diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index a0efe9a296..7f3bd7ecc4 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -29,7 +29,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 - name: Initialize CodeQL uses: github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a diff --git a/.github/workflows/dep-review.yaml b/.github/workflows/dep-review.yaml index f01dff4cc5..26df29e315 100644 --- a/.github/workflows/dep-review.yaml +++ b/.github/workflows/dep-review.yaml @@ -14,7 +14,7 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 - name: 'Dependency Review' uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce diff --git a/.github/workflows/deploy_docs.yaml b/.github/workflows/deploy_docs.yaml index 6bed443b6f..f8a3194952 100644 --- a/.github/workflows/deploy_docs.yaml +++ b/.github/workflows/deploy_docs.yaml @@ -27,7 +27,7 @@ jobs: run: working-directory: docs steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Harden Runner uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 diff --git a/.github/workflows/e2e-build.yaml b/.github/workflows/e2e-build.yaml index 557c23a313..0c5e42982e 100644 --- a/.github/workflows/e2e-build.yaml +++ b/.github/workflows/e2e-build.yaml @@ -23,7 +23,7 @@ jobs: go-version: "1.21" check-latest: true - name: Setup buildx instance - uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0 + uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3.2.0 with: use: true - uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 @@ -36,7 +36,7 @@ jobs: ~/.cache/go-build - uses: crazy-max/ghaction-github-runtime@b3a9207c0e1ef41f4cf215303c976869d0c2c1c4 # v3.0.0 - name: Check out code into the Go module directory - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - run: 'echo ${{ inputs.bucket-id }}' - name: Set env run: | @@ -66,7 +66,7 @@ jobs: go-version: "1.21" check-latest: true - name: Setup buildx instance - uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0 + uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3.2.0 with: use: true - uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 @@ -79,7 +79,7 @@ jobs: ~/.cache/go-build - uses: crazy-max/ghaction-github-runtime@b3a9207c0e1ef41f4cf215303c976869d0c2c1c4 # v3.0.0 - name: Check out code into the Go module directory - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Set env run: | echo TRIVY_SCANNER_REPO=scanner >> $GITHUB_ENV @@ -108,7 +108,7 @@ jobs: go-version: "1.21" check-latest: true - name: Setup buildx instance - uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0 + uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3.2.0 with: use: true - uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 @@ -121,7 +121,7 @@ jobs: ~/.cache/go-build - uses: crazy-max/ghaction-github-runtime@b3a9207c0e1ef41f4cf215303c976869d0c2c1c4 # v3.0.0 - name: Check out code into the Go module directory - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Set env run: | echo MANAGER_REPO=manager >> $GITHUB_ENV @@ -150,7 +150,7 @@ jobs: go-version: "1.21" check-latest: true - name: Setup buildx instance - uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0 + uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3.2.0 with: use: true - uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 @@ -163,7 +163,7 @@ jobs: ~/.cache/go-build - uses: crazy-max/ghaction-github-runtime@b3a9207c0e1ef41f4cf215303c976869d0c2c1c4 # v3.0.0 - name: Check out code into the Go module directory - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Set env run: | echo COLLECTOR_REPO=collector >> $GITHUB_ENV diff --git a/.github/workflows/e2e-test.yaml b/.github/workflows/e2e-test.yaml index 6c7dbd10fa..5e8ce4cf05 100644 --- a/.github/workflows/e2e-test.yaml +++ b/.github/workflows/e2e-test.yaml @@ -24,7 +24,7 @@ jobs: egress-policy: audit - name: Check out code into the Go module directory - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - id: set-test-matrix run: | readarray -d '' test_dirs < <(find ./test/e2e/tests -mindepth 1 -type d -print0) @@ -51,7 +51,7 @@ jobs: with: egress-policy: audit - name: Check out code into the Go module directory - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Fetch Build Artifacts uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 with: diff --git a/.github/workflows/patch-docs.yaml b/.github/workflows/patch-docs.yaml index 05364763de..3eef834b5e 100644 --- a/.github/workflows/patch-docs.yaml +++ b/.github/workflows/patch-docs.yaml @@ -29,7 +29,7 @@ jobs: echo "PATCH_VERSION=${PATCH_VERSION}" >> ${GITHUB_ENV} echo "TAG=${TAG}" >> ${GITHUB_ENV} - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 with: fetch-depth: 0 @@ -41,7 +41,7 @@ jobs: run: make patch-version-docs NEWVERSION=v${MAJOR_VERSION}.${MINOR_VERSION}.x TAG=v${TAG} OLDVERSION=v${MAJOR_VERSION}.${MINOR_VERSION}.$((PATCH_VERSION-1)) - name: Create release pull request - uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc # v6.0.1 + uses: peter-evans/create-pull-request@70a41aba780001da0a30141984ae2a0c95d8704e # v6.0.2 with: commit-message: "chore: Patch docs for ${{ env.TAG }} release" title: "chore: Patch docs for ${{ env.TAG }} release" diff --git a/.github/workflows/release-pr.yaml b/.github/workflows/release-pr.yaml index 3213ad6e9e..0204901e87 100644 --- a/.github/workflows/release-pr.yaml +++ b/.github/workflows/release-pr.yaml @@ -62,7 +62,7 @@ jobs: echo "TARGET_BRANCH=main" >> ${GITHUB_ENV} fi - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 with: fetch-depth: 0 @@ -80,7 +80,7 @@ jobs: run: make version-docs NEWVERSION=v${MAJOR_VERSION}.${MINOR_VERSION}.x TAG=v${TAG} - name: Create release pull request - uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc # v6.0.1 + uses: peter-evans/create-pull-request@70a41aba780001da0a30141984ae2a0c95d8704e # v6.0.2 with: commit-message: "chore: Prepare ${{ env.NEWVERSION }} release" title: "chore: Prepare ${{ env.NEWVERSION }} release" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 198b7b8ab0..6862c319bb 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -25,10 +25,10 @@ jobs: egress-policy: audit - name: Check out code into the Go module directory - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Setup buildx instance - uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0 + uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3.2.0 with: use: true @@ -47,7 +47,7 @@ jobs: echo "TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV - name: Log in to the GHCR - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/.github/workflows/scan-images.yaml b/.github/workflows/scan-images.yaml index 8c9b2d73ce..dcabfb6fff 100644 --- a/.github/workflows/scan-images.yaml +++ b/.github/workflows/scan-images.yaml @@ -43,7 +43,7 @@ jobs: - name: Check out code if: github.event_name == 'schedule' || github.event.inputs.version == '' - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Build image if: github.event_name == 'schedule' || github.event.inputs.version == '' diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 6e7a5bb340..b478c8053a 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -30,7 +30,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3.1.0 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3.1.0 with: persist-credentials: false diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index c5c700e2c6..55d22535b8 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -48,7 +48,7 @@ jobs: uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Set up Go uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: @@ -104,7 +104,7 @@ jobs: ~/go/pkg/mod ~/.cache/go-build - name: Check out code into the Go module directory - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Unit test run: make test - name: Codecov upload @@ -124,7 +124,7 @@ jobs: with: egress-policy: audit - name: Check out code into the Go module directory - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Set up Go uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: @@ -150,7 +150,7 @@ jobs: egress-policy: audit - name: Check out code into the Go module directory - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Get repo run: |