Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🌱 Update github-actions group #1371

Merged
merged 1 commit into from
Aug 11, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/actions/e2e/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ runs:
${{ runner.os }}-tools-bin-e2e-
${{ runner.os }}-tools-bin-
- name: Download artifact
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: test-release
path: out
Expand Down Expand Up @@ -80,7 +80,7 @@ runs:
CAPH_LATEST_VERSION: "v1.0.0-beta.26"
run: make ${{ inputs.e2e_make_target }}
- name: Upload artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4
if: ${{ always() }}
with:
name: e2e-${{ inputs.e2e_name }}
Expand Down
8 changes: 4 additions & 4 deletions .github/actions/manager-image/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@ runs:
using: "composite"
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1

- name: Login to ghcr.io for CI
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
Expand Down Expand Up @@ -44,7 +44,7 @@ runs:

# Import GitHub's cache build to docker cache
- name: Copy Caph Golang cache to docker cache
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0
uses: docker/build-push-action@16ebe778df0e7752d2cfcbd924afdbbd89c1a755 # v6.6.1
with:
provenance: false
context: /tmp/.cache/caph
Expand All @@ -54,7 +54,7 @@ runs:
target: import-cache

- name: Build and push manager image
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6
uses: docker/build-push-action@16ebe778df0e7752d2cfcbd924afdbbd89c1a755 # v6
with:
provenance: false
context: .
Expand Down
2 changes: 1 addition & 1 deletion .github/actions/test-release/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ runs:
TAG: ${{ steps.meta.outputs.version }}
run: make test-release
- name: Upload artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4
with:
name: test-release
path: out
14 changes: 7 additions & 7 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,9 +33,9 @@ jobs:
fetch-depth: 0
- uses: ./.github/actions/setup-go
- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3

- name: Generate metadata
id: meta
Expand All @@ -45,14 +45,14 @@ jobs:
metadata_tags: ${{ env.metadata_tags }}

- name: Login to ghcr.io for CI
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Install Cosign
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0

- name: Install Bom
shell: bash
Expand Down Expand Up @@ -88,7 +88,7 @@ jobs:

# Import GitHub's cache build to docker cache
- name: Copy Caph Golang cache to docker cache
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0
uses: docker/build-push-action@16ebe778df0e7752d2cfcbd924afdbbd89c1a755 # v6.6.1
with:
provenance: false
context: /tmp/.cache/caph
Expand All @@ -98,7 +98,7 @@ jobs:
target: import-cache

- name: Build and push manager image
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6
uses: docker/build-push-action@16ebe778df0e7752d2cfcbd924afdbbd89c1a755 # v6
id: docker_build_release
with:
provenance: false
Expand Down Expand Up @@ -150,7 +150,7 @@ jobs:
# Store docker's golang's cache build locally only on the main branch
- name: Store Caph Golang cache build locally
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0
uses: docker/build-push-action@16ebe778df0e7752d2cfcbd924afdbbd89c1a755 # v6.6.1
with:
provenance: false
context: .
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/pr-verify.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
- name: Verify Starlark
run: make verify-starlark

- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4
- uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4
with:
node-version: "18"
- name: Install renovate
Expand All @@ -42,7 +42,7 @@ jobs:
done

- name: Generate Token
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1
uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1
id: generate-token
with:
app-id: ${{ secrets.SYSELF_APP_ID }}
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,9 @@ jobs:
fetch-depth: 0
- uses: ./.github/actions/setup-go
- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3

- name: Generate metadata
id: meta
Expand All @@ -36,14 +36,14 @@ jobs:
metadata_tags: ${{ env.metadata_tags }}

- name: Login to ghcr.io for CI
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Install Cosign
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0

- name: Install Bom
shell: bash
Expand All @@ -60,7 +60,7 @@ jobs:
echo 'EOF' >> $GITHUB_ENV

- name: Build and push manager image
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6
uses: docker/build-push-action@16ebe778df0e7752d2cfcbd924afdbbd89c1a755 # v6
id: docker_build_release
with:
provenance: false
Expand Down Expand Up @@ -147,7 +147,7 @@ jobs:
run: |
make release-notes
- name: Release
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2
uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2
with:
draft: true
files: out/*
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/schedule-update-bot.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Generate Token
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1
uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1
id: generate-token
with:
app-id: ${{ secrets.SYSELF_APP_ID }}
Expand All @@ -44,7 +44,7 @@ jobs:
echo "LOG_LEVEL=${{ github.event.inputs.logLevel || env.LOG_LEVEL }}" >> "$GITHUB_ENV"

- name: Renovate
uses: renovatebot/github-action@21d88b0bf0183abcee15f990011cca090dfc47dd # v40.1.12
uses: renovatebot/github-action@0c94129d48b4e92addf23686b8a735b3057a0448 # v40.2.5
env:
RENOVATE_HOST_RULES: '[{"hostType": "docker", "matchHost": "ghcr.io", "username": "${{ github.actor }}", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '[".*"]'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ jobs:
run: make report-cover-html report-cover-treemap

- name: Test Summary
uses: test-summary/action@032c8a9cec6aaa3c20228112cae6ca10a3b29336 # v2.3
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2.4
with:
paths: ".coverage/junit.xml"

Expand Down