Merge pull request #977 from hashicorp/tsccr-auto-pinning/trusted/202…

…3-07-21 SEC-090: Automated trusted workflow pinning (2023-07-21)
hashicorp · Jul 21, 2023 · e9ebcfd · e9ebcfd
2 parents 7e791b0 + e997bec
commit e9ebcfd
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 10 deletions.
diff --git a/.github/workflows/create-release-pr.yml b/.github/workflows/create-release-pr.yml
@@ -19,7 +19,7 @@ jobs:
     steps:
       - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
-      - uses: actions-ecosystem/action-get-latest-tag@v1  # TSCCR: no entry for repository "actions-ecosystem/action-get-latest-tag"
+      - uses: actions-ecosystem/action-get-latest-tag@b7c32daec3395a9616f88548363a42652b22d435 # v1.6.0
         id: get-latest-tag
         with:
           semver_only: true

diff --git a/.github/workflows/jira-issue-sync.yml b/.github/workflows/jira-issue-sync.yml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Login
-        uses: atlassian/gajira-login@45fd029b9f1d6d8926c6f04175aa80c0e42c9026 # v3
+        uses: atlassian/gajira-login@ca13f8850ea309cf44a6e4e0c49d9aa48ac3ca4c # v3
         env:
           JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
           JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
@@ -40,7 +40,7 @@ jobs:
       # Creates a new issue, only if this is a new PR or GH Issue, and only if an existing issue is not in the branch name
       - name: Create Issue
         if: github.event.action == 'opened' && steps.find-issue-in-branch.outputs.issue == null
-        uses: atlassian/gajira-create@59e177c4f6451399df5b4911c2211104f171e669 # v3
+        uses: atlassian/gajira-create@1ff0b6bd115a780592b47bfbb63fc4629132e6ec # v3
         with:
           project: "${{ inputs.project }}"
           issuetype: "GH Issue"
@@ -58,7 +58,7 @@ jobs:
 
       - name: Sync comment
         if: github.event.action == 'created' && steps.search.outputs.issue
-        uses: atlassian/gajira-comment@164913891625fe50e9836957902e0bf7d9ef99a8 # v3
+        uses: atlassian/gajira-comment@76589d6b6d0b94b1ca6b01171c01a6affb5d6701 # v3
         with:
           issue: ${{ steps.search.outputs.issue }}
           comment: "${{ github.actor }} ${{ github.event.review.state || 'commented' }}:\n\n${{ github.event.comment.body || github.event.review.body }}\n\n${{ github.event.comment.html_url || github.event.review.html_url }}"
@@ -78,7 +78,7 @@ jobs:
 
       - name: Reopen issue
         if: github.event.action == 'reopened' && steps.search.outputs.issue
-        uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3
+        uses: atlassian/gajira-transition@4749176faf14633954d72af7a44d7f2af01cc92b # v3
         with:
           issue: ${{ steps.search.outputs.issue }}
           transition: "Reopen"
diff --git a/.github/workflows/jira-pr-transition.yml b/.github/workflows/jira-pr-transition.yml
@@ -14,14 +14,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Login
-        uses: atlassian/gajira-login@45fd029b9f1d6d8926c6f04175aa80c0e42c9026 # v3
+        uses: atlassian/gajira-login@ca13f8850ea309cf44a6e4e0c49d9aa48ac3ca4c # v3
         env:
           JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
           JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
           JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
       - name: Find in branch name
         id: search
-        uses: atlassian/gajira-find-issue-key@7d11fdc500b3b69d3edd797e9f1d619b89f8dafc # v3
+        uses: atlassian/gajira-find-issue-key@7d9cbdfce900a0fcf608050ce728620a928be8b6 # v3
         with:
           string: ${{ github.head_ref }}
           from: ""
@@ -34,21 +34,21 @@ jobs:
 
       - name: Transition Drafts to In Progress
         if: steps.search.outputs.issue && github.event.pull_request.draft
-        uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3
+        uses: atlassian/gajira-transition@4749176faf14633954d72af7a44d7f2af01cc92b # v3
         with:
           issue: ${{ steps.search.outputs.issue }}
           transition: "In Progress"
 
       - name: Transition Opened to In Review
         if: steps.search.outputs.issue && !github.event.pull_request.draft && (github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'ready_for_review')
-        uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3
+        uses: atlassian/gajira-transition@4749176faf14633954d72af7a44d7f2af01cc92b # v3
         with:
           issue: ${{ steps.search.outputs.issue }}
           transition: "In Review"
 
       - name: Transition Merged to Closed
         if: steps.search.outputs.issue && github.event.action == 'closed' && github.event.pull_request.merged == true
-        uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3
+        uses: atlassian/gajira-transition@4749176faf14633954d72af7a44d7f2af01cc92b # v3
         with:
           issue: ${{ steps.search.outputs.issue }}
           transition: "Closed"