From 019ca362918af96ea38298342e056f17dba904ac Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 11 Oct 2024 15:41:01 -0500 Subject: [PATCH] Bump the actions group across 1 directory with 5 updates (#2911) Bumps the actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.2.0` | `4.2.1` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `45.0.2` | `45.0.3` | | [chainguard-dev/setup-chainctl](https://github.com/chainguard-dev/setup-chainctl) | `0.2.2` | `0.2.3` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.6.0` | `3.7.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.0` | `4.4.3` | Updates `actions/checkout` from 4.2.0 to 4.2.1 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/d632683dd7b4114ad314bca15554477dd762a938...eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871) Updates `tj-actions/changed-files` from 45.0.2 to 45.0.3 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](https://github.com/tj-actions/changed-files/compare/48d8f15b2aaa3d255ca5af3eba4870f807ce6b3c...c3a1bb2c992d77180ae65be6ae6c166cf40f857c) Updates `chainguard-dev/setup-chainctl` from 0.2.2 to 0.2.3 - [Release notes](https://github.com/chainguard-dev/setup-chainctl/releases) - [Commits](https://github.com/chainguard-dev/setup-chainctl/compare/f52718d822dc73d21a04ef2082822c4a203163b3...598499528905f95b94e62e4831cf42035e768933) Updates `sigstore/cosign-installer` from 3.6.0 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/4959ce089c160fddf62f7b42464195ba1a56d382...dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da) Updates `actions/upload-artifact` from 4.4.0 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/50769540e7f4bd5e21e526ee35c689e35e0d6874...b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: chainguard-dev/setup-chainctl dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/digestabot.yaml | 2 +- .github/workflows/presubmit-readme.yaml | 4 ++-- .github/workflows/release.yaml | 12 ++++++------ .github/workflows/withdraw-images.yaml | 4 ++-- .github/workflows/withdraw-repos.yaml | 4 ++-- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/digestabot.yaml b/.github/workflows/digestabot.yaml index d1d1cf5e4..0e7d95452 100644 --- a/.github/workflows/digestabot.yaml +++ b/.github/workflows/digestabot.yaml @@ -23,7 +23,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: octo-sts/action@6177b4481c00308b3839969c3eca88c96a91775f # v1.0.0 id: octo-sts diff --git a/.github/workflows/presubmit-readme.yaml b/.github/workflows/presubmit-readme.yaml index af7559aaa..8d811d840 100644 --- a/.github/workflows/presubmit-readme.yaml +++ b/.github/workflows/presubmit-readme.yaml @@ -8,10 +8,10 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 - id: changed - uses: tj-actions/changed-files@48d8f15b2aaa3d255ca5af3eba4870f807ce6b3c # v45.0.2 + uses: tj-actions/changed-files@c3a1bb2c992d77180ae65be6ae6c166cf40f857c # v45.0.3 with: files_yaml: | automated: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index e8b651dea..8e791fcbc 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -33,7 +33,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - id: shard name: Shard @@ -92,7 +92,7 @@ jobs: terraform_version: "1.8.*" terraform_wrapper: false - - uses: chainguard-dev/setup-chainctl@f52718d822dc73d21a04ef2082822c4a203163b3 # v0.2.2 + - uses: chainguard-dev/setup-chainctl@598499528905f95b94e62e4831cf42035e768933 # v0.2.3 with: # This allows chainguard-images/images-private to publish images to cgr.dev/chainguard-private # We maintain this identity here: @@ -104,10 +104,10 @@ jobs: k3s-image: cgr.dev/chainguard/k3s:latest@sha256:78fe2d04d80c000306a075677b180e3ef857e3116b423daa119c0e63f02d7912 # Make cosign/crane CLI available to the tests - - uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0 + - uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - uses: imjasonh/setup-crane@31b88efe9de28ae0ffa220711af4b60be9435f6e # v0.4 - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Terraform apply timeout-minutes: 60 @@ -138,14 +138,14 @@ jobs: - name: Upload terraform logs if: always() - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v3 with: name: "mega-module-${{ matrix.shard.index }}.tf.json" path: /tmp/mega-module.tf.json - name: Upload imagetest logs if: always() - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v3 with: name: "mega-module-${{ matrix.shard.index }}-imagetest-logs" path: imagetest-logs diff --git a/.github/workflows/withdraw-images.yaml b/.github/workflows/withdraw-images.yaml index 446520e78..d9e7989b7 100644 --- a/.github/workflows/withdraw-images.yaml +++ b/.github/workflows/withdraw-images.yaml @@ -20,8 +20,8 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4 - - uses: chainguard-dev/setup-chainctl@f52718d822dc73d21a04ef2082822c4a203163b3 # v0.2.2 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 + - uses: chainguard-dev/setup-chainctl@598499528905f95b94e62e4831cf42035e768933 # v0.2.3 with: identity: 720909c9f5279097d847ad02a2f24ba8f59de36a/b6461e99e132298f - uses: imjasonh/setup-crane@31b88efe9de28ae0ffa220711af4b60be9435f6e # v0.4 diff --git a/.github/workflows/withdraw-repos.yaml b/.github/workflows/withdraw-repos.yaml index c1eebb15b..f32e2cdad 100644 --- a/.github/workflows/withdraw-repos.yaml +++ b/.github/workflows/withdraw-repos.yaml @@ -20,8 +20,8 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4 - - uses: chainguard-dev/setup-chainctl@f52718d822dc73d21a04ef2082822c4a203163b3 # v0.2.2 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 + - uses: chainguard-dev/setup-chainctl@598499528905f95b94e62e4831cf42035e768933 # v0.2.3 with: identity: 720909c9f5279097d847ad02a2f24ba8f59de36a/b6461e99e132298f - run: |