diff --git a/.github/workflows/app.yaml b/.github/workflows/app.yaml index 439cb0b..8dc9b8b 100644 --- a/.github/workflows/app.yaml +++ b/.github/workflows/app.yaml @@ -11,20 +11,20 @@ jobs: prepare: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: jdx/mise-action@v2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: jdx/mise-action@53d027c2e96fed8f955f5d95bff910a3e031cc58 # v2 with: version: 2024.10.7 install: true experimental: true - - uses: actions/setup-go@v5 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: '1.23.2' cache-dependency-path: 'app/go.sum' - run: go mod tidy - run: task gen - name: Save task cache - uses: actions/cache/save@v4 + uses: actions/cache/save@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: ./.task key: task-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('.task/checksum/*') }} @@ -35,21 +35,21 @@ jobs: needs: [prepare] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Restore task cache - uses: actions/cache/restore@v4 + uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: ./.task key: task-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('.task/checksum/*') }} - - uses: jdx/mise-action@v2 + - uses: jdx/mise-action@53d027c2e96fed8f955f5d95bff910a3e031cc58 # v2 with: version: 2024.10.7 install: false - - uses: actions/setup-go@v5 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: '1.23.2' cache-dependency-path: 'app/go.sum' - - uses: golangci/golangci-lint-action@v6 + - uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6 with: version: v1.61.0 working-directory: ./app @@ -59,17 +59,17 @@ jobs: needs: [prepare] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Restore task cache - uses: actions/cache/restore@v4 + uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: ./.task key: task-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('.task/checksum/*') }} - - uses: jdx/mise-action@v2 + - uses: jdx/mise-action@53d027c2e96fed8f955f5d95bff910a3e031cc58 # v2 with: version: 2024.10.7 install: false - - uses: actions/setup-go@v5 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: '1.23.2' cache-dependency-path: 'app/go.sum' @@ -79,17 +79,17 @@ jobs: needs: [prepare] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Restore task cache - uses: actions/cache/restore@v4 + uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: ./.task key: task-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('.task/checksum/*') }} - - uses: jdx/mise-action@v2 + - uses: jdx/mise-action@53d027c2e96fed8f955f5d95bff910a3e031cc58 # v2 with: version: 2024.10.7 install: false - - uses: actions/setup-go@v5 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: '1.23.2' cache-dependency-path: 'app/go.sum' diff --git a/app/Dockerfile b/app/Dockerfile index 44de05a..48beb6d 100644 --- a/app/Dockerfile +++ b/app/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.23.2 AS builder +FROM golang:1.23.2@sha256:ad5c126b5cf501a8caef751a243bb717ec204ab1aa56dc41dc11be089fafcb4f AS builder ARG LDFLAGS ENV LDFLAGS=${LDFLAGS} diff --git a/compose.yaml b/compose.yaml index c6a3fdc..27be445 100644 --- a/compose.yaml +++ b/compose.yaml @@ -31,7 +31,7 @@ services: DATABASE_CONNECTION_URI: postgresql://countup:countup@postgres:5432/countup postgres: - image: postgres:15.8-alpine + image: postgres:15.8-alpine@sha256:620dc79c45816cff4f38f0b49c71f15a3bc6bab9439ba1eea3a76d23ebcf1e4d labels: service: postgres component: primary @@ -77,7 +77,7 @@ services: - ./app/schema/migrations:/app/migrations postgres-exporter: - image: quay.io/prometheuscommunity/postgres-exporter:v0.15.0 + image: quay.io/prometheuscommunity/postgres-exporter:v0.15.0@sha256:386b12d19eab2a37d7cd8ca8b4c7491cc7a830d9581f49af6c98a393da9605e6 labels: service: postgres component: exporter @@ -94,7 +94,7 @@ services: DATA_SOURCE_PASS: countup grafana: - image: grafana/grafana:11.1.4 + image: grafana/grafana:11.1.4@sha256:886b56d5534e54f69a8cfcb4b8928da8fc753178a7a3d20c3f9b04b660169805 labels: service: grafana tier: monitoring @@ -111,7 +111,7 @@ services: - GF_INSTALL_PLUGINS=https://storage.googleapis.com/integration-artifacts/grafana-lokiexplore-app/grafana-lokiexplore-app-latest.zip;grafana-lokiexplore-app otel-collector: - image: otel/opentelemetry-collector-contrib:0.107.0 + image: otel/opentelemetry-collector-contrib:0.107.0@sha256:b65527791431d76d058b2813748a3f4a8912540d7b23beac2f6b4e02c872f5b7 labels: service: otel-collector tier: monitoring @@ -132,7 +132,7 @@ services: - ./infra/environments/local/compose/otel-collector/config.yaml:/etc/otel-collector/config.yaml promtail: - image: grafana/promtail:3.1.1 + image: grafana/promtail:3.1.1@sha256:48fba41d9f08c6a56a85b078529dc8550a1809d3e7a9674982e9e9bfbdc854c1 labels: service: promtail tier: monitoring @@ -149,7 +149,7 @@ services: - ./infra/environments/local/compose/promtail/config.yaml:/etc/promtail/config.yaml loki: - image: grafana/loki:3.1.1 + image: grafana/loki:3.1.1@sha256:e689cc634841c937de4d7ea6157f17e29cf257d6a320f1c293ab18d46cfea986 labels: service: loki tier: monitoring @@ -162,7 +162,7 @@ services: - ./infra/environments/local/compose/loki/config.yaml:/etc/loki/config.yaml tempo: - image: grafana/tempo:2.5.0 + image: grafana/tempo:2.5.0@sha256:f0200a9bff6d14eb3a4332194f7b77c37ee1a3535e7e41db024d95aab6f1b4e8 labels: service: tempo tier: monitoring @@ -175,7 +175,7 @@ services: - ./infra/environments/local/compose/tempo/config.yaml:/etc/tempo/config.yaml mimir: - image: grafana/mimir:2.13.0 + image: grafana/mimir:2.13.0@sha256:8bdec4684b1a8011d5f5f7710fcfd89c42139b181978325b65747e47376f40d7 labels: service: mimir tier: monitoring