Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update github-actions #2469

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/actions/generate-chart-matrix/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ runs:
steps:
- name: Get changed dirs
id: changed-files
uses: tj-actions/changed-files@48d8f15b2aaa3d255ca5af3eba4870f807ce6b3c # v45
uses: tj-actions/changed-files@bab30c2299617f6615ec02a68b9a40d10bd21366 # v45
with:
dir_names: "true"
- name: Generate matrix
Expand Down
6 changes: 3 additions & 3 deletions .github/actions/gke-login/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,18 +22,18 @@ runs:
steps:
- name: Authenticate to Google Cloud - Workload Identity
if: ${{ inputs.auth-method == 'workload-identity' }}
uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2
uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2
with:
token_format: 'access_token'
workload_identity_provider: ${{ inputs.workload-identity-provider }}
service_account: ${{ inputs.service-account }}
- name: Authenticate to Google Cloud - Service Account Key
if: ${{ inputs.auth-method == 'credentials-json' }}
uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2
uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2
with:
credentials_json: '${{ inputs.credentials-json }}'
- name: Get GKE credentials
uses: google-github-actions/get-gke-credentials@6051de21ad50fbb1767bc93c11357a49082ad116 # v2
uses: google-github-actions/get-gke-credentials@9025e8f90f2d8e0c3dafc3128cc705a26d992a6a # v2
with:
cluster_name: ${{ inputs.cluster-name }}
location: ${{ inputs.cluster-location }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/chart-public-files.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,10 @@ jobs:
permissions:
contents: write
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
ref: gh-pages
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
path: main
- name: Copy files
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/chart-release-chores.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
app_id: ${{ secrets.GH_APP_ID_DISTRO_CI }}
private_key: ${{ secrets.GH_APP_PRIVATE_KEY_DISTRO_CI }}
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
ref: ${{ github.event.pull_request.head.ref }}
Expand All @@ -49,7 +49,7 @@ jobs:
- name: Add Helm repos
run: |
make helm.repos-add
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
with:
path: |
~/.cache/go-build
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/chart-release-template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ jobs:
CHART_NAME: "camunda-platform"
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
ref: ${{ inputs.branch }}
Expand Down Expand Up @@ -132,7 +132,7 @@ jobs:
# Security signature.
- name: Install Cosign CLI
if: env.PUBLISH_ARTIFACT == 'true'
uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0
uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
- name: Sign Helm chart with Cosign
if: env.PUBLISH_ARTIFACT == 'true'
run: |
Expand All @@ -154,7 +154,7 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}
- name: Install ORAS CLI
if: env.PUBLISH_ARTIFACT == 'true'
uses: oras-project/setup-oras@ca28077386065e263c03428f4ae0c09024817c93 # v1
uses: oras-project/setup-oras@9c92598691bfef1424de2f8fae81941568f5889c # v1
- name: Upload Helm chart Cosign bundle
if: env.PUBLISH_ARTIFACT == 'true'
run: |
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/chart-release-update-config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
app_id: ${{ secrets.GH_APP_ID_DISTRO_CI }}
private_key: ${{ secrets.GH_APP_PRIVATE_KEY_DISTRO_CI }}
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
token: ${{ steps.generate-github-token.outputs.token }}
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/chart-release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ jobs:
id-token: write
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: Install env dependencies
Expand All @@ -64,7 +64,7 @@ jobs:
done
echo "Dev comments removed:"
git --no-pager diff
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
with:
path: |
~/.cache/go-build
Expand Down Expand Up @@ -92,7 +92,7 @@ jobs:
chartPath="$(ct list-changed | tr '\n' ' ')" \
make helm.dependency-update
- name: cosign-installer
uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0
uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
- name: Tidy up
run: |
# Clean up badges from readme to avoid showing them in Artifact Hub.
Expand Down Expand Up @@ -190,7 +190,7 @@ jobs:
issues: write
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
# The verification step happens in the release branch before merging into the "main" branch.
fetch-depth: 0
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/chart-update-readme-and-golden-files.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ jobs:
app_id: ${{ secrets.GH_APP_ID_DISTRO_CI }}
private_key: ${{ secrets.GH_APP_PRIVATE_KEY_DISTRO_CI }}
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
ref: ${{ github.event.pull_request.head.ref }}
Expand All @@ -68,7 +68,7 @@ jobs:
- name: Add Helm repos
run: |
make helm.repos-add
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
with:
path: |
~/.cache/go-build
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/chart-validate-template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
echo "${GITHUB_CONTEXT}"
# Checkout.
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
ref: "${{ inputs.camunda-helm-git-ref }}"
Expand All @@ -51,7 +51,7 @@ jobs:
run: |
echo "check-version-increment: false" >> .github/config/chart-testing.yaml
# Dependencies.
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5
with:
python-version: 3.7
- name: Install dependencies
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/renovate-config-check.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
name: Check renovate config
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Validate renovate config
uses: docker://renovate/renovate
with:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/renovate-post-upgrade.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
with:
app_id: ${{ secrets.GH_APP_ID_DISTRO_CI }}
private_key: ${{ secrets.GH_APP_PRIVATE_KEY_DISTRO_CI }}
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
token: '${{ steps.generate-github-token.outputs.token }}'
repository: ${{ github.event.pull_request.head.repo.full_name }}
Expand All @@ -44,7 +44,7 @@ jobs:
run: npm install -g @bitnami/readme-generator-for-helm
- name: Install dependencies
uses: asdf-vm/actions/install@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 # v3
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
with:
path: |
~/.cache/go-build
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/sec-codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -44,11 +44,11 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@3c13be0632d1e2a15d39da6ede780272c022b84f
uses: github/codeql-action/init@dd7559424621a6dd0b32ababe9e4b271a87f78d2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -62,7 +62,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@3c13be0632d1e2a15d39da6ede780272c022b84f
uses: github/codeql-action/autobuild@dd7559424621a6dd0b32ababe9e4b271a87f78d2

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -75,6 +75,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@3c13be0632d1e2a15d39da6ede780272c022b84f
uses: github/codeql-action/analyze@dd7559424621a6dd0b32ababe9e4b271a87f78d2
with:
category: "/language:${{ matrix.language }}"
2 changes: 1 addition & 1 deletion .github/workflows/sec-scorecard.yml
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,6 @@ jobs:

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9
with:
sarif_file: results.sarif
2 changes: 1 addition & 1 deletion .github/workflows/test-integration-cleanup-template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ jobs:
- distro:
if: false
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
# This is needed to load repo GH composite actions if the workflow triggered by workflow_call.
repository: camunda/camunda-platform-helm
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/test-integration-rosa-cleanup.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,13 +27,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
ref: ${{ github.head_ref }}
fetch-depth: 0

- name: Checkout Repository rosa modules
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
repository: "camunda/camunda-tf-rosa"
ref: "main"
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/test-integration-rosa-template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ jobs:
outputs:
platform-matrix: ${{ steps.matrix.outputs.platform-matrix }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0

Expand Down Expand Up @@ -101,7 +101,7 @@ jobs:
distro: ${{ fromJson(needs.clusters-info.outputs.platform-matrix).distro }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0

Expand All @@ -112,7 +112,7 @@ jobs:
aws configure set aws_access_key_id ${{ secrets.DISTRO_CI_AWS_ACCESS_KEY }} --profile=${{ secrets.DISTRO_CI_AWS_PROFILE }}

- name: Create ROSA cluster and login
uses: camunda/camunda-tf-rosa/.github/actions/rosa-create-cluster@d0471d28cb3eb13cd2212b63cc8e50d457d829c4 # main
uses: camunda/camunda-tf-rosa/.github/actions/rosa-create-cluster@2c37bf2c78fe3ba13cc928987d2cf0b2c8257509 # main
timeout-minutes: 125
env:
AWS_PROFILE: ${{ secrets.DISTRO_CI_AWS_PROFILE }}
Expand All @@ -135,7 +135,7 @@ jobs:
private_key: ${{ secrets.GH_APP_PRIVATE_KEY_DISTRO_CI }}

- name: Clone the distribution GitOps repo
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
repository: "camunda/distribution"
ref: "main"
Expand Down Expand Up @@ -281,7 +281,7 @@ jobs:
aws configure set aws_access_key_id ${{ secrets.DISTRO_CI_AWS_ACCESS_KEY }} --profile=${{ secrets.DISTRO_CI_AWS_PROFILE }}

- name: Delete on-demand ROSA HCP Cluster
uses: camunda/camunda-tf-rosa/.github/actions/rosa-delete-cluster@d0471d28cb3eb13cd2212b63cc8e50d457d829c4 # main
uses: camunda/camunda-tf-rosa/.github/actions/rosa-delete-cluster@2c37bf2c78fe3ba13cc928987d2cf0b2c8257509 # main
if: always()
timeout-minutes: 125
env:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/test-integration-template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@ jobs:
outputs:
matrix: ${{ steps.generate-workflow-matrix.outputs.matrix }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
# This is needed if the workflow is triggered by workflow_call.
repository: camunda/camunda-platform-helm
Expand Down Expand Up @@ -165,7 +165,7 @@ jobs:
echo "${GITHUB_CONTEXT}" | jq '."extra-values" = "<Check below>"'
echo "Workflow Inputs - Extra Values:"
echo "${GITHUB_CONTEXT}" | jq -r '."extra-values"'
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
# This is needed to load repo GH composite actions if the workflow triggered by workflow_call.
repository: camunda/camunda-platform-helm
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/test-unit-template.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
outputs:
unitTestMatrix: ${{ steps.test-type-vars.outputs.unitTestMatrix }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
ref: "${{ inputs.camunda-helm-git-ref }}"
- name: Get CI unit test matrix
Expand All @@ -57,10 +57,10 @@ jobs:
run: |
echo "Workflow Inputs:"
echo "${GITHUB_CONTEXT}"
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Install env dependencies
uses: asdf-vm/actions/install@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 # v3
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
with:
path: |
~/.cache/go-build
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test-version-maintenance.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
outputs:
matrix: ${{ steps.generate-chart-versions.outputs.matrix }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Generate chart versions
id: generate-chart-versions
uses: ./.github/actions/generate-chart-matrix
Expand Down
Loading