From 54e87a1eb90eeebe958cb8ac9784bcd97829b9d3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 2 Mar 2022 02:11:24 +0000 Subject: [PATCH 1/2] Bump actions/checkout from 2 to 3 Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...a12a3943b4bdde767164f792f33f40b04645d846) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/cut-release.yml | 2 +- .github/workflows/main.yml | 2 +- .github/workflows/scorecard_action.yml | 2 +- .github/workflows/validate-release.yml | 2 +- .github/workflows/verify-k8s.yml | 4 ++-- .github/workflows/verify.yml | 6 +++--- 7 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 986c19e71..3b405f8ae 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,7 +39,7 @@ jobs: language: [ 'go' ] steps: - name: Checkout repository - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/cut-release.yml b/.github/workflows/cut-release.yml index 33a49b832..273c46827 100644 --- a/.github/workflows/cut-release.yml +++ b/.github/workflows/cut-release.yml @@ -34,7 +34,7 @@ jobs: run: exit 1 - name: Checkout out repo - uses: actions/checkout@v2 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 with: path: ./src/github.com/sigstore/fulcio diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 623a0219a..e39e31917 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 diff --git a/.github/workflows/scorecard_action.yml b/.github/workflows/scorecard_action.yml index 1990ca63d..01877ad9c 100644 --- a/.github/workflows/scorecard_action.yml +++ b/.github/workflows/scorecard_action.yml @@ -23,7 +23,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 with: persist-credentials: false diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index d1a1d182c..a920ca465 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -43,7 +43,7 @@ jobs: COSIGN_IMAGE: gcr.io/projectsigstore/cosign:v1.5.1@sha256:6247b2e693b0e6a62dcfa75eb46b698c1f4cd1aca36aaefafd4bbb2f2b2af717 steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 diff --git a/.github/workflows/verify-k8s.yml b/.github/workflows/verify-k8s.yml index 334975e0d..0b8456661 100644 --- a/.github/workflows/verify-k8s.yml +++ b/.github/workflows/verify-k8s.yml @@ -25,7 +25,7 @@ jobs: name: k8s manifest check runs-on: ubuntu-latest steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 @@ -63,7 +63,7 @@ jobs: GIT_VERSION: test steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index d8e3a599b..66dc8a418 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -25,7 +25,7 @@ jobs: name: license boilerplate check runs-on: ubuntu-latest steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 @@ -43,7 +43,7 @@ jobs: name: golangci-lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: deps run: sudo apt-get update && sudo apt-get install -yq libpcsclite-dev - name: Extract version of Go to use @@ -62,7 +62,7 @@ jobs: name: oidc-config runs-on: ubuntu-latest steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 From c83cb70c0284ee8dd1bf4f33cb5dca96d368201f Mon Sep 17 00:00:00 2001 From: cpanato Date: Wed, 2 Mar 2022 10:14:49 +0100 Subject: [PATCH 2/2] update version comment Signed-off-by: cpanato --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/cut-release.yml | 2 +- .github/workflows/main.yml | 2 +- .github/workflows/scorecard_action.yml | 2 +- .github/workflows/validate-release.yml | 2 +- .github/workflows/verify-k8s.yml | 4 ++-- .github/workflows/verify.yml | 6 +++--- 7 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 3b405f8ae..b959a8a39 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,7 +39,7 @@ jobs: language: [ 'go' ] steps: - name: Checkout repository - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/cut-release.yml b/.github/workflows/cut-release.yml index 273c46827..c79f51113 100644 --- a/.github/workflows/cut-release.yml +++ b/.github/workflows/cut-release.yml @@ -34,7 +34,7 @@ jobs: run: exit 1 - name: Checkout out repo - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 with: path: ./src/github.com/sigstore/fulcio diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index e39e31917..143453e59 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 diff --git a/.github/workflows/scorecard_action.yml b/.github/workflows/scorecard_action.yml index 01877ad9c..8221ef73e 100644 --- a/.github/workflows/scorecard_action.yml +++ b/.github/workflows/scorecard_action.yml @@ -23,7 +23,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 with: persist-credentials: false diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index a920ca465..5a605af85 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -43,7 +43,7 @@ jobs: COSIGN_IMAGE: gcr.io/projectsigstore/cosign:v1.5.1@sha256:6247b2e693b0e6a62dcfa75eb46b698c1f4cd1aca36aaefafd4bbb2f2b2af717 steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 diff --git a/.github/workflows/verify-k8s.yml b/.github/workflows/verify-k8s.yml index 0b8456661..117e635c6 100644 --- a/.github/workflows/verify-k8s.yml +++ b/.github/workflows/verify-k8s.yml @@ -25,7 +25,7 @@ jobs: name: k8s manifest check runs-on: ubuntu-latest steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 @@ -63,7 +63,7 @@ jobs: GIT_VERSION: test steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index 66dc8a418..bc4281e2c 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -25,7 +25,7 @@ jobs: name: license boilerplate check runs-on: ubuntu-latest steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 @@ -43,7 +43,7 @@ jobs: name: golangci-lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: deps run: sudo apt-get update && sudo apt-get install -yq libpcsclite-dev - name: Extract version of Go to use @@ -62,7 +62,7 @@ jobs: name: oidc-config runs-on: ubuntu-latest steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0