From 0b9e3d24efd76bd4879a9d4bdbfaab5947539e49 Mon Sep 17 00:00:00 2001
From: Stefan Prodan <stefan.prodan@gmail.com>
Date: Fri, 27 May 2022 13:35:13 +0300
Subject: [PATCH] Update GitHub actions
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
---
.github/workflows/bootstrap.yaml | 6 +++---
.github/workflows/e2e-arm64.yaml | 4 ++--
.github/workflows/e2e-azure.yaml | 4 ++--
.github/workflows/e2e.yaml | 6 +++---
.github/workflows/release.yaml | 14 +++++++-------
.github/workflows/scan.yaml | 18 +++++++++++-------
.github/workflows/update.yaml | 4 ++--
7 files changed, 30 insertions(+), 26 deletions(-)
diff --git a/.github/workflows/bootstrap.yaml b/.github/workflows/bootstrap.yaml
index 79c05511..f1af6800 100644
--- a/.github/workflows/bootstrap.yaml
+++ b/.github/workflows/bootstrap.yaml
@@ -12,16 +12,16 @@ jobs:
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
steps:
- name: Checkout
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- name: Restore Go cache
- uses: actions/cache@v1
+ uses: actions/cache@v3
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go1.18-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go1.18-
- name: Setup Go
- uses: actions/setup-go@v2
+ uses: actions/setup-go@v3
with:
go-version: 1.18.x
- name: Setup Kubernetes
diff --git a/.github/workflows/e2e-arm64.yaml b/.github/workflows/e2e-arm64.yaml
index 38460402..62a886ac 100644
--- a/.github/workflows/e2e-arm64.yaml
+++ b/.github/workflows/e2e-arm64.yaml
@@ -12,9 +12,9 @@ jobs:
runs-on: [self-hosted, Linux, ARM64, equinix]
steps:
- name: Checkout
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- name: Setup Go
- uses: actions/setup-go@v2
+ uses: actions/setup-go@v3
with:
go-version: 1.18.x
- name: Prepare
diff --git a/.github/workflows/e2e-azure.yaml b/.github/workflows/e2e-azure.yaml
index 0d5c0081..6b02880b 100644
--- a/.github/workflows/e2e-azure.yaml
+++ b/.github/workflows/e2e-azure.yaml
@@ -12,9 +12,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- name: Restore Go cache
- uses: actions/cache@v1
+ uses: actions/cache@v3
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go1.18-${{ hashFiles('**/go.sum') }}
diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
index 1a058668..14c38578 100644
--- a/.github/workflows/e2e.yaml
+++ b/.github/workflows/e2e.yaml
@@ -11,16 +11,16 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- name: Restore Go cache
- uses: actions/cache@v1
+ uses: actions/cache@v3
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go1.18-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go1.18-
- name: Setup Go
- uses: actions/setup-go@v2
+ uses: actions/setup-go@v3
with:
go-version: 1.18.x
- name: Setup Kubernetes
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 65a7d260..0d95facd 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -14,18 +14,18 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- name: Unshallow
run: git fetch --prune --unshallow
- name: Setup Go
- uses: actions/setup-go@v2
+ uses: actions/setup-go@v3
with:
go-version: 1.18.x
- name: Setup QEMU
- uses: docker/setup-qemu-action@v1
+ uses: docker/setup-qemu-action@v2
- name: Setup Docker Buildx
id: buildx
- uses: docker/setup-buildx-action@v1
+ uses: docker/setup-buildx-action@v2
- name: Setup Syft
uses: anchore/sbom-action/download-syft@v0
- name: Setup Cosign
@@ -33,13 +33,13 @@ jobs:
- name: Setup Kustomize
uses: fluxcd/pkg//actions/kustomize@main
- name: Login to GitHub Container Registry
- uses: docker/login-action@v1
+ uses: docker/login-action@v2
with:
registry: ghcr.io
username: fluxcdbot
password: ${{ secrets.GHCR_TOKEN }}
- name: Login to Docker Hub
- uses: docker/login-action@v1
+ uses: docker/login-action@v2
with:
username: fluxcdbot
password: ${{ secrets.DOCKER_FLUXCD_PASSWORD }}
@@ -73,7 +73,7 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Run GoReleaser
- uses: goreleaser/goreleaser-action@v1
+ uses: goreleaser/goreleaser-action@v3
with:
version: latest
args: release --release-notes=output/notes.md --skip-validate
diff --git a/.github/workflows/scan.yaml b/.github/workflows/scan.yaml
index 9e1cc45b..682c4e1b 100644
--- a/.github/workflows/scan.yaml
+++ b/.github/workflows/scan.yaml
@@ -1,4 +1,4 @@
-name: Scan
+name: scan
on:
push:
@@ -8,12 +8,16 @@ on:
schedule:
- cron: '18 10 * * 3'
+permissions:
+ contents: read # for actions/checkout to fetch code
+ security-events: write # for codeQL to write security events
+
jobs:
fossa:
name: FOSSA
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
- name: Run FOSSA scan and upload build data
uses: fossa-contrib/fossa-action@v1
with:
@@ -26,7 +30,7 @@ jobs:
runs-on: ubuntu-latest
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
- name: Setup Kustomize
uses: fluxcd/pkg//actions/kustomize@main
- name: Build manifests
@@ -49,12 +53,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- name: Initialize CodeQL
- uses: github/codeql-action/init@v1
+ uses: github/codeql-action/init@v2
with:
languages: go
- name: Autobuild
- uses: github/codeql-action/autobuild@v1
+ uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v1
+ uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/update.yaml b/.github/workflows/update.yaml
index ab5732e6..b557ffc3 100644
--- a/.github/workflows/update.yaml
+++ b/.github/workflows/update.yaml
@@ -12,9 +12,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- name: Setup Go
- uses: actions/setup-go@v2
+ uses: actions/setup-go@v3
with:
go-version: 1.18.x
- name: Update component versions
--
GitLab