From 8d8dd756655b54e66bf66df9405f72079acf8b2e Mon Sep 17 00:00:00 2001 From: Peter Deme Date: Thu, 28 Sep 2023 13:36:37 +0200 Subject: [PATCH] Bump GH Action versions (#66) Signed-off-by: peterdeme --- .github/workflows/build-binary.yml | 2 +- .github/workflows/linting.yml | 2 +- .github/workflows/preprod-deployment.yml | 13 ++++++------- .github/workflows/prod-deployment.yml | 13 ++++++------- .github/workflows/prod-pr.yml | 4 ++-- .github/workflows/security.yml | 4 ++-- .github/workflows/trivy.yml | 10 +++++----- .github/workflows/unit-testing.yml | 2 +- 8 files changed, 24 insertions(+), 26 deletions(-) diff --git a/.github/workflows/build-binary.yml b/.github/workflows/build-binary.yml index 550e23e..ecd713c 100644 --- a/.github/workflows/build-binary.yml +++ b/.github/workflows/build-binary.yml @@ -14,7 +14,7 @@ jobs: steps: - name: Check out repository code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Mark source directory as safe. # This is some duct tape over the git version in the Go image complaining about this since one of the 1.19.x versions. Feel free to remove once it doesn't break the build anymore. See https://github.com/actions/runner/issues/2033 and https://github.com/actions/checkout/issues/760#issuecomment-1097797031 run: git config --global --add safe.directory $GITHUB_WORKSPACE diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index f3ac1c7..2052c91 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Check out repository code - uses: actions/checkout@master + uses: actions/checkout@v4 - name: Check formatting using gofmt run: gofmt -s -l -d diff --git a/.github/workflows/preprod-deployment.yml b/.github/workflows/preprod-deployment.yml index ccdb659..97c8dd5 100644 --- a/.github/workflows/preprod-deployment.yml +++ b/.github/workflows/preprod-deployment.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Check out repository code - uses: actions/checkout@master + uses: actions/checkout@v4 - name: Mark source directory as safe. # This is some duct tape over the git version in the Go image complaining about this since one of the 1.19.x versions. Feel free to remove once it doesn't break the build anymore. See https://github.com/actions/runner/issues/2033 and https://github.com/actions/checkout/issues/760#issuecomment-1097797031 run: git config --global --add safe.directory $GITHUB_WORKSPACE @@ -107,17 +107,16 @@ jobs: steps: - name: Check out repository code - uses: actions/checkout@master + uses: actions/checkout@v4 - name: Download the VCS Agent binary uses: actions/download-artifact@v3 with: name: vcs-agent-binary path: ./build - retention-days: 1 - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@v4 if: ${{ github.ref == 'refs/heads/main' }} with: aws-region: eu-west-1 @@ -144,13 +143,13 @@ jobs: # This will be needed in the future for adding multi architecture build support # - name: Set up QEMU - # uses: docker/setup-qemu-action@v2 + # uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build and push the image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . platforms: linux/amd64 diff --git a/.github/workflows/prod-deployment.yml b/.github/workflows/prod-deployment.yml index c2820ce..9d8b50a 100644 --- a/.github/workflows/prod-deployment.yml +++ b/.github/workflows/prod-deployment.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Check out repository code - uses: actions/checkout@master + uses: actions/checkout@v4 - name: Mark source directory as safe. # This is some duct tape over the git version in the Go image complaining about this since one of the 1.19.x versions. Feel free to remove once it doesn't break the build anymore. See https://github.com/actions/runner/issues/2033 and https://github.com/actions/checkout/issues/760#issuecomment-1097797031 run: git config --global --add safe.directory $GITHUB_WORKSPACE @@ -107,17 +107,16 @@ jobs: steps: - name: Check out repository code - uses: actions/checkout@master + uses: actions/checkout@v4 - name: Download the VCS Agent binary uses: actions/download-artifact@v3 with: name: vcs-agent-binary path: ./build - retention-days: 1 - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@v4 if: ${{ github.ref == 'refs/heads/production' }} with: aws-region: eu-west-1 @@ -144,13 +143,13 @@ jobs: # This will be needed in the future for adding multi architecture build support # - name: Set up QEMU - # uses: docker/setup-qemu-action@v2 + # uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build and push the image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . platforms: linux/amd64 diff --git a/.github/workflows/prod-pr.yml b/.github/workflows/prod-pr.yml index 0170622..eab96da 100644 --- a/.github/workflows/prod-pr.yml +++ b/.github/workflows/prod-pr.yml @@ -8,7 +8,7 @@ jobs: create-pr: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Set PR template id: template @@ -18,7 +18,7 @@ jobs: trim: false - name: Create Pull Request - uses: vsoch/pull-request-action@1.0.13 + uses: vsoch/pull-request-action@1.0.24 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} PASS_IF_EXISTS: true diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 6b80b5f..24b011d 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -12,7 +12,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Initialize CodeQL uses: github/codeql-action/init@v1 @@ -34,7 +34,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Run GoSec Security Scanner uses: securego/gosec@master diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index b983a82..86e2439 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -19,11 +19,11 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: { fetch-depth: 0 } - name: Set up Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: { go-version: 1.18 } - name: parse short SHA @@ -52,7 +52,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Download build artifacts uses: actions/download-artifact@v3 @@ -61,10 +61,10 @@ jobs: path: build - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build and push the image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . push: false diff --git a/.github/workflows/unit-testing.yml b/.github/workflows/unit-testing.yml index c8d8151..c1905ba 100644 --- a/.github/workflows/unit-testing.yml +++ b/.github/workflows/unit-testing.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Check out repository code - uses: actions/checkout@master + uses: actions/checkout@v4 - name: Test the code run: go test -race ./...