update all actions to latest version

matthyx · matthyx · commit 5e88c64f245a · 2025-02-07T09:47:07.000+01:00
Signed-off-by: Matthias Bertschy &lt;matthias.bertschy@gmail.com&gt;
diff --git a/.github/workflows/create-release-v2.yaml b/.github/workflows/create-release-v2.yaml
@@ -34,11 +34,11 @@ jobs:
       REGO_ARTIFACT_KEY_NAME: ${{ steps.set_outputs.outputs.REGO_ARTIFACT_KEY_NAME }}
       REGO_ARTIFACT_PATH: ${{ steps.set_outputs.outputs.REGO_ARTIFACT_PATH }}
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         name: Checkout repo content
 
       - name: Set up Go 1.21
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v4
         with:
           go-version: 1.21
 
@@ -49,7 +49,7 @@ jobs:
           GOPATH=$(go env GOPATH) make
 
       - name: Setup Python 3.10.6
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
         with:
           python-version: 3.10.6
 
@@ -81,7 +81,7 @@ jobs:
           echo "REGO_ARTIFACT_PATH=${{ env.REGO_ARTIFACT_PATH }}" >> $GITHUB_OUTPUT
 
       - name: Upload artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: ${{ env.REGO_ARTIFACT_KEY_NAME }}
           path: ${{ env.REGO_ARTIFACT_PATH }}/
@@ -118,7 +118,7 @@ jobs:
     name: create release and upload assets
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         name: Checkout repository
 
       - name: 'Generate Release Tag'
@@ -150,7 +150,7 @@ jobs:
           force_push_tag: true
           github_token: ${{ secrets.GITHUB_TOKEN }}
 
-      - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # ratchet:actions/download-artifact@v3.0.2
+      - uses: actions/download-artifact@v4
         id: download-artifact
         with:
           name: ${{ env.REGO_ARTIFACT_KEY_NAME }}
@@ -174,10 +174,10 @@ jobs:
     needs: [create-new-tag-and-release]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # ratchet:actions/checkout@v3.5.2
+      - uses: actions/checkout@v4
         name: checkout repo content
       - name: setup python
-        uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # ratchet:actions/setup-python@v4.6.0
+        uses: actions/setup-python@v5
         with:
           python-version: 3.8
       - name: install dependencies
diff --git a/.github/workflows/pr-comments.yaml b/.github/workflows/pr-comments.yaml
@@ -11,7 +11,7 @@ jobs:
     steps:
       - name: Check out code
         if: (github.actor == 'kubescape/sonar')
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       # trigger system tests - TODO
       # trigger release process - TODO 
       - name: say hello
diff --git a/.github/workflows/pr-tests.yaml b/.github/workflows/pr-tests.yaml
@@ -63,15 +63,15 @@ jobs:
           GOPATH=$(go env GOPATH) make
 
       - name: Set up Regal
-        uses: StyraInc/setup-regal@v0.1.0
+        uses: StyraInc/setup-regal@v1
         with:
           version: v0.10.1
 
       - name: Lint Rego
         run: regal lint --format github rules
 
       - name: setup python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: 3.10.6
       - name: Install dependencies
@@ -101,7 +101,7 @@ jobs:
           echo "REGO_ARTIFACT_KEY_NAME=${{ env.REGO_ARTIFACT_KEY_NAME }}" >> $GITHUB_OUTPUT
           echo "REGO_ARTIFACT_PATH=${{ env.REGO_ARTIFACT_PATH }}" >> $GITHUB_OUTPUT
 
-      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # ratchet:actions/upload-artifact@v3.1.1
+      - uses: actions/upload-artifact@v4
         name: Upload artifact
         with:
           name: ${{ env.REGO_ARTIFACT_KEY_NAME }}
diff --git a/.github/workflows/push-releasedev-updates.yaml b/.github/workflows/push-releasedev-updates.yaml
@@ -34,7 +34,7 @@ jobs:
         git commit -a -m "Updating releaseDev files $(date)"
 
     - name: Push changes
-      uses: ad-m/github-push-action@master
+      uses: ad-m/github-push-action@v0.8.0
       with:
         github_token: ${{ env.GH_ACCESS_TOKEN }}
         repository: kubescape/regolibrary-dev
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -32,12 +32,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
+        uses: actions/checkout@v4
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
+        uses: ossf/scorecard-action@v2.4.0
         with:
           results_file: results.sarif
           results_format: sarif
@@ -59,14 +59,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
+        uses: actions/upload-artifact@v4
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/sync.yml b/.github/workflows/sync.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@master
+        uses: actions/checkout@v4
       - name: Run GitHub File Sync
         uses: BetaHuhn/repo-file-sync-action@v1
         with:
