From 91d33e399f2f9aa8ce3250aa44692e785ce1d128 Mon Sep 17 00:00:00 2001 From: Mihai Maruseac Date: Sun, 26 Nov 2023 10:49:50 -0800 Subject: [PATCH] Revert "Update github-actions" This reverts commit c29779d582cf7f2b8f51d34d420c6e228745ce9c. --- .../e2e.container-based.push.main.default.slsa3.yml | 2 +- .../e2e.container-based.schedule.main.default.slsa3.yml | 2 +- ...er-based.schedule.main.gcp-workload-identity.slsa3.yml | 6 +++--- .../e2e.container-based.schedule.main.matrix.slsa3.yml | 2 +- ...ainer-based.schedule.main.registry-username-secret.yml | 2 +- ...2e.container-based.schedule.main.registry-username.yml | 2 +- .../e2e.container-based.tag.main.default.slsa3.yml | 2 +- ...ntainer-based.workflow_dispatch.main.default.slsa3.yml | 2 +- .../e2e.container.push.branch1.default.slsa3.yml | 4 ++-- .../workflows/e2e.container.push.main.default.slsa3.yml | 4 ++-- ...2e.container.schedule.main.continue-on-error.slsa3.yml | 4 ++-- .../e2e.container.schedule.main.default.slsa3.yml | 4 ++-- .../workflows/e2e.container.tag.branch1.default.slsa3.yml | 4 ++-- .../workflows/e2e.container.tag.main.default.slsa3.yml | 4 ++-- ...e2e.container.tag.main.gcp-workload-identity.slsa3.yml | 8 ++++---- .../e2e.container.tag.main.registry-username-secret.yml | 4 ++-- ....container.workflow_dispatch.branch1.default.slsa3.yml | 4 ++-- ...e2e.container.workflow_dispatch.main.default.slsa3.yml | 4 ++-- ...ainer.workflow_dispatch.main.workflow_inputs.slsa3.yml | 4 ++-- .../e2e.delegator-generic.create.main.checkout.slsa3.yml | 2 +- .../e2e.delegator-generic.create.main.default.slsa3.yml | 2 +- .../e2e.delegator-generic.push.main.default.slsa3.yml | 2 +- .../e2e.delegator-generic.release.main.checkout.slsa3.yml | 2 +- .../e2e.delegator-generic.release.main.default.slsa3.yml | 2 +- .../e2e.delegator-generic.tag.main.default.slsa3.yml | 2 +- ...r-generic.workflow_dispatch.branch1.checkout.slsa3.yml | 2 +- ...or-generic.workflow_dispatch.branch1.default.slsa3.yml | 2 +- ...ator-generic.workflow_dispatch.main.checkout.slsa3.yml | 2 +- ...gator-generic.workflow_dispatch.main.default.slsa3.yml | 2 +- .../e2e.delegator-lowperms.create.main.default.slsa3.yml | 2 +- .../e2e.delegator-lowperms.push.main.default.slsa3.yml | 2 +- .../e2e.delegator-lowperms.release.main.default.slsa3.yml | 2 +- .../e2e.delegator-lowperms.tag.main.default.slsa3.yml | 2 +- ...ator-lowperms.workflow_dispatch.main.default.slsa3.yml | 2 +- .github/workflows/e2e.gcb.push.main.default.slsa3.yml | 4 ++-- .../workflows/e2e.gcb.tag.main.annotated-build.slsa3.yml | 4 ++-- .../workflows/e2e.generic.push.branch1.default.slsa3.yml | 4 ++-- .github/workflows/e2e.generic.push.main.default.slsa3.yml | 4 ++-- .../e2e.generic.push.main.upload-tag-name.slsa3.yml | 4 ++-- .../workflows/e2e.generic.release.main.default.slsa3.yml | 4 ++-- ...eneric.schedule.main.adversarial-invalidpath.slsa3.yml | 2 +- ...ic.schedule.main.adversarial-invalidsubjects.slsa3.yml | 2 +- .../e2e.generic.schedule.main.attestation-name.slsa3.yml | 4 ++-- .../workflows/e2e.generic.schedule.main.default.slsa3.yml | 4 ++-- .../e2e.generic.schedule.main.multi-subjects.slsa3.yml | 6 +++--- .../e2e.generic.schedule.main.multi-uses.slsa3.yml | 8 ++++---- .../workflows/e2e.generic.tag.branch1.default.slsa3.yml | 4 ++-- .../workflows/e2e.generic.tag.main.annotated.slsa3.yml | 4 ++-- .github/workflows/e2e.generic.tag.main.assets.slsa3.yml | 4 ++-- ...ic.tag.main.goreleaser-assets-multi-subjects.slsa3.yml | 2 +- ...2e.generic.workflow_dispatch.branch1.default.slsa3.yml | 4 ++-- .../e2e.generic.workflow_dispatch.main.default.slsa3.yml | 4 ++-- ...patch.main.large-subjects-adversarial-format.slsa3.yml | 2 +- ...patch.main.large-subjects-adversarial-sha256.slsa3.yml | 2 +- ...eneric.workflow_dispatch.main.large-subjects.slsa3.yml | 4 ++-- .../e2e.generic.workflow_dispatch.main.tagname.slsa3.yml | 4 ++-- ...neric.workflow_dispatch.main.workflow_inputs.slsa3.yml | 4 ++-- .../e2e.go.push.branch1.config-ldflags.slsa3.yml | 2 +- .../workflows/e2e.go.push.main.config-ldflags.slsa3.yml | 2 +- .../workflows/e2e.go.push.main.config-noldflags.slsa3.yml | 2 +- ...2e.go.release.main.config-ldflags-assets-tag.slsa3.yml | 2 +- .../e2e.go.release.main.config-ldflags-assets.slsa3.yml | 2 +- .../e2e.go.release.main.config-ldflags-noassets.slsa3.yml | 2 +- ...e2e.go.schedule.main.config-ldflags-main-dir.slsa3.yml | 2 +- .../e2e.go.schedule.main.config-ldflags-main.slsa3.yml | 2 +- .../e2e.go.schedule.main.config-noldflags.slsa3.yml | 2 +- .../e2e.go.schedule.main.noldflags-multi-uses.slsa3.yml | 4 ++-- .../e2e.go.tag.branch1.config-ldflags-assets.slsa3.yml | 2 +- ....go.tag.main.config-ldflags-assets-draft-tag.slsa3.yml | 2 +- ...ag.main.config-ldflags-assets-prerelease-tag.slsa3.yml | 2 +- .../e2e.go.tag.main.config-ldflags-assets-tag.slsa3.yml | 2 +- .../e2e.go.tag.main.config-ldflags-assets.slsa3.yml | 2 +- .../e2e.go.tag.main.config-ldflags-noassets.slsa3.yml | 2 +- ....go.workflow_dispatch.branch1.config-ldflags.slsa3.yml | 2 +- ...e.go.workflow_dispatch.main.config-noldflags.slsa3.yml | 2 +- ....go.workflow_dispatch.main.tagname-noldflags.slsa3.yml | 2 +- ...flow_dispatch.main.workflow_inputs-noldflags.slsa3.yml | 2 +- .../e2e.gradle.workflow_dispatch.main.default.slsa3.yml | 2 +- .github/workflows/e2e.installer-action.yml | 4 ++-- .../e2e.maven.workflow_dispatch.main.default.slsa3.yml | 2 +- .../workflows/e2e.nodejs.create.main.default.slsa3.yml | 2 +- .../workflows/e2e.nodejs.push.branch1.default.slsa3.yml | 2 +- .../e2e.nodejs.push.main.custom_publish.slsa3.yml | 2 +- .github/workflows/e2e.nodejs.push.main.default.slsa3.yml | 2 +- .github/workflows/e2e.nodejs.push.main.disttag.slsa3.yml | 2 +- .github/workflows/e2e.nodejs.push.main.node16.slsa3.yml | 2 +- .github/workflows/e2e.nodejs.push.main.node18.slsa3.yml | 2 +- .../workflows/e2e.nodejs.release.main.default.slsa3.yml | 2 +- .github/workflows/e2e.nodejs.tag.main.default.slsa3.yml | 2 +- .github/workflows/e2e.nodejs.tag.main.unscoped.slsa3.yml | 2 +- .../e2e.nodejs.workflow_dispatch.main.default.slsa3.yml | 2 +- .github/workflows/pre-submit.golangci-lint.yml | 2 +- .../verifier-e2e.all.workflow_dispatch.main.all.slsa3.yml | 2 +- 93 files changed, 131 insertions(+), 131 deletions(-) diff --git a/.github/workflows/e2e.container-based.push.main.default.slsa3.yml b/.github/workflows/e2e.container-based.push.main.default.slsa3.yml index 792b52d5bf..b0a8b9b557 100644 --- a/.github/workflows/e2e.container-based.push.main.default.slsa3.yml +++ b/.github/workflows/e2e.container-based.push.main.default.slsa3.yml @@ -68,7 +68,7 @@ jobs: name=$(find "${FOLDER}"/ -type f | head -1) cp "${name}" . echo "name=$(basename "${name}")" >> "${GITHUB_OUTPUT}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container-based.schedule.main.default.slsa3.yml b/.github/workflows/e2e.container-based.schedule.main.default.slsa3.yml index c66962f265..978233a1cd 100644 --- a/.github/workflows/e2e.container-based.schedule.main.default.slsa3.yml +++ b/.github/workflows/e2e.container-based.schedule.main.default.slsa3.yml @@ -55,7 +55,7 @@ jobs: name=$(find "${FOLDER}"/ -type f | head -1) cp "${name}" . echo "name=$(basename "${name}")" >> "${GITHUB_OUTPUT}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container-based.schedule.main.gcp-workload-identity.slsa3.yml b/.github/workflows/e2e.container-based.schedule.main.gcp-workload-identity.slsa3.yml index b04345c3c8..ab9a187e68 100644 --- a/.github/workflows/e2e.container-based.schedule.main.gcp-workload-identity.slsa3.yml +++ b/.github/workflows/e2e.container-based.schedule.main.gcp-workload-identity.slsa3.yml @@ -40,7 +40,7 @@ jobs: steps: - id: auth name: "Authenticate to Google Cloud" - uses: google-github-actions/auth@f105ef0cdb3b102a020be1767fcc8a974898b7c6 # v1.2.0 + uses: google-github-actions/auth@35b0e87d162680511bf346c299f71c9c5c379033 # v1.1.1 with: token_format: "access_token" service_account: ${{ env.SERVICE_ACCOUNT }} @@ -86,7 +86,7 @@ jobs: steps: - id: auth name: "Authenticate to Google Cloud" - uses: google-github-actions/auth@f105ef0cdb3b102a020be1767fcc8a974898b7c6 # v1.2.0 + uses: google-github-actions/auth@35b0e87d162680511bf346c299f71c9c5c379033 # v1.1.1 with: token_format: "access_token" service_account: ${{ env.SERVICE_ACCOUNT }} @@ -157,7 +157,7 @@ jobs: name=$(find "${FOLDER}"/ -type f | head -1) cp "${name}" . echo "name=$(basename "${name}")" >> "${GITHUB_OUTPUT}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container-based.schedule.main.matrix.slsa3.yml b/.github/workflows/e2e.container-based.schedule.main.matrix.slsa3.yml index bd28a49aea..0d2b4a6d8d 100644 --- a/.github/workflows/e2e.container-based.schedule.main.matrix.slsa3.yml +++ b/.github/workflows/e2e.container-based.schedule.main.matrix.slsa3.yml @@ -61,7 +61,7 @@ jobs: name=$(find "${FOLDER}"/ -type f | head -1) cp "${name}" . echo "name=$(basename "${name}")" >> "${GITHUB_OUTPUT}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container-based.schedule.main.registry-username-secret.yml b/.github/workflows/e2e.container-based.schedule.main.registry-username-secret.yml index 3e6d98e040..0ee0e176e0 100644 --- a/.github/workflows/e2e.container-based.schedule.main.registry-username-secret.yml +++ b/.github/workflows/e2e.container-based.schedule.main.registry-username-secret.yml @@ -96,7 +96,7 @@ jobs: name=$(find "${FOLDER}"/ -type f | head -1) cp "${name}" . echo "name=$(basename "${name}")" >> "${GITHUB_OUTPUT}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container-based.schedule.main.registry-username.yml b/.github/workflows/e2e.container-based.schedule.main.registry-username.yml index dec9fac286..f181625f75 100644 --- a/.github/workflows/e2e.container-based.schedule.main.registry-username.yml +++ b/.github/workflows/e2e.container-based.schedule.main.registry-username.yml @@ -146,7 +146,7 @@ jobs: name=$(find "${FOLDER}"/ -type f | head -1) cp "${name}" . echo "name=$(basename "${name}")" >> "${GITHUB_OUTPUT}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container-based.tag.main.default.slsa3.yml b/.github/workflows/e2e.container-based.tag.main.default.slsa3.yml index 9ff8c77be7..d4eb1aaf68 100644 --- a/.github/workflows/e2e.container-based.tag.main.default.slsa3.yml +++ b/.github/workflows/e2e.container-based.tag.main.default.slsa3.yml @@ -82,7 +82,7 @@ jobs: name=$(find "${FOLDER}"/ -type f | head -1) cp "${name}" . echo "name=$(basename "${name}")" >> "${GITHUB_OUTPUT}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container-based.workflow_dispatch.main.default.slsa3.yml b/.github/workflows/e2e.container-based.workflow_dispatch.main.default.slsa3.yml index 525d1409d4..2a7ac2f93e 100644 --- a/.github/workflows/e2e.container-based.workflow_dispatch.main.default.slsa3.yml +++ b/.github/workflows/e2e.container-based.workflow_dispatch.main.default.slsa3.yml @@ -68,7 +68,7 @@ jobs: name=$(find "${FOLDER}"/ -type f | head -1) cp "${name}" . echo "name=$(basename "${name}")" >> "${GITHUB_OUTPUT}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container.push.branch1.default.slsa3.yml b/.github/workflows/e2e.container.push.branch1.default.slsa3.yml index 9841d65c5d..33f52b7632 100644 --- a/.github/workflows/e2e.container.push.branch1.default.slsa3.yml +++ b/.github/workflows/e2e.container.push.branch1.default.slsa3.yml @@ -141,7 +141,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 - env: REGISTRY_USERNAME: ${{ github.actor }} REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} @@ -161,7 +161,7 @@ jobs: echo "provenance_file=${GITHUB_WORKSPACE}/provenance.json" >> "$GITHUB_ENV" echo "container=${IMAGE_NAME}@${IMAGE_DIGEST}" >> "$GITHUB_ENV" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container.push.main.default.slsa3.yml b/.github/workflows/e2e.container.push.main.default.slsa3.yml index 4059871189..cb7ae3bf21 100644 --- a/.github/workflows/e2e.container.push.main.default.slsa3.yml +++ b/.github/workflows/e2e.container.push.main.default.slsa3.yml @@ -115,7 +115,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 - env: REGISTRY_USERNAME: ${{ github.actor }} REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} @@ -135,7 +135,7 @@ jobs: echo "provenance_file=${GITHUB_WORKSPACE}/provenance.json" >> "$GITHUB_ENV" echo "container=${IMAGE_NAME}@${IMAGE_DIGEST}" >> "$GITHUB_ENV" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container.schedule.main.continue-on-error.slsa3.yml b/.github/workflows/e2e.container.schedule.main.continue-on-error.slsa3.yml index 0413cbab65..1b66fa462e 100644 --- a/.github/workflows/e2e.container.schedule.main.continue-on-error.slsa3.yml +++ b/.github/workflows/e2e.container.schedule.main.continue-on-error.slsa3.yml @@ -100,7 +100,7 @@ jobs: if: ${{ always() }} steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 - env: REGISTRY_USERNAME: ${{ github.actor }} REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} @@ -120,7 +120,7 @@ jobs: echo "provenance_file=${GITHUB_WORKSPACE}/provenance.json" >> "$GITHUB_ENV" echo "container=${IMAGE_NAME}@${IMAGE_DIGEST}" >> "$GITHUB_ENV" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container.schedule.main.default.slsa3.yml b/.github/workflows/e2e.container.schedule.main.default.slsa3.yml index 31c33c12a8..ae307f788e 100644 --- a/.github/workflows/e2e.container.schedule.main.default.slsa3.yml +++ b/.github/workflows/e2e.container.schedule.main.default.slsa3.yml @@ -105,7 +105,7 @@ jobs: if: ${{ always() }} steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 - env: REGISTRY_USERNAME: ${{ github.actor }} REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} @@ -125,7 +125,7 @@ jobs: echo "provenance_file=${GITHUB_WORKSPACE}/provenance.json" >> "$GITHUB_ENV" echo "container=${IMAGE_NAME}@${IMAGE_DIGEST}" >> "$GITHUB_ENV" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container.tag.branch1.default.slsa3.yml b/.github/workflows/e2e.container.tag.branch1.default.slsa3.yml index 395c1ec5db..7d6b3e36a4 100644 --- a/.github/workflows/e2e.container.tag.branch1.default.slsa3.yml +++ b/.github/workflows/e2e.container.tag.branch1.default.slsa3.yml @@ -125,7 +125,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 - env: REGISTRY_USERNAME: ${{ github.actor }} REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} @@ -145,7 +145,7 @@ jobs: echo "provenance_file=${GITHUB_WORKSPACE}/provenance.json" >> "$GITHUB_ENV" echo "container=${IMAGE_NAME}@${IMAGE_DIGEST}" >> "$GITHUB_ENV" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container.tag.main.default.slsa3.yml b/.github/workflows/e2e.container.tag.main.default.slsa3.yml index 828413c7fb..5c83426750 100644 --- a/.github/workflows/e2e.container.tag.main.default.slsa3.yml +++ b/.github/workflows/e2e.container.tag.main.default.slsa3.yml @@ -129,7 +129,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 - env: REGISTRY_USERNAME: ${{ github.actor }} REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} @@ -149,7 +149,7 @@ jobs: echo "provenance_file=${GITHUB_WORKSPACE}/provenance.json" >> "$GITHUB_ENV" echo "container=${IMAGE_NAME}@${IMAGE_DIGEST}" >> "$GITHUB_ENV" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container.tag.main.gcp-workload-identity.slsa3.yml b/.github/workflows/e2e.container.tag.main.gcp-workload-identity.slsa3.yml index d543bdebbd..2f85c0e0d6 100644 --- a/.github/workflows/e2e.container.tag.main.gcp-workload-identity.slsa3.yml +++ b/.github/workflows/e2e.container.tag.main.gcp-workload-identity.slsa3.yml @@ -67,7 +67,7 @@ jobs: steps: - id: auth name: "Authenticate to Google Cloud" - uses: google-github-actions/auth@f105ef0cdb3b102a020be1767fcc8a974898b7c6 # v1.2.0 + uses: google-github-actions/auth@35b0e87d162680511bf346c299f71c9c5c379033 # v1.1.1 with: token_format: "access_token" service_account: ${{ env.SERVICE_ACCOUNT }} @@ -146,12 +146,12 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - id: auth name: "Authenticate to Google Cloud" - uses: google-github-actions/auth@f105ef0cdb3b102a020be1767fcc8a974898b7c6 # v1.2.0 + uses: google-github-actions/auth@35b0e87d162680511bf346c299f71c9c5c379033 # v1.1.1 with: token_format: "access_token" service_account: ${{ env.SERVICE_ACCOUNT }} workload_identity_provider: ${{ env.PROVIDER_NAME }} - - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 - env: REGISTRY_USERNAME: oauth2accesstoken REGISTRY_PASSWORD: ${{ steps.auth.outputs.access_token }} @@ -171,7 +171,7 @@ jobs: echo "provenance_file=${GITHUB_WORKSPACE}/provenance.json" >> "$GITHUB_ENV" echo "container=${IMAGE_NAME}@${IMAGE_DIGEST}" >> "$GITHUB_ENV" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container.tag.main.registry-username-secret.yml b/.github/workflows/e2e.container.tag.main.registry-username-secret.yml index 67f5a224dd..1141baf55d 100644 --- a/.github/workflows/e2e.container.tag.main.registry-username-secret.yml +++ b/.github/workflows/e2e.container.tag.main.registry-username-secret.yml @@ -130,7 +130,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 - env: REGISTRY_USERNAME: ${{ github.actor }} REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} @@ -150,7 +150,7 @@ jobs: echo "provenance_file=${GITHUB_WORKSPACE}/provenance.json" >> "$GITHUB_ENV" echo "container=${IMAGE_NAME}@${IMAGE_DIGEST}" >> "$GITHUB_ENV" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container.workflow_dispatch.branch1.default.slsa3.yml b/.github/workflows/e2e.container.workflow_dispatch.branch1.default.slsa3.yml index d709f54999..7ff119d54d 100644 --- a/.github/workflows/e2e.container.workflow_dispatch.branch1.default.slsa3.yml +++ b/.github/workflows/e2e.container.workflow_dispatch.branch1.default.slsa3.yml @@ -110,7 +110,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 - env: REGISTRY_USERNAME: ${{ github.actor }} REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} @@ -130,7 +130,7 @@ jobs: echo "provenance_file=${GITHUB_WORKSPACE}/provenance.json" >> "$GITHUB_ENV" echo "container=${IMAGE_NAME}@${IMAGE_DIGEST}" >> "$GITHUB_ENV" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container.workflow_dispatch.main.default.slsa3.yml b/.github/workflows/e2e.container.workflow_dispatch.main.default.slsa3.yml index c741edc84e..559d30bd3c 100644 --- a/.github/workflows/e2e.container.workflow_dispatch.main.default.slsa3.yml +++ b/.github/workflows/e2e.container.workflow_dispatch.main.default.slsa3.yml @@ -114,7 +114,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 - env: REGISTRY_USERNAME: ${{ github.actor }} REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} @@ -134,7 +134,7 @@ jobs: echo "provenance_file=${GITHUB_WORKSPACE}/provenance.json" >> "$GITHUB_ENV" echo "container=${IMAGE_NAME}@${IMAGE_DIGEST}" >> "$GITHUB_ENV" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.container.workflow_dispatch.main.workflow_inputs.slsa3.yml b/.github/workflows/e2e.container.workflow_dispatch.main.workflow_inputs.slsa3.yml index 59add9075b..f57f27206d 100644 --- a/.github/workflows/e2e.container.workflow_dispatch.main.workflow_inputs.slsa3.yml +++ b/.github/workflows/e2e.container.workflow_dispatch.main.workflow_inputs.slsa3.yml @@ -119,7 +119,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 - env: REGISTRY_USERNAME: ${{ github.actor }} REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} @@ -139,7 +139,7 @@ jobs: echo "provenance_file=${GITHUB_WORKSPACE}/provenance.json" >> "$GITHUB_ENV" echo "container=${IMAGE_NAME}@${IMAGE_DIGEST}" >> "$GITHUB_ENV" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-generic.create.main.checkout.slsa3.yml b/.github/workflows/e2e.delegator-generic.create.main.checkout.slsa3.yml index f295ef77c8..e9e30be65b 100644 --- a/.github/workflows/e2e.delegator-generic.create.main.checkout.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.create.main.checkout.slsa3.yml @@ -89,7 +89,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-generic.create.main.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.create.main.default.slsa3.yml index 68e13d0a22..ebb84c3fe7 100644 --- a/.github/workflows/e2e.delegator-generic.create.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.create.main.default.slsa3.yml @@ -79,7 +79,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-generic.push.main.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.push.main.default.slsa3.yml index be26c555bb..4f854539b3 100644 --- a/.github/workflows/e2e.delegator-generic.push.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.push.main.default.slsa3.yml @@ -79,7 +79,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-generic.release.main.checkout.slsa3.yml b/.github/workflows/e2e.delegator-generic.release.main.checkout.slsa3.yml index 1d0ce2c68e..cdc5d7d8c6 100644 --- a/.github/workflows/e2e.delegator-generic.release.main.checkout.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.release.main.checkout.slsa3.yml @@ -91,7 +91,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-generic.release.main.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.release.main.default.slsa3.yml index ab900caf59..d18e8baf81 100644 --- a/.github/workflows/e2e.delegator-generic.release.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.release.main.default.slsa3.yml @@ -80,7 +80,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-generic.tag.main.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.tag.main.default.slsa3.yml index 033ab4cd9d..e98b4e62c6 100644 --- a/.github/workflows/e2e.delegator-generic.tag.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.tag.main.default.slsa3.yml @@ -81,7 +81,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.checkout.slsa3.yml b/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.checkout.slsa3.yml index 534fb439cd..2a2ac52879 100644 --- a/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.checkout.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.checkout.slsa3.yml @@ -92,7 +92,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.default.slsa3.yml index 352b4a65e7..17c5cc978e 100644 --- a/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.default.slsa3.yml @@ -81,7 +81,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.checkout.slsa3.yml b/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.checkout.slsa3.yml index 6ab55211bb..5e611e47b4 100644 --- a/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.checkout.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.checkout.slsa3.yml @@ -91,7 +91,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.default.slsa3.yml index fd00cfe9d7..6ca502daf6 100644 --- a/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.default.slsa3.yml @@ -81,7 +81,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-lowperms.create.main.default.slsa3.yml b/.github/workflows/e2e.delegator-lowperms.create.main.default.slsa3.yml index fae5629ba7..e16244ef01 100644 --- a/.github/workflows/e2e.delegator-lowperms.create.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-lowperms.create.main.default.slsa3.yml @@ -80,7 +80,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-lowperms.push.main.default.slsa3.yml b/.github/workflows/e2e.delegator-lowperms.push.main.default.slsa3.yml index 9cdfe3782b..7c84a2dd25 100644 --- a/.github/workflows/e2e.delegator-lowperms.push.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-lowperms.push.main.default.slsa3.yml @@ -78,7 +78,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-lowperms.release.main.default.slsa3.yml b/.github/workflows/e2e.delegator-lowperms.release.main.default.slsa3.yml index fcc50cf90b..862ca74c8c 100644 --- a/.github/workflows/e2e.delegator-lowperms.release.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-lowperms.release.main.default.slsa3.yml @@ -81,7 +81,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-lowperms.tag.main.default.slsa3.yml b/.github/workflows/e2e.delegator-lowperms.tag.main.default.slsa3.yml index 3947d394c9..aff6972223 100644 --- a/.github/workflows/e2e.delegator-lowperms.tag.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-lowperms.tag.main.default.slsa3.yml @@ -82,7 +82,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.delegator-lowperms.workflow_dispatch.main.default.slsa3.yml b/.github/workflows/e2e.delegator-lowperms.workflow_dispatch.main.default.slsa3.yml index e5294fd48c..caed10ccb1 100644 --- a/.github/workflows/e2e.delegator-lowperms.workflow_dispatch.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-lowperms.workflow_dispatch.main.default.slsa3.yml @@ -82,7 +82,7 @@ jobs: with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.gcb.push.main.default.slsa3.yml b/.github/workflows/e2e.gcb.push.main.default.slsa3.yml index 3ab1bdbd9c..cf10b01591 100644 --- a/.github/workflows/e2e.gcb.push.main.default.slsa3.yml +++ b/.github/workflows/e2e.gcb.push.main.default.slsa3.yml @@ -73,7 +73,7 @@ jobs: gcloud artifacts docker images describe "${IMAGE_REGISTRY}/${IMAGE_NAME}@${image_digest}" --show-provenance --format json > provenance.json echo "provenance-name=provenance.json" >> "${GITHUB_OUTPUT}" - name: Upload provenance - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.describe.outputs.provenance-name }} path: ${{ steps.describe.outputs.provenance-name }} @@ -90,7 +90,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.provenance-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.gcb.tag.main.annotated-build.slsa3.yml b/.github/workflows/e2e.gcb.tag.main.annotated-build.slsa3.yml index 463397eafa..cae08e18c5 100644 --- a/.github/workflows/e2e.gcb.tag.main.annotated-build.slsa3.yml +++ b/.github/workflows/e2e.gcb.tag.main.annotated-build.slsa3.yml @@ -73,7 +73,7 @@ jobs: gcloud artifacts docker images describe "${IMAGE_REGISTRY}/${IMAGE_NAME}@${image_digest}" --show-provenance --format json > provenance.json echo "provenance-name=provenance.json" >> "${GITHUB_OUTPUT}" - name: Upload provenance - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.describe.outputs.provenance-name }} path: ${{ steps.describe.outputs.provenance-name }} @@ -90,7 +90,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.provenance-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.push.branch1.default.slsa3.yml b/.github/workflows/e2e.generic.push.branch1.default.slsa3.yml index 2cfb969b51..f59522073f 100644 --- a/.github/workflows/e2e.generic.push.branch1.default.slsa3.yml +++ b/.github/workflows/e2e.generic.push.branch1.default.slsa3.yml @@ -63,7 +63,7 @@ jobs: cp bazel-bin/hello_/hello . # Copy binary from Bazel path to root echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -102,7 +102,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.attestation-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.push.main.default.slsa3.yml b/.github/workflows/e2e.generic.push.main.default.slsa3.yml index 379cfdbb45..31b97b7a04 100644 --- a/.github/workflows/e2e.generic.push.main.default.slsa3.yml +++ b/.github/workflows/e2e.generic.push.main.default.slsa3.yml @@ -43,7 +43,7 @@ jobs: cp bazel-bin/hello_/hello . # Copy binary from Bazel path to root echo "binary-name=hello" >>"${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -83,7 +83,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.attestation-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.push.main.upload-tag-name.slsa3.yml b/.github/workflows/e2e.generic.push.main.upload-tag-name.slsa3.yml index f781aab26c..289370001b 100644 --- a/.github/workflows/e2e.generic.push.main.upload-tag-name.slsa3.yml +++ b/.github/workflows/e2e.generic.push.main.upload-tag-name.slsa3.yml @@ -51,7 +51,7 @@ jobs: cp bazel-bin/hello_/hello . # Copy binary from Bazel path to root echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -98,7 +98,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.attestation-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.release.main.default.slsa3.yml b/.github/workflows/e2e.generic.release.main.default.slsa3.yml index 4c3ab78d42..30f38c7b49 100644 --- a/.github/workflows/e2e.generic.release.main.default.slsa3.yml +++ b/.github/workflows/e2e.generic.release.main.default.slsa3.yml @@ -59,7 +59,7 @@ jobs: cp bazel-bin/hello_/hello . # Copy binary from Bazel path to root echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -98,7 +98,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.attestation-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.schedule.main.adversarial-invalidpath.slsa3.yml b/.github/workflows/e2e.generic.schedule.main.adversarial-invalidpath.slsa3.yml index 775dafecf9..b0f2a393cb 100644 --- a/.github/workflows/e2e.generic.schedule.main.adversarial-invalidpath.slsa3.yml +++ b/.github/workflows/e2e.generic.schedule.main.adversarial-invalidpath.slsa3.yml @@ -24,7 +24,7 @@ jobs: echo "artifact2" > artifact2 - name: Upload artifacts - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: artifacts if-no-files-found: error diff --git a/.github/workflows/e2e.generic.schedule.main.adversarial-invalidsubjects.slsa3.yml b/.github/workflows/e2e.generic.schedule.main.adversarial-invalidsubjects.slsa3.yml index ca11e43ac8..24d0704819 100644 --- a/.github/workflows/e2e.generic.schedule.main.adversarial-invalidsubjects.slsa3.yml +++ b/.github/workflows/e2e.generic.schedule.main.adversarial-invalidsubjects.slsa3.yml @@ -24,7 +24,7 @@ jobs: echo "artifact2" > artifact2 - name: Upload artifacts - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: artifacts if-no-files-found: error diff --git a/.github/workflows/e2e.generic.schedule.main.attestation-name.slsa3.yml b/.github/workflows/e2e.generic.schedule.main.attestation-name.slsa3.yml index 3971e5cab9..3758541157 100644 --- a/.github/workflows/e2e.generic.schedule.main.attestation-name.slsa3.yml +++ b/.github/workflows/e2e.generic.schedule.main.attestation-name.slsa3.yml @@ -31,7 +31,7 @@ jobs: cp bazel-bin/hello_/hello . # Copy binary from Bazel path to root echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -73,7 +73,7 @@ jobs: with: name: ${{ needs.provenance.outputs.attestation-name }} - name: Setup Go - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - name: Verify attestation name diff --git a/.github/workflows/e2e.generic.schedule.main.default.slsa3.yml b/.github/workflows/e2e.generic.schedule.main.default.slsa3.yml index 529dc7871b..01e883240f 100644 --- a/.github/workflows/e2e.generic.schedule.main.default.slsa3.yml +++ b/.github/workflows/e2e.generic.schedule.main.default.slsa3.yml @@ -31,7 +31,7 @@ jobs: cp bazel-bin/hello_/hello . # Copy binary from Bazel path to root echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -72,7 +72,7 @@ jobs: with: name: ${{ needs.provenance.outputs.attestation-name }} - name: Setup Go - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - name: Verify provenance diff --git a/.github/workflows/e2e.generic.schedule.main.multi-subjects.slsa3.yml b/.github/workflows/e2e.generic.schedule.main.multi-subjects.slsa3.yml index b02c803d09..fcf022a3a4 100644 --- a/.github/workflows/e2e.generic.schedule.main.multi-subjects.slsa3.yml +++ b/.github/workflows/e2e.generic.schedule.main.multi-subjects.slsa3.yml @@ -25,7 +25,7 @@ jobs: echo "artifact3" > artifact3 - name: Upload artifacts - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: artifacts if-no-files-found: error @@ -70,7 +70,7 @@ jobs: with: name: ${{ needs.provenance.outputs.attestation-name }} - name: Setup Go - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" # Note: the 3 artifacts share the same provenance file. @@ -101,7 +101,7 @@ jobs: with: name: ${{ needs.provenance.outputs.attestation-name }} - name: Setup Go - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - name: Alter artifacts diff --git a/.github/workflows/e2e.generic.schedule.main.multi-uses.slsa3.yml b/.github/workflows/e2e.generic.schedule.main.multi-uses.slsa3.yml index b066ecef72..f39c53f7b2 100644 --- a/.github/workflows/e2e.generic.schedule.main.multi-uses.slsa3.yml +++ b/.github/workflows/e2e.generic.schedule.main.multi-uses.slsa3.yml @@ -23,7 +23,7 @@ jobs: echo "build 1 artifact 1" > artifact1 - name: Upload artifacts - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: artifacts1 if-no-files-found: error @@ -67,7 +67,7 @@ jobs: with: name: ${{ needs.provenance-one.outputs.attestation-name }} - name: Setup Go - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - name: Verify provenance artifact1 @@ -87,7 +87,7 @@ jobs: echo "build 2 artifact 1" > artifact1 - name: Upload artifacts - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: artifacts2 if-no-files-found: error @@ -134,7 +134,7 @@ jobs: with: name: ${{ needs.provenance-two.outputs.attestation-name }} - name: Setup Go - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - name: Verify provenance artifact2 diff --git a/.github/workflows/e2e.generic.tag.branch1.default.slsa3.yml b/.github/workflows/e2e.generic.tag.branch1.default.slsa3.yml index 21535ead66..855a7774b0 100644 --- a/.github/workflows/e2e.generic.tag.branch1.default.slsa3.yml +++ b/.github/workflows/e2e.generic.tag.branch1.default.slsa3.yml @@ -61,7 +61,7 @@ jobs: cp bazel-bin/hello_/hello . # Copy binary from Bazel path to root echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -100,7 +100,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.attestation-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.tag.main.annotated.slsa3.yml b/.github/workflows/e2e.generic.tag.main.annotated.slsa3.yml index 66cc4d41a8..602f082a12 100644 --- a/.github/workflows/e2e.generic.tag.main.annotated.slsa3.yml +++ b/.github/workflows/e2e.generic.tag.main.annotated.slsa3.yml @@ -49,7 +49,7 @@ jobs: echo "build 1 artifact 1" > artifact1 - name: Upload artifacts - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: path: artifact1 name: artifact1 @@ -89,7 +89,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.provenance.outputs.attestation-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.tag.main.assets.slsa3.yml b/.github/workflows/e2e.generic.tag.main.assets.slsa3.yml index 0abde021da..ffd7903bfb 100644 --- a/.github/workflows/e2e.generic.tag.main.assets.slsa3.yml +++ b/.github/workflows/e2e.generic.tag.main.assets.slsa3.yml @@ -57,7 +57,7 @@ jobs: cp bazel-bin/hello_/hello . # Copy binary from Bazel path to root echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -97,7 +97,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.attestation-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.tag.main.goreleaser-assets-multi-subjects.slsa3.yml b/.github/workflows/e2e.generic.tag.main.goreleaser-assets-multi-subjects.slsa3.yml index 906336616c..809d6ee43f 100644 --- a/.github/workflows/e2e.generic.tag.main.goreleaser-assets-multi-subjects.slsa3.yml +++ b/.github/workflows/e2e.generic.tag.main.goreleaser-assets-multi-subjects.slsa3.yml @@ -102,7 +102,7 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Download assets run: gh -R "$GITHUB_REPOSITORY" release download "$GITHUB_REF_NAME" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.workflow_dispatch.branch1.default.slsa3.yml b/.github/workflows/e2e.generic.workflow_dispatch.branch1.default.slsa3.yml index 58e90dc2b2..dde3683810 100644 --- a/.github/workflows/e2e.generic.workflow_dispatch.branch1.default.slsa3.yml +++ b/.github/workflows/e2e.generic.workflow_dispatch.branch1.default.slsa3.yml @@ -46,7 +46,7 @@ jobs: cp bazel-bin/hello_/hello . # Copy binary from Bazel path to root echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -85,7 +85,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.attestation-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.workflow_dispatch.main.default.slsa3.yml b/.github/workflows/e2e.generic.workflow_dispatch.main.default.slsa3.yml index e81141adfb..b3a9b05dfc 100644 --- a/.github/workflows/e2e.generic.workflow_dispatch.main.default.slsa3.yml +++ b/.github/workflows/e2e.generic.workflow_dispatch.main.default.slsa3.yml @@ -42,7 +42,7 @@ jobs: cp bazel-bin/hello_/hello . # Copy binary from Bazel path to root echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -81,7 +81,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.attestation-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects-adversarial-format.slsa3.yml b/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects-adversarial-format.slsa3.yml index 2222e69d3e..8d8deea3d6 100644 --- a/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects-adversarial-format.slsa3.yml +++ b/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects-adversarial-format.slsa3.yml @@ -37,7 +37,7 @@ jobs: echo "hello world" > hello echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} diff --git a/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects-adversarial-sha256.slsa3.yml b/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects-adversarial-sha256.slsa3.yml index 4d822f7d11..28b3399d16 100644 --- a/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects-adversarial-sha256.slsa3.yml +++ b/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects-adversarial-sha256.slsa3.yml @@ -37,7 +37,7 @@ jobs: echo "hello world" > hello echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} diff --git a/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects.slsa3.yml b/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects.slsa3.yml index 32a80b7338..1eb74f76ea 100644 --- a/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects.slsa3.yml +++ b/.github/workflows/e2e.generic.workflow_dispatch.main.large-subjects.slsa3.yml @@ -37,7 +37,7 @@ jobs: echo "hello world" > hello echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -95,7 +95,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.attestation-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.generic.workflow_dispatch.main.tagname.slsa3.yml b/.github/workflows/e2e.generic.workflow_dispatch.main.tagname.slsa3.yml index 3ff642e534..a6fd52f977 100644 --- a/.github/workflows/e2e.generic.workflow_dispatch.main.tagname.slsa3.yml +++ b/.github/workflows/e2e.generic.workflow_dispatch.main.tagname.slsa3.yml @@ -38,7 +38,7 @@ jobs: echo "build 1 artifact 1" > artifact1 - name: Upload artifacts - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: artifacts1 if-no-files-found: error @@ -84,7 +84,7 @@ jobs: - name: Download provenance run: gh release download "$TAG" -p "$PROVENANCE" - name: Setup Go - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - name: Verify provenance artifact1 diff --git a/.github/workflows/e2e.generic.workflow_dispatch.main.workflow_inputs.slsa3.yml b/.github/workflows/e2e.generic.workflow_dispatch.main.workflow_inputs.slsa3.yml index ea79b9115d..2acd39c1cf 100644 --- a/.github/workflows/e2e.generic.workflow_dispatch.main.workflow_inputs.slsa3.yml +++ b/.github/workflows/e2e.generic.workflow_dispatch.main.workflow_inputs.slsa3.yml @@ -47,7 +47,7 @@ jobs: cp bazel-bin/hello_/hello . # Copy binary from Bazel path to root echo "binary-name=hello" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.binary-name }} path: ${{ steps.build.outputs.binary-name }} @@ -86,7 +86,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.provenance.outputs.attestation-name }} - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.push.branch1.config-ldflags.slsa3.yml b/.github/workflows/e2e.go.push.branch1.config-ldflags.slsa3.yml index 3e6da0a15e..1887f323b3 100644 --- a/.github/workflows/e2e.go.push.branch1.config-ldflags.slsa3.yml +++ b/.github/workflows/e2e.go.push.branch1.config-ldflags.slsa3.yml @@ -105,7 +105,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.push.main.config-ldflags.slsa3.yml b/.github/workflows/e2e.go.push.main.config-ldflags.slsa3.yml index bddda36df4..3bbaae5b48 100644 --- a/.github/workflows/e2e.go.push.main.config-ldflags.slsa3.yml +++ b/.github/workflows/e2e.go.push.main.config-ldflags.slsa3.yml @@ -76,7 +76,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.push.main.config-noldflags.slsa3.yml b/.github/workflows/e2e.go.push.main.config-noldflags.slsa3.yml index 168d233280..8fafe7d2c0 100644 --- a/.github/workflows/e2e.go.push.main.config-noldflags.slsa3.yml +++ b/.github/workflows/e2e.go.push.main.config-noldflags.slsa3.yml @@ -51,7 +51,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.release.main.config-ldflags-assets-tag.slsa3.yml b/.github/workflows/e2e.go.release.main.config-ldflags-assets-tag.slsa3.yml index 56efa59917..ba2d04661f 100644 --- a/.github/workflows/e2e.go.release.main.config-ldflags-assets-tag.slsa3.yml +++ b/.github/workflows/e2e.go.release.main.config-ldflags-assets-tag.slsa3.yml @@ -102,7 +102,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.release.main.config-ldflags-assets.slsa3.yml b/.github/workflows/e2e.go.release.main.config-ldflags-assets.slsa3.yml index 337dd1645f..aa07157014 100644 --- a/.github/workflows/e2e.go.release.main.config-ldflags-assets.slsa3.yml +++ b/.github/workflows/e2e.go.release.main.config-ldflags-assets.slsa3.yml @@ -102,7 +102,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.release.main.config-ldflags-noassets.slsa3.yml b/.github/workflows/e2e.go.release.main.config-ldflags-noassets.slsa3.yml index 43e1768ba5..ac03bde95a 100644 --- a/.github/workflows/e2e.go.release.main.config-ldflags-noassets.slsa3.yml +++ b/.github/workflows/e2e.go.release.main.config-ldflags-noassets.slsa3.yml @@ -89,7 +89,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.schedule.main.config-ldflags-main-dir.slsa3.yml b/.github/workflows/e2e.go.schedule.main.config-ldflags-main-dir.slsa3.yml index d74da6061a..3f652cb07b 100644 --- a/.github/workflows/e2e.go.schedule.main.config-ldflags-main-dir.slsa3.yml +++ b/.github/workflows/e2e.go.schedule.main.config-ldflags-main-dir.slsa3.yml @@ -74,7 +74,7 @@ jobs: - uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.schedule.main.config-ldflags-main.slsa3.yml b/.github/workflows/e2e.go.schedule.main.config-ldflags-main.slsa3.yml index d9679bea22..b54106ef32 100644 --- a/.github/workflows/e2e.go.schedule.main.config-ldflags-main.slsa3.yml +++ b/.github/workflows/e2e.go.schedule.main.config-ldflags-main.slsa3.yml @@ -66,7 +66,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.schedule.main.config-noldflags.slsa3.yml b/.github/workflows/e2e.go.schedule.main.config-noldflags.slsa3.yml index bd51898c3e..797597a0e5 100644 --- a/.github/workflows/e2e.go.schedule.main.config-noldflags.slsa3.yml +++ b/.github/workflows/e2e.go.schedule.main.config-noldflags.slsa3.yml @@ -38,7 +38,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.schedule.main.noldflags-multi-uses.slsa3.yml b/.github/workflows/e2e.go.schedule.main.noldflags-multi-uses.slsa3.yml index b1d665d314..fedcdd0ba5 100644 --- a/.github/workflows/e2e.go.schedule.main.noldflags-multi-uses.slsa3.yml +++ b/.github/workflows/e2e.go.schedule.main.noldflags-multi-uses.slsa3.yml @@ -38,7 +38,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build-one.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: @@ -87,7 +87,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build-two.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.tag.branch1.config-ldflags-assets.slsa3.yml b/.github/workflows/e2e.go.tag.branch1.config-ldflags-assets.slsa3.yml index 1fb3af0620..89156a2173 100644 --- a/.github/workflows/e2e.go.tag.branch1.config-ldflags-assets.slsa3.yml +++ b/.github/workflows/e2e.go.tag.branch1.config-ldflags-assets.slsa3.yml @@ -89,7 +89,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.tag.main.config-ldflags-assets-draft-tag.slsa3.yml b/.github/workflows/e2e.go.tag.main.config-ldflags-assets-draft-tag.slsa3.yml index 939fa88607..f9797269f8 100644 --- a/.github/workflows/e2e.go.tag.main.config-ldflags-assets-draft-tag.slsa3.yml +++ b/.github/workflows/e2e.go.tag.main.config-ldflags-assets-draft-tag.slsa3.yml @@ -98,7 +98,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.tag.main.config-ldflags-assets-prerelease-tag.slsa3.yml b/.github/workflows/e2e.go.tag.main.config-ldflags-assets-prerelease-tag.slsa3.yml index 1964ba9b0e..b5e2f703ec 100644 --- a/.github/workflows/e2e.go.tag.main.config-ldflags-assets-prerelease-tag.slsa3.yml +++ b/.github/workflows/e2e.go.tag.main.config-ldflags-assets-prerelease-tag.slsa3.yml @@ -104,7 +104,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.tag.main.config-ldflags-assets-tag.slsa3.yml b/.github/workflows/e2e.go.tag.main.config-ldflags-assets-tag.slsa3.yml index 8f66c966e3..600334d05e 100644 --- a/.github/workflows/e2e.go.tag.main.config-ldflags-assets-tag.slsa3.yml +++ b/.github/workflows/e2e.go.tag.main.config-ldflags-assets-tag.slsa3.yml @@ -103,7 +103,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.tag.main.config-ldflags-assets.slsa3.yml b/.github/workflows/e2e.go.tag.main.config-ldflags-assets.slsa3.yml index c8888fc2dd..b5d477ad2f 100644 --- a/.github/workflows/e2e.go.tag.main.config-ldflags-assets.slsa3.yml +++ b/.github/workflows/e2e.go.tag.main.config-ldflags-assets.slsa3.yml @@ -91,7 +91,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.tag.main.config-ldflags-noassets.slsa3.yml b/.github/workflows/e2e.go.tag.main.config-ldflags-noassets.slsa3.yml index 274deba7a0..ee924fa384 100644 --- a/.github/workflows/e2e.go.tag.main.config-ldflags-noassets.slsa3.yml +++ b/.github/workflows/e2e.go.tag.main.config-ldflags-noassets.slsa3.yml @@ -90,7 +90,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.workflow_dispatch.branch1.config-ldflags.slsa3.yml b/.github/workflows/e2e.go.workflow_dispatch.branch1.config-ldflags.slsa3.yml index 5783cf5a42..65a51e8107 100644 --- a/.github/workflows/e2e.go.workflow_dispatch.branch1.config-ldflags.slsa3.yml +++ b/.github/workflows/e2e.go.workflow_dispatch.branch1.config-ldflags.slsa3.yml @@ -96,7 +96,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.workflow_dispatch.main.config-noldflags.slsa3.yml b/.github/workflows/e2e.go.workflow_dispatch.main.config-noldflags.slsa3.yml index e08d37819f..4f7236bbce 100644 --- a/.github/workflows/e2e.go.workflow_dispatch.main.config-noldflags.slsa3.yml +++ b/.github/workflows/e2e.go.workflow_dispatch.main.config-noldflags.slsa3.yml @@ -50,7 +50,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.workflow_dispatch.main.tagname-noldflags.slsa3.yml b/.github/workflows/e2e.go.workflow_dispatch.main.tagname-noldflags.slsa3.yml index 64cd810e57..1d1a986089 100644 --- a/.github/workflows/e2e.go.workflow_dispatch.main.tagname-noldflags.slsa3.yml +++ b/.github/workflows/e2e.go.workflow_dispatch.main.tagname-noldflags.slsa3.yml @@ -54,7 +54,7 @@ jobs: PROVENANCE: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl TAG: ${{ needs.release.outputs.tag }} run: gh release download "$TAG" -p "$PROVENANCE" - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.go.workflow_dispatch.main.workflow_inputs-noldflags.slsa3.yml b/.github/workflows/e2e.go.workflow_dispatch.main.workflow_inputs-noldflags.slsa3.yml index 7df9f0cc65..b6e8625dd8 100644 --- a/.github/workflows/e2e.go.workflow_dispatch.main.workflow_inputs-noldflags.slsa3.yml +++ b/.github/workflows/e2e.go.workflow_dispatch.main.workflow_inputs-noldflags.slsa3.yml @@ -58,7 +58,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ needs.build.outputs.go-binary-name }}.intoto.jsonl - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.gradle.workflow_dispatch.main.default.slsa3.yml b/.github/workflows/e2e.gradle.workflow_dispatch.main.default.slsa3.yml index efa4c9f5f8..0b5c79b0a4 100644 --- a/.github/workflows/e2e.gradle.workflow_dispatch.main.default.slsa3.yml +++ b/.github/workflows/e2e.gradle.workflow_dispatch.main.default.slsa3.yml @@ -82,7 +82,7 @@ jobs: sha256: "${{ needs.build.outputs.build-download-sha256 }}" path: ./ # NOTE: To build slsa-verifier in e2e.gradle.default.verify.sh - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.installer-action.yml b/.github/workflows/e2e.installer-action.yml index ab50cb8db9..9621395edf 100644 --- a/.github/workflows/e2e.installer-action.yml +++ b/.github/workflows/e2e.installer-action.yml @@ -19,7 +19,7 @@ jobs: steps: # Install at tag. # UPDATE ON RELEASE: tag. - - uses: slsa-framework/slsa-verifier/actions/installer@v2.4.1 + - uses: slsa-framework/slsa-verifier/actions/installer@v2.4.0 - run: | version=$(slsa-verifier version 2>&1 | grep GitVersion | cut -d ':' -f2 | tr -d "[:space:]") [ "$version" == "${LATEST_VERSION:1}" ] @@ -30,7 +30,7 @@ jobs: # Install at commit. # UPDATE ON RELEASE: commit sha. - - uses: slsa-framework/slsa-verifier/actions/installer@7e1e47d7d793930ab0082c15c2b971fdb53a3c95 # v2.4.1 + - uses: slsa-framework/slsa-verifier/actions/installer@73d1bcba982de0f644baec83df839399d13f472e # v2.4.0 - run: | version=$(slsa-verifier version 2>&1 | grep GitVersion | cut -d ':' -f2 | tr -d "[:space:]") [ "$version" == "${LATEST_VERSION:1}" ] diff --git a/.github/workflows/e2e.maven.workflow_dispatch.main.default.slsa3.yml b/.github/workflows/e2e.maven.workflow_dispatch.main.default.slsa3.yml index 5a3365be0e..21ec80ecdf 100644 --- a/.github/workflows/e2e.maven.workflow_dispatch.main.default.slsa3.yml +++ b/.github/workflows/e2e.maven.workflow_dispatch.main.default.slsa3.yml @@ -81,7 +81,7 @@ jobs: sha256: "${{ needs.build.outputs.target-download-sha256 }}" path: ./ # NOTE: To build slsa-verifier in e2e.maven.default.verify.sh - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/e2e.nodejs.create.main.default.slsa3.yml b/.github/workflows/e2e.nodejs.create.main.default.slsa3.yml index 06801875f2..1bac6ea448 100644 --- a/.github/workflows/e2e.nodejs.create.main.default.slsa3.yml +++ b/.github/workflows/e2e.nodejs.create.main.default.slsa3.yml @@ -96,7 +96,7 @@ jobs: with: node-version: 16 # NOTE: for building the verifier. - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - run: ./.github/workflows/scripts/e2e.nodejs.default.verify.sh diff --git a/.github/workflows/e2e.nodejs.push.branch1.default.slsa3.yml b/.github/workflows/e2e.nodejs.push.branch1.default.slsa3.yml index fa0152dd42..eb129405e1 100644 --- a/.github/workflows/e2e.nodejs.push.branch1.default.slsa3.yml +++ b/.github/workflows/e2e.nodejs.push.branch1.default.slsa3.yml @@ -97,7 +97,7 @@ jobs: with: node-version: 16 # NOTE: for building the verifier. - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - run: ./.github/workflows/scripts/e2e.nodejs.default.verify.sh diff --git a/.github/workflows/e2e.nodejs.push.main.custom_publish.slsa3.yml b/.github/workflows/e2e.nodejs.push.main.custom_publish.slsa3.yml index 0ff68f56cd..c59ef17400 100644 --- a/.github/workflows/e2e.nodejs.push.main.custom_publish.slsa3.yml +++ b/.github/workflows/e2e.nodejs.push.main.custom_publish.slsa3.yml @@ -111,7 +111,7 @@ jobs: with: node-version: 16 # NOTE: for building the verifier. - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - run: ./.github/workflows/scripts/e2e.nodejs.default.verify.sh diff --git a/.github/workflows/e2e.nodejs.push.main.default.slsa3.yml b/.github/workflows/e2e.nodejs.push.main.default.slsa3.yml index 6a0921e275..8ddb6b3da2 100644 --- a/.github/workflows/e2e.nodejs.push.main.default.slsa3.yml +++ b/.github/workflows/e2e.nodejs.push.main.default.slsa3.yml @@ -93,7 +93,7 @@ jobs: - name: Set up Node environment uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0 # NOTE: for building the verifier. - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - run: ./.github/workflows/scripts/e2e.nodejs.default.verify.sh diff --git a/.github/workflows/e2e.nodejs.push.main.disttag.slsa3.yml b/.github/workflows/e2e.nodejs.push.main.disttag.slsa3.yml index 2e87347ac6..b837008247 100644 --- a/.github/workflows/e2e.nodejs.push.main.disttag.slsa3.yml +++ b/.github/workflows/e2e.nodejs.push.main.disttag.slsa3.yml @@ -100,7 +100,7 @@ jobs: with: node-version: 16 # NOTE: for building the verifier. - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - run: ./.github/workflows/scripts/e2e.nodejs.default.verify.sh diff --git a/.github/workflows/e2e.nodejs.push.main.node16.slsa3.yml b/.github/workflows/e2e.nodejs.push.main.node16.slsa3.yml index 040322cc07..b21d945af1 100644 --- a/.github/workflows/e2e.nodejs.push.main.node16.slsa3.yml +++ b/.github/workflows/e2e.nodejs.push.main.node16.slsa3.yml @@ -97,7 +97,7 @@ jobs: with: node-version: 16 # NOTE: for building the verifier. - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - run: ./.github/workflows/scripts/e2e.nodejs.default.verify.sh diff --git a/.github/workflows/e2e.nodejs.push.main.node18.slsa3.yml b/.github/workflows/e2e.nodejs.push.main.node18.slsa3.yml index 6fa80989fa..6fa0c620b9 100644 --- a/.github/workflows/e2e.nodejs.push.main.node18.slsa3.yml +++ b/.github/workflows/e2e.nodejs.push.main.node18.slsa3.yml @@ -97,7 +97,7 @@ jobs: with: node-version: 18 # NOTE: for building the verifier. - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - run: ./.github/workflows/scripts/e2e.nodejs.default.verify.sh diff --git a/.github/workflows/e2e.nodejs.release.main.default.slsa3.yml b/.github/workflows/e2e.nodejs.release.main.default.slsa3.yml index 62699968bf..2c121e790d 100644 --- a/.github/workflows/e2e.nodejs.release.main.default.slsa3.yml +++ b/.github/workflows/e2e.nodejs.release.main.default.slsa3.yml @@ -96,7 +96,7 @@ jobs: with: node-version: 16 # NOTE: for building the verifier. - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - run: ./.github/workflows/scripts/e2e.nodejs.default.verify.sh diff --git a/.github/workflows/e2e.nodejs.tag.main.default.slsa3.yml b/.github/workflows/e2e.nodejs.tag.main.default.slsa3.yml index 6bf79d7ea6..b4e13d2913 100644 --- a/.github/workflows/e2e.nodejs.tag.main.default.slsa3.yml +++ b/.github/workflows/e2e.nodejs.tag.main.default.slsa3.yml @@ -97,7 +97,7 @@ jobs: with: node-version: 16 # NOTE: for building the verifier. - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - run: ./.github/workflows/scripts/e2e.nodejs.default.verify.sh diff --git a/.github/workflows/e2e.nodejs.tag.main.unscoped.slsa3.yml b/.github/workflows/e2e.nodejs.tag.main.unscoped.slsa3.yml index d6b56e741c..8d8c9963a3 100644 --- a/.github/workflows/e2e.nodejs.tag.main.unscoped.slsa3.yml +++ b/.github/workflows/e2e.nodejs.tag.main.unscoped.slsa3.yml @@ -97,7 +97,7 @@ jobs: with: node-version: 16 # NOTE: for building the verifier. - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - run: ./.github/workflows/scripts/e2e.nodejs.default.verify.sh diff --git a/.github/workflows/e2e.nodejs.workflow_dispatch.main.default.slsa3.yml b/.github/workflows/e2e.nodejs.workflow_dispatch.main.default.slsa3.yml index 7c6d6b6ac4..6a9ac7fa01 100644 --- a/.github/workflows/e2e.nodejs.workflow_dispatch.main.default.slsa3.yml +++ b/.github/workflows/e2e.nodejs.workflow_dispatch.main.default.slsa3.yml @@ -99,7 +99,7 @@ jobs: with: node-version: 16 # NOTE: for building the verifier. - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - run: ./.github/workflows/scripts/e2e.nodejs.default.verify.sh diff --git a/.github/workflows/pre-submit.golangci-lint.yml b/.github/workflows/pre-submit.golangci-lint.yml index da7d8ab7c1..60fc1e0e50 100644 --- a/.github/workflows/pre-submit.golangci-lint.yml +++ b/.github/workflows/pre-submit.golangci-lint.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version: "1.20" - env: diff --git a/.github/workflows/verifier-e2e.all.workflow_dispatch.main.all.slsa3.yml b/.github/workflows/verifier-e2e.all.workflow_dispatch.main.all.slsa3.yml index baf7426d87..fbd994a574 100644 --- a/.github/workflows/verifier-e2e.all.workflow_dispatch.main.all.slsa3.yml +++ b/.github/workflows/verifier-e2e.all.workflow_dispatch.main.all.slsa3.yml @@ -76,7 +76,7 @@ jobs: cp bazel-bin/hello_/hello "${BINARY_NAME}" # Copy binary from Bazel path to root echo "gha_generic_binary-name=$BINARY_NAME" >> "${GITHUB_OUTPUT}" - name: Upload binary - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ steps.build.outputs.gha_generic_binary-name }} path: ${{ steps.build.outputs.gha_generic_binary-name }}