diff --git a/.github/workflows/ccip-integration-test.yml b/.github/workflows/ccip-integration-test.yml index 1dd336b0b..99ec6f928 100644 --- a/.github/workflows/ccip-integration-test.yml +++ b/.github/workflows/ccip-integration-test.yml @@ -61,7 +61,7 @@ jobs: runs-on: ubuntu-latest-4cores-16GB steps: - name: Checkout Repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 - name: Restore cached docker images id: docker-cache-restore @@ -108,7 +108,7 @@ jobs: - name: Checkout Chainlink Core repo if: steps.core-cache.outputs.cache-hit != 'true' - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: repository: smartcontractkit/chainlink ref: ${{ steps.read_core_ref.outputs.CORE_REF }} diff --git a/.github/workflows/changesets.yml b/.github/workflows/changesets.yml index e5c9a4d62..ae7f2535d 100644 --- a/.github/workflows/changesets.yml +++ b/.github/workflows/changesets.yml @@ -29,5 +29,5 @@ jobs: changesets-root-version-package-path: ./pkg/package.json pnpm-use-cache: false aws-region: ${{ vars.AWS_REGION }} - aws-role-arn: ${{ secrets.AWS_ROLE_ARN_GATI_READONLY_CHANGESETS }} + aws-role-arn: ${{ secrets.AWS_OIDC_CHAINLINK_TON_CHANGESETS_TOKEN_ISSUER_ROLE_ARN }} aws-lambda-url: ${{ secrets.AWS_LAMBDA_URL_GATI_CHANGESETS }} diff --git a/.github/workflows/contracts-build.yml b/.github/workflows/contracts-build.yml index f546d9c27..8d9b39734 100644 --- a/.github/workflows/contracts-build.yml +++ b/.github/workflows/contracts-build.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 - name: Install Nix uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31 with: @@ -32,7 +32,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 - name: Install Nix uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31 @@ -48,12 +48,12 @@ jobs: steps: - name: Check out PR code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 with: path: "pr-branch" - name: Check out base branch code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 with: ref: ${{ github.event.pull_request.base.sha }} path: "base-branch" diff --git a/.github/workflows/contracts-fmt.yml b/.github/workflows/contracts-fmt.yml index 7ea76e66f..f2e051e6e 100644 --- a/.github/workflows/contracts-fmt.yml +++ b/.github/workflows/contracts-fmt.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 - name: Install Nix uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31 diff --git a/.github/workflows/contracts-publish-compiled-artifacts.yml b/.github/workflows/contracts-publish-compiled-artifacts.yml index 0fdebc6ff..daa338c8b 100644 --- a/.github/workflows/contracts-publish-compiled-artifacts.yml +++ b/.github/workflows/contracts-publish-compiled-artifacts.yml @@ -29,7 +29,7 @@ jobs: ton_changes: ${{ steps.changes.outputs.ton_changes }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: persist-credentials: false - name: Detect changes @@ -51,7 +51,7 @@ jobs: contents: write steps: - name: Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 with: fetch-depth: 0 diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 3e1bf9e5b..4d5158458 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 - name: Install Nix uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31 diff --git a/.github/workflows/relayer-build.yml b/.github/workflows/relayer-build.yml index c6567650c..5021ce759 100644 --- a/.github/workflows/relayer-build.yml +++ b/.github/workflows/relayer-build.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 - name: Install Nix uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31 @@ -33,7 +33,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 - name: Install Nix uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31 @@ -53,7 +53,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 - name: Install Nix uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31 diff --git a/.github/workflows/relayer-integration-test.yml b/.github/workflows/relayer-integration-test.yml index 529f67da9..8f232db46 100644 --- a/.github/workflows/relayer-integration-test.yml +++ b/.github/workflows/relayer-integration-test.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 - name: Install Nix uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31 diff --git a/.github/workflows/relayer-publish.yml b/.github/workflows/relayer-publish.yml index c86f14ee2..ea732aceb 100644 --- a/.github/workflows/relayer-publish.yml +++ b/.github/workflows/relayer-publish.yml @@ -51,7 +51,7 @@ jobs: registries: "${{ secrets.AWS_ACCOUNT_ID_STAGING}}" - name: Checkout Repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 # Core Image Detection Script - name: Detect and Configure Core Image @@ -93,7 +93,7 @@ jobs: secrets: AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_STAGING }} AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_ROLE_PUBLISH_ARN_STAGING }} - AWS_ROLE_GATI_ARN: ${{ secrets.AWS_ROLE_ARN_GATI_READONLY }} + AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_LAMBDA_URL_GATI }} # Builds the final image combining Chainlink core with the TON relayer @@ -129,7 +129,7 @@ jobs: secrets: AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_STAGING }} AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_ROLE_PUBLISH_ARN_STAGING }} - AWS_ROLE_GATI_ARN: ${{ secrets.AWS_ROLE_ARN_GATI_READONLY }} + AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_LAMBDA_URL_GATI }} DOCKER_BUILD_ARGS: | CHAINLINK_USER=chainlink diff --git a/.github/workflows/staging-monitor.yml b/.github/workflows/staging-monitor.yml index 810b56f55..1e6fc31b4 100644 --- a/.github/workflows/staging-monitor.yml +++ b/.github/workflows/staging-monitor.yml @@ -44,7 +44,7 @@ jobs: WHEN: "${{ github.run_started_at }}" # ISO8601 steps: - name: Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@v5 - name: Install Nix uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31