From 88d16973f191cf1ba7ecf00e14f1bdb6a4509cec Mon Sep 17 00:00:00 2001 From: Kubernetes Prow Robot <20407524+k8s-ci-robot@users.noreply.github.com> Date: Wed, 24 Apr 2024 08:22:59 -0700 Subject: [PATCH] Merge pull request #709 from bryantbiggs/chore/update-ci-versions chore: Update CI action versions, remove `push` trigger --- .github/workflows/create-release.yml | 19 ++++++++++--------- .github/workflows/deps.yml | 26 ++++++++++++++------------ .github/workflows/tag-release.yml | 14 +++++++++----- 3 files changed, 33 insertions(+), 26 deletions(-) diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml index 53d33f970..e78c2666e 100644 --- a/.github/workflows/create-release.yml +++ b/.github/workflows/create-release.yml @@ -1,5 +1,6 @@ # Github Action to create a release with goreleaser name: Create Release + on: workflow_dispatch: push: @@ -11,17 +12,17 @@ jobs: goreleaser: runs-on: ubuntu-latest steps: - - - name: Checkout - uses: actions/checkout@v3 + - name: Checkout + uses: actions/checkout@v4 with: fetch-depth: 0 - - - name: Set up Go - uses: actions/setup-go@v3 - - - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v4 + ssh-key: "${{ secrets.RELEASE_KEY }}" + + - name: Set up Go + uses: actions/setup-go@v5 + + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v5 with: distribution: goreleaser version: latest diff --git a/.github/workflows/deps.yml b/.github/workflows/deps.yml index 3490a48ce..034510415 100644 --- a/.github/workflows/deps.yml +++ b/.github/workflows/deps.yml @@ -1,28 +1,30 @@ name: "Dependency Review" -on: [push, pull_request, workflow_dispatch] + +on: [pull_request, workflow_dispatch] + permissions: contents: read + jobs: dependency-review: runs-on: ubuntu-latest steps: - - name: "Checkout Repository" + - name: Checkout uses: actions/checkout@v4 - with: - show-progress: false - - name: "Dependency Review" - uses: actions/dependency-review-action@v3 - with: - vulnerability-check: false + + - name: Dependency review + uses: actions/dependency-review-action@v4 + govulncheck: runs-on: ubuntu-latest steps: - - name: "Checkout Repository" + - name: Checkout uses: actions/checkout@v4 - with: - show-progress: false + - id: govulncheck uses: golang/govulncheck-action@v1 with: - go-version-input: 1.22.2 go-version-file: go.mod + + # [Info] Shows version of go that is (was) used + - run: go version diff --git a/.github/workflows/tag-release.yml b/.github/workflows/tag-release.yml index 2ba18a2a4..ec07137ea 100644 --- a/.github/workflows/tag-release.yml +++ b/.github/workflows/tag-release.yml @@ -11,16 +11,20 @@ on: jobs: tag-release: if: ${{ github.repository == 'kubernetes-sigs/aws-iam-authenticator' }} - runs-on: ubuntu-20.04 + runs-on: ubuntu-latest permissions: contents: write steps: - - uses: actions/checkout@v3 + - name: Checkout + uses: actions/checkout@v4 with: fetch-depth: 0 - - run: /usr/bin/git config --global user.email actions@github.com - - run: /usr/bin/git config --global user.name 'GitHub Actions Release Tagger' - - run: hack/tag-release.sh + ssh-key: "${{ secrets.RELEASE_KEY }}" + - name: Tag release + run: | + /usr/bin/git config --global user.email actions@github.com + /usr/bin/git config --global user.name 'GitHub Actions Release Tagger' + hack/tag-release.sh