5 releases
0.2.2 | Mar 2, 2022 |
---|---|
0.2.1 | Dec 22, 2021 |
0.2.0 | Dec 19, 2021 |
0.1.1 | Dec 18, 2021 |
0.1.0 | Dec 17, 2021 |
#1295 in Cryptography
22KB
251 lines
actions-digest
A command-line utility to resolve GitHub Action steps from git-ref actions/checkout@v2
to commit-sha actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
, written in Rust.
Using the commit SHA of a released action version is the safest for stability and security.
Source: GitHub Documentation
Usage
Please mind that
actions-digest
is in its infancy and very limited. Once run, it can currently not update the workflow files with newer versions of the steps it first digested.
By default, actions-digest
will write the data to stdout
and its logs to stderr
:
actions-digest workflow.yaml
To replace the workflow file in-place:
actions-digest workflow.yaml | sponge workflow.yaml
sponge
is part of moreutils. It soaks up standard input to write it to a file.
If you want to keep a resolve log, write stderr
to a file like so:
actions-digest workflow.yaml 2> workflow.yaml.log | sponge workflow.yaml
To avoid running into GitHub API rate-limiting quickly, use a Personal Access Token (PAT):
export GITHUB_TOKEN=<PAT>
# or use -t|--github-token
actions-digest --github-token <PAT> workflow.yaml
Installation
From Source
Actions digest is written in Rust. If you have its toolchain installed, you can run this command to install:
Latest Release
cargo install actions-digest
Latest Development Release
cargo install --git 'https://github.com/hendrikmaus/actions-digest' --branch main
To uninstall, use cargo uninstall <name>
.
License
This project is released under the terms of the MIT license.
Dependencies
~11–29MB
~413K SLoC