diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 8cee49d9..6f9cd016 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 with: fetch-depth: 0 - name: Setup Go @@ -145,7 +145,7 @@ jobs: # Upload artifact digests - name: Upload artifact digests - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: image-digest path: image-digest diff --git a/.github/workflows/kubebuilder-markers-checker.yaml b/.github/workflows/kubebuilder-markers-checker.yaml index 93cfd72e..616e843c 100644 --- a/.github/workflows/kubebuilder-markers-checker.yaml +++ b/.github/workflows/kubebuilder-markers-checker.yaml @@ -14,7 +14,7 @@ jobs: name: check for kubebuilder markers runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 # go is required for building controller-gen - name: Setup Go diff --git a/.github/workflows/pr-lint.yaml b/.github/workflows/pr-lint.yaml index 13f7c10d..0465679c 100644 --- a/.github/workflows/pr-lint.yaml +++ b/.github/workflows/pr-lint.yaml @@ -29,7 +29,7 @@ jobs: password: ${{ secrets.github_token }} steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/pr-verify.yaml b/.github/workflows/pr-verify.yaml index d56b8ffd..79e5110e 100644 --- a/.github/workflows/pr-verify.yaml +++ b/.github/workflows/pr-verify.yaml @@ -16,7 +16,7 @@ jobs: github_token: ${{ secrets.GITHUB_TOKEN }} - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: ref: ${{ github.event.pull_request.head.sha }} @@ -29,7 +29,7 @@ jobs: - name: Verify Starlark run: make verify-starlark - - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4 + - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5 with: node-version: "18" - name: Install renovate diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index def4c18b..8ef2699e 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 with: fetch-depth: 0 - uses: ./.github/actions/setup-go @@ -105,7 +105,7 @@ jobs: # Upload artifact digests - name: Upload artifact digests - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: image-digest cspo path: image-digest @@ -134,7 +134,7 @@ jobs: run: echo "RELEASE_TAG=${GITHUB_REF:10}" >> $GITHUB_ENV - name: checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 with: fetch-depth: 0 diff --git a/.github/workflows/report-bin-size.yaml b/.github/workflows/report-bin-size.yaml index 3f3b496b..9d6bd93f 100644 --- a/.github/workflows/report-bin-size.yaml +++ b/.github/workflows/report-bin-size.yaml @@ -9,7 +9,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Fixup git permissions # https://github.com/actions/checkout/issues/766 shell: bash @@ -26,7 +26,7 @@ jobs: run: make manager-core report-binsize-treemap-all - name: Upload Report - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: reports-${{ github.sha }} path: .reports diff --git a/.github/workflows/schedule-scan-image.yaml b/.github/workflows/schedule-scan-image.yaml index baa36176..5fd86307 100644 --- a/.github/workflows/schedule-scan-image.yaml +++ b/.github/workflows/schedule-scan-image.yaml @@ -15,7 +15,7 @@ jobs: password: ${{ secrets.github_token }} steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Fixup git permissions # https://github.com/actions/checkout/issues/766 shell: bash diff --git a/.github/workflows/schedule-update-bot.yaml b/.github/workflows/schedule-update-bot.yaml index 1f8448af..19fc7641 100644 --- a/.github/workflows/schedule-update-bot.yaml +++ b/.github/workflows/schedule-update-bot.yaml @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 # qemu is not required as of now because we don't build images for arm64 # use docker/setup-qemu-action@v3 if you want to have arm64 images. diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index ea4b30fc..48a55f20 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -30,7 +30,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Coverage result name id: name run: |