mirror of
https://github.com/ossrs/srs.git
synced 2025-03-09 15:49:59 +00:00
Scorecard: Pin some github actions.
This commit is contained in:
winlin
parent
09b302e1ab
commit
35fd9be863
3 changed files with 46 additions and 46 deletions
6
.github/workflows/codeql-analysis.yml
vendored
6
.github/workflows/codeql-analysis.yml
vendored
|
|
@ -18,11 +18,11 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2
|
||||
uses: github/codeql-action/init@515828d97454b8354517688ddc5b48402b723750 # v2.1.38
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
|
||||
|
|
@ -34,4 +34,4 @@ jobs:
|
|||
cd trunk && ./configure && make
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2
|
||||
uses: github/codeql-action/analyze@515828d97454b8354517688ddc5b48402b723750 # v2.1.38
|
||||
|
|
|
|||
42
.github/workflows/release.yml
vendored
42
.github/workflows/release.yml
vendored
|
|
@ -16,7 +16,7 @@ jobs:
|
|||
##################################################################################################################
|
||||
# Git checkout
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# The github.ref is, for example, refs/tags/v6.0.145 or refs/tags/v6.0-r8
|
||||
# Generate variables like:
|
||||
# SRS_TAG=v6.0-r8
|
||||
|
|
@ -54,7 +54,7 @@ jobs:
|
|||
##################################################################################################################
|
||||
# Git checkout
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
##################################################################################################################
|
||||
# Tests
|
||||
- name: Build test image
|
||||
|
|
@ -77,7 +77,7 @@ jobs:
|
|||
steps:
|
||||
- name: Create release draft
|
||||
id: create_draft
|
||||
uses: ncipollo/release-action@v1
|
||||
uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # v1.12.0
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
|
|
@ -99,14 +99,14 @@ jobs:
|
|||
# See https://github.com/cygwin/cygwin-install-action#parameters
|
||||
# Note that https://github.com/egor-tensin/setup-cygwin fails to install packages.
|
||||
- name: Setup Cygwin
|
||||
uses: cygwin/cygwin-install-action@master
|
||||
uses: cygwin/cygwin-install-action@db475590d56881c6cef7b3f96f6f3dd9532ea1f4 # master
|
||||
with:
|
||||
platform: x86_64
|
||||
packages: bash make gcc-g++ cmake automake patch pkg-config tcl unzip
|
||||
install-dir: C:\cygwin64
|
||||
##################################################################################################################
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
##################################################################################################################
|
||||
- name: Covert output to env
|
||||
env:
|
||||
|
|
@ -148,7 +148,7 @@ jobs:
|
|||
##################################################################################################################
|
||||
- name: Upload Release Assets Cygwin
|
||||
id: upload-release-assets-cygwin
|
||||
uses: dwenegar/upload-release-assets@v1
|
||||
uses: dwenegar/upload-release-assets@5bc3024cf83521df8ebfadf00ad0c4614fd59148 # v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
|
|
@ -176,7 +176,7 @@ jobs:
|
|||
##################################################################################################################
|
||||
# Git checkout
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
##################################################################################################################
|
||||
# Create source tar for release. Note that it's for OpenWRT package srs-server, so the filename MUST be
|
||||
# srs-server-xxx.tar.gz, because the package is named srs-server.
|
||||
|
|
@ -208,7 +208,7 @@ jobs:
|
|||
##################################################################################################################
|
||||
- name: Upload Release Assets Packager
|
||||
id: upload-release-assets-packager
|
||||
uses: dwenegar/upload-release-assets@v1
|
||||
uses: dwenegar/upload-release-assets@5bc3024cf83521df8ebfadf00ad0c4614fd59148 # v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
|
|
@ -216,7 +216,7 @@ jobs:
|
|||
assets_path: ${{ env.SRS_PACKAGE_ZIP }}
|
||||
- name: Upload Release Assets Source
|
||||
id: upload-release-assets-source
|
||||
uses: dwenegar/upload-release-assets@v1
|
||||
uses: dwenegar/upload-release-assets@5bc3024cf83521df8ebfadf00ad0c4614fd59148 # v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
|
|
@ -244,18 +244,18 @@ jobs:
|
|||
##################################################################################################################
|
||||
# Git checkout
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# See https://github.com/crazy-max/ghaction-docker-buildx#moved-to-docker-organization
|
||||
# https://github.com/docker/setup-qemu-action
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v2
|
||||
uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
|
||||
# https://github.com/docker/setup-buildx-action
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1
|
||||
##################################################################################################################
|
||||
# Create main images for Docker
|
||||
- name: Login to docker hub
|
||||
uses: docker/login-action@v2
|
||||
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
|
||||
with:
|
||||
username: "${{ secrets.DOCKER_USERNAME }}"
|
||||
password: "${{ secrets.DOCKER_PASSWORD }}"
|
||||
|
|
@ -270,7 +270,7 @@ jobs:
|
|||
# Docker alias images
|
||||
# TODO: FIXME: If stable, please set the latest from 5.0 to 6.0
|
||||
- name: Docker alias images for ossrs/srs
|
||||
uses: akhilerm/tag-push-action@v2.1.0
|
||||
uses: akhilerm/tag-push-action@85bf542f43f5f2060ef76262a67ee3607cb6db37 # v2.1.0
|
||||
with:
|
||||
src: ossrs/srs:${{ env.SRS_TAG }}
|
||||
dst: |
|
||||
|
|
@ -294,13 +294,13 @@ jobs:
|
|||
# Aliyun ACR
|
||||
# TODO: FIXME: If stable, please set the latest from 5.0 to 6.0
|
||||
- name: Login aliyun hub
|
||||
uses: docker/login-action@v2
|
||||
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
|
||||
with:
|
||||
registry: registry.cn-hangzhou.aliyuncs.com
|
||||
username: "${{ secrets.ACR_USERNAME }}"
|
||||
password: "${{ secrets.ACR_PASSWORD }}"
|
||||
- name: Push to Aliyun registry for ossrs/srs
|
||||
uses: akhilerm/tag-push-action@v2.1.0
|
||||
uses: akhilerm/tag-push-action@85bf542f43f5f2060ef76262a67ee3607cb6db37 # v2.1.0
|
||||
with:
|
||||
src: ossrs/srs:${{ env.SRS_TAG }}
|
||||
dst: |
|
||||
|
|
@ -325,7 +325,7 @@ jobs:
|
|||
##################################################################################################################
|
||||
# Git checkout
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
##################################################################################################################
|
||||
# Generate variables like:
|
||||
# SRS_LH_OSSRS_NET=1.2.3.4
|
||||
|
|
@ -336,7 +336,7 @@ jobs:
|
|||
echo "SRS_LH_OSSRS_NET=$SRS_LH_OSSRS_NET" >> $GITHUB_ENV
|
||||
echo "SRS_D_OSSRS_NET=$SRS_D_OSSRS_NET" >> $GITHUB_ENV
|
||||
- name: Release to lh.ossrs.net
|
||||
uses: appleboy/ssh-action@master
|
||||
uses: appleboy/ssh-action@c1965ddd2563844fddc1ec01cafc798365706143 # master
|
||||
with:
|
||||
host: ${{ env.SRS_LH_OSSRS_NET }}
|
||||
username: root
|
||||
|
|
@ -355,7 +355,7 @@ jobs:
|
|||
echo "Remove image $image, r0=$?"
|
||||
done
|
||||
- name: Release to d.ossrs.net
|
||||
uses: appleboy/ssh-action@master
|
||||
uses: appleboy/ssh-action@c1965ddd2563844fddc1ec01cafc798365706143 # master
|
||||
with:
|
||||
host: ${{ env.SRS_D_OSSRS_NET }}
|
||||
username: root
|
||||
|
|
@ -400,13 +400,13 @@ jobs:
|
|||
##################################################################################################################
|
||||
# Git checkout
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# Create release.
|
||||
# TODO: FIXME: Refine the release when 6.0 released
|
||||
# TODO: FIXME: Change prerelease to false when 6.0 released
|
||||
- name: Update release
|
||||
id: update_release
|
||||
uses: ncipollo/release-action@v1
|
||||
uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # v1.12.0
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
|
|
|
|||
44
.github/workflows/test.yml
vendored
44
.github/workflows/test.yml
vendored
|
|
@ -32,7 +32,7 @@ jobs:
|
|||
tar jcf /srs/objs.tar.bz2 objs &&
|
||||
pwd && du -sh *
|
||||
##################################################################################################################
|
||||
- uses: actions/upload-artifact@v3
|
||||
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
||||
with:
|
||||
name: srs-cache
|
||||
path: objs.tar.bz2
|
||||
|
|
@ -47,20 +47,20 @@ jobs:
|
|||
# See https://github.com/cygwin/cygwin-install-action#parameters
|
||||
# Note that https://github.com/egor-tensin/setup-cygwin fails to install packages.
|
||||
- name: Setup Cygwin
|
||||
uses: cygwin/cygwin-install-action@master
|
||||
uses: cygwin/cygwin-install-action@db475590d56881c6cef7b3f96f6f3dd9532ea1f4 # master
|
||||
with:
|
||||
platform: x86_64
|
||||
packages: bash make gcc-g++ cmake automake patch pkg-config tcl unzip
|
||||
install-dir: C:\cygwin64
|
||||
##################################################################################################################
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
##################################################################################################################
|
||||
# Note that we must download artifact after checkout code, because it will change the files in workspace.
|
||||
- uses: actions/download-artifact@v3
|
||||
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
||||
with:
|
||||
name: srs-cache
|
||||
- uses: geekyeggo/delete-artifact@v2
|
||||
- uses: geekyeggo/delete-artifact@54ab544f12cdb7b71613a16a2b5a37a9ade990af # v2.0.0
|
||||
with:
|
||||
name: srs-cache
|
||||
##################################################################################################################
|
||||
|
|
@ -83,7 +83,7 @@ jobs:
|
|||
- fast
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# Build for CentOS 7
|
||||
- name: Build on CentOS7, baseline
|
||||
run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target centos7-baseline .
|
||||
|
|
@ -103,7 +103,7 @@ jobs:
|
|||
- fast
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# Build for Ubuntu16
|
||||
- name: Build on Ubuntu16, baseline
|
||||
run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target ubuntu16-baseline .
|
||||
|
|
@ -117,7 +117,7 @@ jobs:
|
|||
- fast
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# Build for Ubuntu18
|
||||
- name: Build on Ubuntu18, baseline
|
||||
run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target ubuntu18-baseline .
|
||||
|
|
@ -131,7 +131,7 @@ jobs:
|
|||
- fast
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# Build for Ubuntu20
|
||||
- name: Build on Ubuntu20, baseline
|
||||
run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target ubuntu20-baseline .
|
||||
|
|
@ -145,7 +145,7 @@ jobs:
|
|||
- fast
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
- name: Cross Build for ARMv7 on Ubuntu16
|
||||
run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target ubuntu16-cross-armv7 .
|
||||
- name: Cross Build for ARMv7 on Ubuntu20
|
||||
|
|
@ -158,7 +158,7 @@ jobs:
|
|||
- fast
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
- name: Cross Build for AARCH64 on Ubuntu16
|
||||
run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target ubuntu16-cross-aarch64 .
|
||||
- name: Cross Build for AARCH64 on Ubuntu20
|
||||
|
|
@ -169,7 +169,7 @@ jobs:
|
|||
name: utest-regression-blackbox-test
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# Tests
|
||||
- name: Build test image
|
||||
run: docker build --tag srs:test --build-arg MAKEARGS='-j2' -f trunk/Dockerfile.test .
|
||||
|
|
@ -199,7 +199,7 @@ jobs:
|
|||
- fast
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# Tests
|
||||
- name: Build coverage image
|
||||
run: docker build --tag srs:cov --build-arg MAKEARGS='-j2' -f trunk/Dockerfile.cov .
|
||||
|
|
@ -230,14 +230,14 @@ jobs:
|
|||
name: multiple-arch-armv7
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# See https://github.com/crazy-max/ghaction-docker-buildx#moved-to-docker-organization
|
||||
# https://github.com/docker/setup-qemu-action
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v2
|
||||
uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
|
||||
# https://github.com/docker/setup-buildx-action
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1
|
||||
- name: Build multiple archs image
|
||||
run: |
|
||||
docker buildx build --platform linux/arm/v7 \
|
||||
|
|
@ -251,14 +251,14 @@ jobs:
|
|||
name: multiple-arch-aarch64
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# See https://github.com/crazy-max/ghaction-docker-buildx#moved-to-docker-organization
|
||||
# https://github.com/docker/setup-qemu-action
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v2
|
||||
uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
|
||||
# https://github.com/docker/setup-buildx-action
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1
|
||||
- name: Build multiple archs image
|
||||
run: |
|
||||
docker buildx build --platform linux/arm64/v8 \
|
||||
|
|
@ -274,14 +274,14 @@ jobs:
|
|||
- fast
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
# See https://github.com/crazy-max/ghaction-docker-buildx#moved-to-docker-organization
|
||||
# https://github.com/docker/setup-qemu-action
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v2
|
||||
uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
|
||||
# https://github.com/docker/setup-buildx-action
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1
|
||||
- name: Build multiple archs image
|
||||
run: |
|
||||
docker buildx build --platform linux/amd64 \
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue