From 07381b9dbc6ce1a8b9f49b4e4a8eca8e61dbd7b6 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 20 Dec 2024 22:36:49 +0000 Subject: [PATCH] deps: update github actions Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/actions/deploy-keptn-on-cluster/action.yml | 4 ++-- .github/workflows/CI.yaml | 12 ++++++------ .github/workflows/component-test.yml | 2 +- .github/workflows/e2e-test.yml | 2 +- .github/workflows/golangci-lint.yml | 2 +- .github/workflows/htmltest.yaml | 2 +- .github/workflows/integration-test-component.yml | 2 +- .github/workflows/integration-test.yml | 2 +- .github/workflows/load-test.yml | 6 +++--- .github/workflows/markdown-checks.yaml | 2 +- .github/workflows/release.yml | 8 ++++---- .github/workflows/scorecard.yml | 2 +- .github/workflows/security-scans.yml | 12 ++++++------ 13 files changed, 29 insertions(+), 29 deletions(-) diff --git a/.github/actions/deploy-keptn-on-cluster/action.yml b/.github/actions/deploy-keptn-on-cluster/action.yml index 36e7d31d21..1601e4a314 100644 --- a/.github/actions/deploy-keptn-on-cluster/action.yml +++ b/.github/actions/deploy-keptn-on-cluster/action.yml @@ -30,7 +30,7 @@ runs: using: "composite" steps: - name: Set up Go 1.x - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5 with: go-version: ${{ env.GO_VERSION }} cache: true @@ -43,7 +43,7 @@ runs: path: ~/download/artifacts - name: "Create single kind Cluster" - uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 + uses: helm/kind-action@ae94020eaf628e9b9b9f341a10cc0cdcf5c018fb # v1.11.0 with: cluster_name: ${{ inputs.cluster-name }} version: ${{ inputs.kind-version }} diff --git a/.github/workflows/CI.yaml b/.github/workflows/CI.yaml index 46351121d2..9a2ceaeb75 100644 --- a/.github/workflows/CI.yaml +++ b/.github/workflows/CI.yaml @@ -91,7 +91,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go 1.x - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5 with: go-version: ${{ env.GO_VERSION }} cache: true @@ -139,17 +139,17 @@ jobs: - name: Cache build tools id: cache-build-tools - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 with: path: ./${{ matrix.config.folder }}bin key: build-tools-${{ github.ref_name }} - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3 - name: Build Docker Image - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 with: context: ${{ matrix.config.folder }} platforms: linux/amd64,linux/arm64 @@ -168,7 +168,7 @@ jobs: outputs: type=oci,dest=/tmp/${{ matrix.config.name }}-image.tar - name: Upload image as artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: ${{ matrix.config.name }}-image.tar path: /tmp/${{ matrix.config.name }}-image.tar @@ -184,7 +184,7 @@ jobs: run: echo "" > tag - name: Upload tag for tests - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: dev-${{ env.DATETIME }} path: tag diff --git a/.github/workflows/component-test.yml b/.github/workflows/component-test.yml index 4fc3f4c86f..44233f4ad8 100644 --- a/.github/workflows/component-test.yml +++ b/.github/workflows/component-test.yml @@ -22,7 +22,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go 1.x - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5 with: go-version: ${{ env.GO_VERSION }} cache: true diff --git a/.github/workflows/e2e-test.yml b/.github/workflows/e2e-test.yml index 7cc01293af..6b5527d728 100644 --- a/.github/workflows/e2e-test.yml +++ b/.github/workflows/e2e-test.yml @@ -45,7 +45,7 @@ jobs: - name: Upload ${{ matrix.config.name }} cluster logs if: always() - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: logs-e2e-tests-${{ matrix.config.name }} path: .github/scripts/logs diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 6ee9a7d520..f0b29a1996 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -41,7 +41,7 @@ jobs: - name: Check out code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5 with: go-version: ${{ env.GO_VERSION }} check-latest: true diff --git a/.github/workflows/htmltest.yaml b/.github/workflows/htmltest.yaml index c6e9c1544a..f38b0005ef 100644 --- a/.github/workflows/htmltest.yaml +++ b/.github/workflows/htmltest.yaml @@ -31,7 +31,7 @@ jobs: fetch-depth: 0 - name: Cache HTMLTest packages - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 with: path: | tmp/.htmltest diff --git a/.github/workflows/integration-test-component.yml b/.github/workflows/integration-test-component.yml index b5b97d9563..43ac18324c 100644 --- a/.github/workflows/integration-test-component.yml +++ b/.github/workflows/integration-test-component.yml @@ -51,7 +51,7 @@ jobs: - name: Upload cluster logs if: failure() - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: logs-integration-tests-${{ inputs.type }} path: .github/scripts/logs diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index c44501a541..3f988e2147 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -52,7 +52,7 @@ jobs: - name: Upload cluster logs if: failure() - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: logs-integration-tests-${{ inputs.cert-manager-io-enabled }} path: .github/scripts/logs diff --git a/.github/workflows/load-test.yml b/.github/workflows/load-test.yml index 206bc84281..63bfeb8cad 100644 --- a/.github/workflows/load-test.yml +++ b/.github/workflows/load-test.yml @@ -28,7 +28,7 @@ jobs: - name: Cache build tools id: cache-build-tools - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 with: path: /usr/local/bin/kube-burner key: kube-burner-${{ env.KUBE_BURNER_VERSION }} @@ -57,7 +57,7 @@ jobs: - name: Upload results if: always() - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: load-tests-results path: ./collected-metrics @@ -69,7 +69,7 @@ jobs: - name: Upload cluster logs if: failure() - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: logs-load-tests path: .github/scripts/logs diff --git a/.github/workflows/markdown-checks.yaml b/.github/workflows/markdown-checks.yaml index c513c79c24..8725ec89ab 100644 --- a/.github/workflows/markdown-checks.yaml +++ b/.github/workflows/markdown-checks.yaml @@ -75,7 +75,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go 1.x - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5 with: go-version: ${{ env.GO_VERSION }} check-latest: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 87e3fe74dc..e75152c70d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -152,7 +152,7 @@ jobs: - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3 - name: Login to GitHub Container Registry uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 @@ -179,7 +179,7 @@ jobs: - name: Build Docker Image id: docker_build_image - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 with: context: ${{ matrix.config.folder }} platforms: linux/amd64,linux/arm64 @@ -215,7 +215,7 @@ jobs: output-file: ./sbom-${{ matrix.config.name }}.spdx.json - name: Attach SBOM to release - uses: softprops/action-gh-release@e7a8f85e1c67a31e6ed99a94b41bd0b71bbee6b8 # v2.0.9 + uses: softprops/action-gh-release@7b4da11513bf3f43f9999e90eabced41ab8bb048 # v2.2.0 with: tag_name: ${{ matrix.config.tagName }} files: ./sbom-${{ matrix.config.name }}.spdx.json @@ -234,7 +234,7 @@ jobs: ${{ env.IMAGE_NAME }}@${{ env.IMAGE_DIGEST }} - name: Upload verification log as artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: cosign-attest-verification-log path: ./cosign-attest-output.json diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index f62b97bb69..9cf25688a7 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/security-scans.yml b/.github/workflows/security-scans.yml index 2fc7b06a21..0be1e5dce3 100644 --- a/.github/workflows/security-scans.yml +++ b/.github/workflows/security-scans.yml @@ -65,14 +65,14 @@ jobs: path: ./dist - name: Upload tag - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: tag path: | ./dist/dev-*/ - name: Upload images - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: images path: | @@ -99,7 +99,7 @@ jobs: steps: - name: Set up Go if: matrix.tool == 'kubeconform' - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5 with: go-version: ${{ env.GO_VERSION }} check-latest: true @@ -157,7 +157,7 @@ jobs: - name: Upload KICS results if: always() && matrix.tool == 'kics' - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: kics-results path: results.json @@ -236,7 +236,7 @@ jobs: tar -xvf images/${{ matrix.image }}-image.tar/${{ matrix.image }}-image.tar -C images/${{ matrix.image }}-image.tar/ - name: Trivy image scan - uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 with: input: "images/${{ matrix.image }}-image.tar" severity: 'CRITICAL,HIGH' @@ -254,7 +254,7 @@ jobs: - "keptn-cert-manager" steps: - name: Set up Go 1.x - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5 with: cache-dependency-path: ${{ matrix.artifact }}/go.sum go-version: ${{ env.GO_VERSION }}