Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-06-07 06:03:05 -04:00
Code Issues Projects Releases Packages Wiki Activity

deps: update GitHub action dependencies (#3399)

Browse source 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This commit is contained in:
renovate[bot] 2024-10-09 12:16:10 +02:00 committed by GitHub
parent b1cf9bc3fe
commit ac26c80a90
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
32 changed files with 65 additions and 65 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.github/actions/publish_helmchart/action.yml vendored
View file

@ -29,7 +29,7 @@ runs:
echo version=$(yq eval ".version" ${{ inputs.chartPath }}/Chart.yaml) | tee -a $GITHUB_OUTPUT echo version=$(yq eval ".version" ${{ inputs.chartPath }}/Chart.yaml) | tee -a $GITHUB_OUTPUT
- name: Create pull request - name: Create pull request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with: with:
path: helm path: helm
branch: "release/s3proxy/${{ steps.update-chart-version.outputs.version }}" branch: "release/s3proxy/${{ steps.update-chart-version.outputs.version }}"

2
.github/actions/setup_bazel_nix/action.yml vendored
View file

@ -113,7 +113,7 @@ runs:
- name: Install nix - name: Install nix
if: steps.check_inputs.outputs.nixPreinstalled == 'false' if: steps.check_inputs.outputs.nixPreinstalled == 'false'
uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 uses: cachix/install-nix-action@08dcb3a5e62fa31e2da3d490afc4176ef55ecd72 # v30
- name: Set $USER if not set - name: Set $USER if not set
shell: bash shell: bash

4
.github/workflows/aws-snp-launchmeasurement.yml vendored
View file

@ -8,7 +8,7 @@ on:
jobs: jobs:
run: run:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
@ -17,7 +17,7 @@ jobs:
path: constellation path: constellation
- name: Install Nix - name: Install Nix
uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 uses: cachix/install-nix-action@08dcb3a5e62fa31e2da3d490afc4176ef55ecd72 # v30
- name: Download Firmware release - name: Download Firmware release
id: download-firmware id: download-firmware

4
.github/workflows/build-ccm-gcp.yml vendored
View file

@ -13,7 +13,7 @@ on:
jobs: jobs:
find-ccm-versions: find-ccm-versions:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
outputs: outputs:
versions: ${{ steps.find-versions.outputs.versions }} versions: ${{ steps.find-versions.outputs.versions }}
latest: ${{ steps.find-latest.outputs.latest }} latest: ${{ steps.find-latest.outputs.latest }}
@ -54,7 +54,7 @@ jobs:
build-ccm-gcp: build-ccm-gcp:
# matrix cannot handle empty lists # matrix cannot handle empty lists
if: needs.find-ccm-versions.outputs.versions != '[]' if: needs.find-ccm-versions.outputs.versions != '[]'
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
contents: read contents: read
packages: write packages: write

2
.github/workflows/build-gcp-guest-agent.yml vendored
View file

@ -10,7 +10,7 @@ env:
jobs: jobs:
build-gcp-guest-agent: build-gcp-guest-agent:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
contents: read contents: read
packages: write packages: write

2
.github/workflows/build-libvirt-container.yml vendored
View file

@ -13,7 +13,7 @@ on:
jobs: jobs:
build-container: build-container:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
contents: read contents: read
packages: write packages: write

2
.github/workflows/build-logcollector-images.yml vendored
View file

@ -13,7 +13,7 @@ on:
jobs: jobs:
build-logcollector-debugd-images: build-logcollector-debugd-images:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
contents: read contents: read
packages: write packages: write

8
.github/workflows/build-os-image-scheduled.yml vendored
View file

@ -12,7 +12,7 @@ on:
jobs: jobs:
stream: stream:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
outputs: outputs:
stream: ${{ steps.stream.outputs.stream }} stream: ${{ steps.stream.outputs.stream }}
steps: steps:
@ -56,7 +56,7 @@ jobs:
# On nightly stream only. # On nightly stream only.
if: needs.stream.outputs.stream == 'nightly' if: needs.stream.outputs.stream == 'nightly'
needs: ["build-image", "stream"] needs: ["build-image", "stream"]
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
@ -97,7 +97,7 @@ jobs:
run: rm -f internal/attestation/measurements/measurement-generator/generate run: rm -f internal/attestation/measurements/measurement-generator/generate
- name: Create pull request - name: Create pull request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with: with:
branch: "image/automated/update-measurements-${{ github.run_number }}" branch: "image/automated/update-measurements-${{ github.run_number }}"
base: main base: main
@ -117,7 +117,7 @@ jobs:
notify-failure: notify-failure:
if: failure() if: failure()
needs: [ "stream", "build-image", "update-code" ] needs: [ "stream", "build-image", "update-code" ]
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

2
.github/workflows/build-os-image.yml vendored
View file

@ -47,7 +47,7 @@ on:
jobs: jobs:
build-settings: build-settings:
name: "Determine build settings" name: "Determine build settings"
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
outputs: outputs:
ref: ${{ steps.ref.outputs.ref }} ref: ${{ steps.ref.outputs.ref }}
stream: ${{ steps.stream.outputs.stream }} stream: ${{ steps.stream.outputs.stream }}

4
.github/workflows/check-links.yml vendored
View file

@ -17,7 +17,7 @@ on:
jobs: jobs:
linkChecker: linkChecker:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
@ -25,7 +25,7 @@ jobs:
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }} ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
- name: Link Checker - name: Link Checker
uses: lycheeverse/lychee-action@2b973e86fc7b1f6b36a93795fe2c9c6ae1118621 # v1.10.0 uses: lycheeverse/lychee-action@7da8ec1fc4e01b5a12062ac6c589c10a4ce70d67 # v2.0.0
with: with:
args: "--config ./.lychee.toml './**/*.md' './**/*.html'" args: "--config ./.lychee.toml './**/*.md' './**/*.html'"
fail: true fail: true

2
.github/workflows/codeql.yml vendored
View file

@ -17,7 +17,7 @@ on:
jobs: jobs:
codeql: codeql:
name: CodeQL name: CodeQL
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
env: env:
# Force CodeQL to run the extraction on the files compiled by our custom # Force CodeQL to run the extraction on the files compiled by our custom
# build command, as opposed to letting the autobuilder figure it out. # build command, as opposed to letting the autobuilder figure it out.

2
.github/workflows/docs-vale.yml vendored
View file

@ -13,7 +13,7 @@ on:
jobs: jobs:
vale: vale:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

16
.github/workflows/draft-release.yml vendored
View file

@ -50,7 +50,7 @@ on:
jobs: jobs:
build-cli: build-cli:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@ -110,7 +110,7 @@ jobs:
build/constellation-${{ matrix.os }}-${{ matrix.arch }}.exe.sig build/constellation-${{ matrix.os }}-${{ matrix.arch }}.exe.sig
build-terraform-provider: build-terraform-provider:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@ -165,7 +165,7 @@ jobs:
build/terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}.exe build/terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}.exe
upload-terraform-module: upload-terraform-module:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- name: Checkout - name: Checkout
id: checkout id: checkout
@ -177,7 +177,7 @@ jobs:
uses: ./.github/actions/upload_terraform_module uses: ./.github/actions/upload_terraform_module
push-containers: push-containers:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
if: inputs.pushContainers if: inputs.pushContainers
permissions: permissions:
actions: read actions: read
@ -208,7 +208,7 @@ jobs:
run: bazel run //bazel/release:push run: bazel run //bazel/release:push
provenance-subjects: provenance-subjects:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
needs: needs:
- build-cli - build-cli
- signed-sbom - signed-sbom
@ -252,7 +252,7 @@ jobs:
echo provenance-subjects="${HASHESB64}" >> "$GITHUB_OUTPUT" echo provenance-subjects="${HASHESB64}" >> "$GITHUB_OUTPUT"
signed-sbom: signed-sbom:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- name: Checkout - name: Checkout
id: checkout id: checkout
@ -321,7 +321,7 @@ jobs:
base64-subjects: "${{ needs.provenance-subjects.outputs.provenance-subjects }}" base64-subjects: "${{ needs.provenance-subjects.outputs.provenance-subjects }}"
provenance-verify: provenance-verify:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
env: env:
SLSA_VERIFIER_VERSION: "2.5.1" SLSA_VERIFIER_VERSION: "2.5.1"
needs: needs:
@ -395,7 +395,7 @@ jobs:
release: release:
permissions: permissions:
contents: write contents: write
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
needs: needs:
- build-cli - build-cli
- provenance - provenance

2
.github/workflows/e2e-attestationconfigapi.yml vendored
View file

@ -18,7 +18,7 @@ jobs:
max-parallel: 1 max-parallel: 1
matrix: matrix:
attestationVariant: ["azure-sev-snp", "azure-tdx", "aws-sev-snp", "gcp-sev-snp"] attestationVariant: ["azure-sev-snp", "azure-tdx", "aws-sev-snp", "gcp-sev-snp"]
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
contents: read contents: read

2
.github/workflows/e2e-mini.yml vendored
View file

@ -20,7 +20,7 @@ on:
jobs: jobs:
e2e-mini: e2e-mini:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
environment: e2e environment: e2e
permissions: permissions:
id-token: write id-token: write

6
.github/workflows/e2e-test-daily.yml vendored
View file

@ -12,7 +12,7 @@ jobs:
matrix: matrix:
refStream: ["ref/main/stream/debug/?", "ref/release/stream/stable/?"] refStream: ["ref/main/stream/debug/?", "ref/release/stream/stable/?"]
name: Find latest image name: Find latest image
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
contents: read contents: read
@ -49,7 +49,7 @@ jobs:
attestationVariant: ["gcp-sev-es", "gcp-sev-snp", "azure-sev-snp", "azure-tdx", "aws-sev-snp"] attestationVariant: ["gcp-sev-es", "gcp-sev-snp", "azure-sev-snp", "azure-tdx", "aws-sev-snp"]
refStream: ["ref/main/stream/debug/?", "ref/release/stream/stable/?"] refStream: ["ref/main/stream/debug/?", "ref/release/stream/stable/?"]
test: ["sonobuoy quick"] test: ["sonobuoy quick"]
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
checks: write checks: write
@ -150,7 +150,7 @@ jobs:
e2e-mini: e2e-mini:
name: Run miniconstellation E2E test name: Run miniconstellation E2E test
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
environment: e2e environment: e2e
permissions: permissions:
id-token: write id-token: write

2
.github/workflows/e2e-test-provider-example.yml vendored
View file

@ -63,7 +63,7 @@ on:
jobs: jobs:
provider-example-test: provider-example-test:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
contents: read contents: read

6
.github/workflows/e2e-test-weekly.yml vendored
View file

@ -12,7 +12,7 @@ jobs:
matrix: matrix:
refStream: ["ref/main/stream/nightly/?","ref/main/stream/debug/?", "ref/release/stream/stable/?"] refStream: ["ref/main/stream/nightly/?","ref/main/stream/debug/?", "ref/release/stream/stable/?"]
name: Find latest image name: Find latest image
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
contents: read contents: read
@ -313,7 +313,7 @@ jobs:
kubernetes-version: "v1.29" kubernetes-version: "v1.29"
clusterCreation: "cli" clusterCreation: "cli"
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
checks: write checks: write
@ -439,7 +439,7 @@ jobs:
e2e-mini: e2e-mini:
name: Run miniconstellation E2E test name: Run miniconstellation E2E test
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
environment: e2e environment: e2e
permissions: permissions:
id-token: write id-token: write

4
.github/workflows/e2e-test.yml vendored
View file

@ -129,7 +129,7 @@ on:
jobs: jobs:
generate-input-parameters: generate-input-parameters:
name: Generate input parameters name: Generate input parameters
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
contents: read contents: read
@ -165,7 +165,7 @@ jobs:
find-latest-image: find-latest-image:
name: Select image name: Select image
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
contents: read contents: read

10
.github/workflows/e2e-upgrade.yml vendored
View file

@ -98,7 +98,7 @@ on:
jobs: jobs:
generate-input-parameters: generate-input-parameters:
name: Generate input parameters name: Generate input parameters
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
contents: read contents: read
@ -134,7 +134,7 @@ jobs:
build-target-cli: build-target-cli:
name: Build upgrade target version CLI name: Build upgrade target version CLI
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
checks: write checks: write
@ -185,7 +185,7 @@ jobs:
create-cluster: create-cluster:
name: Create upgrade origin version cluster name: Create upgrade origin version cluster
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
checks: write checks: write
@ -271,7 +271,7 @@ jobs:
e2e-upgrade: e2e-upgrade:
name: Run upgrade test name: Run upgrade test
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
checks: write checks: write
@ -436,7 +436,7 @@ jobs:
clean-up: clean-up:
name: Clean up resources name: Clean up resources
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
checks: write checks: write

4
.github/workflows/e2e-windows.yml vendored
View file

@ -13,7 +13,7 @@ on:
jobs: jobs:
build-cli: build-cli:
name: Build Windows CLI name: Build Windows CLI
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
checks: write checks: write
@ -178,7 +178,7 @@ jobs:
notify-failure: notify-failure:
name: Notify about failure name: Notify about failure
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
needs: e2e-test needs: e2e-test
if: | if: |
failure() && failure() &&

8
.github/workflows/on-release.yml vendored
View file

@ -15,7 +15,7 @@ on:
jobs: jobs:
complete-release-branch-transaction: complete-release-branch-transaction:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
contents: write contents: write
@ -44,7 +44,7 @@ jobs:
git push origin "${WORKING_BRANCH}":"${RELEASE_BRANCH}" git push origin "${WORKING_BRANCH}":"${RELEASE_BRANCH}"
update: update:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
outputs: outputs:
latest: ${{ steps.input-passthrough.outputs.latest }}${{ steps.check-last-release.outputs.latest }} latest: ${{ steps.input-passthrough.outputs.latest }}${{ steps.check-last-release.outputs.latest }}
steps: steps:
@ -117,7 +117,7 @@ jobs:
add-image-version-to-versionsapi, add-image-version-to-versionsapi,
add-cli-version-to-versionsapi, add-cli-version-to-versionsapi,
] ]
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
contents: write contents: write
@ -131,7 +131,7 @@ jobs:
mirror-gcp-mpi: mirror-gcp-mpi:
name: "Mirror GCP Marketplace Image" name: "Mirror GCP Marketplace Image"
needs: [add-image-version-to-versionsapi] needs: [add-image-version-to-versionsapi]
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
contents: read contents: read

2
.github/workflows/purge-main.yml vendored
View file

@ -10,7 +10,7 @@ on:
jobs: jobs:
find-version: find-version:
name: Delete version from main ref name: Delete version from main ref
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
outputs: outputs:
version: ${{ steps.find.outputs.version }} version: ${{ steps.find.outputs.version }}
permissions: permissions:

12
.github/workflows/release.yml vendored
View file

@ -19,7 +19,7 @@ concurrency:
jobs: jobs:
verify-inputs: verify-inputs:
name: Verify inputs name: Verify inputs
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
env: env:
FULL_VERSION: ${{ inputs.version }} FULL_VERSION: ${{ inputs.version }}
outputs: outputs:
@ -74,7 +74,7 @@ jobs:
docs: docs:
name: Create docs release (from main) name: Create docs release (from main)
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
if: inputs.kind == 'minor' if: inputs.kind == 'minor'
needs: verify-inputs needs: verify-inputs
permissions: permissions:
@ -96,7 +96,7 @@ jobs:
npm run docusaurus docs:version "${MAJOR_MINOR}" npm run docusaurus docs:version "${MAJOR_MINOR}"
- name: Create docs pull request - name: Create docs pull request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with: with:
branch: ${{ env.BRANCH }} branch: ${{ env.BRANCH }}
base: main base: main
@ -114,7 +114,7 @@ jobs:
check-working-branch: check-working-branch:
name: Check temporary working branch name: Check temporary working branch
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
needs: verify-inputs needs: verify-inputs
permissions: permissions:
contents: write contents: write
@ -152,7 +152,7 @@ jobs:
update-versions: update-versions:
name: Update container image versions name: Update container image versions
needs: [verify-inputs, check-working-branch] needs: [verify-inputs, check-working-branch]
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
contents: write contents: write
packages: read packages: read
@ -220,7 +220,7 @@ jobs:
needs: [verify-inputs, os-image] needs: [verify-inputs, os-image]
permissions: permissions:
contents: write contents: write
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
env: env:
VERSION: ${{ inputs.version }} VERSION: ${{ inputs.version }}
WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }} WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }}

4
.github/workflows/reproducible-builds.yml vendored
View file

@ -132,7 +132,7 @@ jobs:
- "cli_enterprise_linux_amd64" - "cli_enterprise_linux_amd64"
- "cli_enterprise_linux_arm64" - "cli_enterprise_linux_arm64"
- "cli_enterprise_windows_amd64" - "cli_enterprise_windows_amd64"
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with: with:
@ -166,7 +166,7 @@ jobs:
- "aws_aws-nitro-tpm_console" - "aws_aws-nitro-tpm_console"
- "qemu_qemu-vtpm_debug" - "qemu_qemu-vtpm_debug"
- "gcp_gcp-sev-snp_nightly" - "gcp_gcp-sev-snp_nightly"
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with: with:

2
.github/workflows/scorecard.yml vendored
View file

@ -9,7 +9,7 @@ on:
jobs: jobs:
analysis: analysis:
name: Scorecard analysis name: Scorecard analysis
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
# Needed to upload the results to code-scanning dashboard. # Needed to upload the results to code-scanning dashboard.
security-events: write security-events: write

2
.github/workflows/sync-terraform-docs.yml vendored
View file

@ -40,7 +40,7 @@ jobs:
- name: Create pull request - name: Create pull request
id: create-pull-request id: create-pull-request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with: with:
path: terraform-provider-constellation path: terraform-provider-constellation
branch: "feat/docs/update" branch: "feat/docs/update"

2
.github/workflows/test-integration.yml vendored
View file

@ -20,7 +20,7 @@ on:
jobs: jobs:
integration-test: integration-test:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
env: env:
CTEST_OUTPUT_ON_FAILURE: True CTEST_OUTPUT_ON_FAILURE: True
steps: steps:

2
.github/workflows/test-operator-codegen.yml vendored
View file

@ -18,7 +18,7 @@ on:
jobs: jobs:
govulncheck: govulncheck:
name: check-codegen name: check-codegen
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

2
.github/workflows/test-tfsec.yml vendored
View file

@ -17,7 +17,7 @@ on:
jobs: jobs:
tfsec: tfsec:
name: tfsec name: tfsec
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
contents: read contents: read
pull-requests: write pull-requests: write

4
.github/workflows/update-rpms.yml vendored
View file

@ -7,7 +7,7 @@ on:
jobs: jobs:
update-rpms: update-rpms:
runs-on: "ubuntu-22.04" runs-on: "ubuntu-24.04"
permissions: permissions:
id-token: write id-token: write
contents: read contents: read
@ -39,7 +39,7 @@ jobs:
fi fi
- name: Create pull request - name: Create pull request
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with: with:
branch: "image/automated/update-rpms-${{ github.run_number }}" branch: "image/automated/update-rpms-${{ github.run_number }}"
base: main base: main

2
.github/workflows/versionsapi.yml vendored
View file

@ -106,7 +106,7 @@ concurrency:
jobs: jobs:
versionsapi: versionsapi:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
permissions: permissions:
id-token: write id-token: write
contents: read contents: read