From 692fecfd0072bbdf1b2080b789893c053ce044e3 Mon Sep 17 00:00:00 2001 From: Eric Nemchik Date: Thu, 2 Jul 2020 20:09:24 -0500 Subject: [PATCH 1/2] Create dependabot.yml --- .github/dependabot.yml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..65dedd3d --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,7 @@ +version: 2 +updates: + - package-ecosystem: github-actions + directory: "/" + schedule: + interval: daily + open-pull-requests-limit: 10 From 56609617a9b7260fdf28bc02e64113b3831f24d8 Mon Sep 17 00:00:00 2001 From: Eric Nemchik Date: Thu, 2 Jul 2020 20:16:27 -0500 Subject: [PATCH 2/2] Use full version numbers for GHA Dependabot will update these automatically --- .github/workflows/deploy-DEV.yml | 2 +- .github/workflows/deploy-PROD.yml | 2 +- .github/workflows/deploy-RELEASE.yml | 2 +- .github/workflows/stack-linter.yml | 2 +- .github/workflows/stale.yml | 4 ++-- .github/workflows/versioning.yml | 4 ++-- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/deploy-DEV.yml b/.github/workflows/deploy-DEV.yml index 2372e17b..ef454467 100644 --- a/.github/workflows/deploy-DEV.yml +++ b/.github/workflows/deploy-DEV.yml @@ -41,7 +41,7 @@ jobs: # Checkout the code base # ########################## - name: Checkout Code - uses: actions/checkout@v2 + uses: actions/checkout@v2.3.1 ################################### # Build image locally for testing # diff --git a/.github/workflows/deploy-PROD.yml b/.github/workflows/deploy-PROD.yml index b2306c80..3373f0da 100644 --- a/.github/workflows/deploy-PROD.yml +++ b/.github/workflows/deploy-PROD.yml @@ -35,7 +35,7 @@ jobs: # Checkout the code base # ########################## - name: Checkout Code - uses: actions/checkout@v2 + uses: actions/checkout@v2.3.1 ##################### # Run Deploy script # diff --git a/.github/workflows/deploy-RELEASE.yml b/.github/workflows/deploy-RELEASE.yml index 4417ed4b..1a44e903 100644 --- a/.github/workflows/deploy-RELEASE.yml +++ b/.github/workflows/deploy-RELEASE.yml @@ -35,7 +35,7 @@ jobs: # Checkout the code base # ########################## - name: Checkout Code - uses: actions/checkout@v2 + uses: actions/checkout@v2.3.1 ################################### # Run Deploy script for Dockerhub # diff --git a/.github/workflows/stack-linter.yml b/.github/workflows/stack-linter.yml index 71c2b00f..d301d0c4 100644 --- a/.github/workflows/stack-linter.yml +++ b/.github/workflows/stack-linter.yml @@ -35,7 +35,7 @@ jobs: # Checkout the code base # ########################## - name: Checkout Code - uses: actions/checkout@v2 + uses: actions/checkout@v2.3.1 ################################ # Run Linter against code base # diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index cff0986d..87dcde60 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -29,7 +29,7 @@ jobs: if: "github.event_name == 'schedule'" steps: - name: Mark issue stale - uses: actions/stale@v3 + uses: actions/stale@v3.0.7 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: "This issue has been automatically marked as stale because it has not had recent activity.\nIt will be closed in 14 days if no further activity occurs.\nThank you for your contributions.\n\nIf you think this issue should stay open, please remove the `O: stale 🤖` label or comment on the issue." @@ -50,7 +50,7 @@ jobs: if: "github.event_name == 'issue_comment' && contains(github.event.issue.labels.*.name, 'O: stale 🤖') && github.event.issue.user.type != 'Bot'" steps: - name: Mark issue not stale - uses: actions/github-script@v2 + uses: actions/github-script@v2.3.1 with: script: | github.issues.removeLabel({ diff --git a/.github/workflows/versioning.yml b/.github/workflows/versioning.yml index c95b118a..6c4959bf 100644 --- a/.github/workflows/versioning.yml +++ b/.github/workflows/versioning.yml @@ -32,12 +32,12 @@ jobs: ############################# # Check out the latest code # ############################# - - uses: actions/checkout@v2 + - uses: actions/checkout@v2.3.1 ###################### # Run the tag action # ###################### - - uses: Actions-R-Us/actions-tagger@latest + - uses: Actions-R-Us/actions-tagger@v2.0.0 with: publish_latest_tag: true env: