From de51fef75980277d96d3f5e04f03c315a76094b0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 25 Jun 2026 08:53:43 +0000 Subject: [PATCH] chore(deps): bump the all-gomod group across 1 directory with 9 updates Bumps the all-gomod group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6` | `7` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5` | `7` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `6` | `7` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3` | `4` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6` | `7` | | [securego/gosec](https://github.com/securego/gosec) | `2.24.0` | `2.27.1` | | [docker/login-action](https://github.com/docker/login-action) | `3.7.0` | `4.2.0` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.10.0` | `6.1.0` | | [azure/setup-helm](https://github.com/azure/setup-helm) | `4` | `5` | Updates `actions/checkout` from 6 to 7 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v6...v7) Updates `codecov/codecov-action` from 5 to 7 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v5...v7) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) Updates `docker/setup-buildx-action` from 3 to 4 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4) Updates `docker/build-push-action` from 6 to 7 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v6...v7) Updates `securego/gosec` from 2.24.0 to 2.27.1 - [Release notes](https://github.com/securego/gosec/releases) - [Commits](https://github.com/securego/gosec/compare/v2.24.0...v2.27.1) Updates `docker/login-action` from 3.7.0 to 4.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/c94ce9fb468520275223c153574b00df6fe4bcc9...650006c6eb7dba73a995cc03b0b2d7f5ca915bee) Updates `docker/metadata-action` from 5.10.0 to 6.1.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/c299e40c65443455700f0fdfc63efafe5b349051...80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9) Updates `azure/setup-helm` from 4 to 5 - [Release notes](https://github.com/azure/setup-helm/releases) - [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md) - [Commits](https://github.com/azure/setup-helm/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-gomod - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-gomod - dependency-name: azure/setup-helm dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-gomod - dependency-name: codecov/codecov-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-gomod - dependency-name: docker/build-push-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-gomod - dependency-name: docker/login-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-gomod - dependency-name: docker/metadata-action dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-gomod - dependency-name: docker/setup-buildx-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-gomod - dependency-name: securego/gosec dependency-version: 2.27.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-gomod ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 20 ++++++++++---------- .github/workflows/go-ossf-slsa3-publish.yml | 12 ++++++------ .github/workflows/lint.yml | 2 +- .github/workflows/publish-helm-chart.yml | 4 ++-- 4 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 551bb86..18f1586 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -43,7 +43,7 @@ jobs: needs: [format-and-vet] steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -66,7 +66,7 @@ jobs: needs: [format-and-vet] steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -84,14 +84,14 @@ jobs: run: go test -race -coverprofile=coverage.txt -covermode=atomic ./... - name: Upload coverage to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@v7 with: file: ./coverage.txt fail_ci_if_error: false continue-on-error: true - name: Archive code coverage results - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: code-coverage-report path: coverage.txt @@ -103,7 +103,7 @@ jobs: needs: [lint, test] steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -123,10 +123,10 @@ jobs: GOOS=windows GOARCH=amd64 go build -trimpath -tags withoutebpf -o aks-mcp.exe ./cmd/aks-mcp - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Build Linux Docker image - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: push: false platforms: linux/amd64 @@ -144,11 +144,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@v7 with: fetch-depth: 0 - name: Run Gosec Security Scanner - uses: securego/gosec@v2.24.0 + uses: securego/gosec@v2.27.1 with: args: -severity=medium -exclude-dir=test/e2e ./... diff --git a/.github/workflows/go-ossf-slsa3-publish.yml b/.github/workflows/go-ossf-slsa3-publish.yml index b6e56d1..68eb140 100644 --- a/.github/workflows/go-ossf-slsa3-publish.yml +++ b/.github/workflows/go-ossf-slsa3-publish.yml @@ -34,7 +34,7 @@ jobs: tree-state: ${{ steps.ldflags.outputs.tree-state }} steps: - id: checkout - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # tag=v2.3.4 + uses: actions/checkout@b9e0990d219a03df7633c93f6f005a8fecbcab22 # tag=v2.3.4 with: fetch-depth: 0 - id: ldflags @@ -79,13 +79,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v2.3.4 + uses: actions/checkout@b9e0990d219a03df7633c93f6f005a8fecbcab22 # v2.3.4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 - name: Authenticate Docker - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 + uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 with: registry: ${{ env.IMAGE_REGISTRY }} username: ${{ github.actor }} @@ -93,12 +93,12 @@ jobs: - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0 with: images: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }} - name: Build and push Linux Docker images - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0 id: build-linux with: push: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index ab05df9..be8e1a1 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -20,7 +20,7 @@ jobs: name: lint runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@v7 - uses: actions/setup-go@v6 with: go-version: ${{ matrix.go }} diff --git a/.github/workflows/publish-helm-chart.yml b/.github/workflows/publish-helm-chart.yml index 40e6ea8..f02197b 100644 --- a/.github/workflows/publish-helm-chart.yml +++ b/.github/workflows/publish-helm-chart.yml @@ -17,10 +17,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v7 - name: Set up Helm - uses: azure/setup-helm@v4 + uses: azure/setup-helm@v5 - name: Extract chart metadata id: chart