diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 1aa6f66d6..a414f8a85 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -18,11 +18,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@515828d97454b8354517688ddc5b48402b723750 # v2.1.38 with: languages: ${{ matrix.language }} @@ -34,4 +34,4 @@ jobs: cd trunk && ./configure && make - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@515828d97454b8354517688ddc5b48402b723750 # v2.1.38 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d05a4b706..2b121e36a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,7 +16,7 @@ jobs: ################################################################################################################## # Git checkout - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # The github.ref is, for example, refs/tags/v6.0.145 or refs/tags/v6.0-r8 # Generate variables like: # SRS_TAG=v6.0-r8 @@ -54,7 +54,7 @@ jobs: ################################################################################################################## # Git checkout - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 ################################################################################################################## # Tests - name: Build test image @@ -77,7 +77,7 @@ jobs: steps: - name: Create release draft id: create_draft - uses: ncipollo/release-action@v1 + uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # v1.12.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -99,14 +99,14 @@ jobs: # See https://github.com/cygwin/cygwin-install-action#parameters # Note that https://github.com/egor-tensin/setup-cygwin fails to install packages. - name: Setup Cygwin - uses: cygwin/cygwin-install-action@master + uses: cygwin/cygwin-install-action@db475590d56881c6cef7b3f96f6f3dd9532ea1f4 # master with: platform: x86_64 packages: bash make gcc-g++ cmake automake patch pkg-config tcl unzip install-dir: C:\cygwin64 ################################################################################################################## - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 ################################################################################################################## - name: Covert output to env env: @@ -148,7 +148,7 @@ jobs: ################################################################################################################## - name: Upload Release Assets Cygwin id: upload-release-assets-cygwin - uses: dwenegar/upload-release-assets@v1 + uses: dwenegar/upload-release-assets@5bc3024cf83521df8ebfadf00ad0c4614fd59148 # v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -176,7 +176,7 @@ jobs: ################################################################################################################## # Git checkout - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 ################################################################################################################## # Create source tar for release. Note that it's for OpenWRT package srs-server, so the filename MUST be # srs-server-xxx.tar.gz, because the package is named srs-server. @@ -208,7 +208,7 @@ jobs: ################################################################################################################## - name: Upload Release Assets Packager id: upload-release-assets-packager - uses: dwenegar/upload-release-assets@v1 + uses: dwenegar/upload-release-assets@5bc3024cf83521df8ebfadf00ad0c4614fd59148 # v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -216,7 +216,7 @@ jobs: assets_path: ${{ env.SRS_PACKAGE_ZIP }} - name: Upload Release Assets Source id: upload-release-assets-source - uses: dwenegar/upload-release-assets@v1 + uses: dwenegar/upload-release-assets@5bc3024cf83521df8ebfadf00ad0c4614fd59148 # v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -244,18 +244,18 @@ jobs: ################################################################################################################## # Git checkout - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # See https://github.com/crazy-max/ghaction-docker-buildx#moved-to-docker-organization # https://github.com/docker/setup-qemu-action - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0 # https://github.com/docker/setup-buildx-action - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1 ################################################################################################################## # Create main images for Docker - name: Login to docker hub - uses: docker/login-action@v2 + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 with: username: "${{ secrets.DOCKER_USERNAME }}" password: "${{ secrets.DOCKER_PASSWORD }}" @@ -270,7 +270,7 @@ jobs: # Docker alias images # TODO: FIXME: If stable, please set the latest from 5.0 to 6.0 - name: Docker alias images for ossrs/srs - uses: akhilerm/tag-push-action@v2.1.0 + uses: akhilerm/tag-push-action@85bf542f43f5f2060ef76262a67ee3607cb6db37 # v2.1.0 with: src: ossrs/srs:${{ env.SRS_TAG }} dst: | @@ -294,13 +294,13 @@ jobs: # Aliyun ACR # TODO: FIXME: If stable, please set the latest from 5.0 to 6.0 - name: Login aliyun hub - uses: docker/login-action@v2 + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 with: registry: registry.cn-hangzhou.aliyuncs.com username: "${{ secrets.ACR_USERNAME }}" password: "${{ secrets.ACR_PASSWORD }}" - name: Push to Aliyun registry for ossrs/srs - uses: akhilerm/tag-push-action@v2.1.0 + uses: akhilerm/tag-push-action@85bf542f43f5f2060ef76262a67ee3607cb6db37 # v2.1.0 with: src: ossrs/srs:${{ env.SRS_TAG }} dst: | @@ -325,7 +325,7 @@ jobs: ################################################################################################################## # Git checkout - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 ################################################################################################################## # Generate variables like: # SRS_LH_OSSRS_NET=1.2.3.4 @@ -336,7 +336,7 @@ jobs: echo "SRS_LH_OSSRS_NET=$SRS_LH_OSSRS_NET" >> $GITHUB_ENV echo "SRS_D_OSSRS_NET=$SRS_D_OSSRS_NET" >> $GITHUB_ENV - name: Release to lh.ossrs.net - uses: appleboy/ssh-action@master + uses: appleboy/ssh-action@c1965ddd2563844fddc1ec01cafc798365706143 # master with: host: ${{ env.SRS_LH_OSSRS_NET }} username: root @@ -355,7 +355,7 @@ jobs: echo "Remove image $image, r0=$?" done - name: Release to d.ossrs.net - uses: appleboy/ssh-action@master + uses: appleboy/ssh-action@c1965ddd2563844fddc1ec01cafc798365706143 # master with: host: ${{ env.SRS_D_OSSRS_NET }} username: root @@ -400,13 +400,13 @@ jobs: ################################################################################################################## # Git checkout - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # Create release. # TODO: FIXME: Refine the release when 6.0 released # TODO: FIXME: Change prerelease to false when 6.0 released - name: Update release id: update_release - uses: ncipollo/release-action@v1 + uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # v1.12.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 26a34bd48..ba6d82d9a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -32,7 +32,7 @@ jobs: tar jcf /srs/objs.tar.bz2 objs && pwd && du -sh * ################################################################################################################## - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: srs-cache path: objs.tar.bz2 @@ -47,20 +47,20 @@ jobs: # See https://github.com/cygwin/cygwin-install-action#parameters # Note that https://github.com/egor-tensin/setup-cygwin fails to install packages. - name: Setup Cygwin - uses: cygwin/cygwin-install-action@master + uses: cygwin/cygwin-install-action@db475590d56881c6cef7b3f96f6f3dd9532ea1f4 # master with: platform: x86_64 packages: bash make gcc-g++ cmake automake patch pkg-config tcl unzip install-dir: C:\cygwin64 ################################################################################################################## - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 ################################################################################################################## # Note that we must download artifact after checkout code, because it will change the files in workspace. - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: srs-cache - - uses: geekyeggo/delete-artifact@v2 + - uses: geekyeggo/delete-artifact@54ab544f12cdb7b71613a16a2b5a37a9ade990af # v2.0.0 with: name: srs-cache ################################################################################################################## @@ -83,7 +83,7 @@ jobs: - fast steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # Build for CentOS 7 - name: Build on CentOS7, baseline run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target centos7-baseline . @@ -103,7 +103,7 @@ jobs: - fast steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # Build for Ubuntu16 - name: Build on Ubuntu16, baseline run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target ubuntu16-baseline . @@ -117,7 +117,7 @@ jobs: - fast steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # Build for Ubuntu18 - name: Build on Ubuntu18, baseline run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target ubuntu18-baseline . @@ -131,7 +131,7 @@ jobs: - fast steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # Build for Ubuntu20 - name: Build on Ubuntu20, baseline run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target ubuntu20-baseline . @@ -145,7 +145,7 @@ jobs: - fast steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 - name: Cross Build for ARMv7 on Ubuntu16 run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target ubuntu16-cross-armv7 . - name: Cross Build for ARMv7 on Ubuntu20 @@ -158,7 +158,7 @@ jobs: - fast steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 - name: Cross Build for AARCH64 on Ubuntu16 run: DOCKER_BUILDKIT=1 docker build -f trunk/Dockerfile.builds --target ubuntu16-cross-aarch64 . - name: Cross Build for AARCH64 on Ubuntu20 @@ -169,7 +169,7 @@ jobs: name: utest-regression-blackbox-test steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # Tests - name: Build test image run: docker build --tag srs:test --build-arg MAKEARGS='-j2' -f trunk/Dockerfile.test . @@ -199,7 +199,7 @@ jobs: - fast steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # Tests - name: Build coverage image run: docker build --tag srs:cov --build-arg MAKEARGS='-j2' -f trunk/Dockerfile.cov . @@ -230,14 +230,14 @@ jobs: name: multiple-arch-armv7 steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # See https://github.com/crazy-max/ghaction-docker-buildx#moved-to-docker-organization # https://github.com/docker/setup-qemu-action - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0 # https://github.com/docker/setup-buildx-action - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1 - name: Build multiple archs image run: | docker buildx build --platform linux/arm/v7 \ @@ -251,14 +251,14 @@ jobs: name: multiple-arch-aarch64 steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # See https://github.com/crazy-max/ghaction-docker-buildx#moved-to-docker-organization # https://github.com/docker/setup-qemu-action - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0 # https://github.com/docker/setup-buildx-action - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1 - name: Build multiple archs image run: | docker buildx build --platform linux/arm64/v8 \ @@ -274,14 +274,14 @@ jobs: - fast steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 # See https://github.com/crazy-max/ghaction-docker-buildx#moved-to-docker-organization # https://github.com/docker/setup-qemu-action - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0 # https://github.com/docker/setup-buildx-action - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1 - name: Build multiple archs image run: | docker buildx build --platform linux/amd64 \