diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml index d73b510e5..512d707f5 100644 --- a/.github/workflows/deployment.yml +++ b/.github/workflows/deployment.yml @@ -50,9 +50,11 @@ jobs: with: go-version-file: 'go.mod' - name: Install GoReleaser - uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a + uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 with: - version: "~1.17.1" + # The version is pinned not only for security purposes, but also to avoid breaking + # our scripts, which rely on the specific file names generated by GoReleaser. + version: v2.13.1 install-only: true - name: Build release binaries env: @@ -103,9 +105,11 @@ jobs: security set-key-partition-list -S "apple-tool:,apple:,codesign:" -s -k "$keychain_password" "$keychain" rm "$RUNNER_TEMP/cert.p12" - name: Install GoReleaser - uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a + uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 with: - version: "~1.17.1" + # The version is pinned not only for security purposes, but also to avoid breaking + # our scripts, which rely on the specific file names generated by GoReleaser. + version: v2.13.1 install-only: true - name: Build release binaries env: @@ -157,9 +161,11 @@ jobs: with: go-version-file: 'go.mod' - name: Install GoReleaser - uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a + uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 with: - version: "~1.17.1" + # The version is pinned not only for security purposes, but also to avoid breaking + # our scripts, which rely on the specific file names generated by GoReleaser. + version: v2.13.1 install-only: true - name: Install Azure Code Signing Client shell: pwsh