jprdonnelly/butler-sos
1
0
Fork 0
mirror of https://github.com/ptarmiganlabs/butler-sos.git synced 2025-12-19 17:58:18 -05:00
Code Issues Projects Releases Wiki Activity

chore(workflows): update action versions in CI configuration files

Browse Source
This commit is contained in:
Göran Sander
2025-12-07 20:25:53 +01:00
parent d46565518c
commit ad4f3e8b1c
6 changed files with 71 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
.github/workflows/ci.yaml vendored
View File

@@ -20,7 +20,7 @@ jobs:
- name: Show github.ref
run: echo "$GITHUB_REF"
- uses: googleapis/release-please-action@v4
- uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.4.0
id: release
if: github.repository_owner == 'ptarmiganlabs'
with:
@@ -62,10 +62,10 @@ jobs:
steps:
- name: Checkout repository
uses: actions/checkout@v5
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Node.js
uses: actions/setup-node@v5
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: 22
@@ -90,7 +90,7 @@ jobs:
find ./build -type f -name "*.json" -o -name "*.spdx*" -exec ls -la {} \;
- name: Upload SBOM to Release
uses: ncipollo/release-action@v1
uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
with:
allowUpdates: true
omitBodyDuringUpdate: true
@@ -102,7 +102,7 @@ jobs:
tag: ${{ needs.release-please.outputs.release_tag_name }}
- name: Upload SBOM as Workflow Artifact (backup)
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: sbom-${{ needs.release-please.outputs.release_version }}
path: './build/'
@@ -136,10 +136,10 @@ jobs:
echo "upload_url : ${{ needs.release-please.outputs.release_upload_url }}"
- name: Checkout repository
uses: actions/checkout@v5
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Node.js
uses: actions/setup-node@v5
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: lts/*
@@ -263,7 +263,7 @@ jobs:
ls -la
- name: Upload to existing release
uses: ncipollo/release-action@v1
uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
with:
allowUpdates: true
omitBodyDuringUpdate: true
@@ -311,10 +311,10 @@ jobs:
echo "upload_url : ${{ needs.release-please.outputs.release_upload_url }}"
- name: Checkout repository
uses: actions/checkout@v5
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Node.js
uses: actions/setup-node@v5
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: lts/*
@@ -439,7 +439,7 @@ jobs:
ls -la
- name: Upload to existing release
uses: ncipollo/release-action@v1
uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
with:
allowUpdates: true
omitBodyDuringUpdate: true
@@ -484,10 +484,10 @@ jobs:
Write-Output 'upload_url : ${{ needs.release-please.outputs.release_upload_url }}'
- name: Checkout repository
uses: actions/checkout@v5
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Node.js
uses: actions/setup-node@v5
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: lts/*
@@ -576,7 +576,7 @@ jobs:
dir
- name: Upload to existing release
uses: ncipollo/release-action@v1
uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
with:
allowUpdates: true
omitBodyDuringUpdate: true
@@ -612,10 +612,10 @@ jobs:
echo "upload_url : ${{ needs.release-please.outputs.release_upload_url }}"
- name: Checkout repository
uses: actions/checkout@v5
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Node.js
uses: actions/setup-node@v5
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: lts/*
@@ -657,7 +657,7 @@ jobs:
ls -la
- name: Upload to existing release
uses: ncipollo/release-action@v1
uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
with:
allowUpdates: true
omitBodyDuringUpdate: true

68
.github/workflows/codeql-analysis.yaml vendored
View File

@@ -3,7 +3,7 @@
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
name: "CodeQL"
name: 'CodeQL'
on:
workflow_dispatch:
@@ -34,43 +34,43 @@ jobs:
# https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
steps:
- name: Checkout repository
uses: actions/checkout@v5
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
# If this run was triggered by a pull request event, then checkout
# the head of the pull request instead of the merge commit.
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
# If this run was triggered by a pull request event, then checkout
# the head of the pull request instead of the merge commit.
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
#- run: |
# make bootstrap
# make release
#- run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7

24
.github/workflows/docker-image-build.yaml vendored
View File

@@ -39,25 +39,25 @@ jobs:
# payload: '{ "type":"ci-test", "repo": "${{ github.repository }}", "job": "${{ github.job }}", "workflow": "${{ github.workflow }}", "nodeVersion": "${{ env.NODE_VERSION }}","status": "in_progress","conclusion":"${{ env.JOB_CONCLUSION }}" }'
# username: ${{ secrets.PUBLIC_MQTT_BROKER_USER }}
# connectTimeout: 30000
- name: Show input values
run: |
echo "Inputs: ${{ github.event.inputs }}"
- name: Checkout repository
uses: actions/checkout@v5
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
if: |
github.event_name != 'pull_request' &&
github.repository_owner == 'ptarmiganlabs'
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
if: |
github.event_name != 'pull_request' &&
github.repository_owner == 'ptarmiganlabs'
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
if: |
github.event_name != 'pull_request' &&
github.repository_owner == 'ptarmiganlabs'
@@ -66,16 +66,16 @@ jobs:
# https://github.com/marketplace/actions/docker-login
# https://docs.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#github-context
- name: Login to Docker Hub
uses: docker/login-action@v3
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
if: |
github.event_name != 'pull_request' &&
github.repository_owner == 'ptarmiganlabs'
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
# Docker tag has format: refs/tags/v1.2.3
# We need to extract the tag semver from the full tag
# We need to extract the tag semver from the full tag
# Store the tag in GITHUB_ENV environment variable
- name: Create clean tag for Docker
run: |
@@ -120,9 +120,9 @@ jobs:
# Extract metadata (tags, labels) for Docker
# https://github.com/marketplace/actions/docker-metadata-action
- name: Extract Docker metadata
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
if: |
github.event_name != 'pull_request' &&
github.repository_owner == 'ptarmiganlabs'
@@ -150,7 +150,7 @@ jobs:
- name: Build and push
id: docker_build
uses: docker/build-push-action@v6
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
if: |
github.event_name != 'pull_request' &&
github.repository_owner == 'ptarmiganlabs'

12
.github/workflows/insiders-build.yaml vendored
View File

@@ -374,10 +374,10 @@ jobs:
runs-on: ${{ matrix.os }}
steps:
- name: Checkout repository
uses: actions/checkout@v5
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Node.js
uses: actions/setup-node@v5
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: 22
@@ -398,7 +398,7 @@ jobs:
github.repository_owner == 'ptarmiganlabs' &&
matrix.os == 'ubuntu-latest'
continue-on-error: true # To make sure that SARIF upload gets called
uses: snyk/actions/node@master
uses: snyk/actions/node@cdb760004ba9ea4d525f2e043745dfe85bb9077e # master
env:
# This is where you will need to introduce the Snyk API token created with your Snyk account
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
@@ -411,7 +411,7 @@ jobs:
github.repository_owner == 'ptarmiganlabs' &&
matrix.os == 'ubuntu-latest'
continue-on-error: true
uses: github/codeql-action/upload-sarif@v3
uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
with:
sarif_file: snyk.sarif
@@ -435,7 +435,7 @@ jobs:
${{ matrix.build }}
- name: Upload insider build artifacts to GitHub
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: ${{ matrix.artifact_insider }}
path: ${{ matrix.artifact_insider }}
@@ -451,7 +451,7 @@ jobs:
BUTLER_SOS_INSIDER_DOWNLOAD_PATH: ${{ vars.BUTLER_SOS_INSIDER_DOWNLOAD_PATH || './download' }}
steps:
- name: Download Windows insider build artifact
uses: actions/download-artifact@v5
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
with:
name: butler-sos--win-x64--${{ github.sha }}.zip
path: ${{ env.BUTLER_SOS_INSIDER_DOWNLOAD_PATH }}

2
.github/workflows/osv-scanner-scheduled.yml vendored
View File

@@ -18,4 +18,4 @@ permissions:
jobs:
scan-scheduled:
uses: 'google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v2.2.2'
uses: 'google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@90b209d0ea55cea1da9fc0c4e65782cc6acb6e2e' # v2.2.2

2
.github/workflows/virus-scan.yaml vendored
View File

@@ -13,7 +13,7 @@ jobs:
steps:
- name: VirusTotal Scan
uses: crazy-max/ghaction-virustotal@v4
uses: crazy-max/ghaction-virustotal@d34968c958ae283fe976efed637081b9f9dcf74f # v4.2.0
with:
vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }}
request_rate: 4