Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/actionlint.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ jobs:
persist-credentials: false

- name: Set up Go
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6
uses: actions/setup-go@b7ad1dad31e06c5925ef5d2fc7ad053ef454303e # v7
with:
go-version: "1.26.x"

Expand Down
36 changes: 18 additions & 18 deletions .github/workflows/build-push.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -220,7 +220,7 @@ jobs:
fi
} >> "$GITHUB_OUTPUT"

- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
ref: ${{ inputs.ref }}
persist-credentials: false
Expand Down Expand Up @@ -263,7 +263,7 @@ jobs:
echo "file=$dockerfile"
} >> "$GITHUB_OUTPUT"

- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
repository: libops/.github
ref: f872de10579c17155eb0a0c581d9ac7088b2f836
Expand Down Expand Up @@ -315,7 +315,7 @@ jobs:

- name: GHCR Login
if: steps.registry.outputs.primary-kind == 'ghcr'
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4
with:
registry: ghcr.io
username: ${{ github.actor }}
Expand All @@ -335,25 +335,25 @@ jobs:

- name: Primary GAR Login
if: steps.registry.outputs.primary-kind == 'gar'
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4
with:
registry: ${{ steps.registry.outputs.primary-host }}
username: oauth2accesstoken
password: ${{ steps.auth-primary.outputs.access_token }}

- name: Docker Hub Login
if: steps.registry.outputs.primary-kind == 'dockerhub'
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}

- uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
- uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4

- name: build+push
id: push-direct
if: ${{ !inputs.scan && inputs.additional-gar-registry == '' && inputs.expected-main-sha == '' && steps.registry.outputs.has-aliases != 'true' }}
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6
uses: docker/build-push-action@53b7df96c91f9c12dcc8a07bcb9ccacbed38856a # v7
with:
context: ${{ steps.paths.outputs.context }}
file: ${{ steps.paths.outputs.file }}
Expand All @@ -369,7 +369,7 @@ jobs:

- name: Build native image for verified publication
if: ${{ inputs.scan || inputs.additional-gar-registry != '' || inputs.expected-main-sha != '' || steps.registry.outputs.has-aliases == 'true' }}
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6
uses: docker/build-push-action@53b7df96c91f9c12dcc8a07bcb9ccacbed38856a # v7
with:
context: ${{ steps.paths.outputs.context }}
file: ${{ steps.paths.outputs.file }}
Expand Down Expand Up @@ -421,7 +421,7 @@ jobs:

- name: Additional GAR Login
if: inputs.additional-gar-registry != ''
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4
with:
registry: ${{ steps.registry.outputs.additional-host }}
username: oauth2accesstoken
Expand Down Expand Up @@ -513,7 +513,7 @@ jobs:
done

- name: Preserve platform digests
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: ${{ steps.metadata.outputs.artifact-name }}-${{ steps.vars.outputs.platform }}
path: ${{ runner.temp }}/build-digests
Expand Down Expand Up @@ -552,7 +552,7 @@ jobs:

- name: GHCR Login
if: steps.registry.outputs.primary-kind == 'ghcr'
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4
with:
registry: ghcr.io
username: ${{ github.actor }}
Expand All @@ -571,15 +571,15 @@ jobs:

- name: Primary GAR Login
if: steps.registry.outputs.primary-kind == 'gar'
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4
with:
registry: ${{ steps.registry.outputs.primary-host }}
username: oauth2accesstoken
password: ${{ steps.auth-primary.outputs.access_token }}

- name: Docker Hub Login
if: steps.registry.outputs.primary-kind == 'dockerhub'
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
Expand All @@ -596,13 +596,13 @@ jobs:

- name: Additional GAR Login
if: inputs.additional-gar-registry != ''
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4
with:
registry: ${{ steps.registry.outputs.additional-host }}
username: oauth2accesstoken
password: ${{ steps.auth-primary.outputs.access_token || steps.auth-additional.outputs.access_token }}

- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
repository: libops/.github
ref: f872de10579c17155eb0a0c581d9ac7088b2f836
Expand Down Expand Up @@ -647,14 +647,14 @@ jobs:
fi
} >> "$GITHUB_OUTPUT"

- uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
- uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4

- name: Install Cosign
if: inputs.sign
uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2

- name: Restore platform digests
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
pattern: ${{ steps.metadata.outputs.artifact-name }}-*
path: ${{ runner.temp }}/build-digests
Expand Down Expand Up @@ -936,7 +936,7 @@ jobs:
# not turn an already verified publication into a failed release rerun.
continue-on-error: true
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
if: needs.merge.result == 'success'
with:
repository: libops/.github
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/bump-release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: "actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8" # v6
uses: "actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0" # v7
with:
fetch-depth: 0

Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/sitectl-create-smoke-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ jobs:
GITHUB_ACTIONS: "true"
steps:
- name: Checkout caller repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
path: ${{ inputs.checkout-path }}

Expand All @@ -160,7 +160,7 @@ jobs:

- name: Checkout local plugin source
if: ${{ inputs.local-plugin-repository != '' }}
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
repository: ${{ inputs.local-plugin-repository }}
ref: ${{ inputs.local-plugin-ref }}
Expand Down Expand Up @@ -332,7 +332,7 @@ jobs:

- name: Checkout sitectl source
if: ${{ inputs.sitectl-repository != '' }}
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
repository: ${{ inputs.sitectl-repository }}
ref: ${{ inputs.sitectl-ref }}
Expand All @@ -349,7 +349,7 @@ jobs:

- name: Set up Go
if: ${{ inputs.local-plugin-path != '' || inputs.sitectl-repository != '' }}
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
uses: actions/setup-go@b7ad1dad31e06c5925ef5d2fc7ad053ef454303e # v7
with:
go-version: ${{ inputs.go-version }}
cache-dependency-path: ${{ steps.smoke.outputs.go-cache-dependency-path }}
Expand Down Expand Up @@ -579,7 +579,7 @@ jobs:

- name: Upload docker diagnostics
if: ${{ failure() && steps.smoke.outcome == 'success' }}
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: ${{ steps.smoke.outputs.diagnostics-artifact-name }}
path: ${{ steps.smoke.outputs.diagnostics-dir }}
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/sitectl-plugin-goreleaser.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,7 @@ jobs:
} >> "$GITHUB_OUTPUT"

- name: Checkout release source
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
fetch-depth: 0
ref: refs/tags/${{ steps.validate_full.outputs.version }}
Expand Down Expand Up @@ -203,12 +203,12 @@ jobs:
fi

- name: Set up Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6
uses: actions/setup-go@b7ad1dad31e06c5925ef5d2fc7ad053ef454303e # v7
with:
go-version: ${{ inputs.go-version }}

- name: Publish release assets
uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6
uses: goreleaser/goreleaser-action@f06c13b6b1a9625abc9e6e439d9c05a8f2190e94 # v7
with:
distribution: goreleaser
# This binary receives only the caller repository token. Homebrew is
Expand Down Expand Up @@ -249,7 +249,7 @@ jobs:
esac

- name: Checkout exact shared reconciliation source
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
repository: ${{ job.workflow_repository }}
ref: ${{ job.workflow_sha }}
Expand All @@ -269,7 +269,7 @@ jobs:
fi

- name: Set up Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6
uses: actions/setup-go@b7ad1dad31e06c5925ef5d2fc7ad053ef454303e # v7
with:
go-version: "1.26.5"
cache: false
Expand Down Expand Up @@ -375,7 +375,7 @@ jobs:
fi

- name: Checkout exact package publisher
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
repository: libops/terraform-linux-packages
ref: b14fd2f95b4017e897c595b3321b9cc3f48b5ddd # main
Expand Down