diff --git a/.github/workflows/build-docker-edge.yml b/.github/workflows/build-docker-edge.yml index 80e2fb1..c061371 100644 --- a/.github/workflows/build-docker-edge.yml +++ b/.github/workflows/build-docker-edge.yml @@ -11,6 +11,7 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 # required for github-action-get-previous-tag + persist-credentials: false - name: Set up QEMU uses: docker/setup-qemu-action@06116385d9baf250c9f4dcb4858b16962ea869c3 # v4.1.0 @@ -42,11 +43,14 @@ jobs: - name: Calculate next patch version id: next-version run: | - TAG="${{ steps.previous-tag.outputs.tag }}" + TAG="${STEPS_PREVIOUS_TAG_OUTPUTS_TAG}" VERSION="${TAG#v}" BASE="${VERSION%.*}" PATCH="${VERSION##*.}" - echo "version=v${BASE}.$((PATCH + 1))-${{ steps.short-sha.outputs.sha }}" >> "$GITHUB_OUTPUT" + echo "version=v${BASE}.$((PATCH + 1))-${STEPS_SHORT_SHA_OUTPUTS_SHA}" >> "$GITHUB_OUTPUT" + env: + STEPS_PREVIOUS_TAG_OUTPUTS_TAG: ${{ steps.previous-tag.outputs.tag }} + STEPS_SHORT_SHA_OUTPUTS_SHA: ${{ steps.short-sha.outputs.sha }} - name: Build and push uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0 diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml index 0d5e48a..f6fd30c 100644 --- a/.github/workflows/build-docker.yml +++ b/.github/workflows/build-docker.yml @@ -9,6 +9,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false - name: Set up QEMU uses: docker/setup-qemu-action@06116385d9baf250c9f4dcb4858b16962ea869c3 # v4.1.0 diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yml index 0b79599..a3103a2 100644 --- a/.github/workflows/build-release.yml +++ b/.github/workflows/build-release.yml @@ -22,12 +22,14 @@ jobs: goos: windows steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false # build the assets - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: 22 - - run: echo "Building assets for ${{ github.ref_name }}" + - run: echo "Building assets for ${GITHUB_REF_NAME}" - run: npm ci - run: npm run package diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 24af8c8..5504256 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,6 +39,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/tests-rqlite.yml b/.github/workflows/tests-rqlite.yml index b98200a..46f66b5 100644 --- a/.github/workflows/tests-rqlite.yml +++ b/.github/workflows/tests-rqlite.yml @@ -18,6 +18,8 @@ jobs: HTTP_ADV_ADDR: "localhost:4001" steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false - name: Setup Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index a4cede3..5ee70e8 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -17,6 +17,8 @@ jobs: go-version: ${{ matrix.go-version }} cache: false - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false - name: Set up Go environment uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 with: