diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 28dfe410..4af8ffd9 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -37,7 +37,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3 + uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3 - name: Generate metadata cspo id: metacspo @@ -56,7 +56,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Install Cosign - uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 + uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0 - name: Install Bom shell: bash @@ -91,7 +91,7 @@ jobs: # Import GitHub's cache build to docker cache - name: Copy cspo Golang cache to docker cache - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@16ebe778df0e7752d2cfcbd924afdbbd89c1a755 # v6.6.1 with: provenance: false context: /tmp/.cache/cspo @@ -101,7 +101,7 @@ jobs: target: import-cache - name: Build and push cspo image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6 + uses: docker/build-push-action@16ebe778df0e7752d2cfcbd924afdbbd89c1a755 # v6 id: docker_build_release_cspo with: provenance: false @@ -154,7 +154,7 @@ jobs: # Store docker's golang's cache build locally only on the main branch - name: Store cspo Golang cache build locally if: ${{ steps.cache.outputs.cache-hit != 'true' }} - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@16ebe778df0e7752d2cfcbd924afdbbd89c1a755 # v6.6.1 with: provenance: false context: . diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ce7545cb..86c70346 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -25,7 +25,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3 + uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3 - name: Generate metadata cspo id: metacspo @@ -44,7 +44,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Install Cosign - uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 + uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0 - name: Install Bom shell: bash @@ -60,7 +60,7 @@ jobs: echo 'EOF' >> $GITHUB_ENV - name: Build and push cspo image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6 + uses: docker/build-push-action@16ebe778df0e7752d2cfcbd924afdbbd89c1a755 # v6 id: docker_build_release_cspo with: provenance: false diff --git a/.github/workflows/schedule-update-bot.yaml b/.github/workflows/schedule-update-bot.yaml index fcb7c946..5c498f3e 100644 --- a/.github/workflows/schedule-update-bot.yaml +++ b/.github/workflows/schedule-update-bot.yaml @@ -35,7 +35,7 @@ jobs: # qemu is not required as of now because we don't build images for arm64 # use docker/setup-qemu-action@v3 if you want to have arm64 images. - name: Set up Docker Buildx # required for building image - uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3 + uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3 - name: Generate Token uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1