This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-kamelets.git
The following commit(s) were added to refs/heads/main by this push:
new 053bf220 Github Actions Security Best practices: Pin Actions to Full
lenght Commit SHA - YAKS Tests Action (#2158)
053bf220 is described below
commit 053bf22046efbe29d1f3a86adf4b3b6e875949c3
Author: Andrea Cosentino <[email protected]>
AuthorDate: Tue Aug 20 14:40:23 2024 +0200
Github Actions Security Best practices: Pin Actions to Full lenght Commit
SHA - YAKS Tests Action (#2158)
---
.github/workflows/yaks-tests.yaml | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/yaks-tests.yaml
b/.github/workflows/yaks-tests.yaml
index 0fd5c9f5..4c38b929 100644
--- a/.github/workflows/yaks-tests.yaml
+++ b/.github/workflows/yaks-tests.yaml
@@ -40,16 +40,19 @@ concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
cancel-in-progress: true
+permissions: # added using https://github.com/step-security/secure-repo
+ contents: read
+
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Checkout code
- uses: actions/checkout@v4
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
- name: Set up JDK
- uses: actions/setup-java@v4
+ uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 #
v4.2.2
with:
distribution: 'temurin'
java-version: 17
@@ -74,7 +77,7 @@ jobs:
echo "Running YAKS tests for Kamelets"
./mvnw clean verify -pl :camel-kamelets-itest -Denable.yaks.tests
- - uses: actions/upload-artifact@v4
+ - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a #
v4.3.6
if: failure()
with:
name: dumps
