File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -48,11 +48,11 @@ jobs:
4848 steps :
4949 - name : Checkout Source
5050 uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
51- - uses : actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2 .0
51+ - uses : actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3 .0
5252 with :
5353 go-version-file : ' go.mod'
5454 - name : Run Gosec Security Scanner
55- uses : securego/gosec@398ad549bbf1a51dc978fd966169f660c59774de # v2.23.0
55+ uses : securego/gosec@bb17e422fc34bf4c0a2e5cab9d07dc45a68c040c # v2.24.7
5656 with :
5757 args : ' -no-fail -fmt sarif -out gosec.sarif ./...'
5858 - name : Upload SARIF file
6565 steps :
6666 - name : Checkout
6767 uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
68- - uses : actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2 .0
68+ - uses : actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3 .0
6969 with :
7070 go-version-file : ' go.mod'
7171 - name : Unit Test
Original file line number Diff line number Diff line change 2828 - name : ko build
2929 run : VERSION=${{ github.sha }} make ko-build-all
3030 - name : Trivy Scan Image
31- uses : aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # v0.34.2
31+ uses : aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.35.0
3232 with :
3333 scan-type : ' fs'
3434 ignore-unfixed : true
Original file line number Diff line number Diff line change @@ -28,15 +28,15 @@ jobs:
2828 with :
2929 build-cache-key : publish-images
3030 - name : Run Trivy vulnerability (Repo)
31- uses : aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # v0.34.2
31+ uses : aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.35.0
3232 with :
3333 scan-type : ' fs'
3434 ignore-unfixed : true
3535 format : ' sarif'
3636 output : ' trivy-results.sarif'
3737 severity : ' CRITICAL,HIGH'
3838 - name : Install Cosign
39- uses : sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0 .0
39+ uses : sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1 .0
4040 - name : Publish Capsule
4141 id : publish-capsule
4242 uses : peak-scale/github-actions/make-ko-publish@a441cca016861c546ab7e065277e40ce41a3eb84 # v0.2.0
Original file line number Diff line number Diff line change 2828 - uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2929 with :
3030 fetch-depth : 0
31- - uses : actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2 .0
31+ - uses : actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3 .0
3232 with :
3333 go-version-file : ' go.mod'
3434 - uses : azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4
Original file line number Diff line number Diff line change 4545 chart-digest : ${{ steps.helm_publish.outputs.digest }}
4646 steps :
4747 - uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
48- - uses : sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0 .0
48+ - uses : sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1 .0
4949 - name : " Extract Version"
5050 id : extract_version
5151 run : |
Original file line number Diff line number Diff line change 1818 - uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
1919 with :
2020 fetch-depth : 0
21- - uses : actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2 .0
21+ - uses : actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3 .0
2222 with :
2323 go-version-file : ' go.mod'
2424 - name : Generate manifests
4545 runs-on : ubuntu-24.04
4646 steps :
4747 - uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
48- - uses : actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2 .0
48+ - uses : actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3 .0
4949 with :
5050 go-version-file : ' go.mod'
5151 - name : Run golangci-lint
Original file line number Diff line number Diff line change 2828 - uses : creekorful/goreportcard-action@1f35ced8cdac2cba28c9a2f2288a16aacfd507f9 # v1.0
2929 - uses : anchore/sbom-action/download-syft@57aae528053a48a3f6235f2d9461b05fbcb7366d
3030 - name : Install Cosign
31- uses : sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0 .0
31+ uses : sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1 .0
3232 - name : Run GoReleaser
3333 uses : goreleaser/goreleaser-action@ec59f474b9834571250b370d4735c50f8e2d1e29 # v7.0.0
3434 with :
You can’t perform that action at this time.
0 commit comments