diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index fdc71b1a4a..9a9b6fe41e 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -29,7 +29,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Initialize CodeQL uses: github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a diff --git a/.github/workflows/dep-review.yaml b/.github/workflows/dep-review.yaml index d778699bb2..563263a491 100644 --- a/.github/workflows/dep-review.yaml +++ b/.github/workflows/dep-review.yaml @@ -14,7 +14,7 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: 'Dependency Review' uses: actions/dependency-review-action@f6fff72a3217f580d5afd49a46826795305b63c7 diff --git a/.github/workflows/deploy_docs.yaml b/.github/workflows/deploy_docs.yaml index 8b6d6d4277..95eb3bf6dc 100644 --- a/.github/workflows/deploy_docs.yaml +++ b/.github/workflows/deploy_docs.yaml @@ -27,7 +27,7 @@ jobs: run: working-directory: docs steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Harden Runner uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 diff --git a/.github/workflows/e2e-build.yaml b/.github/workflows/e2e-build.yaml index 050c848e93..cf725ca6f5 100644 --- a/.github/workflows/e2e-build.yaml +++ b/.github/workflows/e2e-build.yaml @@ -35,7 +35,7 @@ jobs: ~/.cache/go-build - uses: crazy-max/ghaction-github-runtime@056b8ec6661ce03a987ab8643a0edc346ae63fe3 # v2.2.0 - name: Check out code into the Go module directory - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - run: 'echo ${{ inputs.bucket-id }}' - name: Set env run: | @@ -76,7 +76,7 @@ jobs: ~/.cache/go-build - uses: crazy-max/ghaction-github-runtime@056b8ec6661ce03a987ab8643a0edc346ae63fe3 # v2.2.0 - name: Check out code into the Go module directory - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set env run: | echo TRIVY_SCANNER_REPO=scanner >> $GITHUB_ENV @@ -116,7 +116,7 @@ jobs: ~/.cache/go-build - uses: crazy-max/ghaction-github-runtime@056b8ec6661ce03a987ab8643a0edc346ae63fe3 # v2.2.0 - name: Check out code into the Go module directory - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set env run: | echo MANAGER_REPO=manager >> $GITHUB_ENV @@ -156,7 +156,7 @@ jobs: ~/.cache/go-build - uses: crazy-max/ghaction-github-runtime@056b8ec6661ce03a987ab8643a0edc346ae63fe3 # v2.2.0 - name: Check out code into the Go module directory - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set env run: | echo COLLECTOR_REPO=collector >> $GITHUB_ENV diff --git a/.github/workflows/e2e-test.yaml b/.github/workflows/e2e-test.yaml index b048de2ad6..1c0144a50f 100644 --- a/.github/workflows/e2e-test.yaml +++ b/.github/workflows/e2e-test.yaml @@ -24,7 +24,7 @@ jobs: egress-policy: audit - name: Check out code into the Go module directory - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - id: set-test-matrix run: | readarray -d '' test_dirs < <(find ./test/e2e/tests -mindepth 1 -type d -print0) @@ -51,7 +51,7 @@ jobs: with: egress-policy: audit - name: Check out code into the Go module directory - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Fetch Build Artifacts uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: diff --git a/.github/workflows/release-pr.yaml b/.github/workflows/release-pr.yaml index be53662a88..1d00f71556 100644 --- a/.github/workflows/release-pr.yaml +++ b/.github/workflows/release-pr.yaml @@ -59,7 +59,7 @@ jobs: echo "TARGET_BRANCH=main" >> ${GITHUB_ENV} fi - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: fetch-depth: 0 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 8d6ab6e3fc..a385e39d06 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -25,7 +25,7 @@ jobs: egress-policy: audit - name: Check out code into the Go module directory - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Setup buildx instance uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 diff --git a/.github/workflows/scan-images.yaml b/.github/workflows/scan-images.yaml index c8f09e8eb3..ea337f8412 100644 --- a/.github/workflows/scan-images.yaml +++ b/.github/workflows/scan-images.yaml @@ -43,7 +43,7 @@ jobs: - name: Check out code if: github.event_name == 'schedule' || github.event.inputs.version == '' - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Build image if: github.event_name == 'schedule' || github.event.inputs.version == '' diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index ddf51c4ff7..2aa56a348f 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -30,7 +30,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.1.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v3.1.0 with: persist-credentials: false diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index e19ed01d2b..80d3b0f505 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -48,7 +48,7 @@ jobs: uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 with: egress-policy: audit - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Go 1.20 uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: @@ -102,7 +102,7 @@ jobs: ~/go/pkg/mod ~/.cache/go-build - name: Check out code into the Go module directory - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Unit test run: make test - name: Codecov upload @@ -122,7 +122,7 @@ jobs: with: egress-policy: audit - name: Check out code into the Go module directory - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Go 1.20 uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: @@ -147,7 +147,7 @@ jobs: egress-policy: audit - name: Check out code into the Go module directory - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Get repo run: |