(kvrocks) branch unstable updated: chore(ci): use git-hash in actions for ASF actions approval list (#3400)

Tue, 24 Mar 2026 08:22:29 -0700 

This is an automated email from the ASF dual-hosted git repository.

edwardxu pushed a commit to branch unstable
in repository https://gitbox.apache.org/repos/asf/kvrocks.git


The following commit(s) were added to refs/heads/unstable by this push:
     new 73e202dc9 chore(ci): use git-hash in actions for ASF actions approval 
list (#3400)
73e202dc9 is described below

commit 73e202dc96fafa068a2caab9cbe3793fd61c7a4d
Author: Edward Xu <[email protected]>
AuthorDate: Tue Mar 24 23:21:32 2026 +0800

    chore(ci): use git-hash in actions for ASF actions approval list (#3400)
---
 .github/workflows/kvrocks.yaml |  4 ++--
 .github/workflows/nightly.yaml | 18 +++++++++---------
 .github/workflows/sonar.yaml   |  4 ++--
 3 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/kvrocks.yaml b/.github/workflows/kvrocks.yaml
index e554516d9..6e71eb1d8 100644
--- a/.github/workflows/kvrocks.yaml
+++ b/.github/workflows/kvrocks.yaml
@@ -331,7 +331,7 @@ jobs:
         if: ${{ matrix.sonarcloud }}
 
       - name: Install Build Wrapper
-        uses: SonarSource/sonarqube-scan-action/[email protected]
+        uses: 
SonarSource/sonarqube-scan-action/install-build-wrapper@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9
         if: ${{ matrix.sonarcloud }}
 
       - name: Build Kvrocks
@@ -468,7 +468,7 @@ jobs:
       - uses: actions/checkout@v6
       - name: Get core numbers
         run: echo "NPROC=$(nproc)" >> $GITHUB_ENV
-      - uses: docker/build-push-action@v7
+      - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294
         with:
           context: .
           build-args: MORE_BUILD_ARGS=-j${{ env.NPROC }}
diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml
index 561fd2b15..55cea81fe 100644
--- a/.github/workflows/nightly.yaml
+++ b/.github/workflows/nightly.yaml
@@ -48,26 +48,26 @@ jobs:
 
       - name: Docker meta
         id: meta
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf
         with:
           images: apache/kvrocks
 
       - name: Login to Docker Hub
         if: ${{ github.event_name != 'pull_request' }}
-        uses: docker/login-action@v3
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v4
+        uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: 
docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
 
       - name: Build and push by digest
         id: build
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294
         with:
           context: .
           platforms: ${{ matrix.platform }}
@@ -105,18 +105,18 @@ jobs:
           merge-multiple: true
 
       - name: Login to Docker Hub
-        uses: docker/login-action@v4
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: 
docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
 
       - name: Docker meta (for unstable)
         id: meta
         if: ${{ github.ref_name == 'unstable' }}
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf
         with:
           images: apache/kvrocks
           flavor: latest=false
@@ -127,7 +127,7 @@ jobs:
       - name: Docker meta (for tags)
         id: meta_tag
         if: ${{ github.ref_name != 'unstable' }}
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf
         with:
           images: apache/kvrocks
           flavor: latest=false
diff --git a/.github/workflows/sonar.yaml b/.github/workflows/sonar.yaml
index 9837bb47c..7ce752e45 100644
--- a/.github/workflows/sonar.yaml
+++ b/.github/workflows/sonar.yaml
@@ -34,7 +34,7 @@ jobs:
           ref: ${{ github.event.workflow_run.head_sha }}
           fetch-depth: 0
       - name: Install Build Wrapper
-        uses: SonarSource/sonarqube-scan-action/[email protected]
+        uses: 
SonarSource/sonarqube-scan-action/install-build-wrapper@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9
       - name: 'Download code coverage'
         uses: actions/github-script@v8
         with:
@@ -73,7 +73,7 @@ jobs:
           echo "The PR number is ${PR_NUMBER:-<none>}"
 
       - name: SonarQube Scan
-        uses: SonarSource/[email protected]
+        uses: 
SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}

Reply via email to