Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-02-11 04:28:37 -05:00
Code Issues Packages Projects Releases Wiki Activity

deps: update GitHub action dependencies (#3399)

Browse Source 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This commit is contained in:
renovate[bot] 2024-10-09 12:16:10 +02:00 committed by GitHub
parent b1cf9bc3fe
commit ac26c80a90
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
32 changed files with 65 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/actions/publish_helmchart/action.yml vendored
View File

@ -29,7 +29,7 @@ runs:
echo version=$(yq eval ".version" ${{ inputs.chartPath }}/Chart.yaml) | tee -a $GITHUB_OUTPUT
- name: Create pull request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with:
path: helm
branch: "release/s3proxy/${{ steps.update-chart-version.outputs.version }}"

2
.github/actions/setup_bazel_nix/action.yml vendored
View File

@ -113,7 +113,7 @@ runs:
- name: Install nix
if: steps.check_inputs.outputs.nixPreinstalled == 'false'
uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27
uses: cachix/install-nix-action@08dcb3a5e62fa31e2da3d490afc4176ef55ecd72 # v30
- name: Set $USER if not set
shell: bash

4
.github/workflows/aws-snp-launchmeasurement.yml vendored
View File

@ -8,7 +8,7 @@ on:
jobs:
run:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
@ -17,7 +17,7 @@ jobs:
path: constellation
- name: Install Nix
uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27
uses: cachix/install-nix-action@08dcb3a5e62fa31e2da3d490afc4176ef55ecd72 # v30
- name: Download Firmware release
id: download-firmware

4
.github/workflows/build-ccm-gcp.yml vendored
View File

@ -13,7 +13,7 @@ on:
jobs:
find-ccm-versions:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
outputs:
versions: ${{ steps.find-versions.outputs.versions }}
latest: ${{ steps.find-latest.outputs.latest }}
@ -54,7 +54,7 @@ jobs:
build-ccm-gcp:
# matrix cannot handle empty lists
if: needs.find-ccm-versions.outputs.versions != '[]'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
contents: read
packages: write

2
.github/workflows/build-gcp-guest-agent.yml vendored
View File

@ -10,7 +10,7 @@ env:
jobs:
build-gcp-guest-agent:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
contents: read
packages: write

2
.github/workflows/build-libvirt-container.yml vendored
View File

@ -13,7 +13,7 @@ on:
jobs:
build-container:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
contents: read
packages: write

2
.github/workflows/build-logcollector-images.yml vendored
View File

@ -13,7 +13,7 @@ on:
jobs:
build-logcollector-debugd-images:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
contents: read
packages: write

8
.github/workflows/build-os-image-scheduled.yml vendored
View File

@ -12,7 +12,7 @@ on:
jobs:
stream:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
outputs:
stream: ${{ steps.stream.outputs.stream }}
steps:
@ -56,7 +56,7 @@ jobs:
# On nightly stream only.
if: needs.stream.outputs.stream == 'nightly'
needs: ["build-image", "stream"]
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
@ -97,7 +97,7 @@ jobs:
run: rm -f internal/attestation/measurements/measurement-generator/generate
- name: Create pull request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with:
branch: "image/automated/update-measurements-${{ github.run_number }}"
base: main
@ -117,7 +117,7 @@ jobs:
notify-failure:
if: failure()
needs: [ "stream", "build-image", "update-code" ]
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

2
.github/workflows/build-os-image.yml vendored
View File

@ -47,7 +47,7 @@ on:
jobs:
build-settings:
name: "Determine build settings"
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
outputs:
ref: ${{ steps.ref.outputs.ref }}
stream: ${{ steps.stream.outputs.stream }}

4
.github/workflows/check-links.yml vendored
View File

@ -17,7 +17,7 @@ on:
jobs:
linkChecker:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
@ -25,7 +25,7 @@ jobs:
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
- name: Link Checker
uses: lycheeverse/lychee-action@2b973e86fc7b1f6b36a93795fe2c9c6ae1118621 # v1.10.0
uses: lycheeverse/lychee-action@7da8ec1fc4e01b5a12062ac6c589c10a4ce70d67 # v2.0.0
with:
args: "--config ./.lychee.toml './**/*.md' './**/*.html'"
fail: true

2
.github/workflows/codeql.yml vendored
View File

@ -17,7 +17,7 @@ on:
jobs:
codeql:
name: CodeQL
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
env:
# Force CodeQL to run the extraction on the files compiled by our custom
# build command, as opposed to letting the autobuilder figure it out.

2
.github/workflows/docs-vale.yml vendored
View File

@ -13,7 +13,7 @@ on:
jobs:
vale:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

16
.github/workflows/draft-release.yml vendored
View File

@ -50,7 +50,7 @@ on:
jobs:
build-cli:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
@ -110,7 +110,7 @@ jobs:
build/constellation-${{ matrix.os }}-${{ matrix.arch }}.exe.sig
build-terraform-provider:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
@ -165,7 +165,7 @@ jobs:
build/terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}.exe
upload-terraform-module:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Checkout
id: checkout
@ -177,7 +177,7 @@ jobs:
uses: ./.github/actions/upload_terraform_module
push-containers:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
if: inputs.pushContainers
permissions:
actions: read
@ -208,7 +208,7 @@ jobs:
run: bazel run //bazel/release:push
provenance-subjects:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
needs:
- build-cli
- signed-sbom
@ -252,7 +252,7 @@ jobs:
echo provenance-subjects="${HASHESB64}" >> "$GITHUB_OUTPUT"
signed-sbom:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Checkout
id: checkout
@ -321,7 +321,7 @@ jobs:
base64-subjects: "${{ needs.provenance-subjects.outputs.provenance-subjects }}"
provenance-verify:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
env:
SLSA_VERIFIER_VERSION: "2.5.1"
needs:
@ -395,7 +395,7 @@ jobs:
release:
permissions:
contents: write
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
needs:
- build-cli
- provenance

2
.github/workflows/e2e-attestationconfigapi.yml vendored
View File

@ -18,7 +18,7 @@ jobs:
max-parallel: 1
matrix:
attestationVariant: ["azure-sev-snp", "azure-tdx", "aws-sev-snp", "gcp-sev-snp"]
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: read

2
.github/workflows/e2e-mini.yml vendored
View File

@ -20,7 +20,7 @@ on:
jobs:
e2e-mini:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
environment: e2e
permissions:
id-token: write

6
.github/workflows/e2e-test-daily.yml vendored
View File

@ -12,7 +12,7 @@ jobs:
matrix:
refStream: ["ref/main/stream/debug/?", "ref/release/stream/stable/?"]
name: Find latest image
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: read
@ -49,7 +49,7 @@ jobs:
attestationVariant: ["gcp-sev-es", "gcp-sev-snp", "azure-sev-snp", "azure-tdx", "aws-sev-snp"]
refStream: ["ref/main/stream/debug/?", "ref/release/stream/stable/?"]
test: ["sonobuoy quick"]
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
checks: write
@ -150,7 +150,7 @@ jobs:
e2e-mini:
name: Run miniconstellation E2E test
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
environment: e2e
permissions:
id-token: write

2
.github/workflows/e2e-test-provider-example.yml vendored
View File

@ -63,7 +63,7 @@ on:
jobs:
provider-example-test:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: read

6
.github/workflows/e2e-test-weekly.yml vendored
View File

@ -12,7 +12,7 @@ jobs:
matrix:
refStream: ["ref/main/stream/nightly/?","ref/main/stream/debug/?", "ref/release/stream/stable/?"]
name: Find latest image
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: read
@ -313,7 +313,7 @@ jobs:
kubernetes-version: "v1.29"
clusterCreation: "cli"
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
checks: write
@ -439,7 +439,7 @@ jobs:
e2e-mini:
name: Run miniconstellation E2E test
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
environment: e2e
permissions:
id-token: write

4
.github/workflows/e2e-test.yml vendored
View File

@ -129,7 +129,7 @@ on:
jobs:
generate-input-parameters:
name: Generate input parameters
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: read
@ -165,7 +165,7 @@ jobs:
find-latest-image:
name: Select image
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: read

10
.github/workflows/e2e-upgrade.yml vendored
View File

@ -98,7 +98,7 @@ on:
jobs:
generate-input-parameters:
name: Generate input parameters
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: read
@ -134,7 +134,7 @@ jobs:
build-target-cli:
name: Build upgrade target version CLI
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
checks: write
@ -185,7 +185,7 @@ jobs:
create-cluster:
name: Create upgrade origin version cluster
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
checks: write
@ -271,7 +271,7 @@ jobs:
e2e-upgrade:
name: Run upgrade test
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
checks: write
@ -436,7 +436,7 @@ jobs:
clean-up:
name: Clean up resources
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
checks: write

4
.github/workflows/e2e-windows.yml vendored
View File

@ -13,7 +13,7 @@ on:
jobs:
build-cli:
name: Build Windows CLI
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
checks: write
@ -178,7 +178,7 @@ jobs:
notify-failure:
name: Notify about failure
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
needs: e2e-test
if: |
failure() &&

8
.github/workflows/on-release.yml vendored
View File

@ -15,7 +15,7 @@ on:
jobs:
complete-release-branch-transaction:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: write
@ -44,7 +44,7 @@ jobs:
git push origin "${WORKING_BRANCH}":"${RELEASE_BRANCH}"
update:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
outputs:
latest: ${{ steps.input-passthrough.outputs.latest }}${{ steps.check-last-release.outputs.latest }}
steps:
@ -117,7 +117,7 @@ jobs:
add-image-version-to-versionsapi,
add-cli-version-to-versionsapi,
]
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: write
@ -131,7 +131,7 @@ jobs:
mirror-gcp-mpi:
name: "Mirror GCP Marketplace Image"
needs: [add-image-version-to-versionsapi]
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: read

2
.github/workflows/purge-main.yml vendored
View File

@ -10,7 +10,7 @@ on:
jobs:
find-version:
name: Delete version from main ref
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
outputs:
version: ${{ steps.find.outputs.version }}
permissions:

12
.github/workflows/release.yml vendored
View File

@ -19,7 +19,7 @@ concurrency:
jobs:
verify-inputs:
name: Verify inputs
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
env:
FULL_VERSION: ${{ inputs.version }}
outputs:
@ -74,7 +74,7 @@ jobs:
docs:
name: Create docs release (from main)
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
if: inputs.kind == 'minor'
needs: verify-inputs
permissions:
@ -96,7 +96,7 @@ jobs:
npm run docusaurus docs:version "${MAJOR_MINOR}"
- name: Create docs pull request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with:
branch: ${{ env.BRANCH }}
base: main
@ -114,7 +114,7 @@ jobs:
check-working-branch:
name: Check temporary working branch
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
needs: verify-inputs
permissions:
contents: write
@ -152,7 +152,7 @@ jobs:
update-versions:
name: Update container image versions
needs: [verify-inputs, check-working-branch]
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
contents: write
packages: read
@ -220,7 +220,7 @@ jobs:
needs: [verify-inputs, os-image]
permissions:
contents: write
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
env:
VERSION: ${{ inputs.version }}
WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }}

4
.github/workflows/reproducible-builds.yml vendored
View File

@ -132,7 +132,7 @@ jobs:
- "cli_enterprise_linux_amd64"
- "cli_enterprise_linux_arm64"
- "cli_enterprise_windows_amd64"
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
@ -166,7 +166,7 @@ jobs:
- "aws_aws-nitro-tpm_console"
- "qemu_qemu-vtpm_debug"
- "gcp_gcp-sev-snp_nightly"
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:

2
.github/workflows/scorecard.yml vendored
View File

@ -9,7 +9,7 @@ on:
jobs:
analysis:
name: Scorecard analysis
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write

2
.github/workflows/sync-terraform-docs.yml vendored
View File

@ -40,7 +40,7 @@ jobs:
- name: Create pull request
id: create-pull-request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with:
path: terraform-provider-constellation
branch: "feat/docs/update"

2
.github/workflows/test-integration.yml vendored
View File

@ -20,7 +20,7 @@ on:
jobs:
integration-test:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
env:
CTEST_OUTPUT_ON_FAILURE: True
steps:

2
.github/workflows/test-operator-codegen.yml vendored
View File

@ -18,7 +18,7 @@ on:
jobs:
govulncheck:
name: check-codegen
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

2
.github/workflows/test-tfsec.yml vendored
View File

@ -17,7 +17,7 @@ on:
jobs:
tfsec:
name: tfsec
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
contents: read
pull-requests: write

4
.github/workflows/update-rpms.yml vendored
View File

@ -7,7 +7,7 @@ on:
jobs:
update-rpms:
runs-on: "ubuntu-22.04"
runs-on: "ubuntu-24.04"
permissions:
id-token: write
contents: read
@ -39,7 +39,7 @@ jobs:
fi
- name: Create pull request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with:
branch: "image/automated/update-rpms-${{ github.run_number }}"
base: main

2
.github/workflows/versionsapi.yml vendored
View File

@ -106,7 +106,7 @@ concurrency:
jobs:
versionsapi:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: read