diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 71cdecf..754c5ec 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,20 +34,20 @@ jobs: - name: Configure pagefile for Windows if: contains(runner.os, 'windows') - uses: al-cheb/configure-pagefile-action@v1.4 + uses: al-cheb/configure-pagefile-action@a3b6ebd6b634da88790d9c58d4b37a7f4a7b8708 # v1.4 with: minimum-size: 2GB maximum-size: 8GB disk-root: 'C:' - name: Checkout current branch (full) - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Setup Java (zulu@8) if: matrix.java == 'zulu@8' - uses: actions/setup-java@v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 with: distribution: zulu java-version: 8 @@ -55,7 +55,7 @@ jobs: - name: Setup GraalVM (graal_graalvm@17) if: matrix.java == 'graal_graalvm@17' - uses: graalvm/setup-graalvm@v1 + uses: graalvm/setup-graalvm@01ed653ac833fe80569f1ef9f25585ba2811baab # v1.3.3 with: java-version: 17 distribution: graalvm @@ -65,14 +65,14 @@ jobs: - name: Setup Java (corretto@17) if: matrix.java == 'corretto@17' - uses: actions/setup-java@v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 with: distribution: corretto java-version: 17 cache: sbt - name: Setup sbt - uses: sbt/setup-sbt@v1 + uses: sbt/setup-sbt@6c68d2fe8dfbc0a0534d70101baa2e0420e1a506 # v1.1.9 - name: Check that workflows are up to date shell: bash @@ -90,7 +90,7 @@ jobs: run: tar cf targets.tar target project/target - name: Upload target directories - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: target-${{ matrix.os }}-${{ matrix.scala }}-${{ matrix.java }} path: targets.tar @@ -112,20 +112,20 @@ jobs: - name: Configure pagefile for Windows if: contains(runner.os, 'windows') - uses: al-cheb/configure-pagefile-action@v1.4 + uses: al-cheb/configure-pagefile-action@a3b6ebd6b634da88790d9c58d4b37a7f4a7b8708 # v1.4 with: minimum-size: 2GB maximum-size: 8GB disk-root: 'C:' - name: Checkout current branch (full) - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Setup Java (zulu@8) if: matrix.java == 'zulu@8' - uses: actions/setup-java@v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 with: distribution: zulu java-version: 8 @@ -133,7 +133,7 @@ jobs: - name: Setup GraalVM (graal_graalvm@17) if: matrix.java == 'graal_graalvm@17' - uses: graalvm/setup-graalvm@v1 + uses: graalvm/setup-graalvm@01ed653ac833fe80569f1ef9f25585ba2811baab # v1.3.3 with: java-version: 17 distribution: graalvm @@ -143,17 +143,17 @@ jobs: - name: Setup Java (corretto@17) if: matrix.java == 'corretto@17' - uses: actions/setup-java@v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 with: distribution: corretto java-version: 17 cache: sbt - name: Setup sbt - uses: sbt/setup-sbt@v1 + uses: sbt/setup-sbt@6c68d2fe8dfbc0a0534d70101baa2e0420e1a506 # v1.1.9 - name: Download target directories (2.12.20) - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: name: target-${{ matrix.os }}-2.12.20-${{ matrix.java }} diff --git a/src/main/scala/sbtghactions/GenerativePlugin.scala b/src/main/scala/sbtghactions/GenerativePlugin.scala index 7dfd206..6c09e0d 100644 --- a/src/main/scala/sbtghactions/GenerativePlugin.scala +++ b/src/main/scala/sbtghactions/GenerativePlugin.scala @@ -301,8 +301,8 @@ ${indent(rendered.mkString("\n"), 1)}""" import use.{ref, params} val decl = ref match { - case UseRef.Public(owner, repo, ref) => - s"uses: $owner/$repo@$ref" + case UseRef.Public(owner, repo, rev, ref) => + s"uses: $owner/$repo@$rev # $ref" case UseRef.Local(path) => val cleaned = if (path.startsWith("./")) @@ -640,7 +640,8 @@ ${indent(jobs.map(compileJob(_, sbt)).mkString("\n\n"), 1)} UseRef.Public( "actions", "upload-artifact", - "v4"), + "ea165f8d65b6e75b540449e92b4886f43607fa02", + "v4.6.2"), name = Some(s"Upload target directories"), params = Map( "name" -> s"target-$${{ matrix.os }}-$${{ matrix.scala }}-$${{ matrix.java }}", @@ -661,7 +662,8 @@ ${indent(jobs.map(compileJob(_, sbt)).mkString("\n\n"), 1)} UseRef.Public( "actions", "download-artifact", - "v4"), + "d3f86a106a0bac45b974a628896c90dbdf5c8093", + "v4.3.0"), name = Some(s"Download target directories ($v)"), params = Map( "name" -> s"target-$${{ matrix.os }}-$v-$${{ matrix.java }}")) @@ -686,7 +688,11 @@ ${indent(jobs.map(compileJob(_, sbt)).mkString("\n\n"), 1)} val optionalPagefileFix = githubWorkflowWindowsPagefileFix.value.map(pageFileFix => WorkflowStep.Use( name = Some("Configure pagefile for Windows"), - ref = UseRef.Public("al-cheb", "configure-pagefile-action", "v1.4"), + ref = UseRef.Public( + "al-cheb", + "configure-pagefile-action", + "a3b6ebd6b634da88790d9c58d4b37a7f4a7b8708", + "v1.4"), params = Map( "minimum-size" -> s"${pageFileFix.minSize}", "maximum-size" -> s"${pageFileFix.maxSize}" diff --git a/src/main/scala/sbtghactions/UseRef.scala b/src/main/scala/sbtghactions/UseRef.scala index dd527f4..7afa2e5 100644 --- a/src/main/scala/sbtghactions/UseRef.scala +++ b/src/main/scala/sbtghactions/UseRef.scala @@ -19,7 +19,7 @@ package sbtghactions sealed trait UseRef extends Product with Serializable object UseRef { - final case class Public(owner: String, repo: String, ref: String) extends UseRef + final case class Public(owner: String, repo: String, rev: String, ref: String) extends UseRef final case class Local(path: String) extends UseRef final case class Docker(image: String, tag: String, host: Option[String] = None) extends UseRef } diff --git a/src/main/scala/sbtghactions/WorkflowStep.scala b/src/main/scala/sbtghactions/WorkflowStep.scala index c380f65..fdb35eb 100644 --- a/src/main/scala/sbtghactions/WorkflowStep.scala +++ b/src/main/scala/sbtghactions/WorkflowStep.scala @@ -33,17 +33,31 @@ object WorkflowStep { val DefaultSbtStepPreamble: List[String] = List(s"++ $${{ matrix.scala }}") val CheckoutFull: WorkflowStep = Use( - UseRef.Public("actions", "checkout", "v4"), + UseRef.Public( + "actions", + "checkout", + "11bd71901bbe5b1630ceea73d27597364c9af683", + "v4.2.2"), name = Some("Checkout current branch (full)"), params = Map("fetch-depth" -> "0")) - val Checkout: WorkflowStep = Use(UseRef.Public("actions", "checkout", "v4"), name = Some("Checkout current branch (fast)")) + val Checkout: WorkflowStep = Use( + UseRef.Public( + "actions", + "checkout", + "11bd71901bbe5b1630ceea73d27597364c9af683", + "v4.2.2"), + name = Some("Checkout current branch (fast)")) def SetupJava(versions: List[JavaSpec]): List[WorkflowStep] = versions map { case jv @ JavaSpec(JavaSpec.Distribution.GraalVM(Graalvm.Version(graalVersion)), version) => WorkflowStep.Use( - UseRef.Public("graalvm", "setup-graalvm", "v1"), + UseRef.Public( + "graalvm", + "setup-graalvm", + "01ed653ac833fe80569f1ef9f25585ba2811baab", + "v1.3.3"), name = Some(s"Setup GraalVM (${jv.render})"), cond = Some(s"matrix.java == '${jv.render}'"), params = ListMap( @@ -54,7 +68,11 @@ object WorkflowStep { "cache" -> "sbt")) case jv @ JavaSpec(JavaSpec.Distribution.GraalVM(Graalvm.Distribution(distribution)), version) => WorkflowStep.Use( - UseRef.Public("graalvm", "setup-graalvm", "v1"), + UseRef.Public( + "graalvm", + "setup-graalvm", + "01ed653ac833fe80569f1ef9f25585ba2811baab", + "v1.3.3"), name = Some(s"Setup GraalVM (${jv.render})"), cond = Some(s"matrix.java == '${jv.render}'"), params = ListMap( @@ -65,7 +83,11 @@ object WorkflowStep { "cache" -> "sbt")) case jv @ JavaSpec(dist, version) => WorkflowStep.Use( - UseRef.Public("actions", "setup-java", "v4"), + UseRef.Public( + "actions", + "setup-java", + "c5195efecf7bdfc987ee8bae7a71cb8b11521c00", + "v4.7.1"), name = Some(s"Setup Java (${jv.render})"), cond = Some(s"matrix.java == '${jv.render}'"), params = ListMap( @@ -76,7 +98,11 @@ object WorkflowStep { def SetupSbt(runnerVersion: Option[String] = None): WorkflowStep = Use( - ref = UseRef.Public("sbt", "setup-sbt", "v1"), + ref = UseRef.Public( + "sbt", + "setup-sbt", + "6c68d2fe8dfbc0a0534d70101baa2e0420e1a506", + "v1.1.9"), params = runnerVersion match { case Some(v) => Map("sbt-runner-version" -> v) case None => Map() @@ -84,7 +110,12 @@ object WorkflowStep { name = Some("Setup sbt"), ) - val Tmate: WorkflowStep = Use(UseRef.Public("mxschmitt", "action-tmate", "v2"), name = Some("Setup tmate session")) + val Tmate: WorkflowStep = Use( + UseRef.Public( + "mxschmitt", + "action-tmate", + "ece3d66d6d54a01594acd0ee2e79d1bfb2df136d", + "v2"), name = Some("Setup tmate session")) def ComputeVar(name: String, cmd: String): WorkflowStep = Run( diff --git a/src/test/scala/sbtghactions/GenerativePluginSpec.scala b/src/test/scala/sbtghactions/GenerativePluginSpec.scala index 9f4b542..39e130d 100644 --- a/src/test/scala/sbtghactions/GenerativePluginSpec.scala +++ b/src/test/scala/sbtghactions/GenerativePluginSpec.scala @@ -363,18 +363,19 @@ class GenerativePluginSpec extends Specification { UseRef.Public( "repo", "slug", + "rev", "v0")), "", Nil, - declareShell = true) mustEqual "- uses: repo/slug@v0" + declareShell = true) mustEqual "- uses: repo/slug@rev # v0" } "preserve wonky version in Use" in { - compileStep(Use(UseRef.Public("hello", "world", "v4.0.0")), "", Nil, declareShell = true) mustEqual "- uses: hello/world@v4.0.0" + compileStep(Use(UseRef.Public("hello", "world", "rev", "v4.0.0")), "", Nil, declareShell = true) mustEqual "- uses: hello/world@rev # v4.0.0" } "drop Use version prefix on anything that doesn't start with a number" in { - compileStep(Use(UseRef.Public("hello", "world", "main")), "", Nil, declareShell = true) mustEqual "- uses: hello/world@main" + compileStep(Use(UseRef.Public("hello", "world", "rev", "main")), "", Nil, declareShell = true) mustEqual "- uses: hello/world@rev # main" } "compile sbt using the command provided" in { @@ -402,8 +403,8 @@ class GenerativePluginSpec extends Specification { "compile use without parameters" in { "public" >> { compileStep( - Use(UseRef.Public("olafurpg", "setup-scala", "v13")), - "") mustEqual "- uses: olafurpg/setup-scala@v13" + Use(UseRef.Public("olafurpg", "setup-scala", "rev", "v13")), + "") mustEqual "- uses: olafurpg/setup-scala@rev # v13" } "directory" >> { @@ -435,8 +436,8 @@ class GenerativePluginSpec extends Specification { "compile use with two parameters" in { compileStep( - Use(UseRef.Public("olafurpg", "setup-scala", "v13"), params = Map("abc" -> "def", "cafe" -> "@42")), - "") mustEqual "- uses: olafurpg/setup-scala@v13\n with:\n abc: def\n cafe: '@42'" + Use(UseRef.Public("olafurpg", "setup-scala", "rev", "v13"), params = Map("abc" -> "def", "cafe" -> "@42")), + "") mustEqual "- uses: olafurpg/setup-scala@rev # v13\n with:\n abc: def\n cafe: '@42'" } "compile use with two parameters and environment variables" in { @@ -445,10 +446,11 @@ class GenerativePluginSpec extends Specification { UseRef.Public( "derp", "nope", + "rev", "v0"), params = Map("teh" -> "schizzle", "think" -> "positive"), env = Map("hi" -> "there")), - "") mustEqual "- env:\n hi: there\n uses: derp/nope@v0\n with:\n teh: schizzle\n think: positive" + "") mustEqual "- env:\n hi: there\n uses: derp/nope@rev # v0\n with:\n teh: schizzle\n think: positive" } "compile a run step with multiple commands" in { @@ -516,7 +518,7 @@ class GenerativePluginSpec extends Specification { - run: echo hello - name: Checkout current branch (fast) - uses: actions/checkout@v4""" + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2""" } "compile a job with one step and three oses" in { @@ -565,7 +567,7 @@ class GenerativePluginSpec extends Specification { steps: - name: Setup Java (temurin@17) if: matrix.java == 'temurin@17' - uses: actions/setup-java@v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 with: distribution: temurin java-version: 17 @@ -573,7 +575,7 @@ class GenerativePluginSpec extends Specification { - name: Setup GraalVM (graal_22.3.0@11) if: matrix.java == 'graal_22.3.0@11' - uses: graalvm/setup-graalvm@v1 + uses: graalvm/setup-graalvm@01ed653ac833fe80569f1ef9f25585ba2811baab # v1.3.3 with: version: 22.3.0 java-version: 11 @@ -605,7 +607,7 @@ class GenerativePluginSpec extends Specification { steps: - name: Setup GraalVM (graal_graalvm@17) if: matrix.java == 'graal_graalvm@17' - uses: graalvm/setup-graalvm@v1 + uses: graalvm/setup-graalvm@01ed653ac833fe80569f1ef9f25585ba2811baab # v1.3.3 with: java-version: 17 distribution: graalvm @@ -777,7 +779,7 @@ class GenerativePluginSpec extends Specification { - run: echo $${{ matrix.test }} - name: Checkout current branch (fast) - uses: actions/checkout@v4""" + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2""" } "compile a job with extra runs-on labels" in { @@ -1000,7 +1002,7 @@ class GenerativePluginSpec extends Specification { - run: echo hello - name: Checkout current branch (fast) - uses: actions/checkout@v4""" + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2""" } }