diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml index 86f31f7..a8e052a 100644 --- a/.github/workflows/fossa.yml +++ b/.github/workflows/fossa.yml @@ -20,13 +20,13 @@ jobs: # The FOSSA token is shared between all repos in Rancher's GH org. It can be # used directly and there is no need to request specific access to EIO. - name: Read FOSSA token - uses: rancher-eio/read-vault-secrets@main + uses: rancher-eio/read-vault-secrets@0da85151ad1f19ed7986c41587e45aac1ace74b6 # v3 with: secrets: | secret/data/github/org/rancher/fossa/push token | FOSSA_API_KEY_PUSH_ONLY - name: FOSSA scan - uses: fossas/fossa-action@main + uses: fossas/fossa-action@c414b9ad82eaad041e47a7cf62a4f02411f427a0 # v1.8.0 with: api-key: ${{ env.FOSSA_API_KEY_PUSH_ONLY }} # Only runs the scan and do not provide/returns any results back to the diff --git a/.github/workflows/renovate-vault.yml b/.github/workflows/renovate-vault.yml index 52f6a5d..73fb9a3 100644 --- a/.github/workflows/renovate-vault.yml +++ b/.github/workflows/renovate-vault.yml @@ -22,7 +22,7 @@ permissions: jobs: call-workflow: - uses: rancher/renovate-config/.github/workflows/renovate-vault.yml@release + uses: rancher/renovate-config/.github/workflows/renovate-vault.yml@c88cbe41a49d02648b9bf83aa5a64902151323fa # release with: logLevel: ${{ inputs.logLevel || 'info' }} overrideSchedule: ${{ github.event.inputs.overrideSchedule == 'true' && '{''schedule'':null}' || '' }}