From e6b5a8a11423e34f04ba84c60d4ca085b800857a Mon Sep 17 00:00:00 2001 From: Semir Date: Thu, 16 May 2024 09:53:52 +0200 Subject: [PATCH] ci: use pinned SHAs for actions --- .github/actions/ios-sdk-tests/action.yml | 4 --- .../workflows/unit-tests-and-code-quality.yml | 26 ++++++++++++------- 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/.github/actions/ios-sdk-tests/action.yml b/.github/actions/ios-sdk-tests/action.yml index eca453487..42b13e5d7 100644 --- a/.github/actions/ios-sdk-tests/action.yml +++ b/.github/actions/ios-sdk-tests/action.yml @@ -84,7 +84,3 @@ runs: run: | bash scripts/xccov-to-sonarqube-generic.sh fastlane/test_output/example_0_70_6Tests.xcresult/ > coverage.xml sed "s#$PWD/##g" coverage.xml > ${{ inputs.coverage-file-name }} - - uses: actions/upload-artifact@master - with: - name: coverage-file-ios - path: ${{ inputs.coverage-file-name }} diff --git a/.github/workflows/unit-tests-and-code-quality.yml b/.github/workflows/unit-tests-and-code-quality.yml index 16f4eaa7c..330fe645a 100644 --- a/.github/workflows/unit-tests-and-code-quality.yml +++ b/.github/workflows/unit-tests-and-code-quality.yml @@ -8,7 +8,7 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Setup Node.js - uses: actions/setup-node@v3 + - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: cache: 'yarn' @@ -18,9 +18,9 @@ jobs: - name: Run tests and generate lcov report run: yarn test:unit:coverage:lcov -- --maxWorkers=1 - - uses: actions/upload-artifact@master + - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: - name: coverage-file + name: coverage-file-rn path: coverage run-unit-tests-android: @@ -30,7 +30,7 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Setup Node.js - uses: actions/setup-node@v3 + - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: cache: 'yarn' @@ -45,7 +45,7 @@ jobs: - name: Run Android unit tests and generate coverage run: bundle exec fastlane android run_unit_tests_coverage - - uses: actions/upload-artifact@master + - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: coverage-file-android path: packages/sdk/android/build/reports @@ -58,7 +58,7 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Setup Node.js - uses: actions/setup-node@v3 + - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: cache: 'yarn' @@ -78,6 +78,11 @@ jobs: match-keychain-password: ${{ secrets.MATCH_KEYCHAIN_PASSWORD }} coverage-file-name: sonar-coverage.xml + - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + with: + name: coverage-file-ios + path: sonar-coverage.xml + sonarcloud: needs: - run-unit-tests @@ -89,13 +94,16 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - uses: actions/download-artifact@master + - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: - name: coverage-file + name: coverage-file-rn path: coverage - - uses: actions/download-artifact@master + - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: coverage-file-android + - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + with: + name: coverage-file-ios - name: SonarCloud Scan uses: ./.github/actions/sonar with: