diff --git a/.github/workflows/build-oss.yml b/.github/workflows/build-oss.yml index 7ae3740fd3..f96b29d60e 100644 --- a/.github/workflows/build-oss.yml +++ b/.github/workflows/build-oss.yml @@ -184,7 +184,7 @@ jobs: sarif_file: "trivy-results-${{ inputs.image }}.sarif" - name: Upload Scan Results - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 continue-on-error: true with: name: "trivy-results-${{ inputs.image }}.sarif" diff --git a/.github/workflows/build-plus.yml b/.github/workflows/build-plus.yml index 1761de0983..16ef0456b6 100644 --- a/.github/workflows/build-plus.yml +++ b/.github/workflows/build-plus.yml @@ -59,7 +59,7 @@ jobs: - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@f6de81663f7788d05bd15bcce18f0e57f23f0846 # v2.0.1 + uses: google-github-actions/auth@5a50e581162a13f4baa8916d01180d2acbc04363 # v2.1.0 with: token_format: access_token workload_identity_provider: ${{ secrets.GCR_WORKLOAD_IDENTITY }} @@ -76,7 +76,7 @@ jobs: - name: Authenticate to Google Cloud Marketplace id: auth-mktpl - uses: google-github-actions/auth@f6de81663f7788d05bd15bcce18f0e57f23f0846 # v2.0.1 + uses: google-github-actions/auth@5a50e581162a13f4baa8916d01180d2acbc04363 # v2.1.0 with: token_format: access_token workload_identity_provider: ${{ secrets.GCR_WORKLOAD_IDENTITY_MKTPL }} @@ -249,7 +249,7 @@ jobs: sarif_file: "trivy-results-${{ inputs.image }}.sarif" - name: Upload Scan Results - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 continue-on-error: true with: name: "trivy-results-${{ inputs.image }}.sarif" diff --git a/.github/workflows/build-test-image.yml b/.github/workflows/build-test-image.yml index 91ebc3e2f1..1bf04713f1 100644 --- a/.github/workflows/build-test-image.yml +++ b/.github/workflows/build-test-image.yml @@ -33,7 +33,7 @@ jobs: - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@f6de81663f7788d05bd15bcce18f0e57f23f0846 # v2.0.1 + uses: google-github-actions/auth@5a50e581162a13f4baa8916d01180d2acbc04363 # v2.1.0 with: token_format: access_token workload_identity_provider: ${{ secrets.GCR_WORKLOAD_IDENTITY }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3f7dfdc4bb..f15a979024 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -358,7 +358,7 @@ jobs: test-image: "gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/test-runner:${{ hashFiles('./tests/requirements.txt') || 'latest' }}" - name: Upload Test Results - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: ${{ steps.smoke-tests.outputs.test-results-name }} path: ${{ github.workspace }}/tests/${{ steps.smoke-tests.outputs.test-results-name }}.html diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 31e0f7170f..139916bd82 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -49,7 +49,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: SARIF file path: results.sarif