Skip to content

Commit a755285

Browse files
ezhang6811ezhang6811
committed
replace version tag with commit SHA for actions
1 parent 657fb80 commit a755285

File tree

1 file changed

+15
-15
lines changed

1 file changed

+15
-15
lines changed

.github/workflows/release-build.yml

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@ jobs:
6868
# https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests
6969

7070
- name: Upload SDK artifact
71-
uses: actions/upload-artifact@v4
71+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2
7272
with:
7373
name: ${{ env.ARTIFACT_NAME }}
7474
path: dist/${{ env.ARTIFACT_NAME }}
@@ -92,8 +92,8 @@ jobs:
9292
echo ${MATRIX}
9393
echo "aws_regions_json=${MATRIX}" >> $GITHUB_OUTPUT
9494
- name: Checkout Repo @ SHA - ${{ github.sha }}
95-
uses: actions/checkout@v4
96-
- uses: actions/setup-python@v5
95+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
96+
- uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c #v6.0.0
9797
with:
9898
python-version: '3.x'
9999
- name: Build layers
@@ -103,7 +103,7 @@ jobs:
103103
pip install tox
104104
tox
105105
- name: upload layer
106-
uses: actions/upload-artifact@v4
106+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2
107107
with:
108108
name: layer.zip
109109
path: lambda-layer/src/build/aws-opentelemetry-python-layer.zip
@@ -113,7 +113,7 @@ jobs:
113113
runs-on: ubuntu-latest
114114
steps:
115115
- name: Checkout Repo @ SHA - ${{ github.sha }}
116-
uses: actions/checkout@v4
116+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
117117

118118
- name: Configure AWS credentials for PyPI secrets
119119
uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0
@@ -158,7 +158,7 @@ jobs:
158158
run: pip install twine
159159

160160
- name: Download SDK artifact
161-
uses: actions/download-artifact@v4
161+
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0
162162
with:
163163
name: ${{ env.ARTIFACT_NAME }}
164164

@@ -227,7 +227,7 @@ jobs:
227227
fi
228228
SECRET_KEY=${SECRET_KEY//-/_}
229229
echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV
230-
- uses: aws-actions/configure-aws-credentials@v4.0.2
230+
- uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0
231231
with:
232232
role-to-assume: ${{ secrets[env.SECRET_KEY] }}
233233
role-duration-seconds: 1200
@@ -236,7 +236,7 @@ jobs:
236236
run: |
237237
echo BUCKET_NAME=python-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV
238238
- name: download layer.zip
239-
uses: actions/download-artifact@v4
239+
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0
240240
with:
241241
name: layer.zip
242242
- name: publish
@@ -274,7 +274,7 @@ jobs:
274274
--action lambda:GetLayerVersion
275275
- name: upload layer arn artifact
276276
if: ${{ success() }}
277-
uses: actions/upload-artifact@v4
277+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2
278278
with:
279279
name: ${{ env.LAYER_NAME }}-${{ matrix.aws_region }}
280280
path: ${{ env.LAYER_NAME }}/${{ matrix.aws_region }}
@@ -290,10 +290,10 @@ jobs:
290290
layer-note: ${{ steps.layer-note.outputs.layer-note }}
291291
steps:
292292
- name: Checkout Repo @ SHA - ${{ github.sha }}
293-
uses: actions/checkout@v4
294-
- uses: hashicorp/setup-terraform@v2
293+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
294+
- uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd #v3.1.2
295295
- name: download layerARNs
296-
uses: actions/download-artifact@v4
296+
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0
297297
with:
298298
pattern: ${{ env.LAYER_NAME }}-*
299299
path: ${{ env.LAYER_NAME }}
@@ -354,15 +354,15 @@ jobs:
354354
runs-on: ubuntu-latest
355355
steps:
356356
- name: Checkout Repo @ SHA - ${{ github.sha }}
357-
uses: actions/checkout@v4
357+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
358358

359359
- name: Download SDK artifact
360-
uses: actions/download-artifact@v4
360+
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0
361361
with:
362362
name: ${{ env.ARTIFACT_NAME }}
363363

364364
- name: Download layer.zip artifact
365-
uses: actions/download-artifact@v4
365+
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0
366366
with:
367367
name: layer.zip
368368

0 commit comments

Comments
 (0)