Skip to content

Commit 9bde351

Browse files
MariusStorhaugMariusStorhaug
committed
🩹 [Update]: Adjust workflow configurations and dependencies for improved performance and security
2 parents 6a7bd25 + 9fd70c8 commit 9bde351

File tree

7 files changed

+44
-21
lines changed

7 files changed

+44
-21
lines changed

‎.github/dependabot.yml‎

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,4 +11,6 @@ updates:
1111
- dependencies
1212
- github-actions
1313
schedule:
14-
interval: weekly
14+
interval: daily
15+
cooldown:
16+
default-days: 7

‎.github/linters/zizmor.yaml‎

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
rules:
2+
template-injection:
3+
ignore:
4+
- action.yml

‎.github/workflows/Action-Test-Prerelease.yml‎

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,15 @@ permissions:
1717
jobs:
1818
ActionTest:
1919
uses: ./.github/workflows/TestWorkflow.yml
20-
secrets: inherit
20+
secrets:
21+
TEST_USER_PAT: ${{ secrets.TEST_USER_PAT }}
22+
TEST_USER_USER_FG_PAT: ${{ secrets.TEST_USER_USER_FG_PAT }}
23+
TEST_USER_ORG_FG_PAT: ${{ secrets.TEST_USER_ORG_FG_PAT }}
24+
TEST_APP_ENT_CLIENT_ID: ${{ secrets.TEST_APP_ENT_CLIENT_ID }}
25+
TEST_APP_ENT_PRIVATE_KEY: ${{ secrets.TEST_APP_ENT_PRIVATE_KEY }}
26+
TEST_APP_ORG_CLIENT_ID: ${{ secrets.TEST_APP_ORG_CLIENT_ID }}
27+
TEST_APP_ORG_PRIVATE_KEY: ${{ secrets.TEST_APP_ORG_PRIVATE_KEY }}
28+
KEYVAULT_KEY_REFERENCE: ${{ secrets.KEYVAULT_KEY_REFERENCE }}
2129
strategy:
2230
fail-fast: false
2331
matrix:

‎.github/workflows/Action-Test.yml‎

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,15 @@ permissions:
2020
jobs:
2121
ActionTest:
2222
uses: ./.github/workflows/TestWorkflow.yml
23-
secrets: inherit
23+
secrets:
24+
TEST_USER_PAT: ${{ secrets.TEST_USER_PAT }}
25+
TEST_USER_USER_FG_PAT: ${{ secrets.TEST_USER_USER_FG_PAT }}
26+
TEST_USER_ORG_FG_PAT: ${{ secrets.TEST_USER_ORG_FG_PAT }}
27+
TEST_APP_ENT_CLIENT_ID: ${{ secrets.TEST_APP_ENT_CLIENT_ID }}
28+
TEST_APP_ENT_PRIVATE_KEY: ${{ secrets.TEST_APP_ENT_PRIVATE_KEY }}
29+
TEST_APP_ORG_CLIENT_ID: ${{ secrets.TEST_APP_ORG_CLIENT_ID }}
30+
TEST_APP_ORG_PRIVATE_KEY: ${{ secrets.TEST_APP_ORG_PRIVATE_KEY }}
31+
KEYVAULT_KEY_REFERENCE: ${{ secrets.KEYVAULT_KEY_REFERENCE }}
2432
strategy:
2533
fail-fast: false
2634
matrix:

‎.github/workflows/Auto-Release.yml‎

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ name: Auto-Release
33
run-name: "Auto-Release - [${{ github.event.pull_request.title }} #${{ github.event.pull_request.number }}] by @${{ github.actor }}"
44

55
on:
6-
pull_request_target:
6+
pull_request:
77
branches:
88
- main
99
types:
@@ -26,11 +26,11 @@ jobs:
2626
runs-on: ubuntu-latest
2727
steps:
2828
- name: Checkout Code
29-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
29+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3030
with:
3131
persist-credentials: false
3232

3333
- name: Auto-Release
34-
uses: PSModule/Auto-Release@eabd533035e2cb9822160f26f2eda584bd012356 # v1
34+
uses: PSModule/Auto-Release@eabd533035e2cb9822160f26f2eda584bd012356 # v1.9.5
3535
env:
3636
GITHUB_TOKEN: ${{ github.token }}

‎.github/workflows/Linter.yml‎

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,15 +19,16 @@ jobs:
1919
runs-on: ubuntu-latest
2020
steps:
2121
- name: Checkout repo
22-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
22+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2323
with:
2424
persist-credentials: false
2525
fetch-depth: 0
2626

2727
- name: Lint code base
28-
uses: super-linter/super-linter@502f4fe48a81a392756e173e39a861f8c8efe056 # v8.3.0
28+
uses: super-linter/super-linter@d5b0a2ab116623730dd094f15ddc1b6b25bf7b99 # v8.3.2
2929
env:
3030
GITHUB_TOKEN: ${{ github.token }}
31+
VALIDATE_BIOME_FORMAT: false
3132
VALIDATE_JSON_PRETTIER: false
3233
VALIDATE_MARKDOWN_PRETTIER: false
3334
VALIDATE_YAML_PRETTIER: false

‎.github/workflows/TestWorkflow.yml‎

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ jobs:
5353
steps:
5454
# Need to check out as part of the test, as its a local action
5555
- name: Checkout repo
56-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
56+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
5757
with:
5858
persist-credentials: false
5959
- name: Action-Test
@@ -77,7 +77,7 @@ jobs:
7777
steps:
7878
# Need to check out as part of the test, as its a local action
7979
- name: Checkout repo
80-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
80+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
8181
with:
8282
persist-credentials: false
8383
# # Not a supported way of running the action
@@ -146,7 +146,7 @@ jobs:
146146
steps:
147147
# Need to check out as part of the test, as its a local action
148148
- name: Checkout repo
149-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
149+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
150150
with:
151151
persist-credentials: false
152152
- name: Action-Test
@@ -327,7 +327,7 @@ jobs:
327327
steps:
328328
# Need to check out as part of the test, as its a local action
329329
- name: Checkout repo
330-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
330+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
331331
with:
332332
persist-credentials: false
333333
- name: Action-Test
@@ -390,7 +390,7 @@ jobs:
390390
steps:
391391
# Need to check out as part of the test, as its a local action
392392
- name: Checkout repo
393-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
393+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
394394
with:
395395
persist-credentials: false
396396
- name: Action-Test
@@ -409,7 +409,7 @@ jobs:
409409
steps:
410410
# Need to check out as part of the test, as its a local action
411411
- name: Checkout repo
412-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
412+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
413413
with:
414414
persist-credentials: false
415415
- name: Action-Test
@@ -436,7 +436,7 @@ jobs:
436436
steps:
437437
# Need to check out as part of the test, as its a local action
438438
- name: Checkout repo
439-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
439+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
440440
with:
441441
persist-credentials: false
442442
- name: Action-Test
@@ -463,7 +463,7 @@ jobs:
463463
steps:
464464
# Need to check out as part of the test, as its a local action
465465
- name: Checkout repo
466-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
466+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
467467
with:
468468
persist-credentials: false
469469
- name: Action-Test
@@ -490,7 +490,7 @@ jobs:
490490
steps:
491491
# Need to check out as part of the test, as its a local action
492492
- name: Checkout repo
493-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
493+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
494494
with:
495495
persist-credentials: false
496496
- name: Action-Test
@@ -526,7 +526,7 @@ jobs:
526526
steps:
527527
# Need to check out as part of the test, as its a local action
528528
- name: Checkout repo
529-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
529+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
530530
with:
531531
persist-credentials: false
532532
- name: Action-Test
@@ -563,7 +563,7 @@ jobs:
563563
steps:
564564
# Need to check out as part of the test, as its a local action
565565
- name: Checkout repo
566-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
566+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
567567
with:
568568
persist-credentials: false
569569
# Login to Azure to enable KeyVault access
@@ -613,7 +613,7 @@ jobs:
613613
steps:
614614
# Need to check out as part of the test, as its a local action
615615
- name: Checkout repo
616-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
616+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
617617
with:
618618
persist-credentials: false
619619
# Login to Azure to enable KeyVault access
@@ -662,7 +662,7 @@ jobs:
662662
steps:
663663
# Need to check out as part of the test, as its a local action
664664
- name: Checkout repo
665-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
665+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
666666
with:
667667
persist-credentials: false
668668
- name: Action-Test with PreserveCredentials false

0 commit comments

Comments
 (0)