Skip to content

Commit

Permalink
🌱 Update github-actions group
Browse files Browse the repository at this point in the history
| datasource  | package                   | from     | to      |
| ----------- | ------------------------- | -------- | ------- |
| github-tags | actions/upload-artifact   | v4.3.3   | v4.4.0  |
| github-tags | docker/build-push-action  | v6.1.0   | v6.7.0  |
| github-tags | docker/login-action       | v3.2.0   | v3.3.0  |
| github-tags | renovatebot/github-action | v40.1.12 | v40.2.8 |
| github-tags | sigstore/cosign-installer | v3.5.0   | v3.6.0  |
  • Loading branch information
cluster-stack-bot[bot] authored Sep 12, 2024
1 parent c797c2e commit 8d71e19
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 20 deletions.
2 changes: 1 addition & 1 deletion .builder-image-version.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1.1.20
1.1.21
16 changes: 8 additions & 8 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,9 +33,9 @@ jobs:
fetch-depth: 0
- uses: ./.github/actions/setup-go
- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3

- name: Generate metadata cso
id: metacso
Expand All @@ -47,14 +47,14 @@ jobs:
metadata_tags: ${{ env.metadata_tags }}

- name: Login to ghcr.io for CI
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Install Cosign
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0

- name: Setup Env
run: |
Expand Down Expand Up @@ -83,7 +83,7 @@ jobs:
# Import GitHub's cache build to docker cache
- name: Copy cso Golang cache to docker cache
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
with:
provenance: false
context: /tmp/.cache/cso
Expand All @@ -93,7 +93,7 @@ jobs:
target: import-cache

- name: Build and push cso image
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6
id: docker_build_release_cso
with:
provenance: false
Expand All @@ -120,7 +120,7 @@ jobs:
# Upload artifact digests
- name: Upload artifact digests
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: image-digest
path: image-digest
Expand All @@ -129,7 +129,7 @@ jobs:
# Store docker's golang's cache build locally only on the main branch
- name: Store cso Golang cache build locally
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
with:
provenance: false
context: .
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/pr-lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-latest
container:
image: ghcr.io/sovereigncloudstack/cso-builder:1.1.20
image: ghcr.io/sovereigncloudstack/cso-builder:1.1.21
credentials:
username: ${{ github.actor }}
password: ${{ secrets.github_token }}
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,9 @@ jobs:
fetch-depth: 0
- uses: ./.github/actions/setup-go
- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3

- name: Generate metadata cso
id: metacso
Expand All @@ -37,14 +37,14 @@ jobs:
metadata_tags: ${{ env.metadata_tags }}

- name: Login to ghcr.io for CI
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Install Cosign
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0

- name: Install Bom
shell: bash
Expand All @@ -61,7 +61,7 @@ jobs:
echo 'EOF' >> $GITHUB_ENV
- name: Build and push cso image
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6
id: docker_build_release_cso
with:
provenance: false
Expand Down Expand Up @@ -106,7 +106,7 @@ jobs:
# Upload artifact digests
- name: Upload artifact digests
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: image-digest cso
path: image-digest
Expand Down Expand Up @@ -155,7 +155,7 @@ jobs:
make release-notes
- name: Release
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2
uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2
with:
draft: true
files: out/*
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/schedule-scan-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
name: Trivy
runs-on: ubuntu-latest
container:
image: ghcr.io/sovereigncloudstack/cso-builder:1.1.20
image: ghcr.io/sovereigncloudstack/cso-builder:1.1.21
credentials:
username: ${{ github.actor }}
password: ${{ secrets.github_token }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/schedule-update-bot.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Generate Token
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1
id: generate-token
with:
app-id: ${{ secrets.SCS_APP_ID }}
Expand All @@ -45,7 +45,7 @@ jobs:
echo "LOG_LEVEL=${{ github.event.inputs.logLevel || env.LOG_LEVEL }}" >> "$GITHUB_ENV"
- name: Renovate
uses: renovatebot/github-action@21d88b0bf0183abcee15f990011cca090dfc47dd # v40.1.12
uses: renovatebot/github-action@dd4d265eb8646cd04fc5f86ff8bc8d496d75a251 # v40.2.8
env:
RENOVATE_HOST_RULES: '[{"hostType": "docker", "matchHost": "ghcr.io", "username": "${{ github.actor }}", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '[".*"]'
Expand Down

0 comments on commit 8d71e19

Please sign in to comment.