From 27deba403c9ab3cc14feb5d9c05c957cd453e3ba Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Sun, 12 Jan 2025 00:24:20 +0000 Subject: [PATCH] Update GitHub Action Versions --- .github/workflows/ci-docker-tools.yml | 10 +++++----- .github/workflows/ci-lint.yml | 4 ++-- .github/workflows/create-update-comment.yaml | 4 ++-- .github/workflows/godoc.yml | 10 +++++----- .github/workflows/golangci.yaml | 14 +++++++------- .github/workflows/gotest.yaml | 16 ++++++++-------- .github/workflows/govulncheck.yaml | 4 ++-- .github/workflows/nancy.yaml | 6 +++--- .github/workflows/owasp.yaml | 2 +- .github/workflows/pr-agent.yaml | 2 +- .github/workflows/release-bot.yaml | 6 +++--- .github/workflows/sbom-dev.yaml | 14 +++++++------- .github/workflows/sbom.yaml | 14 +++++++------- .github/workflows/semgrep.yaml | 4 ++-- .github/workflows/sonarcloud.yaml | 8 ++++---- .github/workflows/update-gh-actions.yml | 2 +- 16 files changed, 60 insertions(+), 60 deletions(-) diff --git a/.github/workflows/ci-docker-tools.yml b/.github/workflows/ci-docker-tools.yml index e6f167b..807ce1c 100644 --- a/.github/workflows/ci-docker-tools.yml +++ b/.github/workflows/ci-docker-tools.yml @@ -45,15 +45,15 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: docker/setup-buildx-action@v2 - - uses: docker/login-action@v2 + - uses: actions/checkout@v4.2.2 + - uses: docker/setup-buildx-action@v3.8.0 + - uses: docker/login-action@v3.3.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: 'Build tykio/ci-tools:${{ matrix.tag }}' - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v6.11.0 with: push: ${{ github.ref_name == 'main' || github.event_name == 'workflow_dispatch' }} pull: true @@ -65,7 +65,7 @@ jobs: - run: docker image ls - name: 'Extract tykio/ci-tools:${{ matrix.tag }}' - uses: shrink/actions-docker-extract@v3 + uses: shrink/actions-docker-extract@v3.0.1 with: image: tykio/ci-tools:${{ matrix.tag }} path: /usr/local/bin/. diff --git a/.github/workflows/ci-lint.yml b/.github/workflows/ci-lint.yml index a698bd3..ceb3213 100644 --- a/.github/workflows/ci-lint.yml +++ b/.github/workflows/ci-lint.yml @@ -28,8 +28,8 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: arduino/setup-task@v1 + - uses: actions/checkout@v4.2.2 + - uses: arduino/setup-task@v2.0.0 with: version: 3 diff --git a/.github/workflows/create-update-comment.yaml b/.github/workflows/create-update-comment.yaml index 19b84fc..9fb7d98 100644 --- a/.github/workflows/create-update-comment.yaml +++ b/.github/workflows/create-update-comment.yaml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Find Comment - uses: peter-evans/find-comment@v2 + uses: peter-evans/find-comment@v3.1.0 id: fc with: issue-number: ${{ github.event.pull_request.number }} @@ -29,7 +29,7 @@ jobs: body-includes: ${{ inputs.body-includes }} - name: Create or update comment - uses: peter-evans/create-or-update-comment@v3 + uses: peter-evans/create-or-update-comment@v4.0.0 with: comment-id: ${{ steps.fc.outputs.comment-id }} issue-number: ${{ github.event.pull_request.number }} diff --git a/.github/workflows/godoc.yml b/.github/workflows/godoc.yml index 7b29900..0a0ff29 100644 --- a/.github/workflows/godoc.yml +++ b/.github/workflows/godoc.yml @@ -31,7 +31,7 @@ jobs: token: ${{ secrets.ORG_GH_TOKEN }} - name: Checkout exp - uses: actions/checkout@v3 + uses: actions/checkout@v4.2.2 with: fetch-depth: 1 repository: TykTechnologies/exp @@ -39,12 +39,12 @@ jobs: path: exp - name: Setup Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5.2.0 with: go-version: ${{ inputs.go-version }} - name: Install Task - uses: arduino/setup-task@v1 + uses: arduino/setup-task@v2.0.0 with: version: 3 @@ -77,7 +77,7 @@ jobs: echo "EOF" >> $GITHUB_OUTPUT - name: Find Comment - uses: peter-evans/find-comment@v2 + uses: peter-evans/find-comment@v3.1.0 id: fc with: issue-number: ${{ github.event.pull_request.number }} @@ -85,7 +85,7 @@ jobs: body-includes: API Changes - name: Create or update comment - uses: peter-evans/create-or-update-comment@v3 + uses: peter-evans/create-or-update-comment@v4.0.0 with: comment-id: ${{ steps.fc.outputs.comment-id }} issue-number: ${{ github.event.pull_request.number }} diff --git a/.github/workflows/golangci.yaml b/.github/workflows/golangci.yaml index f76baa0..a4219c3 100644 --- a/.github/workflows/golangci.yaml +++ b/.github/workflows/golangci.yaml @@ -15,13 +15,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Git - checkout master - uses: actions/checkout@v3 + uses: actions/checkout@v4.2.2 with: ref: ${{ inputs.main_branch }} fetch-depth: 1 - name: Git - checkout current ref - uses: actions/checkout@v3 - - uses: actions/cache@v3 + uses: actions/checkout@v4.2.2 + - uses: actions/cache@v4.2.0 with: # In order: # * Module download cache @@ -43,7 +43,7 @@ jobs: curl 'https://raw.githubusercontent.com/TykTechnologies/github-actions/main/.github/workflows/.golangci.tmpl.yaml' -o .golangci.yaml - name: Render template id: render_template - uses: chuhlomin/render-template@v1.7 + uses: chuhlomin/render-template@v1.10 with: template: .golangci.yaml result_path: .golangci.yaml @@ -68,7 +68,7 @@ jobs: git checkout $ref fi cp /tmp/.golangci.yaml .golangci.yaml - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v5.2.0 with: go-version: ${{ inputs.go }} - name: Fetch modules @@ -86,13 +86,13 @@ jobs: run: | $(go env GOPATH)/bin/golangci-lint run --verbose --out-format 'checkstyle:golangci_lint.xml' --timeout=300s --new=false --new-from-rev= ./... - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4.6.0 if: ${{ always() }} with: name: golangci-report path: "*xml" - - uses: reviewdog/action-setup@v1 + - uses: reviewdog/action-setup@v1.3.0 if: ${{ always() }} with: reviewdog_version: latest # Optional. [latest,nightly,v.X.Y.Z] diff --git a/.github/workflows/gotest.yaml b/.github/workflows/gotest.yaml index 1285e2a..9470e33 100644 --- a/.github/workflows/gotest.yaml +++ b/.github/workflows/gotest.yaml @@ -19,25 +19,25 @@ jobs: name: Go Test runs-on: ubuntu-latest steps: - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v5.2.0 with: go-version: ${{ inputs.go }} - - uses: actions/checkout@v3 + - uses: actions/checkout@v4.2.2 - name: Start Redis if: ${{ inputs.redis != '' }} - uses: supercharge/redis-github-action@1.2.0 + uses: supercharge/redis-github-action@1.8.0 with: redis-version: '${{ inputs.redis }}' - name: Start MongoDB if: ${{ inputs.mongo != '' }} - uses: supercharge/mongodb-github-action@1.2.0 + uses: supercharge/mongodb-github-action@1.12.0 with: mongodb-version: '${{ inputs.mongo }}' - name: Cache - uses: actions/cache@v2 + uses: actions/cache@v4.2.0 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} @@ -67,18 +67,18 @@ jobs: gotestsum --junitfile ${coveragefile}.xml --raw-command go test ${OPTS} --json -timeout 15m -coverprofile=${coveragefile}.cov ${pkg} ${tags} done - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4.6.0 with: name: coverage path: "*cov" - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4.6.0 if: ${{ always() }} with: name: junit path: "*xml" - name: Github report view if: ${{ always() }} - uses: phoenix-actions/test-reporting@v8 + uses: phoenix-actions/test-reporting@v15 with: name: Unit Test Results path: "*.xml" diff --git a/.github/workflows/govulncheck.yaml b/.github/workflows/govulncheck.yaml index 34a9155..e9645c3 100644 --- a/.github/workflows/govulncheck.yaml +++ b/.github/workflows/govulncheck.yaml @@ -9,8 +9,8 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + - uses: actions/checkout@v4.2.2 + - uses: actions/setup-go@v5.2.0 - name: Govulncheck scan run: | diff --git a/.github/workflows/nancy.yaml b/.github/workflows/nancy.yaml index ced96ee..18a33a9 100644 --- a/.github/workflows/nancy.yaml +++ b/.github/workflows/nancy.yaml @@ -17,10 +17,10 @@ jobs: steps: - name: Check out code into the Go module directory - uses: actions/checkout@v3 + uses: actions/checkout@v4.2.2 - name: Set up Go 1.x in order to write go.list file - uses: actions/setup-go@v3 + uses: actions/setup-go@v5.2.0 with: go-version: 1.17 @@ -36,6 +36,6 @@ jobs: working-directory: ./${{ inputs.dir }} - name: Nancy scan - uses: sonatype-nexus-community/nancy-github-action@main + uses: sonatype-nexus-community/nancy-github-action@v1.0.2 with: goListFile: ${{ inputs.dir }}/go.list diff --git a/.github/workflows/owasp.yaml b/.github/workflows/owasp.yaml index 048fd55..b5de479 100644 --- a/.github/workflows/owasp.yaml +++ b/.github/workflows/owasp.yaml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: OWASP Zap - uses: zaproxy/action-full-scan@v0.4.0 + uses: zaproxy/action-full-scan@v0.12.0 with: target: ${{ inputs.target }} cmd_options: '-a' diff --git a/.github/workflows/pr-agent.yaml b/.github/workflows/pr-agent.yaml index 4098df4..f35fa77 100644 --- a/.github/workflows/pr-agent.yaml +++ b/.github/workflows/pr-agent.yaml @@ -19,7 +19,7 @@ jobs: steps: - name: PR Agent action step id: pragent - uses: Codium-ai/pr-agent@main + uses: Codium-ai/pr-agent@v0.26 env: OPENAI_KEY: ${{ secrets.OPENAI_KEY }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release-bot.yaml b/.github/workflows/release-bot.yaml index 9c6a0dc..c5d82c6 100644 --- a/.github/workflows/release-bot.yaml +++ b/.github/workflows/release-bot.yaml @@ -11,7 +11,7 @@ jobs: steps: - name: Check for release command id: check_command - uses: actions/github-script@v6 + uses: actions/github-script@v7.0.1 with: github-token: ${{secrets.GITHUB_TOKEN}} script: | @@ -29,7 +29,7 @@ jobs: - name: Checkout repository if: steps.check_command.outputs.release_valid == 'true' - uses: actions/checkout@v3 + uses: actions/checkout@v4.2.2 with: fetch-depth: 0 @@ -135,7 +135,7 @@ jobs: - name: Comment on PR if: steps.check_command.outputs.release_valid == 'true' && always() - uses: actions/github-script@v6 + uses: actions/github-script@v7.0.1 with: github-token: ${{secrets.GITHUB_TOKEN}} script: | diff --git a/.github/workflows/sbom-dev.yaml b/.github/workflows/sbom-dev.yaml index 056e093..6875934 100644 --- a/.github/workflows/sbom-dev.yaml +++ b/.github/workflows/sbom-dev.yaml @@ -28,7 +28,7 @@ jobs: steps: # Make sure we have some code to diff. - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4.2.2 with: fetch-depth: 50 @@ -64,14 +64,14 @@ jobs: if: contains(github.ref, 'release-') || contains(github.ref, 'master') || contains(github.base_ref, 'release-') || contains(github.base_ref, 'master') || needs.changedfiles.outputs.go || needs.changedfiles.outputs.npm || needs.changedfiles.outputs.ci || needs.changedfiles.outputs.docker || needs.changedfiles.outputs.github steps: - name: Check out code into the Go module directory - uses: actions/checkout@v3 + uses: actions/checkout@v4.2.2 with: fetch-depth: 1 token: ${{ secrets.ORG_GH_TOKEN }} submodules: true - name: Configure AWS credentials for use - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4.0.2 env: DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }} if: env.DOCKER_IMAGE == null @@ -85,10 +85,10 @@ jobs: DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }} if: env.DOCKER_IMAGE == null id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 + uses: aws-actions/amazon-ecr-login@v2.0.1 - name: Generate Source code SBOM - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.29.0 with: scan-type: 'fs' format: 'cyclonedx' @@ -96,7 +96,7 @@ jobs: image-ref: '.' - name: Generate Docker SBOM - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.29.0 env: DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }} if: env.DOCKER_IMAGE == null @@ -106,7 +106,7 @@ jobs: image-ref: '${{ steps.login-ecr.outputs.registry }}/${{ github.event.repository.name}}:sha-${{ github.sha }}' - name: Generate Docker SBOM - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.29.0 env: DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }} if: env.DOCKER_IMAGE diff --git a/.github/workflows/sbom.yaml b/.github/workflows/sbom.yaml index d29fbbe..aa451db 100644 --- a/.github/workflows/sbom.yaml +++ b/.github/workflows/sbom.yaml @@ -28,7 +28,7 @@ jobs: steps: # Make sure we have some code to diff. - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4.2.2 with: fetch-depth: 50 @@ -64,14 +64,14 @@ jobs: if: contains(github.ref, 'release-') || contains(github.ref, 'master') || contains(github.base_ref, 'release-') || contains(github.base_ref, 'master') || needs.changedfiles.outputs.go || needs.changedfiles.outputs.npm || needs.changedfiles.outputs.ci || needs.changedfiles.outputs.docker || needs.changedfiles.outputs.github steps: - name: Check out code into the Go module directory - uses: actions/checkout@v3 + uses: actions/checkout@v4.2.2 with: fetch-depth: 1 token: ${{ secrets.ORG_GH_TOKEN }} submodules: true - name: Configure AWS credentials for use - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4.0.2 env: DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }} if: env.DOCKER_IMAGE == null @@ -85,10 +85,10 @@ jobs: DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }} if: env.DOCKER_IMAGE == null id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 + uses: aws-actions/amazon-ecr-login@v2.0.1 - name: Generate Source code SBOM - uses: aquasecurity/trivy-action@0.16.1 + uses: aquasecurity/trivy-action@0.29.0 with: scan-type: 'fs' format: 'cyclonedx' @@ -96,7 +96,7 @@ jobs: image-ref: '.' - name: Generate Docker SBOM - uses: aquasecurity/trivy-action@0.16.1 + uses: aquasecurity/trivy-action@0.29.0 env: DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }} if: env.DOCKER_IMAGE == null @@ -106,7 +106,7 @@ jobs: image-ref: '${{ steps.login-ecr.outputs.registry }}/${{ github.event.repository.name}}:sha-${{ github.sha }}' - name: Generate Docker SBOM - uses: aquasecurity/trivy-action@0.16.1 + uses: aquasecurity/trivy-action@0.29.0 env: DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }} if: env.DOCKER_IMAGE diff --git a/.github/workflows/semgrep.yaml b/.github/workflows/semgrep.yaml index 7b25c39..bf71964 100644 --- a/.github/workflows/semgrep.yaml +++ b/.github/workflows/semgrep.yaml @@ -20,7 +20,7 @@ jobs: steps: - name: Check out code into the Go module directory - uses: actions/checkout@v3 + uses: actions/checkout@v4.2.2 - name: Semgrep scan id: scan @@ -29,7 +29,7 @@ jobs: - name: Archive Semgrep report if: ${{ always() }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4.6.0 with: name: semgrep-report.txt path: semgrep-report.txt diff --git a/.github/workflows/sonarcloud.yaml b/.github/workflows/sonarcloud.yaml index 04dd34b..9735715 100644 --- a/.github/workflows/sonarcloud.yaml +++ b/.github/workflows/sonarcloud.yaml @@ -17,17 +17,17 @@ jobs: name: Sonarcloud runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4.2.2 with: fetch-depth: 0 - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@v4.1.8 with: name: coverage - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@v4.1.8 with: name: golangci-report - name: SonarCloud Scan - uses: sonarsource/sonarcloud-github-action@master + uses: sonarsource/sonarcloud-github-action@v4.0.0 with: args: > -Dsonar.organization=tyktechnologies diff --git a/.github/workflows/update-gh-actions.yml b/.github/workflows/update-gh-actions.yml index 5073184..0acc702 100644 --- a/.github/workflows/update-gh-actions.yml +++ b/.github/workflows/update-gh-actions.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.2.2 with: # [Required] Access token with `workflow` scope. token: ${{ secrets.ORG_GH_TOKEN }}