Merge pull request #1666 from kubewarden/renovate/github-actions

viccuad · web-flow · commit ec6864a62eda · 2026-04-16T11:45:43.000+02:00
chore(deps): update github actions
diff --git a/.github/workflows/build-containers.yml b/.github/workflows/build-containers.yml
@@ -34,7 +34,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Build, sign, and upload digest
-        uses: kubewarden/github-actions/container-build@0f1672d63bd3572f204917d68390d87f7430069a # v5.0.0
+        uses: kubewarden/github-actions/container-build@63e6bff6226bbdd84a4244892417eb27676b7a8c # v5.0.1
         with:
           component: ${{ matrix.component }}
           arch: ${{ matrix.arch }}
@@ -66,7 +66,7 @@ jobs:
         run: |
           echo TAG_NAME=$INPUT_VERSION >> $GITHUB_ENV
       - name: Merge multi-arch images
-        uses: kubewarden/github-actions/merge-multiarch@0f1672d63bd3572f204917d68390d87f7430069a # v5.0.0
+        uses: kubewarden/github-actions/merge-multiarch@63e6bff6226bbdd84a4244892417eb27676b7a8c # v5.0.1
         with:
           component: ${{ matrix.component }}
           tag: ${{ env.TAG_NAME }}
diff --git a/.github/workflows/build-kwctl.yml b/.github/workflows/build-kwctl.yml
@@ -146,7 +146,7 @@ jobs:
 
       - name: Install the syft command
         if: ${{ !inputs.build_only }}
-        uses: kubewarden/github-actions/syft-installer@0f1672d63bd3572f204917d68390d87f7430069a # v5.0.0
+        uses: kubewarden/github-actions/syft-installer@63e6bff6226bbdd84a4244892417eb27676b7a8c # v5.0.1
 
       - name: Create SBOM file
         if: ${{ !inputs.build_only }}
@@ -242,7 +242,7 @@ jobs:
 
       - name: Install the syft command
         if: ${{ !inputs.build_only }}
-        uses: kubewarden/github-actions/syft-installer@0f1672d63bd3572f204917d68390d87f7430069a # v5.0.0
+        uses: kubewarden/github-actions/syft-installer@63e6bff6226bbdd84a4244892417eb27676b7a8c # v5.0.1
         with:
           arch: darwin_amd64
 
@@ -342,7 +342,7 @@ jobs:
 
       - name: Install the syft command
         if: ${{ !inputs.build_only }}
-        uses: kubewarden/github-actions/syft-installer@0f1672d63bd3572f204917d68390d87f7430069a # v5.0.0
+        uses: kubewarden/github-actions/syft-installer@63e6bff6226bbdd84a4244892417eb27676b7a8c # v5.0.1
         with:
           arch: windows_amd64
 
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -262,7 +262,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Install opa
-        uses: kubewarden/github-actions/opa-installer@0f1672d63bd3572f204917d68390d87f7430069a # v5.0.0
+        uses: kubewarden/github-actions/opa-installer@63e6bff6226bbdd84a4244892417eb27676b7a8c # v5.0.1
         with:
           opa-version: v1.12.2
           checksum: cd6b0b2d762571a746f0261890b155e6dd71cca90dad6b42b6fcf6dd7f619f08
@@ -354,7 +354,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Install cargo-llvm-cov
-        uses: taiki-e/install-action@921a4027af787cda265c4f334a0f7f89b21d72e9 # v2.75.8
+        uses: taiki-e/install-action@5939f3337e40968c39aa70f5ecb1417a92fb25a0 # v2.75.15
         with:
           tool: cargo-llvm-cov
       - name: Install cosign # this is needed by some of the e2e tests
@@ -402,7 +402,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Check spelling with typos
-        uses: crate-ci/typos@02ea592e44b3a53c302f697cddca7641cd051c3d # v1.45.0
+        uses: crate-ci/typos@cf5f1c29a8ac336af8568821ec41919923b05a83 # v1.45.1
 
   charts:
     name: Helm unittest
diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml
@@ -104,7 +104,7 @@ jobs:
           persist-credentials: false
 
       - name: "Install kwctl"
-        uses: kubewarden/github-actions/kwctl-installer@0f1672d63bd3572f204917d68390d87f7430069a # v5.0.0
+        uses: kubewarden/github-actions/kwctl-installer@63e6bff6226bbdd84a4244892417eb27676b7a8c # v5.0.1
 
       - run: sudo npm install -g bats
 
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -82,7 +82,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Build, sign, and upload digest
-        uses: kubewarden/github-actions/container-build@0f1672d63bd3572f204917d68390d87f7430069a # v5.0.0
+        uses: kubewarden/github-actions/container-build@63e6bff6226bbdd84a4244892417eb27676b7a8c # v5.0.1
         with:
           component: ${{ matrix.component }}
           arch: ${{ matrix.arch }}
@@ -101,7 +101,7 @@ jobs:
         component: [policy-server, kubewarden-controller, audit-scanner]
     steps:
       - name: Merge multi-arch images
-        uses: kubewarden/github-actions/merge-multiarch@0f1672d63bd3572f204917d68390d87f7430069a # v5.0.0
+        uses: kubewarden/github-actions/merge-multiarch@63e6bff6226bbdd84a4244892417eb27676b7a8c # v5.0.1
         with:
           component: ${{ matrix.component }}
           tag: ${{ github.ref_name }}
@@ -131,7 +131,7 @@ jobs:
         arch: [amd64, arm64]
     steps:
       - name: Generate and sign attestations
-        uses: kubewarden/github-actions/attestation@0f1672d63bd3572f204917d68390d87f7430069a # v5.0.0
+        uses: kubewarden/github-actions/attestation@63e6bff6226bbdd84a4244892417eb27676b7a8c # v5.0.1
         with:
           component: ${{ matrix.component }}
           arch: ${{ matrix.arch }}
diff --git a/.github/workflows/security-audit-cron.yml b/.github/workflows/security-audit-cron.yml
@@ -11,6 +11,6 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
-      - uses: EmbarkStudios/cargo-deny-action@175dc7fd4fb85ec8f46948fb98f44db001149081 # v2.0.16
+      - uses: EmbarkStudios/cargo-deny-action@91bf2b620e09e18d6eb78b92e7861937469acedb # v2.0.17
         with:
           command: check advisories
diff --git a/.github/workflows/security-audit-reactive.yml b/.github/workflows/security-audit-reactive.yml
@@ -15,6 +15,6 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
-      - uses: EmbarkStudios/cargo-deny-action@175dc7fd4fb85ec8f46948fb98f44db001149081 # v2.0.16
+      - uses: EmbarkStudios/cargo-deny-action@91bf2b620e09e18d6eb78b92e7861937469acedb # v2.0.17
         with:
           command: check advisories
diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml
@@ -23,4 +23,4 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
-      - uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2
+      - uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3
