diff --git a/.github/workflows/.dco.yml b/.github/workflows/.dco.yml index dabaef336d..152226373c 100644 --- a/.github/workflows/.dco.yml +++ b/.github/workflows/.dco.yml @@ -25,19 +25,19 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 - name: Dump context - uses: actions/github-script@v8 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 with: script: | console.log(JSON.stringify(context, null, 2)); - name: Get base ref id: base-ref - uses: actions/github-script@v8 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 with: result-encoding: string script: | diff --git a/.github/workflows/.test-unit.yml b/.github/workflows/.test-unit.yml index ebc6e30010..40f7843a09 100644 --- a/.github/workflows/.test-unit.yml +++ b/.github/workflows/.test-unit.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up runner uses: ./.github/actions/setup-runner @@ -58,7 +58,7 @@ jobs: buildkitd-flags: --debug - name: Build dev image - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: dev set: | @@ -78,7 +78,7 @@ jobs: tree -nh /tmp/reports - name: Send to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5 with: directory: ./bundles env_vars: RUNNER_OS @@ -87,7 +87,7 @@ jobs: - name: Upload reports if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: test-reports-unit--${{ matrix.mode }} path: /tmp/reports/* @@ -103,13 +103,13 @@ jobs: steps: - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false - name: Download reports - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: pattern: test-reports-unit-* path: /tmp/reports diff --git a/.github/workflows/.test.yml b/.github/workflows/.test.yml index f2bad07ae1..c588e19826 100644 --- a/.github/workflows/.test.yml +++ b/.github/workflows/.test.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up runner uses: ./.github/actions/setup-runner @@ -55,7 +55,7 @@ jobs: buildkitd-flags: --debug - name: Build dev image - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: dev set: | @@ -82,7 +82,7 @@ jobs: - name: Upload reports if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: test-reports-docker-py-${{ inputs.storage }} path: /tmp/reports/* @@ -95,7 +95,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up runner uses: ./.github/actions/setup-runner @@ -108,7 +108,7 @@ jobs: buildkitd-flags: --debug - name: Build dev image - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: dev set: | @@ -130,7 +130,7 @@ jobs: - name: Create matrix includes id: set - uses: actions/github-script@v8 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 with: script: | let includes = [ @@ -169,7 +169,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up runner uses: ./.github/actions/setup-runner @@ -204,7 +204,7 @@ jobs: buildkitd-flags: --debug - name: Build dev image - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: dev set: | @@ -236,7 +236,7 @@ jobs: tree -nh $reportsPath - name: Send to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5 with: directory: ./bundles/test-integration env_vars: RUNNER_OS @@ -250,7 +250,7 @@ jobs: - name: Upload reports if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: test-reports-integration-${{ inputs.storage }}-${{ env.TESTREPORTS_NAME }} path: /tmp/reports/* @@ -266,13 +266,13 @@ jobs: steps: - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false - name: Download reports - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: path: /tmp/reports pattern: test-reports-integration-${{ inputs.storage }}-* @@ -295,10 +295,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false @@ -321,7 +321,7 @@ jobs: - name: Create gha matrix id: set - uses: actions/github-script@v8 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 with: script: | let matrix = { @@ -393,7 +393,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up runner uses: ./.github/actions/setup-runner @@ -421,7 +421,7 @@ jobs: buildkitd-flags: --debug - name: Build dev image - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: dev set: | @@ -452,7 +452,7 @@ jobs: tree -nh $reportsPath - name: Send to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5 with: directory: ./bundles/test-integration env_vars: RUNNER_OS @@ -466,7 +466,7 @@ jobs: - name: Upload reports if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: test-reports-integration-cli-${{ inputs.storage }}-${{ matrix.mode }}-${{ env.TESTREPORTS_NAME }} path: /tmp/reports/* @@ -482,13 +482,13 @@ jobs: steps: - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false - name: Download reports - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: path: /tmp/reports pattern: test-reports-integration-cli-${{ inputs.storage }}-${{ matrix.mode }}-* diff --git a/.github/workflows/.vm.yml b/.github/workflows/.vm.yml index 3df09cdd92..105274ec0d 100644 --- a/.github/workflows/.vm.yml +++ b/.github/workflows/.vm.yml @@ -45,7 +45,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Lima uses: lima-vm/lima-actions/setup@55627e31b78637bf254a8b2a14da8ea7d12564e5 # v1.1.0 @@ -54,7 +54,7 @@ jobs: version: v2.0.2 - name: Cache ~/.cache/lima - uses: actions/cache@v5 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5 with: path: ~/.cache/lima key: lima-${{ steps.lima-actions-setup.outputs.version }}-${{ inputs.template }} @@ -67,7 +67,9 @@ jobs: --cpus=4 \ --memory=12 \ --plain \ - ${{ inputs.template }} + ${INPUTS_TEMPLATE} + env: + INPUTS_TEMPLATE: ${{ inputs.template }} - name: Load kernel modules in the guest VM run: | @@ -142,13 +144,15 @@ jobs: # TODO: enable GHA cache? LIMA_WORKDIR=/tmp/docker lima \ TEST_SKIP_INTEGRATION_CLI=1 \ - TEST_INTEGRATION_DIR="${{ inputs.integration_dir }}" \ + TEST_INTEGRATION_DIR="${INPUTS_INTEGRATION_DIR}" \ TEST_INTEGRATION_USE_GRAPHDRIVER=1 \ DOCKER_ROOTLESS=${DOCKER_ROOTLESS} \ DOCKER_GRAPHDRIVER=${DOCKER_GRAPHDRIVER} \ DOCKER_IGNORE_BR_NETFILTER_ERROR=${DOCKER_IGNORE_BR_NETFILTER_ERROR} \ TIMEOUT=15m \ make test-integration + env: + INPUTS_INTEGRATION_DIR: ${{ inputs.integration_dir }} - name: Prepare reports if: always() @@ -176,7 +180,7 @@ jobs: - name: Upload reports if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: test-reports-integration-${{ env.TESTREPORTS_NAME }} path: /tmp/reports/* @@ -192,7 +196,7 @@ jobs: steps: - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false @@ -204,7 +208,7 @@ jobs: echo "TESTREPORTS_NAME=${TEMPLATE}*" >> $GITHUB_ENV - name: Download reports - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: path: /tmp/reports pattern: test-reports-integration-${{ env.TESTREPORTS_NAME }} diff --git a/.github/workflows/.windows.yml b/.github/workflows/.windows.yml index 418c5e0d3e..a2be0c067b 100644 --- a/.github/workflows/.windows.yml +++ b/.github/workflows/.windows.yml @@ -53,7 +53,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: path: ${{ env.GOPATH }}/src/github.com/docker/docker - @@ -100,7 +100,7 @@ jobs: Get-ChildItem -Path ${{ env.BIN_OUT }} - name: Upload artifacts - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: build-${{ inputs.storage }}-${{ inputs.os }} path: ${{ env.BIN_OUT }}/* @@ -119,7 +119,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: path: ${{ env.GOPATH }}/src/github.com/docker/docker - @@ -158,7 +158,7 @@ jobs: - name: Send to Codecov if: inputs.send_coverage - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5 with: working-directory: ${{ env.GOPATH }}\src\github.com\docker\docker directory: bundles @@ -168,7 +168,7 @@ jobs: - name: Upload reports if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: ${{ inputs.os }}-${{ inputs.storage }}-unit-reports path: ${{ env.GOPATH }}\src\github.com\docker\docker\bundles\* @@ -183,13 +183,13 @@ jobs: steps: - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false - name: Download artifacts - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: name: ${{ inputs.os }}-${{ inputs.storage }}-unit-reports path: /tmp/artifacts @@ -210,10 +210,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false @@ -266,12 +266,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: path: ${{ env.GOPATH }}/src/github.com/docker/docker - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false @@ -297,7 +297,7 @@ jobs: Get-ChildItem Env: | Out-String - name: Download artifacts - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: name: build-${{ inputs.storage }}-${{ inputs.os }} path: ${{ env.BIN_OUT }} @@ -443,7 +443,7 @@ jobs: - name: Send to Codecov if: inputs.send_coverage - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5 with: working-directory: ${{ env.GOPATH }}\src\github.com\docker\docker directory: bundles @@ -482,7 +482,7 @@ jobs: - name: Upload reports if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: ${{ inputs.os }}-${{ inputs.storage }}-integration-reports-${{ matrix.runtime }}-${{ env.TESTREPORTS_NAME }} path: ${{ env.GOPATH }}\src\github.com\docker\docker\bundles\* @@ -509,13 +509,13 @@ jobs: steps: - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false - name: Download reports - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: path: /tmp/reports pattern: ${{ inputs.os }}-${{ inputs.storage }}-integration-reports-${{ matrix.runtime }}-* diff --git a/.github/workflows/arm64.yml b/.github/workflows/arm64.yml index 1f7276cbcf..908d4e7347 100644 --- a/.github/workflows/arm64.yml +++ b/.github/workflows/arm64.yml @@ -56,7 +56,7 @@ jobs: buildkitd-flags: --debug - name: Build - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: ${{ matrix.target }} - @@ -84,7 +84,7 @@ jobs: buildkitd-flags: --debug - name: Build dev image - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: dev set: | @@ -101,7 +101,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up runner uses: ./.github/actions/setup-runner @@ -117,7 +117,7 @@ jobs: uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 - name: Build dev image - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: dev set: | @@ -137,7 +137,7 @@ jobs: tree -nh /tmp/reports - name: Send to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5 with: directory: ./bundles env_vars: RUNNER_OS @@ -146,7 +146,7 @@ jobs: - name: Upload reports if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: test-reports-unit-arm64-graphdriver path: /tmp/reports/* @@ -162,13 +162,13 @@ jobs: steps: - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false - name: Download reports - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: pattern: test-reports-unit-arm64-* path: /tmp/reports @@ -191,7 +191,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up runner uses: ./.github/actions/setup-runner @@ -210,7 +210,7 @@ jobs: uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 - name: Build dev image - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: dev set: | @@ -236,7 +236,7 @@ jobs: tree -nh $reportsPath - name: Send to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5 with: directory: ./bundles/test-integration env_vars: RUNNER_OS @@ -250,7 +250,7 @@ jobs: - name: Upload reports if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: test-reports-integration-arm64-graphdriver path: /tmp/reports/* @@ -266,13 +266,13 @@ jobs: steps: - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false - name: Download reports - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: path: /tmp/reports pattern: test-reports-integration-arm64-* diff --git a/.github/workflows/bin-image.yml b/.github/workflows/bin-image.yml index 4d19448530..dd29ec97a6 100644 --- a/.github/workflows/bin-image.yml +++ b/.github/workflows/bin-image.yml @@ -32,7 +32,7 @@ jobs: build: if: ${{ !failure() && !cancelled() && (github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only')) }} - uses: docker/github-builder/.github/workflows/bake.yml@v1 + uses: docker/github-builder@70313223e2665c3211b454b3fea6534624e78d64 # v1 needs: - validate-dco permissions: diff --git a/.github/workflows/buildkit.yml b/.github/workflows/buildkit.yml index 3cad15e994..154c495fce 100644 --- a/.github/workflows/buildkit.yml +++ b/.github/workflows/buildkit.yml @@ -48,12 +48,12 @@ jobs: buildkitd-flags: --debug - name: Build - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: binary - name: Upload artifacts - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: binary path: ${{ env.DESTDIR }} @@ -97,15 +97,15 @@ jobs: # https://github.com/moby/buildkit/blob/567a99433ca23402d5e9b9f9124005d2e59b8861/client/client_test.go#L5407-L5411 - name: Expose GitHub Runtime - uses: crazy-max/ghaction-github-runtime@v4 + uses: crazy-max/ghaction-github-runtime@04d248b84655b509d8c44dc1d6f990c879747487 # v4 - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: path: moby - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false @@ -116,7 +116,7 @@ jobs: working-directory: moby - name: Checkout BuildKit ${{ env.BUILDKIT_REF }} - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: repository: ${{ env.BUILDKIT_REPO }} ref: ${{ env.BUILDKIT_REF }} @@ -133,7 +133,7 @@ jobs: buildkitd-flags: --debug - name: Download binary artifacts - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: name: binary path: ./buildkit/build/moby/ @@ -146,7 +146,7 @@ jobs: docker info - name: Build test image - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: source: ./buildkit targets: integration-tests @@ -183,7 +183,7 @@ jobs: working-directory: ${{ env.GOPATH }}/src/github.com/docker/docker steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: path: ${{ env.GOPATH }}/src/github.com/docker/docker @@ -198,7 +198,7 @@ jobs: echo "WINDOWS_BASE_IMAGE_TAG=${{ env.WINDOWS_BASE_TAG_2022 }}" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf-8 -Append - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false @@ -224,7 +224,7 @@ jobs: go install github.com/distribution/distribution/v3/cmd/registry@latest - name: Checkout BuildKit - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: repository: moby/buildkit ref: master @@ -247,7 +247,7 @@ jobs: cp ${{ env.GOPATH }}\bin\buildctl.exe ${{ env.BIN_OUT }} - name: Upload artifacts - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: build-windows path: ${{ env.BIN_OUT }}/* @@ -303,15 +303,15 @@ jobs: echo "BUILDKIT_TEST_DISABLE_FEATURES=${disabledFeatures}" >> $GITHUB_ENV - name: Expose GitHub Runtime - uses: crazy-max/ghaction-github-runtime@v4 + uses: crazy-max/ghaction-github-runtime@04d248b84655b509d8c44dc1d6f990c879747487 # v4 - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: path: moby - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false @@ -323,14 +323,14 @@ jobs: working-directory: moby - name: Checkout BuildKit ${{ env.BUILDKIT_REF }} - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: repository: ${{ env.BUILDKIT_REPO }} ref: ${{ env.BUILDKIT_REF }} path: buildkit - name: Download Moby artifacts - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: name: build-windows path: ${{ env.BIN_OUT }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0659644132..1f9bceaa0b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -52,7 +52,7 @@ jobs: buildkitd-flags: --debug - name: Build - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: ${{ matrix.target }} - @@ -75,7 +75,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Create matrix id: platforms @@ -113,7 +113,7 @@ jobs: buildkitd-flags: --debug - name: Build - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: all set: | @@ -146,7 +146,7 @@ jobs: buildkitd-flags: --debug - name: Run - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: govulncheck env: @@ -154,7 +154,7 @@ jobs: - name: Upload SARIF report if: ${{ github.event_name != 'pull_request' && github.repository == 'moby/moby' }} - uses: github/codeql-action/upload-sarif@v4 + uses: github/codeql-action@38697555549f1db7851b81482ff19f1fa5c4fedc # v4 with: sarif_file: ${{ env.DESTDIR }}/govulncheck.out @@ -173,7 +173,7 @@ jobs: buildkitd-flags: --debug - name: Build dind image - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: dind set: | diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 927394df1f..7986c3cd7b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -47,21 +47,21 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 2 - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: ${{ env.GO_VERSION }} cache: false - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1 with: languages: go - name: Autobuild - uses: github/codeql-action/autobuild@v4 + uses: github/codeql-action/autobuild@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1 with: category: "/language:go" diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index f4f1fa1d30..41ab65a400 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Labels - uses: actions/labeler@v6 + uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6 with: sync-labels: false diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b32a50237f..5d7899343c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -61,7 +61,7 @@ jobs: buildkitd-flags: --debug - name: Build dev image - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: dev set: | @@ -71,7 +71,7 @@ jobs: - name: Cache dev image if: matrix.mode == '' - uses: actions/cache/save@v5 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5 with: key: dev-image-${{ github.run_id }} path: /tmp/dev-image.tar @@ -110,7 +110,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Create matrix id: scripts @@ -134,7 +134,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 - @@ -149,7 +149,7 @@ jobs: buildkitd-flags: --debug - name: Restore dev image - uses: actions/cache/restore@v5 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5 with: key: dev-image-${{ github.run_id }} path: /tmp/dev-image.tar @@ -175,7 +175,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Build api module image run: | @@ -197,7 +197,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Create matrix id: platforms @@ -237,7 +237,7 @@ jobs: buildkitd-flags: --debug - name: Test - uses: docker/bake-action@v7 + uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7 with: targets: binary-smoketest set: |