From bb36ba7da5c1e8be86ad52c106657777295e9383 Mon Sep 17 00:00:00 2001 From: "syself-bot[bot]" <115953087+syself-bot[bot]@users.noreply.github.com> Date: Sun, 6 Oct 2024 11:02:45 +0000 Subject: [PATCH] :seedling: Update github-actions group | datasource | package | from | to | | ----------- | -------------------------- | -------- | ------- | | github-tags | actions/cache | v4.0.2 | v4.1.0 | | github-tags | actions/checkout | v4.1.7 | v4.2.0 | | github-tags | actions/upload-artifact | v4.3.6 | v4.4.0 | | github-tags | docker/build-push-action | v6.7.0 | v6.9.0 | | github-tags | docker/setup-buildx-action | v3.6.1 | v3.7.1 | | github-tags | renovatebot/github-action | v40.2.11 | v40.3.1 | | github-tags | sigstore/cosign-installer | v3.6.0 | v3.7.0 | --- .github/actions/e2e/action.yaml | 2 +- .github/actions/manager-image/action.yaml | 8 ++++---- .github/actions/test-release/action.yaml | 2 +- .github/workflows/build.yml | 14 +++++++------- .github/workflows/main-promote-builder-image.yml | 2 +- .github/workflows/pr-e2e.yaml | 2 +- .github/workflows/pr-lint.yml | 2 +- .github/workflows/pr-verify.yml | 6 +++--- .github/workflows/release.yml | 8 ++++---- .github/workflows/report-bin-size.yml | 4 ++-- .../schedule-cache-cleaner-caph-image.yml | 2 +- .github/workflows/schedule-scan-image.yml | 2 +- .github/workflows/schedule-update-bot.yaml | 6 +++--- .github/workflows/test.yml | 4 ++-- 14 files changed, 32 insertions(+), 32 deletions(-) diff --git a/.github/actions/e2e/action.yaml b/.github/actions/e2e/action.yaml index 28a1c8ef6..8124e1794 100644 --- a/.github/actions/e2e/action.yaml +++ b/.github/actions/e2e/action.yaml @@ -80,7 +80,7 @@ runs: CAPH_LATEST_VERSION: "v1.0.0-beta.26" run: make ${{ inputs.e2e_make_target }} - name: Upload artifact - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4 if: ${{ always() }} with: name: e2e-${{ inputs.e2e_name }} diff --git a/.github/actions/manager-image/action.yaml b/.github/actions/manager-image/action.yaml index 65f514752..4bd11c0a1 100644 --- a/.github/actions/manager-image/action.yaml +++ b/.github/actions/manager-image/action.yaml @@ -8,7 +8,7 @@ runs: using: "composite" steps: - name: Set up Docker Buildx - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Login to ghcr.io for CI uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 @@ -26,7 +26,7 @@ runs: # Load Golang cache build from GitHub - name: Load Caph Golang cache build from GitHub - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + uses: actions/cache@2cdf405574d6ef1f33a1d12acccd3ae82f47b3f2 # v4.1.0 id: cache with: path: /tmp/.cache/caph @@ -44,7 +44,7 @@ runs: # Import GitHub's cache build to docker cache - name: Copy Caph Golang cache to docker cache - uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: provenance: false context: /tmp/.cache/caph @@ -54,7 +54,7 @@ runs: target: import-cache - name: Build and push manager image - uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6 with: provenance: false context: . diff --git a/.github/actions/test-release/action.yaml b/.github/actions/test-release/action.yaml index d1cab2093..5798b277a 100644 --- a/.github/actions/test-release/action.yaml +++ b/.github/actions/test-release/action.yaml @@ -25,7 +25,7 @@ runs: TAG: ${{ steps.meta.outputs.version }} run: make test-release - name: Upload artifact - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4 with: name: test-release path: out diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 661b93d6e..df368c2c7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -35,7 +35,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3 - name: Generate metadata id: meta @@ -52,7 +52,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Install Cosign - uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0 + uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install Bom shell: bash @@ -70,7 +70,7 @@ jobs: # Load Golang cache build from GitHub - name: Load Caph Golang cache build from GitHub - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + uses: actions/cache@2cdf405574d6ef1f33a1d12acccd3ae82f47b3f2 # v4.1.0 id: cache with: path: /tmp/.cache/caph @@ -88,7 +88,7 @@ jobs: # Import GitHub's cache build to docker cache - name: Copy Caph Golang cache to docker cache - uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: provenance: false context: /tmp/.cache/caph @@ -98,7 +98,7 @@ jobs: target: import-cache - name: Build and push manager image - uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6 id: docker_build_release with: provenance: false @@ -141,7 +141,7 @@ jobs: # Upload artifact digests - name: Upload artifact digests - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: image-digest caph path: image-digest @@ -150,7 +150,7 @@ jobs: # Store docker's golang's cache build locally only on the main branch - name: Store Caph Golang cache build locally if: ${{ steps.cache.outputs.cache-hit != 'true' }} - uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: provenance: false context: . diff --git a/.github/workflows/main-promote-builder-image.yml b/.github/workflows/main-promote-builder-image.yml index f1d13a4c8..1e176e019 100644 --- a/.github/workflows/main-promote-builder-image.yml +++ b/.github/workflows/main-promote-builder-image.yml @@ -16,7 +16,7 @@ jobs: password: ${{ secrets.github_token }} steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Fixup git permissions # https://github.com/actions/checkout/issues/766 shell: bash diff --git a/.github/workflows/pr-e2e.yaml b/.github/workflows/pr-e2e.yaml index 1c3bfd4d0..e735c4578 100644 --- a/.github/workflows/pr-e2e.yaml +++ b/.github/workflows/pr-e2e.yaml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 diff --git a/.github/workflows/pr-lint.yml b/.github/workflows/pr-lint.yml index dae1788d5..c8481baaf 100644 --- a/.github/workflows/pr-lint.yml +++ b/.github/workflows/pr-lint.yml @@ -29,7 +29,7 @@ jobs: password: ${{ secrets.github_token }} steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 diff --git a/.github/workflows/pr-verify.yml b/.github/workflows/pr-verify.yml index da96aeff0..135f76933 100644 --- a/.github/workflows/pr-verify.yml +++ b/.github/workflows/pr-verify.yml @@ -16,7 +16,7 @@ jobs: github_token: ${{ secrets.GITHUB_TOKEN }} - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: ref: ${{ github.event.pull_request.head.sha }} @@ -29,7 +29,7 @@ jobs: - name: Verify Starlark run: make verify-starlark - - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4 + - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 with: node-version: "18" - name: Install renovate @@ -42,7 +42,7 @@ jobs: done - name: Generate Token - uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1 + uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1 id: generate-token with: app-id: ${{ secrets.SYSELF_APP_ID }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6c4a51fa9..759c964f3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -26,7 +26,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3 - name: Generate metadata id: meta @@ -43,7 +43,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Install Cosign - uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0 + uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install Bom shell: bash @@ -60,7 +60,7 @@ jobs: echo 'EOF' >> $GITHUB_ENV - name: Build and push manager image - uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6 id: docker_build_release with: provenance: false @@ -107,7 +107,7 @@ jobs: # Upload artifact digests - name: Upload artifact digests - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: image-digest caph path: image-digest diff --git a/.github/workflows/report-bin-size.yml b/.github/workflows/report-bin-size.yml index 091567c87..63b90e824 100644 --- a/.github/workflows/report-bin-size.yml +++ b/.github/workflows/report-bin-size.yml @@ -9,7 +9,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Fixup git permissions # https://github.com/actions/checkout/issues/766 shell: bash @@ -26,7 +26,7 @@ jobs: run: make caph report-binsize-treemap-all - name: Upload Report - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: reports-${{ github.sha }} path: .reports diff --git a/.github/workflows/schedule-cache-cleaner-caph-image.yml b/.github/workflows/schedule-cache-cleaner-caph-image.yml index 53028c323..4234a19d5 100644 --- a/.github/workflows/schedule-cache-cleaner-caph-image.yml +++ b/.github/workflows/schedule-cache-cleaner-caph-image.yml @@ -16,7 +16,7 @@ jobs: steps: # Load Golang cache build from GitHub - name: Load Caph Golang cache build from GitHub - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + uses: actions/cache@2cdf405574d6ef1f33a1d12acccd3ae82f47b3f2 # v4.1.0 id: cache with: path: /tmp/.cache/caph diff --git a/.github/workflows/schedule-scan-image.yml b/.github/workflows/schedule-scan-image.yml index 0904e6039..23967ea9c 100644 --- a/.github/workflows/schedule-scan-image.yml +++ b/.github/workflows/schedule-scan-image.yml @@ -16,7 +16,7 @@ jobs: password: ${{ secrets.github_token }} steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Fixup git permissions # https://github.com/actions/checkout/issues/766 shell: bash diff --git a/.github/workflows/schedule-update-bot.yaml b/.github/workflows/schedule-update-bot.yaml index 10d344c2a..ccbac6bf7 100644 --- a/.github/workflows/schedule-update-bot.yaml +++ b/.github/workflows/schedule-update-bot.yaml @@ -30,10 +30,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Generate Token - uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1 + uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1 id: generate-token with: app-id: ${{ secrets.SYSELF_APP_ID }} @@ -44,7 +44,7 @@ jobs: echo "LOG_LEVEL=${{ github.event.inputs.logLevel || env.LOG_LEVEL }}" >> "$GITHUB_ENV" - name: Renovate - uses: renovatebot/github-action@718692a6e1205fb03bed8a101596ef5755b5f35d # v40.2.11 + uses: renovatebot/github-action@a1ed1d0adddfdf138192d1fbe3150a80094dee6a # v40.3.1 env: RENOVATE_HOST_RULES: '[{"hostType": "docker", "matchHost": "ghcr.io", "username": "${{ github.actor }}", "password": "${{ secrets.GITHUB_TOKEN }}" }]' RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '[".*"]' diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index bcebbb478..b3f7ff295 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -28,7 +28,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Coverage result name id: name run: | @@ -64,7 +64,7 @@ jobs: paths: ".coverage/junit.xml" - name: Upload Report - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: reports-${{ steps.name.outputs.name }} path: .reports