fix: update Docker workflows to use specific action versions and improve test command security
This commit is contained in:
@@ -13,13 +13,13 @@ jobs:
|
||||
contents: read
|
||||
steps:
|
||||
- name: Checkout del código
|
||||
uses: actions/checkout@v6
|
||||
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
|
||||
- name: Configurar Python
|
||||
uses: actions/setup-python@v6
|
||||
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
|
||||
with:
|
||||
python-version: '3.14'
|
||||
- name: Configurar uv
|
||||
uses: astral-sh/setup-uv@v6
|
||||
uses: astral-sh/setup-uv@d0d8abe699bfb85fec6de9f7adb5ae17292296ff # v6
|
||||
- name: Instalar dependencias
|
||||
run: |
|
||||
uv sync --no-dev --no-install-project
|
||||
@@ -27,7 +27,7 @@ jobs:
|
||||
env:
|
||||
DJANGO_SETTINGS_MODULE: proyecto.settings
|
||||
run: |
|
||||
uv run python manage.py test
|
||||
SECRET_KEY=donotusethisinproductionitisunsafe uv run python manage.py test
|
||||
docker:
|
||||
runs-on: ubuntu-latest
|
||||
needs: test
|
||||
@@ -37,13 +37,13 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Checkout del código
|
||||
uses: actions/checkout@v6
|
||||
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
|
||||
|
||||
- name: Configurar Docker Buildx
|
||||
uses: docker/setup-buildx-action@v4
|
||||
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4
|
||||
|
||||
- name: Login en GHCR
|
||||
uses: docker/login-action@v4
|
||||
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
@@ -55,7 +55,7 @@ jobs:
|
||||
echo "IMAGE_TAG=$TAG" >> $GITHUB_ENV
|
||||
|
||||
- name: Build y Push
|
||||
uses: docker/build-push-action@v6
|
||||
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
|
||||
with:
|
||||
context: .
|
||||
push: true
|
||||
|
||||
Reference in New Issue
Block a user