From 10924be65cc4295341dae6657300424a6434bfc4 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 4 Feb 2026 16:36:46 +0000 Subject: [PATCH] chore(deps): update github actions --- .github/workflows/build.yaml | 30 +++++++++++++++--------------- .github/workflows/fossa.yaml | 2 +- .github/workflows/release.yaml | 24 ++++++++++++------------ .github/workflows/syft-sbom.yaml | 4 ++-- 4 files changed, 30 insertions(+), 30 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index d641f923..24a44a34 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -36,7 +36,7 @@ jobs: df -h - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: ref: ${{ github.event.pull_request.head.sha }} @@ -92,13 +92,13 @@ jobs: run: UNAME_M=arm64 VERSION=${RELEASE_TAG:-commit-$GITHUB_SHA} make kvisor-linter - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 - name: Login to GitHub Container Registry - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: registry: ghcr.io username: ${{ github.actor }} @@ -106,7 +106,7 @@ jobs: - name: Docker build and push pr (controller) if: ${{ github.event_name == 'pull_request' }} - uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 with: context: . file: ./Dockerfile.controller @@ -116,7 +116,7 @@ jobs: - name: Docker build and push pr (agent) if: ${{ github.event_name == 'pull_request' }} - uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 with: context: . file: ./Dockerfile.agent @@ -126,7 +126,7 @@ jobs: - name: Docker build and push pr (scanners) if: ${{ github.event_name == 'pull_request' }} - uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 with: context: . file: ./Dockerfile.scanners @@ -136,7 +136,7 @@ jobs: - name: Docker build and push main (controller) if: ${{ github.event_name != 'pull_request' && github.event_name != 'release'}} - uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 with: context: . file: ./Dockerfile.controller @@ -146,7 +146,7 @@ jobs: - name: Docker build and push main (agent) if: ${{ github.event_name != 'pull_request' && github.event_name != 'release'}} - uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 with: context: . file: ./Dockerfile.agent @@ -156,7 +156,7 @@ jobs: - name: Docker build and push main (scanners) if: ${{ github.event_name != 'pull_request' && github.event_name != 'release'}} - uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 with: context: . file: ./Dockerfile.scanners @@ -196,7 +196,7 @@ jobs: if: ${{ github.event_name == 'pull_request' }} steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 2 @@ -212,7 +212,7 @@ jobs: - name: Setup Helm if: steps.changes.outputs.charts_changed == 'true' - uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4 + uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4 # TODO: re-add verification when https://github.com/helm-unittest/helm-unittest/issues/777 is resolved - name: Install helm-unittest plugin @@ -253,7 +253,7 @@ jobs: df -h - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: ref: ${{ github.event.pull_request.head.sha }} @@ -270,14 +270,14 @@ jobs: go-version-file: "go.mod" - name: Login to GitHub Container Registry - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Create kind cluster - uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0 + uses: helm/kind-action@92086f6be054225fa813e0a4b13787fc9088faab # v1.13.0 with: config: ./e2e/kind-config.yaml cluster_name: kvisor-e2e diff --git a/.github/workflows/fossa.yaml b/.github/workflows/fossa.yaml index d48dc405..e15060fa 100644 --- a/.github/workflows/fossa.yaml +++ b/.github/workflows/fossa.yaml @@ -9,7 +9,7 @@ jobs: fossa-scan: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - uses: fossas/fossa-action@65a5a12203e31a5fcc54154db9c52647f84b1169 # v1 with: api-key: ${{ secrets.FOSSA_API_KEY }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a7a2b74b..0950aff3 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Setup Go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6 @@ -54,27 +54,27 @@ jobs: run: UNAME_M=arm64 VERSION=${RELEASE_TAG:-commit-$GITHUB_SHA} make kvisor-linter - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 - name: Login to Google Container Registry - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: registry: us-docker.pkg.dev username: _json_key password: ${{ secrets.ARTIFACT_BUILDER_JSON_KEY }} - name: Login to GitHub Container Registry - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push release (kvisor-agent) - uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 with: context: . push: true @@ -87,7 +87,7 @@ jobs: us-docker.pkg.dev/castai-hub/library/kvisor-agent:latest - name: Build and push release (kvisor-controller) - uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 with: context: . push: true @@ -100,7 +100,7 @@ jobs: us-docker.pkg.dev/castai-hub/library/kvisor-controller:latest - name: Build and push release (kvisor-scanners) - uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 with: context: . push: true @@ -118,7 +118,7 @@ jobs: needs: release_docker steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: "0" @@ -127,7 +127,7 @@ jobs: - name: Checkout helm-charts # The cr tool only works if the target repository is already checked out - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 repository: castai/helm-charts @@ -141,7 +141,7 @@ jobs: git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - name: Install Helm - uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4 + uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4 with: version: v3.5.2 @@ -181,7 +181,7 @@ jobs: git status - name: Make helm charts github release - uses: softprops/action-gh-release@da05d552573ad5aba039eaac05058a918a7bf631 # v2 + uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2 with: body: | ${{ steps.parse-chart.outputs.desc }} diff --git a/.github/workflows/syft-sbom.yaml b/.github/workflows/syft-sbom.yaml index b8f169e6..c12326ad 100644 --- a/.github/workflows/syft-sbom.yaml +++ b/.github/workflows/syft-sbom.yaml @@ -11,9 +11,9 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Anchore SBOM Action - uses: anchore/sbom-action@f325610c9f50a54015d37c8d16cb3b0e2c8f4de0 # v0 + uses: anchore/sbom-action@28d71544de8eaf1b958d335707167c5f783590ad # v0 with: artifact-name: ${{ github.event.repository.name }}-spdx.json