From 110d2a8aed294680bc9f42325669c6e3d8071e2f Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:29 -0700 Subject: [PATCH 01/20] chore: update actions/cache to v4.0.2 --- .github/actions/build-test-image/action.yml | 4 ++-- .github/workflows/gauntlet.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/build-test-image/action.yml b/.github/actions/build-test-image/action.yml index 1f66e0c0b..427b710f1 100644 --- a/.github/actions/build-test-image/action.yml +++ b/.github/actions/build-test-image/action.yml @@ -37,13 +37,13 @@ runs: - name: Cache cargo registry if: steps.check-image.outputs.exists == 'false' - uses: actions/cache@v2.1.7 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: ~/.cargo/registry key: ${{ runner.os }}-v2-cargo-registry-${{ hashFiles('**/Cargo.lock') }} - name: Cache cargo index if: steps.check-image.outputs.exists == 'false' - uses: actions/cache@v2.1.7 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: ~/.cargo/git key: ${{ runner.os }}-v2-cargo-index-${{ hashFiles('**/Cargo.lock') }} diff --git a/.github/workflows/gauntlet.yml b/.github/workflows/gauntlet.yml index 6c033bb63..f36185321 100644 --- a/.github/workflows/gauntlet.yml +++ b/.github/workflows/gauntlet.yml @@ -88,7 +88,7 @@ jobs: name: chainlink-cosmos authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' - name: Cache Wasmd Artifacts - uses: actions/cache@v3 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 id: cache-wasmd-artifacts env: cache-name: cache-wasmd-artifacts From e5191f0aa2952dd546fb41ef3b807b1539d16bd5 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:38 -0700 Subject: [PATCH 02/20] chore: update actions/checkout to v4.1.5 --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/contracts-release.yml | 2 +- .github/workflows/contracts.yml | 4 ++-- .github/workflows/gauntlet.yml | 8 ++++---- .github/workflows/golangci-lint.yml | 2 +- .github/workflows/integration-tests-docker.yml | 4 ++-- .github/workflows/integration-tests-publish.yml | 2 +- .github/workflows/integration-tests-smoke.yml | 4 ++-- .github/workflows/lint-gh-workflows.yml | 2 +- .github/workflows/relay.yml | 2 +- .github/workflows/sonar-scan.yml | 4 ++-- 11 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index b14465af7..5ff92733e 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -38,7 +38,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Set up (force) Go 1.18 uses: actions/setup-go@v1 with: diff --git a/.github/workflows/contracts-release.yml b/.github/workflows/contracts-release.yml index 10e094067..cf85e9975 100644 --- a/.github/workflows/contracts-release.yml +++ b/.github/workflows/contracts-release.yml @@ -10,7 +10,7 @@ jobs: name: Release Contracts runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Build Artifacts run: make contracts_compile - name: Create Release diff --git a/.github/workflows/contracts.yml b/.github/workflows/contracts.yml index 6bae8eb2f..b5dd19fb4 100644 --- a/.github/workflows/contracts.yml +++ b/.github/workflows/contracts.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 @@ -50,7 +50,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 diff --git a/.github/workflows/gauntlet.yml b/.github/workflows/gauntlet.yml index f36185321..e189e2ed1 100644 --- a/.github/workflows/gauntlet.yml +++ b/.github/workflows/gauntlet.yml @@ -10,7 +10,7 @@ jobs: CI: true runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 with: @@ -30,7 +30,7 @@ jobs: CI: true runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 with: @@ -50,7 +50,7 @@ jobs: CI: true runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 with: @@ -76,7 +76,7 @@ jobs: CI: true runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 with: diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 33cb21882..751b7c31b 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -8,7 +8,7 @@ jobs: name: Golang Lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - uses: smartcontractkit/tool-versions-to-env-action@v1.0.7 id: tool-versions - name: Setup go ${{ steps.tool-versions.outputs.golang_version }} diff --git a/.github/workflows/integration-tests-docker.yml b/.github/workflows/integration-tests-docker.yml index f74f656d3..552473c5e 100644 --- a/.github/workflows/integration-tests-docker.yml +++ b/.github/workflows/integration-tests-docker.yml @@ -32,7 +32,7 @@ jobs: fi - name: Checkout chainlink repo - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: repository: smartcontractkit/chainlink ref: ${{ env.CUSTOM_CORE_REF || env.DEFAULT_CORE_REF }} @@ -64,7 +64,7 @@ jobs: docker buildx build --build-arg COMMIT_SHA=$(git rev-parse HEAD) -t local_chainlink -f core/chainlink.Dockerfile . - name: Checkout sources - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Build contracts run: | diff --git a/.github/workflows/integration-tests-publish.yml b/.github/workflows/integration-tests-publish.yml index fe7a9af84..9f28cfbd4 100644 --- a/.github/workflows/integration-tests-publish.yml +++ b/.github/workflows/integration-tests-publish.yml @@ -30,7 +30,7 @@ jobs: this-job-name: Publish Integration Test Image continue-on-error: true - name: Checkout the repo - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: ref: ${{ github.sha }} - name: Build Image diff --git a/.github/workflows/integration-tests-smoke.yml b/.github/workflows/integration-tests-smoke.yml index 61fb52cff..5c86e0037 100644 --- a/.github/workflows/integration-tests-smoke.yml +++ b/.github/workflows/integration-tests-smoke.yml @@ -72,7 +72,7 @@ jobs: this-job-name: Build Test Image continue-on-error: true - name: Checkout the repo - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: ref: ${{ github.event.pull_request.head.sha }} - name: Build Image @@ -110,7 +110,7 @@ jobs: this-job-name: Run Smoke Tests continue-on-error: true - name: Checkout the repo - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 with: diff --git a/.github/workflows/lint-gh-workflows.yml b/.github/workflows/lint-gh-workflows.yml index 8fb9741b7..d2be85f96 100644 --- a/.github/workflows/lint-gh-workflows.yml +++ b/.github/workflows/lint-gh-workflows.yml @@ -7,6 +7,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out Code - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Run actionlint uses: reviewdog/action-actionlint@a0541743e79d2ce4ee65276807ac493a93149b7c # v1.23.0 diff --git a/.github/workflows/relay.yml b/.github/workflows/relay.yml index 6c22f6b3f..491f5a4ec 100644 --- a/.github/workflows/relay.yml +++ b/.github/workflows/relay.yml @@ -24,7 +24,7 @@ jobs: --health-retries 5 steps: - name: Checkout sources - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml index 024206e64..aba096681 100644 --- a/.github/workflows/sonar-scan.yml +++ b/.github/workflows/sonar-scan.yml @@ -13,7 +13,7 @@ jobs: if: always() steps: - name: Checkout Repository - uses: actions/checkout@v3 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: ref: ${{ github.event.pull_request.head.sha || github.event.merge_group.head_sha }} @@ -36,7 +36,7 @@ jobs: if: always() steps: - name: Checkout the repo - uses: actions/checkout@v3 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: fetch-depth: 0 # fetches all history for all tags and branches to provide more metadata for sonar reports From 03b9d76967299dfdedf8fa0ed340ee1dc5cbd864 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:39 -0700 Subject: [PATCH 03/20] chore: update actions/setup-go to v5.0.1 --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/golangci-lint.yml | 2 +- .github/workflows/integration-tests-docker.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 5ff92733e..9f8d74be8 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -40,7 +40,7 @@ jobs: - name: Checkout repository uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Set up (force) Go 1.18 - uses: actions/setup-go@v1 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: go-version: 1.21 id: go diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 751b7c31b..79a2bddee 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -12,7 +12,7 @@ jobs: - uses: smartcontractkit/tool-versions-to-env-action@v1.0.7 id: tool-versions - name: Setup go ${{ steps.tool-versions.outputs.golang_version }} - uses: actions/setup-go@v2 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: go-version: ${{ steps.tool-versions.outputs.golang_version }} - name: golangci-lint diff --git a/.github/workflows/integration-tests-docker.yml b/.github/workflows/integration-tests-docker.yml index 552473c5e..d743dcae2 100644 --- a/.github/workflows/integration-tests-docker.yml +++ b/.github/workflows/integration-tests-docker.yml @@ -45,7 +45,7 @@ jobs: echo "GO_VERSION=${go_version}" >> "${GITHUB_OUTPUT}" - name: Set up Go - uses: actions/setup-go@v2 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: go-version: ${{ steps.tool_versions.outputs.GO_VERSION }} From f98382b3afadf5c08379486c52c2d15bbde8d386 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:40 -0700 Subject: [PATCH 04/20] chore: update actions/upload-artifact to v4.3.3 --- .github/actions/build-test-image/action.yml | 2 +- .github/workflows/gauntlet.yml | 4 ++-- .github/workflows/golangci-lint.yml | 2 +- .github/workflows/relay.yml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/actions/build-test-image/action.yml b/.github/actions/build-test-image/action.yml index 427b710f1..271ce8184 100644 --- a/.github/actions/build-test-image/action.yml +++ b/.github/actions/build-test-image/action.yml @@ -53,7 +53,7 @@ runs: run: make contracts_compile - name: Upload Artifacts if: steps.check-image.outputs.exists == 'false' - uses: actions/upload-artifact@master + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: artifacts path: ${{ inputs.artifacts_path }} diff --git a/.github/workflows/gauntlet.yml b/.github/workflows/gauntlet.yml index e189e2ed1..bd0cc3f17 100644 --- a/.github/workflows/gauntlet.yml +++ b/.github/workflows/gauntlet.yml @@ -65,7 +65,7 @@ jobs: - run: nix develop -c yarn eslint - name: Upload eslint report if: always() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: gauntlet-eslint-report path: ./eslint-report.json @@ -105,7 +105,7 @@ jobs: - name: Upload test coverage report if: always() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: typescript-test-coverage path: ./coverage/lcov.info diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 79a2bddee..d6b1b7797 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -26,7 +26,7 @@ jobs: run: test -f golangci-lint-report.xml && cat golangci-lint-report.xml || true - name: Store lint report artifact if: always() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: golangci-lint-report path: golangci-lint-report.xml diff --git a/.github/workflows/relay.yml b/.github/workflows/relay.yml index 491f5a4ec..49e8e8aa5 100644 --- a/.github/workflows/relay.yml +++ b/.github/workflows/relay.yml @@ -49,7 +49,7 @@ jobs: - name: Upload Go test results if: always() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: go-test-results path: | From 37fea2f007438223eb6278e127e56c3932225c06 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:41 -0700 Subject: [PATCH 05/20] chore: update cachix/cachix-action to v14 --- .github/workflows/contracts.yml | 4 ++-- .github/workflows/gauntlet.yml | 8 ++++---- .github/workflows/relay.yml | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/contracts.yml b/.github/workflows/contracts.yml index b5dd19fb4..2ebac1edc 100644 --- a/.github/workflows/contracts.yml +++ b/.github/workflows/contracts.yml @@ -25,7 +25,7 @@ jobs: extra_nix_config: "sandbox = false" - name: Cache Nix - uses: cachix/cachix-action@v12 + uses: cachix/cachix-action@18cf96c7c98e048e10a83abd92116114cd8504be # v14 with: name: chainlink-cosmos authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' @@ -59,7 +59,7 @@ jobs: extra_nix_config: "sandbox = false" - name: Cache Nix - uses: cachix/cachix-action@v12 + uses: cachix/cachix-action@18cf96c7c98e048e10a83abd92116114cd8504be # v14 with: name: chainlink-cosmos authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' diff --git a/.github/workflows/gauntlet.yml b/.github/workflows/gauntlet.yml index bd0cc3f17..8afebc02a 100644 --- a/.github/workflows/gauntlet.yml +++ b/.github/workflows/gauntlet.yml @@ -17,7 +17,7 @@ jobs: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" - name: Cache Nix - uses: cachix/cachix-action@v12 + uses: cachix/cachix-action@18cf96c7c98e048e10a83abd92116114cd8504be # v14 with: name: chainlink-cosmos authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' @@ -37,7 +37,7 @@ jobs: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" - name: Cache Nix - uses: cachix/cachix-action@v12 + uses: cachix/cachix-action@18cf96c7c98e048e10a83abd92116114cd8504be # v14 with: name: chainlink-cosmos authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' @@ -57,7 +57,7 @@ jobs: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" - name: Cache Nix - uses: cachix/cachix-action@v12 + uses: cachix/cachix-action@18cf96c7c98e048e10a83abd92116114cd8504be # v14 with: name: chainlink-cosmos authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' @@ -83,7 +83,7 @@ jobs: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" - name: Cache Nix - uses: cachix/cachix-action@v12 + uses: cachix/cachix-action@18cf96c7c98e048e10a83abd92116114cd8504be # v14 with: name: chainlink-cosmos authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' diff --git a/.github/workflows/relay.yml b/.github/workflows/relay.yml index 49e8e8aa5..cca83eda2 100644 --- a/.github/workflows/relay.yml +++ b/.github/workflows/relay.yml @@ -33,7 +33,7 @@ jobs: extra_nix_config: "sandbox = false" - name: Cache Nix - uses: cachix/cachix-action@v12 + uses: cachix/cachix-action@18cf96c7c98e048e10a83abd92116114cd8504be # v14 with: name: chainlink-cosmos authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' From 1f35b7e4af2962e26c4ca7c705f88015bef1fc2e Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:41 -0700 Subject: [PATCH 06/20] chore: update cachix/install-nix-action to v27 --- .github/workflows/contracts.yml | 4 ++-- .github/workflows/gauntlet.yml | 8 ++++---- .github/workflows/integration-tests-smoke.yml | 2 +- .github/workflows/relay.yml | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/contracts.yml b/.github/workflows/contracts.yml index 2ebac1edc..217175ee5 100644 --- a/.github/workflows/contracts.yml +++ b/.github/workflows/contracts.yml @@ -19,7 +19,7 @@ jobs: uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix - uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 + uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 with: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" @@ -53,7 +53,7 @@ jobs: uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix - uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 + uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 with: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" diff --git a/.github/workflows/gauntlet.yml b/.github/workflows/gauntlet.yml index 8afebc02a..77ab55450 100644 --- a/.github/workflows/gauntlet.yml +++ b/.github/workflows/gauntlet.yml @@ -12,7 +12,7 @@ jobs: steps: - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix - uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 + uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 with: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" @@ -32,7 +32,7 @@ jobs: steps: - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix - uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 + uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 with: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" @@ -52,7 +52,7 @@ jobs: steps: - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix - uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 + uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 with: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" @@ -78,7 +78,7 @@ jobs: steps: - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix - uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 + uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 with: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" diff --git a/.github/workflows/integration-tests-smoke.yml b/.github/workflows/integration-tests-smoke.yml index 5c86e0037..e23b4f803 100644 --- a/.github/workflows/integration-tests-smoke.yml +++ b/.github/workflows/integration-tests-smoke.yml @@ -112,7 +112,7 @@ jobs: - name: Checkout the repo uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix - uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 + uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 with: nix_path: nixpkgs=channel:nixos-unstable - name: Run Tests diff --git a/.github/workflows/relay.yml b/.github/workflows/relay.yml index cca83eda2..1d31a1428 100644 --- a/.github/workflows/relay.yml +++ b/.github/workflows/relay.yml @@ -27,7 +27,7 @@ jobs: uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix - uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 + uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 with: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" From 2b449e64fbc5087a9ff3b92cf3555972f0fd1446 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:42 -0700 Subject: [PATCH 07/20] chore: update dawidd6/action-download-artifact to v3.1.4 --- .github/workflows/sonar-scan.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml index aba096681..399ea35a9 100644 --- a/.github/workflows/sonar-scan.yml +++ b/.github/workflows/sonar-scan.yml @@ -41,7 +41,7 @@ jobs: fetch-depth: 0 # fetches all history for all tags and branches to provide more metadata for sonar reports - name: Download Golangci report - uses: dawidd6/action-download-artifact@v2.27.0 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 with: workflow: golangci-lint.yml workflow_conclusion: "" @@ -49,7 +49,7 @@ jobs: if_no_artifact_found: warn - name: Download relay test reports - uses: dawidd6/action-download-artifact@v2.27.0 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 with: workflow: relay.yml workflow_conclusion: "" @@ -57,7 +57,7 @@ jobs: if_no_artifact_found: warn - name: Download gauntlet test reports - uses: dawidd6/action-download-artifact@v2.27.0 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 with: workflow: gauntlet.yml workflow_conclusion: "" @@ -66,7 +66,7 @@ jobs: if_no_artifact_found: warn - name: Download gauntlet eslint reports - uses: dawidd6/action-download-artifact@v2.27.0 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 with: workflow: gauntlet.yml workflow_conclusion: "" From cb4cfbe977736ae4c02bf869036489d1d9b90ac7 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:42 -0700 Subject: [PATCH 08/20] chore: update github/codeql-action/analyze to v3.25.6 --- .github/workflows/codeql-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 9f8d74be8..6129c50ed 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -72,4 +72,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6 From 9ee34eaa93cd668ef252558f4baa2444875b4b1f Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:43 -0700 Subject: [PATCH 09/20] chore: update github/codeql-action/autobuild to v3.25.6 --- .github/workflows/codeql-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6129c50ed..a41290216 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -58,7 +58,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v1 + uses: github/codeql-action/autobuild@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl From 4d1a3c056ded52733e8755cb953f4790ac2a56eb Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:43 -0700 Subject: [PATCH 10/20] chore: update github/codeql-action/init to v3.25.6 --- .github/workflows/codeql-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a41290216..ebc0c3321 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -47,7 +47,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. From 89ba061884ae59c89ac65c7bd15d901b1e57fb49 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:44 -0700 Subject: [PATCH 11/20] chore: update golangci/golangci-lint-action to v6.0.1 --- .github/workflows/golangci-lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index d6b1b7797..64bbd6a3d 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -16,7 +16,7 @@ jobs: with: go-version: ${{ steps.tool-versions.outputs.golang_version }} - name: golangci-lint - uses: golangci/golangci-lint-action@v3 + uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6.0.1 with: version: v${{ steps.tool-versions.outputs.golangci-lint_version }} args: --timeout=5m0s --tests=false --out-format checkstyle:golangci-lint-report.xml From 735dbca0600aa6624966005931b1f60e9e9c7f03 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:44 -0700 Subject: [PATCH 12/20] chore: update reviewdog/action-actionlint to v1.45.0 --- .github/workflows/lint-gh-workflows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-gh-workflows.yml b/.github/workflows/lint-gh-workflows.yml index d2be85f96..1e943e88c 100644 --- a/.github/workflows/lint-gh-workflows.yml +++ b/.github/workflows/lint-gh-workflows.yml @@ -9,4 +9,4 @@ jobs: - name: Check out Code uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Run actionlint - uses: reviewdog/action-actionlint@a0541743e79d2ce4ee65276807ac493a93149b7c # v1.23.0 + uses: reviewdog/action-actionlint@51bfb044ddaed55059d16f14daedbe05a9937dc1 # v1.45.0 From 8b82c1f099d69911db3a11863dcfebfc44bd4521 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:45 -0700 Subject: [PATCH 13/20] chore: update chainlink-testing-framework/* to v2.3.19 --- .github/workflows/integration-tests-smoke.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/integration-tests-smoke.yml b/.github/workflows/integration-tests-smoke.yml index e23b4f803..4cdf206bf 100644 --- a/.github/workflows/integration-tests-smoke.yml +++ b/.github/workflows/integration-tests-smoke.yml @@ -42,7 +42,7 @@ jobs: AWS_ROLE_TO_ASSUME: ${{ secrets.QA_AWS_ROLE_TO_ASSUME }} - name: Build Image if: steps.check-image.outputs.exists == 'false' - uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/build-image@2c9f401149f6c25fb632067b7e6626aebeee5d69 + uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/build-image@fc3e0df622521019f50d772726d6bf8dc919dd38 # v2.3.19 with: cl_repo: smartcontractkit/chainlink cl_ref: ${{ github.event.inputs.cl_branch_ref }} @@ -116,7 +116,7 @@ jobs: with: nix_path: nixpkgs=channel:nixos-unstable - name: Run Tests - uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@8489879838862929f43f7d7cd1b33903965cf507 # v2.1.6 + uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: test_command_to_run: make test-integration-smoke-ci cl_repo: ${{ env.CL_ECR }} From 5787cf9cd721b06963d2f41ef165ab403c8c3c72 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:46 -0700 Subject: [PATCH 14/20] chore: update docker/build-push to v2.3.16 --- .github/actions/build-test-image/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/build-test-image/action.yml b/.github/actions/build-test-image/action.yml index 271ce8184..fde06b0df 100644 --- a/.github/actions/build-test-image/action.yml +++ b/.github/actions/build-test-image/action.yml @@ -60,7 +60,7 @@ runs: - name: Build and Publish Test Runner if: steps.check-image.outputs.exists == 'false' - uses: smartcontractkit/chainlink-github-actions/docker/build-push@8489879838862929f43f7d7cd1b33903965cf507 # v2.1.6 + uses: smartcontractkit/chainlink-github-actions/docker/build-push@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: tags: | ${{ inputs.QA_AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ inputs.QA_AWS_REGION }}.amazonaws.com/chainlink-cosmos-tests:${{ inputs.tag }} From 33c148e152246247227189590c4b7ed8b5add816 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:47 -0700 Subject: [PATCH 15/20] chore: update docker/image-exists to v2.3.16 --- .github/actions/build-test-image/action.yml | 2 +- .github/workflows/integration-tests-smoke.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/build-test-image/action.yml b/.github/actions/build-test-image/action.yml index fde06b0df..04290aa8c 100644 --- a/.github/actions/build-test-image/action.yml +++ b/.github/actions/build-test-image/action.yml @@ -28,7 +28,7 @@ runs: steps: - name: Check if image exists id: check-image - uses: smartcontractkit/chainlink-github-actions/docker/image-exists@8489879838862929f43f7d7cd1b33903965cf507 # v2.1.6 + uses: smartcontractkit/chainlink-github-actions/docker/image-exists@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: repository: chainlink-cosmos-tests tag: ${{ inputs.tag }} diff --git a/.github/workflows/integration-tests-smoke.yml b/.github/workflows/integration-tests-smoke.yml index 4cdf206bf..d8515269c 100644 --- a/.github/workflows/integration-tests-smoke.yml +++ b/.github/workflows/integration-tests-smoke.yml @@ -34,7 +34,7 @@ jobs: steps: - name: Check if image exists id: check-image - uses: smartcontractkit/chainlink-github-actions/docker/image-exists@2c9f401149f6c25fb632067b7e6626aebeee5d69 # v2.1.6 + uses: smartcontractkit/chainlink-github-actions/docker/image-exists@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: repository: chainlink tag: cosmos.${{ github.sha }} From e34076d988e34473a29170891618cc1cf9f2f89e Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:47 -0700 Subject: [PATCH 16/20] chore: update utils/wait-for-workflows to v2.3.16 --- .github/workflows/sonar-scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml index 399ea35a9..ba253a25f 100644 --- a/.github/workflows/sonar-scan.yml +++ b/.github/workflows/sonar-scan.yml @@ -19,7 +19,7 @@ jobs: - name: Wait for Workflows id: wait - uses: smartcontractkit/chainlink-github-actions/utils/wait-for-workflows@main + uses: smartcontractkit/chainlink-github-actions/utils/wait-for-workflows@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: max-timeout: "1200" polling-interval: "30" From 13120c949a3f4b4616739b2ab256ed2cfa2cfed9 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:48 -0700 Subject: [PATCH 17/20] chore: update smartcontractkit/push-gha-metrics-action to v3.0.0 --- .github/workflows/integration-tests-publish.yml | 3 ++- .github/workflows/integration-tests-smoke.yml | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/integration-tests-publish.yml b/.github/workflows/integration-tests-publish.yml index 9f28cfbd4..abf9d2894 100644 --- a/.github/workflows/integration-tests-publish.yml +++ b/.github/workflows/integration-tests-publish.yml @@ -23,8 +23,9 @@ jobs: steps: - name: Collect Metrics id: collect-gha-metrics - uses: smartcontractkit/push-gha-metrics-action@v1 + uses: smartcontractkit/push-gha-metrics-action@dea9b546553cb4ca936607c2267a09c004e4ab3f # v3.0.0 with: + id: integration-tests-publish basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} hostname: ${{ secrets.GRAFANA_CLOUD_HOST }} this-job-name: Publish Integration Test Image diff --git a/.github/workflows/integration-tests-smoke.yml b/.github/workflows/integration-tests-smoke.yml index d8515269c..41398376b 100644 --- a/.github/workflows/integration-tests-smoke.yml +++ b/.github/workflows/integration-tests-smoke.yml @@ -65,8 +65,9 @@ jobs: steps: - name: Collect Metrics id: collect-gha-metrics - uses: smartcontractkit/push-gha-metrics-action@v1 + uses: smartcontractkit/push-gha-metrics-action@dea9b546553cb4ca936607c2267a09c004e4ab3f # v3.0.0 with: + id: integration-tests-smoke-build-test-image basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} hostname: ${{ secrets.GRAFANA_CLOUD_HOST }} this-job-name: Build Test Image @@ -103,8 +104,9 @@ jobs: - name: Collect Metrics if: always() id: collect-gha-metrics - uses: smartcontractkit/push-gha-metrics-action@808c183d1f5c26a4f3fd50b75d3cf7b58d9aa293 + uses: smartcontractkit/push-gha-metrics-action@dea9b546553cb4ca936607c2267a09c004e4ab3f # v3.0.0 with: + id: integration-tests-smoke-run-tests basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} hostname: ${{ secrets.GRAFANA_CLOUD_HOST }} this-job-name: Run Smoke Tests From c33d54224ebaac6f3a6a368c3342f57b234232b5 Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:48 -0700 Subject: [PATCH 18/20] chore: update smartcontractkit/tool-versions-to-env-action to v1.0.8 --- .github/workflows/golangci-lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 64bbd6a3d..f0532cde2 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - - uses: smartcontractkit/tool-versions-to-env-action@v1.0.7 + - uses: smartcontractkit/tool-versions-to-env-action@aabd5efbaf28005284e846c5cf3a02f2cba2f4c2 # v1.0.8 id: tool-versions - name: Setup go ${{ steps.tool-versions.outputs.golang_version }} uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 From 09ac896fd2f890b9593a39550ac3fab28827cb9a Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:49 -0700 Subject: [PATCH 19/20] chore: update softprops/action-gh-release to v2.0.5 --- .github/workflows/contracts-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/contracts-release.yml b/.github/workflows/contracts-release.yml index cf85e9975..ed4132edc 100644 --- a/.github/workflows/contracts-release.yml +++ b/.github/workflows/contracts-release.yml @@ -14,7 +14,7 @@ jobs: - name: Build Artifacts run: make contracts_compile - name: Create Release - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5 with: files: | ./artifacts/* From 78e6885d749c70a8dab0fc46989795ee6a52786c Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Wed, 29 May 2024 15:43:49 -0700 Subject: [PATCH 20/20] chore: update sonarsource/sonarqube-scan-action to v2.0.2 --- .github/workflows/sonar-scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml index ba253a25f..2188c6b1b 100644 --- a/.github/workflows/sonar-scan.yml +++ b/.github/workflows/sonar-scan.yml @@ -89,7 +89,7 @@ jobs: run: sed -i 's+/home/runner/work/feeds-manager/feeds-manager/+/github/workspace/+g' ${{ steps.sonarqube_report_paths.outputs.sonarqube_eslint_report_paths }} - name: SonarQube Scan - uses: sonarsource/sonarqube-scan-action@a6ba0aafc293e03de5437af7edbc97f7d3ebc91a # v1.2.0 + uses: sonarsource/sonarqube-scan-action@53c3e3207fe4b8d52e2f1ac9d6eb1d2506f626c0 # v2.0.2 with: args: > -Dsonar.go.tests.reportPaths=${{ steps.sonarqube_report_paths.outputs.sonarqube_go_tests_report_paths }}