diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 14878efa..6b14cc66 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -25,7 +25,7 @@ jobs: go_version_file: go.mod - name: Setup Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version-file: go.mod @@ -69,7 +69,7 @@ jobs: push: false - name: Run Trivy vulnerability scanner on the dev image - uses: aquasecurity/trivy-action@0.16.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: 'controlplane/simulator:dev' format: 'table' @@ -88,7 +88,7 @@ jobs: push: false - name: Run Trivy vulnerability scanner on simulator image - uses: aquasecurity/trivy-action@0.16.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: controlplane/simulator:${{ github.sha }} format: 'table' diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 96c75428..ed5039d2 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Cache container layers - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}${{ matrix.containers.suffix }}-buildx-${{ github.sha }} @@ -33,7 +33,7 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -49,7 +49,7 @@ jobs: push: false - name: Run Trivy vulnerability scanner on the dev image - uses: aquasecurity/trivy-action@0.16.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: 'controlplane/simulator:dev' format: 'table' @@ -68,7 +68,7 @@ jobs: push: false - name: Run Trivy vulnerability scanner on simulator image - uses: aquasecurity/trivy-action@0.16.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: controlplane/simulator:${{ github.ref_name }} format: 'table' @@ -119,7 +119,7 @@ jobs: fetch-depth: 0 - name: Setup Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version-file: go.mod @@ -127,7 +127,7 @@ jobs: - uses: anchore/sbom-action/download-syft@v0 - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@v6 with: distribution: goreleaser args: release --clean