aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

github-ci: pin actions to specific versions

Browse Source 
Resolve the GitHub scanning pinned-dependencies for most of our GitHub
actions.  The oss-fuzz actions have not been updated.
pull/6894/head
Jason Ish 4 years ago committed by Victor Julien
parent 1e1a4ab1c4
commit 234a44bf85
3 changed files with 58 additions and 58 deletions
Show Stats Download Patch File Download Diff File

106
.github/workflows/builds.yml vendored
Unescape Escape View File

@ -39,7 +39,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Cache ~/.cargo - name: Cache ~/.cargo
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo path: ~/.cargo
key: cargo key: cargo
@ -113,7 +113,7 @@ jobs:
- name: Cleaning up - name: Cleaning up
run: rm -rf libhtp suricata-update suricata-verify run: rm -rf libhtp suricata-update suricata-verify
- name: Uploading prep archive - name: Uploading prep archive
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2
with: with:
name: prep name: prep
path: . path: .
@ -123,7 +123,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Cache ~/.cargo - name: Cache ~/.cargo
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo path: ~/.cargo
key: cbindgen key: cbindgen
@ -137,7 +137,7 @@ jobs:
cargo install --target x86_64-unknown-linux-musl --debug cbindgen cargo install --target x86_64-unknown-linux-musl --debug cbindgen
cp $HOME/.cargo/bin/cbindgen . cp $HOME/.cargo/bin/cbindgen .
- name: Uploading prep archive - name: Uploading prep archive
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2
with: with:
name: prep name: prep
path: . path: .
@ -150,12 +150,12 @@ jobs:
steps: steps:
# Cache Rust stuff. # Cache Rust stuff.
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo/registry path: ~/.cargo/registry
key: cargo-registry key: cargo-registry
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
# Prebuild check for duplicat SIDs # Prebuild check for duplicat SIDs
- name: Check for duplicate SIDs - name: Check for duplicate SIDs
@ -168,7 +168,7 @@ jobs:
# Download and extract dependency archives created during prep # Download and extract dependency archives created during prep
# job. # job.
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -249,7 +249,7 @@ jobs:
run: | run: |
mkdir dist mkdir dist
mv suricata-*.tar.gz dist mv suricata-*.tar.gz dist
- uses: actions/upload-artifact@v1 - uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2
name: Uploading distribution name: Uploading distribution
with: with:
name: dist name: dist
@ -295,7 +295,7 @@ jobs:
which \ which \
zlib-devel zlib-devel
- name: Download suricata.tar.gz - name: Download suricata.tar.gz
uses: actions/download-artifact@v2 uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: dist name: dist
- run: tar zxvf suricata-*.tar.gz --strip-components=1 - run: tar zxvf suricata-*.tar.gz --strip-components=1
@ -312,7 +312,7 @@ jobs:
- run: make distcheck - run: make distcheck
- run: make clean - run: make clean
- run: make -j2 - run: make -j2
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -328,7 +328,7 @@ jobs:
# Cache Rust stuff. # Cache Rust stuff.
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo/registry path: ~/.cargo/registry
key: cargo-registry key: cargo-registry
@ -369,8 +369,8 @@ jobs:
sudo \ sudo \
which \ which \
zlib-devel zlib-devel
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -415,7 +415,7 @@ jobs:
# Cache Rust stuff. # Cache Rust stuff.
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo/registry path: ~/.cargo/registry
key: cargo-registry key: cargo-registry
@ -456,8 +456,8 @@ jobs:
sudo \ sudo \
which \ which \
zlib-devel zlib-devel
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -502,7 +502,7 @@ jobs:
# Cache Rust stuff. # Cache Rust stuff.
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo/registry path: ~/.cargo/registry
key: cargo-registry key: cargo-registry
@ -542,8 +542,8 @@ jobs:
sudo \ sudo \
which \ which \
zlib-devel zlib-devel
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -576,7 +576,7 @@ jobs:
# Cache Rust stuff. # Cache Rust stuff.
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo/registry path: ~/.cargo/registry
key: cargo-registry key: cargo-registry
@ -614,8 +614,8 @@ jobs:
sudo \ sudo \
which \ which \
zlib-devel zlib-devel
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -683,8 +683,8 @@ jobs:
exuberant-ctags \ exuberant-ctags \
curl \ curl \
dpdk-dev dpdk-dev
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -761,8 +761,8 @@ jobs:
exuberant-ctags \ exuberant-ctags \
curl \ curl \
dpdk-dev dpdk-dev
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -842,8 +842,8 @@ jobs:
time \ time \
wget \ wget \
dpdk-dev dpdk-dev
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -913,8 +913,8 @@ jobs:
zlib1g-dev \ zlib1g-dev \
exuberant-ctags \ exuberant-ctags \
dpdk-dev dpdk-dev
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -989,7 +989,7 @@ jobs:
- run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.33.0 -y - run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.33.0 -y
- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- name: Download suricata.tar.gz - name: Download suricata.tar.gz
uses: actions/download-artifact@v2 uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: dist name: dist
- run: tar zxvf suricata-*.tar.gz --strip-components=1 - run: tar zxvf suricata-*.tar.gz --strip-components=1
@ -1010,7 +1010,7 @@ jobs:
# Cache Rust stuff. # Cache Rust stuff.
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo/registry path: ~/.cargo/registry
key: cargo-registry key: cargo-registry
@ -1051,8 +1051,8 @@ jobs:
zlib1g \ zlib1g \
zlib1g-dev \ zlib1g-dev \
exuberant-ctags exuberant-ctags
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -1081,7 +1081,7 @@ jobs:
# Cache Rust stuff. # Cache Rust stuff.
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo/registry path: ~/.cargo/registry
key: cargo-registry key: cargo-registry
@ -1135,8 +1135,8 @@ jobs:
- name: Install Coccinelle - name: Install Coccinelle
run: | run: |
apt -y install coccinelle apt -y install coccinelle
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -1175,7 +1175,7 @@ jobs:
# Cache Rust stuff. # Cache Rust stuff.
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo/registry path: ~/.cargo/registry
key: cargo-registry key: cargo-registry
@ -1213,8 +1213,8 @@ jobs:
zlib1g \ zlib1g \
zlib1g-dev zlib1g-dev
- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -1266,7 +1266,7 @@ jobs:
run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain ${RUST_VERSION_MIN} -y run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain ${RUST_VERSION_MIN} -y
- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- name: Download suricata.tar.gz - name: Download suricata.tar.gz
uses: actions/download-artifact@v2 uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: dist name: dist
- name: Extract - name: Extract
@ -1289,7 +1289,7 @@ jobs:
steps: steps:
# Cache Rust stuff. # Cache Rust stuff.
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo/registry path: ~/.cargo/registry
key: cargo-registry key: cargo-registry
@ -1332,8 +1332,8 @@ jobs:
- name: Install Rust - name: Install Rust
run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain $RUST_VERSION_KNOWN -y run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain $RUST_VERSION_KNOWN -y
- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -1393,8 +1393,8 @@ jobs:
- name: Install Rust - name: Install Rust
run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain $RUST_VERSION_KNOWN -y run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain $RUST_VERSION_KNOWN -y
- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -1421,7 +1421,7 @@ jobs:
steps: steps:
# Cache Rust stuff. # Cache Rust stuff.
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo/registry path: ~/.cargo/registry
key: cargo-registry key: cargo-registry
@ -1446,9 +1446,9 @@ jobs:
run: cargo install --force --debug --version 0.14.1 cbindgen run: cargo install --force --debug --version 0.14.1 cbindgen
- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- run: pip3 install PyYAML - run: pip3 install PyYAML
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- name: Downloading prep archive - name: Downloading prep archive
uses: actions/download-artifact@v2 uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep
@ -1469,8 +1469,8 @@ jobs:
run: run:
shell: msys2 {0} shell: msys2 {0}
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: msys2/setup-msys2@v2 - uses: msys2/setup-msys2@fa138fa56e2558760b9f2205135313c7345c5f3f
with: with:
msystem: MINGW64 msystem: MINGW64
update: true update: true
@ -1479,8 +1479,8 @@ jobs:
# preinstalled one to be picked up by configure # preinstalled one to be picked up by configure
- name: cbindgen - name: cbindgen
run: cargo install --root /usr --force --debug --version 0.14.1 cbindgen run: cargo install --root /usr --force --debug --version 0.14.1 cbindgen
- uses: actions/checkout@v2 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with: with:
name: prep name: prep
path: prep path: prep

6
.github/workflows/commits.yml vendored
Unescape Escape View File

@ -13,7 +13,7 @@ jobs:
container: ubuntu:18.04 container: ubuntu:18.04
steps: steps:
- name: Caching ~/.cargo - name: Caching ~/.cargo
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo path: ~/.cargo
key: commit-check-cargo key: commit-check-cargo
@ -67,7 +67,7 @@ jobs:
cd $HOME/.cargo/bin cd $HOME/.cargo/bin
curl -OL https://github.com/eqrion/cbindgen/releases/download/v0.15.0/cbindgen curl -OL https://github.com/eqrion/cbindgen/releases/download/v0.15.0/cbindgen
chmod 755 cbindgen chmod 755 cbindgen
- uses: actions/checkout@v1 - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- run: git fetch - run: git fetch
- run: git clone https://github.com/OISF/libhtp -b 0.5.x - run: git clone https://github.com/OISF/libhtp -b 0.5.x
- name: Building all commits - name: Building all commits
@ -86,7 +86,7 @@ jobs:
make -ik distclean > /dev/null make -ik distclean > /dev/null
done done
- run: sccache -s - run: sccache -s
- uses: actions/upload-artifact@v2-preview - uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2
name: Uploading build log name: Uploading build log
if: always() if: always()
with: with:

4
.github/workflows/formatting.yml vendored
Unescape Escape View File

@ -22,7 +22,7 @@ jobs:
# Cache Rust stuff. # Cache Rust stuff.
- name: Cache cargo registry - name: Cache cargo registry
uses: actions/cache@v1 uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with: with:
path: ~/.cargo/registry path: ~/.cargo/registry
key: cargo-registry key: cargo-registry
@ -82,7 +82,7 @@ jobs:
# My patience simply ran too short to keep on looking. See follow-on # My patience simply ran too short to keep on looking. See follow-on
# action to manually fix this up. # action to manually fix this up.
- name: Checkout - might be merge commit! - name: Checkout - might be merge commit!
uses: actions/checkout@v1 uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
# Use last commit of branch, not potential merge commit! # Use last commit of branch, not potential merge commit!
# #
# This works perfectly well on pull requests within forked repos, but # This works perfectly well on pull requests within forked repos, but

Write Preview
Loading…
Cancel
Save