Skip to content

Commit

Permalink
deps: update GitHub action dependencies (#3259)
Browse files Browse the repository at this point in the history
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
  • Loading branch information
renovate[bot] authored Jul 18, 2024
1 parent 1edc196 commit 78ce220
Show file tree
Hide file tree
Showing 16 changed files with 49 additions and 49 deletions.
2 changes: 1 addition & 1 deletion .github/actions/artifact_download/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ runs:
run: echo "directory=$(mktemp -d)" >> "$GITHUB_OUTPUT"

- name: Download the artifact
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: ${{ inputs.name }}
path: ${{ steps.tempdir.outputs.directory }}
Expand Down
2 changes: 1 addition & 1 deletion .github/actions/artifact_upload/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ runs:
done
- name: Upload archive as artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: ${{ inputs.name }}
path: ${{ steps.tempdir.outputs.directory }}/archive.7z
Expand Down
20 changes: 10 additions & 10 deletions .github/actions/download_release_binaries/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,51 +5,51 @@ runs:
using: "composite"
steps:
- name: Download CLI binaries darwin-amd64
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: constellation-darwin-amd64

- name: Download CLI binaries darwin-arm64
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: constellation-darwin-arm64

- name: Download CLI binaries linux-amd64
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: constellation-linux-amd64

- name: Download CLI binaries linux-arm64
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: constellation-linux-arm64

- name: Download CLI binaries windows-amd64
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: constellation-windows-amd64

- name: Download Terraform module
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: terraform-module

- name: Download Terraform provider binary darwin-amd64
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: terraform-provider-constellation-darwin-amd64

- name: Download Terraform provider binary darwin-arm64
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: terraform-provider-constellation-darwin-arm64

- name: Download Terraform provider binary linux-amd64
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: terraform-provider-constellation-linux-amd64

- name: Download Terraform provider binary linux-arm64
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: terraform-provider-constellation-linux-arm64
2 changes: 1 addition & 1 deletion .github/actions/e2e_benchmark/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ runs:

steps:
- name: Setup python
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
with:
python-version: "3.10"

Expand Down
2 changes: 1 addition & 1 deletion .github/actions/upload_terraform_module/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ runs:
zip -r terraform-module.zip terraform-module
- name: Upload artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: terraform-module
path: terraform-module.zip
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/aws-snp-launchmeasurement.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:

- name: Download Firmware release
id: download-firmware
uses: robinraju/release-downloader@c39a3b234af58f0cf85888573d361fb6fa281534 # v1.10
uses: robinraju/release-downloader@a96f54c1b5f5e09e47d9504526e96febd949d4c2 # v1.11
with:
repository: aws/uefi
latest: true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/build-ccm-gcp.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
fetch-depth: 0

- name: Setup Go environment
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: "1.22.5"
cache: false
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/build-os-image-scheduled.yml
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ jobs:
token: ${{ secrets.CI_COMMIT_PUSH_PR }}

- name: Setup Go environment
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: "1.22.5"
cache: false
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,13 +38,13 @@ jobs:

- name: Setup Go environment
if: matrix.language == 'go'
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: "1.22.5"
cache: false

- name: Initialize CodeQL
uses: github/codeql-action/init@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
uses: github/codeql-action/init@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
with:
languages: ${{ matrix.language }}

Expand All @@ -63,6 +63,6 @@ jobs:
echo "::endgroup::"
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
uses: github/codeql-action/analyze@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
with:
category: "/language:${{ matrix.language }}"
28 changes: 14 additions & 14 deletions .github/workflows/draft-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ jobs:
cosignPassword: ${{ inputs.key == 'release' && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}

- name: Upload CLI as artifact (unix)
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
if : ${{ matrix.os != 'windows' }}
with:
name: constellation-${{ matrix.os }}-${{ matrix.arch }}
Expand All @@ -101,7 +101,7 @@ jobs:
build/constellation-${{ matrix.os }}-${{ matrix.arch }}.sig
- name: Upload CLI as artifact (windows)
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
if : ${{ matrix.os == 'windows' }}
with:
name: constellation-${{ matrix.os }}-${{ matrix.arch }}
Expand Down Expand Up @@ -149,15 +149,15 @@ jobs:
targetArch: ${{ matrix.arch }}

- name: Upload Terraform Provider Binary as artifact (unix)
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
if : ${{ matrix.os != 'windows' }}
with:
name: terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}
path: |
build/terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}
- name: Upload Terraform Provider Binary as artifact (windows)
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
if : ${{ matrix.os == 'windows' }}
with:
name: terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}
Expand Down Expand Up @@ -227,7 +227,7 @@ jobs:
uses: ./.github/actions/download_release_binaries

- name: Download CLI SBOM
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: constellation.spdx.sbom

Expand Down Expand Up @@ -296,13 +296,13 @@ jobs:
COSIGN_PASSWORD: ${{ inputs.key == 'release' && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}

- name: Upload Constellation CLI SBOM
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: constellation.spdx.sbom
path: constellation.spdx.sbom

- name: Upload Constellation CLI SBOM's signature
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: constellation.spdx.sbom.sig
path: constellation.spdx.sbom.sig
Expand Down Expand Up @@ -340,12 +340,12 @@ jobs:
uses: ./.github/actions/download_release_binaries

- name: Download CLI SBOM
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: constellation.spdx.sbom

- name: Download provenance
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: ${{ needs.provenance.outputs.provenance-name }}

Expand Down Expand Up @@ -418,17 +418,17 @@ jobs:
uses: ./.github/actions/download_release_binaries

- name: Download CLI SBOM
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: constellation.spdx.sbom

- name: Download Constellation CLI SBOM's signature
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: constellation.spdx.sbom.sig

- name: Download Constellation provenance
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: ${{ needs.provenance.outputs.provenance-name }}

Expand Down Expand Up @@ -472,7 +472,7 @@ jobs:
- name: Create release with artifacts
id: create-release
# GitHub endorsed release project. See: https://github.com/actions/create-release
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
uses: softprops/action-gh-release@fb2d03176f42a1f0dd433ca263f314051d3edd44 # v2.0.7
with:
draft: true
generate_release_notes: true
Expand All @@ -487,7 +487,7 @@ jobs:
terraform-module.zip
- name: Create Terraform provider release with artifcats
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
uses: softprops/action-gh-release@fb2d03176f42a1f0dd433ca263f314051d3edd44 # v2.0.7
with:
draft: true
generate_release_notes: false
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/e2e-upgrade.yml
Original file line number Diff line number Diff line change
Expand Up @@ -170,7 +170,7 @@ jobs:
push: true

- name: Upload CLI binary
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: constellation-upgrade-${{ inputs.attestationVariant }}
path: build/constellation
Expand Down Expand Up @@ -326,7 +326,7 @@ jobs:
azure_credentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}

- name: Download CLI
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: constellation-upgrade-${{ inputs.attestationVariant }}
path: build
Expand Down Expand Up @@ -451,7 +451,7 @@ jobs:
ref: ${{ inputs.gitRef }}

- name: Download CLI
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: constellation-upgrade-${{ inputs.attestationVariant }}
path: build
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/e2e-windows.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ jobs:
push: true

- name: Upload CLI artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
path: build/constellation.exe
name: "constell-exe"
Expand All @@ -61,7 +61,7 @@ jobs:
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}

- name: Download CLI artifact
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: "constell-exe"

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,7 @@ jobs:
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}

- name: Setup Go environment
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: "1.22.5"
cache: true
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/reproducible-builds.yml
Original file line number Diff line number Diff line change
Expand Up @@ -57,13 +57,13 @@ jobs:
run: shasum -a 256 "${binary}" | tee "${binary}.sha256"

- name: Upload binary artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: "binaries-${{ matrix.target }}-${{ matrix.runner }}"
path: "${{ env.binary }}"

- name: Upload hash artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: "sha256sums-${{ matrix.target }}-${{ matrix.runner }}"
path: "${{ env.binary }}.sha256"
Expand Down Expand Up @@ -110,13 +110,13 @@ jobs:
run: shasum -a 256 "${binary}" | tee "${binary}.sha256"

- name: Upload binary artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: "osimages-${{ matrix.target }}-${{ matrix.runner }}"
path: "${{ env.binary }}"

- name: Upload hash artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: "sha256sums-${{ matrix.target }}-${{ matrix.runner }}"
path: "${{ env.binary }}.sha256"
Expand All @@ -139,7 +139,7 @@ jobs:
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}

- name: Download binaries
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
pattern: "binaries-${{ matrix.target }}-*"
merge-multiple: true
Expand Down Expand Up @@ -173,7 +173,7 @@ jobs:
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}

- name: Download os images
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
pattern: "osimages-${{ matrix.target }}-*"
merge-multiple: true
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/scorecard.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,13 +30,13 @@ jobs:
publish_results: true

- name: Upload artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: SARIF file
path: results.sarif
retention-days: 5

- name: Upload to code-scanning
uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
with:
sarif_file: results.sarif
2 changes: 1 addition & 1 deletion .github/workflows/test-operator-codegen.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}

- name: Setup Go environment
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: "1.22.5"
cache: true
Expand Down

0 comments on commit 78ce220

Please sign in to comment.