diff --git a/.github/workflows/new-deployment.yml b/.github/workflows/new-deployment.yml index d0af0c9..09f0266 100644 --- a/.github/workflows/new-deployment.yml +++ b/.github/workflows/new-deployment.yml @@ -1,12 +1,12 @@ name: Create New Deployment -# Trigger the workflow on push or pull request merge to main +# Trigger the workflow on push to main (covers PR merges) on: push: branches: [ main ] - pull_request: - branches: [ main ] - types: [ closed ] + +permissions: + contents: read # Set environment variables env: @@ -67,11 +67,11 @@ jobs: # Step 1: Set up Docker Buildx (advanced Docker build features) - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 # Step 2: Log in to Docker registry - name: Log in to Docker Hub - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.DOCKER_USERNAME }} @@ -80,7 +80,7 @@ jobs: # Step 3: Extract metadata for Docker tags and labels - name: Extract metadata id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | @@ -100,7 +100,7 @@ jobs: # Step 4: Build and push Docker image - name: Build and push Docker image - uses: docker/build-push-action@v5 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5 with: context: . file: ./Dockerfile # Path to your Dockerfile diff --git a/.github/workflows/new-revision.yml b/.github/workflows/new-revision.yml index 18b0983..8182724 100644 --- a/.github/workflows/new-revision.yml +++ b/.github/workflows/new-revision.yml @@ -1,12 +1,12 @@ name: Create New Revision -# Trigger the workflow on push to main +# Trigger the workflow on push to main (covers PR merges) on: push: branches: [ main ] - pull_request: - branches: [ main ] - types: [ closed ] + +permissions: + contents: read # Set environment variables env: @@ -66,10 +66,10 @@ jobs: uses: actions/checkout@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 - name: Log in to Docker Hub - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.DOCKER_USERNAME }} @@ -77,7 +77,7 @@ jobs: - name: Extract metadata id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | @@ -92,7 +92,7 @@ jobs: org.opencontainers.image.vendor=YourCompany - name: Build and push Docker image - uses: docker/build-push-action@v5 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5 with: context: . file: ./Dockerfile