From 38b169250a64f93b20aa6739e0c1af12058f37e9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Jul 2026 05:06:02 +0000 Subject: [PATCH] Bump the github-actions group with 4 updates Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [devops-infra/action-pull-request](https://github.com/devops-infra/action-pull-request). Updates `actions/checkout` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v6...v7) Updates `golangci/golangci-lint-action` from 9.2.1 to 9.3.0 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/82606bf257cbaff209d206a39f5134f0cfbfd2ee...ba0d7d2ec06a0ea1cb5fa41b2e4a3ab91d21278a) Updates `actions/upload-artifact` from 4 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v7) Updates `devops-infra/action-pull-request` from 1.2.1 to 1.3.0 - [Release notes](https://github.com/devops-infra/action-pull-request/releases) - [Commits](https://github.com/devops-infra/action-pull-request/compare/v1.2.1...v1.3.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: golangci/golangci-lint-action dependency-version: 9.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: devops-infra/action-pull-request dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/build-test.yaml | 12 ++++++------ .github/workflows/coverage-badge.yaml | 2 +- .github/workflows/helm-docs.yaml | 2 +- .github/workflows/helm-test.yaml | 6 +++--- .github/workflows/release.yaml | 10 +++++----- 5 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build-test.yaml b/.github/workflows/build-test.yaml index 0388c9b0..aafc3838 100644 --- a/.github/workflows/build-test.yaml +++ b/.github/workflows/build-test.yaml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Golang uses: actions/setup-go@v6 @@ -29,7 +29,7 @@ jobs: go-version-file: go.mod - name: Run golangci-lint - uses: golangci/golangci-lint-action@82606bf257cbaff209d206a39f5134f0cfbfd2ee # v9.2.1 + uses: golangci/golangci-lint-action@ba0d7d2ec06a0ea1cb5fa41b2e4a3ab91d21278a # v9.3.0 with: version: v2.12.2 install-mode: goinstall @@ -43,7 +43,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v7.0.0 - name: Run Trivy vulnerability scanner in repo mode uses: aquasecurity/trivy-action@v0.36.0 @@ -69,7 +69,7 @@ jobs: steps: # We only need to checkout as govuln does the go setup... - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - id: govulncheck uses: golang/govulncheck-action@v1 @@ -83,7 +83,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Golang uses: actions/setup-go@v6 @@ -126,7 +126,7 @@ jobs: name: Build Images steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up QEMU uses: docker/setup-qemu-action@v4 diff --git a/.github/workflows/coverage-badge.yaml b/.github/workflows/coverage-badge.yaml index fbd15daa..9dbdb8fb 100644 --- a/.github/workflows/coverage-badge.yaml +++ b/.github/workflows/coverage-badge.yaml @@ -13,7 +13,7 @@ jobs: name: Update coverage badge steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7.0.0 with: persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal access token. fetch-depth: 0 # otherwise, there would be errors pushing refs to the destination repository. diff --git a/.github/workflows/helm-docs.yaml b/.github/workflows/helm-docs.yaml index bfd1c515..55461989 100644 --- a/.github/workflows/helm-docs.yaml +++ b/.github/workflows/helm-docs.yaml @@ -21,7 +21,7 @@ jobs: contents: write pull-requests: write steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7.0.0 with: ref: ${{ github.event.pull_request.head.ref }} repository: ${{ github.event.pull_request.head.repo.full_name }} diff --git a/.github/workflows/helm-test.yaml b/.github/workflows/helm-test.yaml index c9fbd612..f2c12b72 100644 --- a/.github/workflows/helm-test.yaml +++ b/.github/workflows/helm-test.yaml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Golang uses: actions/setup-go@v6 @@ -40,7 +40,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Golang uses: actions/setup-go@v6 @@ -70,7 +70,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Install Kyverno CLI uses: kyverno/action-install-cli@v0.2.0 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f47da05b..6b290e6a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -40,7 +40,7 @@ jobs: contents: write steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 @@ -119,7 +119,7 @@ jobs: toTag: "main" - name: Create Release PR - uses: devops-infra/action-pull-request@v1.2.1 + uses: devops-infra/action-pull-request@v1.3.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} target_branch: main @@ -141,7 +141,7 @@ jobs: - release-name steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: path: version-checker @@ -204,7 +204,7 @@ jobs: # base: main - name: Upload chart artifacts for manual publishing - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: helm-chart-${{ needs.release-name.outputs.name }} path: jetstack-charts/charts/* @@ -218,7 +218,7 @@ jobs: - release-name steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 # Install the cosign tool except on PR # https://github.com/sigstore/cosign-installer