Pin dependencies (#628)

Co-authored-by: renovate-rancher[bot] <119870437+renovate-rancher[bot]@users.noreply.github.com>
2026-05-21 00:32:58 +00:00 · 2026-01-22 15:24:57 +01:00
parent cd6c962bcf
commit 511be5aa4e
8 changed files with 49 additions and 49 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -19,18 +19,18 @@ jobs:

    steps:
    - name: Checkout code
-      uses: actions/checkout@v4
+      uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4

    - name: Set up Go
-      uses: actions/setup-go@v5
+      uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
      with:
        go-version-file: go.mod
    
    - name: Set up QEMU
-      uses: docker/setup-qemu-action@v3
+      uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3

    - name: Run GoReleaser
-      uses: goreleaser/goreleaser-action@v6
+      uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6
      with:
        distribution: goreleaser
        version: v2
@@ -40,7 +40,7 @@ jobs:
        REGISTRY: ""

    - name: Run Trivy vulnerability scanner (k3kcli)
-      uses: aquasecurity/trivy-action@0.28.0
+      uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
      with:
        ignore-unfixed: true
        severity: 'MEDIUM,HIGH,CRITICAL'
@@ -50,13 +50,13 @@ jobs:
        output: 'trivy-results-k3kcli.sarif'

    - name: Upload Trivy scan results to GitHub Security tab (k3kcli)
-      uses: github/codeql-action/upload-sarif@v3
+      uses: github/codeql-action/upload-sarif@4bdb89f48054571735e3792627da6195c57459e2 # v3
      with:
        sarif_file: trivy-results-k3kcli.sarif
        category: k3kcli

    - name: Run Trivy vulnerability scanner (k3k)
-      uses: aquasecurity/trivy-action@0.28.0
+      uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
      with:
        ignore-unfixed: true
        severity: 'MEDIUM,HIGH,CRITICAL'
@@ -66,13 +66,13 @@ jobs:
        output: 'trivy-results-k3k.sarif'

    - name: Upload Trivy scan results to GitHub Security tab (k3k)
-      uses: github/codeql-action/upload-sarif@v3
+      uses: github/codeql-action/upload-sarif@4bdb89f48054571735e3792627da6195c57459e2 # v3
      with:
        sarif_file: trivy-results-k3k.sarif
        category: k3k

    - name: Run Trivy vulnerability scanner (k3k-kubelet)
-      uses: aquasecurity/trivy-action@0.28.0
+      uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
      with:
        ignore-unfixed: true
        severity: 'MEDIUM,HIGH,CRITICAL'
@@ -82,7 +82,7 @@ jobs:
        output: 'trivy-results-k3k-kubelet.sarif'

    - name: Upload Trivy scan results to GitHub Security tab (k3k-kubelet)
-      uses: github/codeql-action/upload-sarif@v3
+      uses: github/codeql-action/upload-sarif@4bdb89f48054571735e3792627da6195c57459e2 # v3
      with:
        sarif_file: trivy-results-k3k-kubelet.sarif
        category: k3k-kubelet