848960e80bbb68046aa35c7b9e7) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/azure-preview-env-deploy.yml | 2 +- .github/workflows/azure-prod-build-deploy.yml | 2 +- .github/workflows/azure-staging-build-deploy.yml | 2 +- .github/workflows/main-preview-docker-cache.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/azure-preview-env-deploy.yml b/.github/workflows/azure-preview-env-deploy.yml index 055bbeeb83b0..787890c10810 100644 --- a/.github/workflows/azure-preview-env-deploy.yml +++ b/.github/workflows/azure-preview-env-deploy.yml @@ -73,7 +73,7 @@ jobs: password: ${{ secrets.NONPROD_REGISTRY_PASSWORD }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 + uses: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7 - if: ${{ env.IS_PUBLIC_BUILD == 'true' }} name: Check out main branch diff --git a/.github/workflows/azure-prod-build-deploy.yml b/.github/workflows/azure-prod-build-deploy.yml index 321daffad36b..f9d14a680c8d 100644 --- a/.github/workflows/azure-prod-build-deploy.yml +++ b/.github/workflows/azure-prod-build-deploy.yml @@ -46,7 +46,7 @@ jobs: password: ${{ secrets.PROD_REGISTRY_PASSWORD }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 + uses: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7 - name: Check out repo uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 diff --git a/.github/workflows/azure-staging-build-deploy.yml b/.github/workflows/azure-staging-build-deploy.yml index 194d38692601..7427e9984c7c 100644 --- a/.github/workflows/azure-staging-build-deploy.yml +++ b/.github/workflows/azure-staging-build-deploy.yml @@ -57,7 +57,7 @@ jobs: password: ${{ secrets.NONPROD_REGISTRY_PASSWORD }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 + uses: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7 - name: Check out repo uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 diff --git a/.github/workflows/main-preview-docker-cache.yml b/.github/workflows/main-preview-docker-cache.yml index d94d8b6c61a1..3bc9dd3ed83f 100644 --- a/.github/workflows/main-preview-docker-cache.yml +++ b/.github/workflows/main-preview-docker-cache.yml @@ -42,7 +42,7 @@ jobs: password: ${{ secrets.NONPROD_REGISTRY_PASSWORD }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 + uses: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7 - name: Check out repo uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748