From 9fa3fa9be7cf2435c2de83442642913d165a7be8 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 18 Jul 2026 13:00:32 +0000 Subject: [PATCH] [skip-release] Update github-actions --- .github/workflows/actionlint.yaml | 2 +- .github/workflows/build-push.yaml | 36 +++++++++---------- .github/workflows/bump-release.yaml | 2 +- .../workflows/sitectl-create-smoke-test.yaml | 10 +++--- .../workflows/sitectl-plugin-goreleaser.yaml | 12 +++---- 5 files changed, 31 insertions(+), 31 deletions(-) diff --git a/.github/workflows/actionlint.yaml b/.github/workflows/actionlint.yaml index 84f3148..d76349a 100644 --- a/.github/workflows/actionlint.yaml +++ b/.github/workflows/actionlint.yaml @@ -37,7 +37,7 @@ jobs: persist-credentials: false - name: Set up Go - uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 + uses: actions/setup-go@b7ad1dad31e06c5925ef5d2fc7ad053ef454303e # v7 with: go-version: "1.26.x" diff --git a/.github/workflows/build-push.yaml b/.github/workflows/build-push.yaml index 04b1aed..1d4e6eb 100644 --- a/.github/workflows/build-push.yaml +++ b/.github/workflows/build-push.yaml @@ -220,7 +220,7 @@ jobs: fi } >> "$GITHUB_OUTPUT" - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: ref: ${{ inputs.ref }} persist-credentials: false @@ -263,7 +263,7 @@ jobs: echo "file=$dockerfile" } >> "$GITHUB_OUTPUT" - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: repository: libops/.github ref: f872de10579c17155eb0a0c581d9ac7088b2f836 @@ -315,7 +315,7 @@ jobs: - name: GHCR Login if: steps.registry.outputs.primary-kind == 'ghcr' - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4 with: registry: ghcr.io username: ${{ github.actor }} @@ -335,7 +335,7 @@ jobs: - name: Primary GAR Login if: steps.registry.outputs.primary-kind == 'gar' - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4 with: registry: ${{ steps.registry.outputs.primary-host }} username: oauth2accesstoken @@ -343,17 +343,17 @@ jobs: - name: Docker Hub Login if: steps.registry.outputs.primary-kind == 'dockerhub' - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3 + - uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4 - name: build+push id: push-direct if: ${{ !inputs.scan && inputs.additional-gar-registry == '' && inputs.expected-main-sha == '' && steps.registry.outputs.has-aliases != 'true' }} - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 + uses: docker/build-push-action@53b7df96c91f9c12dcc8a07bcb9ccacbed38856a # v7 with: context: ${{ steps.paths.outputs.context }} file: ${{ steps.paths.outputs.file }} @@ -369,7 +369,7 @@ jobs: - name: Build native image for verified publication if: ${{ inputs.scan || inputs.additional-gar-registry != '' || inputs.expected-main-sha != '' || steps.registry.outputs.has-aliases == 'true' }} - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 + uses: docker/build-push-action@53b7df96c91f9c12dcc8a07bcb9ccacbed38856a # v7 with: context: ${{ steps.paths.outputs.context }} file: ${{ steps.paths.outputs.file }} @@ -421,7 +421,7 @@ jobs: - name: Additional GAR Login if: inputs.additional-gar-registry != '' - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4 with: registry: ${{ steps.registry.outputs.additional-host }} username: oauth2accesstoken @@ -513,7 +513,7 @@ jobs: done - name: Preserve platform digests - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: ${{ steps.metadata.outputs.artifact-name }}-${{ steps.vars.outputs.platform }} path: ${{ runner.temp }}/build-digests @@ -552,7 +552,7 @@ jobs: - name: GHCR Login if: steps.registry.outputs.primary-kind == 'ghcr' - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4 with: registry: ghcr.io username: ${{ github.actor }} @@ -571,7 +571,7 @@ jobs: - name: Primary GAR Login if: steps.registry.outputs.primary-kind == 'gar' - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4 with: registry: ${{ steps.registry.outputs.primary-host }} username: oauth2accesstoken @@ -579,7 +579,7 @@ jobs: - name: Docker Hub Login if: steps.registry.outputs.primary-kind == 'dockerhub' - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_PASSWORD }} @@ -596,13 +596,13 @@ jobs: - name: Additional GAR Login if: inputs.additional-gar-registry != '' - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4 with: registry: ${{ steps.registry.outputs.additional-host }} username: oauth2accesstoken password: ${{ steps.auth-primary.outputs.access_token || steps.auth-additional.outputs.access_token }} - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: repository: libops/.github ref: f872de10579c17155eb0a0c581d9ac7088b2f836 @@ -647,14 +647,14 @@ jobs: fi } >> "$GITHUB_OUTPUT" - - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3 + - uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4 - name: Install Cosign if: inputs.sign uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2 - name: Restore platform digests - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: pattern: ${{ steps.metadata.outputs.artifact-name }}-* path: ${{ runner.temp }}/build-digests @@ -936,7 +936,7 @@ jobs: # not turn an already verified publication into a failed release rerun. continue-on-error: true steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 if: needs.merge.result == 'success' with: repository: libops/.github diff --git a/.github/workflows/bump-release.yaml b/.github/workflows/bump-release.yaml index 821ec41..7d6a1e6 100644 --- a/.github/workflows/bump-release.yaml +++ b/.github/workflows/bump-release.yaml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: "actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8" # v6 + uses: "actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0" # v7 with: fetch-depth: 0 diff --git a/.github/workflows/sitectl-create-smoke-test.yaml b/.github/workflows/sitectl-create-smoke-test.yaml index 1d5fa25..4b9a720 100644 --- a/.github/workflows/sitectl-create-smoke-test.yaml +++ b/.github/workflows/sitectl-create-smoke-test.yaml @@ -136,7 +136,7 @@ jobs: GITHUB_ACTIONS: "true" steps: - name: Checkout caller repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: path: ${{ inputs.checkout-path }} @@ -160,7 +160,7 @@ jobs: - name: Checkout local plugin source if: ${{ inputs.local-plugin-repository != '' }} - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: repository: ${{ inputs.local-plugin-repository }} ref: ${{ inputs.local-plugin-ref }} @@ -332,7 +332,7 @@ jobs: - name: Checkout sitectl source if: ${{ inputs.sitectl-repository != '' }} - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: repository: ${{ inputs.sitectl-repository }} ref: ${{ inputs.sitectl-ref }} @@ -349,7 +349,7 @@ jobs: - name: Set up Go if: ${{ inputs.local-plugin-path != '' || inputs.sitectl-repository != '' }} - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + uses: actions/setup-go@b7ad1dad31e06c5925ef5d2fc7ad053ef454303e # v7 with: go-version: ${{ inputs.go-version }} cache-dependency-path: ${{ steps.smoke.outputs.go-cache-dependency-path }} @@ -579,7 +579,7 @@ jobs: - name: Upload docker diagnostics if: ${{ failure() && steps.smoke.outcome == 'success' }} - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: ${{ steps.smoke.outputs.diagnostics-artifact-name }} path: ${{ steps.smoke.outputs.diagnostics-dir }} diff --git a/.github/workflows/sitectl-plugin-goreleaser.yaml b/.github/workflows/sitectl-plugin-goreleaser.yaml index f3e5f6e..de75e26 100644 --- a/.github/workflows/sitectl-plugin-goreleaser.yaml +++ b/.github/workflows/sitectl-plugin-goreleaser.yaml @@ -155,7 +155,7 @@ jobs: } >> "$GITHUB_OUTPUT" - name: Checkout release source - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: fetch-depth: 0 ref: refs/tags/${{ steps.validate_full.outputs.version }} @@ -203,12 +203,12 @@ jobs: fi - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@b7ad1dad31e06c5925ef5d2fc7ad053ef454303e # v7 with: go-version: ${{ inputs.go-version }} - name: Publish release assets - uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6 + uses: goreleaser/goreleaser-action@f06c13b6b1a9625abc9e6e439d9c05a8f2190e94 # v7 with: distribution: goreleaser # This binary receives only the caller repository token. Homebrew is @@ -249,7 +249,7 @@ jobs: esac - name: Checkout exact shared reconciliation source - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: repository: ${{ job.workflow_repository }} ref: ${{ job.workflow_sha }} @@ -269,7 +269,7 @@ jobs: fi - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@b7ad1dad31e06c5925ef5d2fc7ad053ef454303e # v7 with: go-version: "1.26.5" cache: false @@ -375,7 +375,7 @@ jobs: fi - name: Checkout exact package publisher - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: repository: libops/terraform-linux-packages ref: b14fd2f95b4017e897c595b3321b9cc3f48b5ddd # main