Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updating GitHub action versions to the latest TSCCR approved version #3979

Merged
merged 2 commits into from
May 15, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 16 additions & 16 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
outputs:
product-version: ${{ steps.get-product-version.outputs.product-version }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: get product version
id: get-product-version
run: |
Expand All @@ -39,15 +39,15 @@ jobs:
filepath: ${{ steps.generate-metadata-file.outputs.filepath }}
steps:
- name: "Checkout directory"
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Generate metadata file
id: generate-metadata-file
uses: hashicorp/actions-generate-metadata@v1
with:
version: ${{ needs.get-product-version.outputs.product-version }}
product: ${{ env.PKG_NAME }}
repositoryOwner: "hashicorp"
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
- uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: metadata.json
path: ${{ steps.generate-metadata-file.outputs.filepath }}
Expand Down Expand Up @@ -111,10 +111,10 @@ jobs:

name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} ${{ matrix.component }} ${{ matrix.fips }} build
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4

- name: Setup go
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version: ${{ matrix.go }}

Expand Down Expand Up @@ -156,7 +156,7 @@ jobs:
zip -r -j out/${{ matrix.pkg_name }}_${{ needs.get-product-version.outputs.product-version }}${{ matrix.fips }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/

- name: Upload built binaries
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: ${{ matrix.pkg_name }}_${{ needs.get-product-version.outputs.product-version }}${{ matrix.fips }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
path: ${{ matrix.component}}/out/${{ matrix.pkg_name }}_${{ needs.get-product-version.outputs.product-version }}${{ matrix.fips }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
Expand Down Expand Up @@ -214,7 +214,7 @@ jobs:
echo "Test PASSED, expected: ${VERSION}, got: ${CONSUL_K8S_VERSION}"

- name: Upload rpm package
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
if: matrix.goos == 'linux' && matrix.component == 'cli' && matrix.skip_packaging != 'true'
with:
name: ${{ env.RPM_PACKAGE }}
Expand All @@ -238,7 +238,7 @@ jobs:
echo "Test PASSED, expected: ${VERSION}, got: ${CONSUL_K8S_VERSION}"

- name: Upload debian packages
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
if: matrix.goos == 'linux' && matrix.component == 'cli' && matrix.skip_packaging != 'true'
with:
name: ${{ env.DEB_PACKAGE }}
Expand All @@ -261,8 +261,8 @@ jobs:
repo: ${{ github.event.repository.name }}
version: ${{ needs.get-product-version.outputs.product-version }}${{ matrix.fips }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: consul-cni_${{ needs.get-product-version.outputs.product-version }}${{ matrix.fips }}_${{ matrix.goos}}_${{ matrix.goarch }}.zip
path: control-plane/dist/cni/${{ matrix.goos}}/${{ matrix.goarch }}
Expand All @@ -282,7 +282,7 @@ jobs:
echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" >> $GITHUB_ENV

- name: Docker Build (Action)
uses: hashicorp/actions-docker-build@76d2fc91532d816ca2660d8f3139e432ac3700fd
uses: hashicorp/actions-docker-build@v2
if: ${{ !matrix.fips }}
with:
smoke_test: |
Expand Down Expand Up @@ -310,7 +310,7 @@ jobs:
GOLANG_VERSION=${{ needs.get-go-version.outputs.go-version }}

- name: Docker FIPS Build (Action)
uses: hashicorp/actions-docker-build@76d2fc91532d816ca2660d8f3139e432ac3700fd
uses: hashicorp/actions-docker-build@v2
if: ${{ matrix.fips }}
with:
smoke_test: |
Expand Down Expand Up @@ -350,8 +350,8 @@ jobs:
repo: ${{ github.event.repository.name }}
version: ${{ needs.get-product-version.outputs.product-version }}${{ matrix.fips }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: consul-cni_${{ needs.get-product-version.outputs.product-version }}${{ matrix.fips }}_linux_${{ matrix.arch }}.zip
path: control-plane/dist/cni/linux/${{ matrix.arch }}
Expand All @@ -372,7 +372,7 @@ jobs:

- name: Docker Build (Action)
if: ${{ !matrix.fips }}
uses: hashicorp/actions-docker-build@76d2fc91532d816ca2660d8f3139e432ac3700fd
uses: hashicorp/actions-docker-build@v2
with:
smoke_test: |
TEST_VERSION="$(docker run "${IMAGE_NAME}" consul-k8s-control-plane version | awk '{print $2}')"
Expand Down Expand Up @@ -401,7 +401,7 @@ jobs:

- name: Docker FIPS Build (Action)
if: ${{ matrix.fips }}
uses: hashicorp/actions-docker-build@76d2fc91532d816ca2660d8f3139e432ac3700fd
uses: hashicorp/actions-docker-build@v2
with:
smoke_test: |
TEST_VERSION="$(docker run "${IMAGE_NAME}" consul-k8s-control-plane version | awk '{print $2}')"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/changelog-checker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0 # by default the checkout action doesn't checkout all branches
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/jira-issues.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
name: Jira Community Issue sync
steps:
- name: Login
uses: atlassian/gajira-login@ca13f8850ea309cf44a6e4e0c49d9aa48ac3ca4c # v3
uses: atlassian/gajira-login@45fd029b9f1d6d8926c6f04175aa80c0e42c9026 # v3.0.1
env:
JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
Expand Down Expand Up @@ -70,14 +70,14 @@ jobs:

- name: Close ticket
if: ( github.event.action == 'closed' || github.event.action == 'deleted' ) && steps.search.outputs.issue
uses: atlassian/gajira-transition@4749176faf14633954d72af7a44d7f2af01cc92b # v3
uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3.0.1
with:
issue: ${{ steps.search.outputs.issue }}
transition: "Closed"

- name: Reopen ticket
if: github.event.action == 'reopened' && steps.search.outputs.issue
uses: atlassian/gajira-transition@4749176faf14633954d72af7a44d7f2af01cc92b # v3
uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3.0.1
with:
issue: ${{ steps.search.outputs.issue }}
transition: "To Do"
6 changes: 3 additions & 3 deletions .github/workflows/jira-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
name: Jira sync
steps:
- name: Login
uses: atlassian/gajira-login@ca13f8850ea309cf44a6e4e0c49d9aa48ac3ca4c # v3
uses: atlassian/gajira-login@45fd029b9f1d6d8926c6f04175aa80c0e42c9026 # v3.0.1
env:
JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
Expand Down Expand Up @@ -84,14 +84,14 @@ jobs:

- name: Close ticket
if: ( github.event.action == 'closed' || github.event.action == 'deleted' ) && steps.search.outputs.issue
uses: atlassian/gajira-transition@4749176faf14633954d72af7a44d7f2af01cc92b # v3
uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3.0.1
with:
issue: ${{ steps.search.outputs.issue }}
transition: "Closed"

- name: Reopen ticket
if: github.event.action == 'reopened' && steps.search.outputs.issue
uses: atlassian/gajira-transition@4749176faf14633954d72af7a44d7f2af01cc92b # v3
uses: atlassian/gajira-transition@38fc9cd61b03d6a53dd35fcccda172fe04b36de3 # v3.0.1
with:
issue: ${{ steps.search.outputs.issue }}
transition: "To Do"
12 changes: 6 additions & 6 deletions .github/workflows/lint.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4

- name: Setup go
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version: ${{ needs.get-go-version.outputs.go-version }}
cache: false
Expand All @@ -26,29 +26,29 @@ jobs:
run: echo "GOROOT=$(go env GOROOT)" >> "${GITHUB_ENV}"

- name: golangci-lint-helm-gen
uses: golangci/golangci-lint-action@639cd343e1d3b897ff35927a75193d57cfcba299 # v3.6.0
uses: golangci/golangci-lint-action@38e1018663fa5173f3968ea0777460d3de38f256 # v5.3.0
with:
version: "v1.55.2"
working-directory: hack/helm-reference-gen
skip-cache: true # We have seen sticky timeout bugs crop up with caching enabled, so disabling for now
args: "--no-config --disable-all --enable gofmt,govet"

- name: golangci-lint-control-plane
uses: golangci/golangci-lint-action@639cd343e1d3b897ff35927a75193d57cfcba299 # v3.6.0
uses: golangci/golangci-lint-action@38e1018663fa5173f3968ea0777460d3de38f256 # v5.3.0
with:
version: "v1.55.2"
working-directory: control-plane
skip-cache: true # We have seen sticky timeout bugs crop up with caching enabled, so disabling for now

- name: golangci-lint-acceptance
uses: golangci/golangci-lint-action@639cd343e1d3b897ff35927a75193d57cfcba299 # v3.6.0
uses: golangci/golangci-lint-action@38e1018663fa5173f3968ea0777460d3de38f256 # v5.3.0
with:
version: "v1.55.2"
working-directory: acceptance
skip-cache: true # We have seen sticky timeout bugs crop up with caching enabled, so disabling for now

- name: golangci-lint-cli
uses: golangci/golangci-lint-action@639cd343e1d3b897ff35927a75193d57cfcba299 # v3.6.0
uses: golangci/golangci-lint-action@38e1018663fa5173f3968ea0777460d3de38f256 # v5.3.0
with:
version: "v1.55.2"
working-directory: acceptance
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/merge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
name: test
runs-on: ubuntu-latest
steps:
- uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
- uses: benc-uk/workflow-dispatch@25b02cc069be46d637e8fe2f1e8484008e9e9609 # v1.2.3
name: test
with:
workflow: test.yml
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/nightly-acceptance.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
name: cloud
runs-on: ubuntu-latest
steps:
- uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
- uses: benc-uk/workflow-dispatch@25b02cc069be46d637e8fe2f1e8484008e9e9609 # v1.2.3
name: cloud
with:
workflow: cloud.yml
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/nightly-api-gateway-conformance.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
name: api-gateway-conformance
runs-on: ubuntu-latest
steps:
- uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
- uses: benc-uk/workflow-dispatch@25b02cc069be46d637e8fe2f1e8484008e9e9609 # v1.2.3
name: conformance
with:
workflow: api-gateway-conformance.yml
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/nightly-cleanup.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
name: cleanup
runs-on: ubuntu-latest
steps:
- uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
- uses: benc-uk/workflow-dispatch@25b02cc069be46d637e8fe2f1e8484008e9e9609 # v1.2.3
name: cleanup
with:
workflow: cleanup.yml
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
name: test
runs-on: ubuntu-latest
steps:
- uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
- uses: benc-uk/workflow-dispatch@25b02cc069be46d637e8fe2f1e8484008e9e9609 # v1.2.3
name: test
with:
workflow: test.yml
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/reusable-get-go-version.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
outputs:
go-version: ${{ steps.get-go-version.outputs.go-version }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Determine Go version
id: get-go-version
# We use .go-version as our source of truth for current Go
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/security-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,15 +29,15 @@ jobs:
&& (github.actor != 'dependabot[bot]') && (github.actor != 'hc-github-team-consul-core') }}

steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4

- name: Set up Go
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version: ${{ needs.get-go-version.outputs.go-version }}

- name: Clone Security Scanner repo
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
repository: hashicorp/security-scanner
#TODO: replace w/ HASHIBOT_PRODSEC_GITHUB_TOKEN once provisioned
Expand All @@ -58,6 +58,6 @@ jobs:
cat results.sarif | jq

- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@46a6823b81f2d7c67ddf123851eea88365bc8a67 # codeql-bundle-v2.13.5
uses: github/codeql-action/upload-sarif@c4fb451437765abf5018c6fbf22cce1a7da1e5cc # codeql-bundle-v2.17.1
with:
sarif_file: results.sarif
2 changes: 1 addition & 1 deletion .github/workflows/weekly-acceptance-1-1-x.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
name: cloud
runs-on: ubuntu-latest
steps:
- uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
- uses: benc-uk/workflow-dispatch@25b02cc069be46d637e8fe2f1e8484008e9e9609 # v1.2.3
name: cloud
with:
workflow: cloud.yml
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/weekly-acceptance-1-2-x.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
name: cloud
runs-on: ubuntu-latest
steps:
- uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
- uses: benc-uk/workflow-dispatch@25b02cc069be46d637e8fe2f1e8484008e9e9609 # v1.2.3
name: cloud
with:
workflow: cloud.yml
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/weekly-acceptance-1-3-x.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
name: cloud
runs-on: ubuntu-latest
steps:
- uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
- uses: benc-uk/workflow-dispatch@25b02cc069be46d637e8fe2f1e8484008e9e9609 # v1.2.3
name: cloud
with:
workflow: cloud.yml
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/weekly-acceptance-1-4-0-rc1.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
name: cloud
runs-on: ubuntu-latest
steps:
- uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
- uses: benc-uk/workflow-dispatch@25b02cc069be46d637e8fe2f1e8484008e9e9609 # v1.2.3
name: cloud
with:
workflow: cloud.yml
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/weekly-acceptance-1-4-x.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
name: cloud
runs-on: ubuntu-latest
steps:
- uses: benc-uk/workflow-dispatch@798e70c97009500150087d30d9f11c5444830385 # v1.2.2
- uses: benc-uk/workflow-dispatch@25b02cc069be46d637e8fe2f1e8484008e9e9609 # v1.2.3
name: cloud
with:
workflow: cloud.yml
Expand Down
Loading