Skip to content

Commit

Permalink
Bump the catch-all group in /.github/actions/docker-build-image with …
Browse files Browse the repository at this point in the history
…3 updates (#821)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Domenico Sibilio <[email protected]>
  • Loading branch information
dependabot[bot] and dsibilio authored Nov 25, 2024
1 parent e6a2d44 commit 778e731
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions .github/actions/docker-build-image/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ runs:

- name: Anchore Scan API Image
if: inputs.grype-scan-enabled == 'true'
uses: anchore/scan-action@f2ba85e044c8f5e5014c9a539328a9c78d3bfa49 # v5.2.1
uses: anchore/scan-action@869c549e657a088dc0441b08ce4fc0ecdac2bb65 # v5.3.0
id: scan
with:
fail-build: ${{ inputs.grype-fail-build }}
Expand All @@ -145,15 +145,15 @@ runs:

- name: Upload SARIF Files
if: always() && inputs.grype-scan-enabled == 'true' && github.event_name == 'push'
uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
continue-on-error: true # do not fail if GHAS is not enabled
with:
sarif_file: ${{ steps.scan.outputs.sarif }}

- name: Extract metadata for Docker
if: env.PUSH_IMAGE == 'true'
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
with:
images: ${{ env.IMAGE_NAME }}
labels: |
Expand Down

0 comments on commit 778e731

Please sign in to comment.