diff --git a/.github/actions/deploy-keptn-on-cluster/action.yml b/.github/actions/deploy-keptn-on-cluster/action.yml index 90c8a584d8..57594c8299 100644 --- a/.github/actions/deploy-keptn-on-cluster/action.yml +++ b/.github/actions/deploy-keptn-on-cluster/action.yml @@ -30,7 +30,7 @@ runs: using: "composite" steps: - name: Set up Go 1.x - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} cache: true diff --git a/.github/workflows/CI.yaml b/.github/workflows/CI.yaml index 88c5e16ce7..e2e9860fb1 100644 --- a/.github/workflows/CI.yaml +++ b/.github/workflows/CI.yaml @@ -94,7 +94,7 @@ jobs: uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Set up Go 1.x - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} cache: true @@ -144,7 +144,7 @@ jobs: - name: Cache build tools id: cache-build-tools - uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: ./${{ matrix.config.folder }}bin key: build-tools-${{ github.ref_name }} diff --git a/.github/workflows/component-test.yml b/.github/workflows/component-test.yml index 38e1de5463..3a95e1f45a 100644 --- a/.github/workflows/component-test.yml +++ b/.github/workflows/component-test.yml @@ -22,7 +22,7 @@ jobs: uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Set up Go 1.x - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} cache: true diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 57655fdd63..a1a659540a 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -43,7 +43,7 @@ jobs: - name: Check out code uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} check-latest: true diff --git a/.github/workflows/htmltest.yaml b/.github/workflows/htmltest.yaml index fda4dd0c14..d5cdc3d67f 100644 --- a/.github/workflows/htmltest.yaml +++ b/.github/workflows/htmltest.yaml @@ -31,7 +31,7 @@ jobs: fetch-depth: 0 - name: Cache HTMLTest packages - uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: | tmp/.htmltest diff --git a/.github/workflows/load-test.yml b/.github/workflows/load-test.yml index 6a52e62bfa..b37c0903b4 100644 --- a/.github/workflows/load-test.yml +++ b/.github/workflows/load-test.yml @@ -28,7 +28,7 @@ jobs: - name: Cache build tools id: cache-build-tools - uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: /usr/local/bin/kube-burner key: kube-burner-${{ env.KUBE_BURNER_VERSION }} diff --git a/.github/workflows/markdown-checks.yaml b/.github/workflows/markdown-checks.yaml index e25ec67348..83d5ee4c61 100644 --- a/.github/workflows/markdown-checks.yaml +++ b/.github/workflows/markdown-checks.yaml @@ -75,7 +75,7 @@ jobs: uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Set up Go 1.x - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} check-latest: true diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 69ee2a360a..39ba2000ba 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 with: sarif_file: results.sarif diff --git a/.github/workflows/security-scans.yml b/.github/workflows/security-scans.yml index ea101ac83b..3fb80859fc 100644 --- a/.github/workflows/security-scans.yml +++ b/.github/workflows/security-scans.yml @@ -99,7 +99,7 @@ jobs: steps: - name: Set up Go if: matrix.tool == 'kubeconform' - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: go-version: ${{ env.GO_VERSION }} check-latest: true @@ -242,7 +242,7 @@ jobs: - name: Trivy image scan scheduler if: matrix.image == 'scheduler' - uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0 + uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0 with: input: "images/${{ matrix.image }}-image.tar" severity: 'CRITICAL,HIGH' @@ -251,7 +251,7 @@ jobs: - name: Trivy image scan if: matrix.image != 'scheduler' - uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0 + uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0 with: input: "images/${{ matrix.image }}-image.tar" severity: 'CRITICAL,HIGH' @@ -270,7 +270,7 @@ jobs: - "keptn-cert-manager" steps: - name: Set up Go 1.x - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5 with: cache-dependency-path: ${{ matrix.artifact }}/go.sum go-version: ${{ env.GO_VERSION }} diff --git a/.github/workflows/validate-helm-chart.yml b/.github/workflows/validate-helm-chart.yml index 4d63a4f027..df9fe0037c 100644 --- a/.github/workflows/validate-helm-chart.yml +++ b/.github/workflows/validate-helm-chart.yml @@ -39,7 +39,7 @@ jobs: uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Set up Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: 16