diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 551bb86..18f1586 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -43,7 +43,7 @@ jobs: needs: [format-and-vet] steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -66,7 +66,7 @@ jobs: needs: [format-and-vet] steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -84,14 +84,14 @@ jobs: run: go test -race -coverprofile=coverage.txt -covermode=atomic ./... - name: Upload coverage to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@v7 with: file: ./coverage.txt fail_ci_if_error: false continue-on-error: true - name: Archive code coverage results - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: code-coverage-report path: coverage.txt @@ -103,7 +103,7 @@ jobs: needs: [lint, test] steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -123,10 +123,10 @@ jobs: GOOS=windows GOARCH=amd64 go build -trimpath -tags withoutebpf -o aks-mcp.exe ./cmd/aks-mcp - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Build Linux Docker image - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: push: false platforms: linux/amd64 @@ -144,11 +144,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@v7 with: fetch-depth: 0 - name: Run Gosec Security Scanner - uses: securego/gosec@v2.24.0 + uses: securego/gosec@v2.27.1 with: args: -severity=medium -exclude-dir=test/e2e ./... diff --git a/.github/workflows/go-ossf-slsa3-publish.yml b/.github/workflows/go-ossf-slsa3-publish.yml index b6e56d1..68eb140 100644 --- a/.github/workflows/go-ossf-slsa3-publish.yml +++ b/.github/workflows/go-ossf-slsa3-publish.yml @@ -34,7 +34,7 @@ jobs: tree-state: ${{ steps.ldflags.outputs.tree-state }} steps: - id: checkout - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # tag=v2.3.4 + uses: actions/checkout@b9e0990d219a03df7633c93f6f005a8fecbcab22 # tag=v2.3.4 with: fetch-depth: 0 - id: ldflags @@ -79,13 +79,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v2.3.4 + uses: actions/checkout@b9e0990d219a03df7633c93f6f005a8fecbcab22 # v2.3.4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 - name: Authenticate Docker - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 + uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 with: registry: ${{ env.IMAGE_REGISTRY }} username: ${{ github.actor }} @@ -93,12 +93,12 @@ jobs: - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0 with: images: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }} - name: Build and push Linux Docker images - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0 id: build-linux with: push: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index ab05df9..be8e1a1 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -20,7 +20,7 @@ jobs: name: lint runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@v7 - uses: actions/setup-go@v6 with: go-version: ${{ matrix.go }} diff --git a/.github/workflows/publish-helm-chart.yml b/.github/workflows/publish-helm-chart.yml index 40e6ea8..f02197b 100644 --- a/.github/workflows/publish-helm-chart.yml +++ b/.github/workflows/publish-helm-chart.yml @@ -17,10 +17,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v7 - name: Set up Helm - uses: azure/setup-helm@v4 + uses: azure/setup-helm@v5 - name: Extract chart metadata id: chart