Merge pull request #244 from pablosnt/cicd/scheduled-docker-build

Build Docker images daily in CICD
pablosnt · Aug 3, 2023 · aeb0bb5 · aeb0bb5
2 parents f8d2175 + 2fab820
commit aeb0bb5
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 7 deletions.
diff --git a/.github/workflows/code-style.yml b/.github/workflows/code-style.yml
@@ -15,7 +15,7 @@ jobs:
           fetch-depth: 0
 
       - name: Flake8 check
-        uses: valentijnscholten/flake8-your-pr@master
+        uses: valentijnscholten/flake8-your-pr@8115e1590de049c223a7b629828cfa9354d8856e
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 

diff --git a/.github/workflows/security-containers.yml b/.github/workflows/security-containers.yml
@@ -1,6 +1,8 @@
 name: Containers
 on:
   workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'
   pull_request:
     paths:
       - 'docker/**'
@@ -21,31 +23,31 @@ jobs:
 
       - name: Scan Nginx image with Trivy
         continue-on-error: true
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@41f05d9ecffa2ed3f1580af306000f734b733e54
         with:
           image-ref: rekono-nginx
           format: table
           exit-code: 1
 
       - name: Scan Kali image with Trivy
         continue-on-error: true
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@41f05d9ecffa2ed3f1580af306000f734b733e54
         with:
           image-ref: rekono-kali
           format: table
           exit-code: 1
 
       - name: Scan Backend image with Trivy
         continue-on-error: true
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@41f05d9ecffa2ed3f1580af306000f734b733e54
         with:
           image-ref: rekono-backend
           format: table
           exit-code: 1
 
       - name: Scan Frontend image with Trivy
         continue-on-error: true
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@41f05d9ecffa2ed3f1580af306000f734b733e54
         with:
           image-ref: rekono-frontend
           format: table
@@ -77,7 +79,7 @@ jobs:
 
       - name: Scan Debian image with Trivy
         continue-on-error: true
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@41f05d9ecffa2ed3f1580af306000f734b733e54
         with:
           image-ref: rekono-debian
           format: table

diff --git a/.github/workflows/security-secrets.yml b/.github/workflows/security-secrets.yml
@@ -13,7 +13,7 @@ jobs:
         with:
           fetch-depth: 0
 
-      - uses: gitleaks/gitleaks-action@v2
+      - uses: gitleaks/gitleaks-action@1f2d10fb689bc07a5f56f48d6db61f5bbbe772fa
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           GITLEAKS_NOTIFY_USER_LIST: "@pablosnt"