ci: upgrade deprecated GitHub Actions to v4

- actions/cache v2 → v4
- actions/upload-artifact v2 → v4
- actions/download-artifact v2 → v4
- actions/checkout v2 → v4
- docker/build-push-action v1 → v6 (+ docker/login-action v3)
- github/codeql-action/upload-sarif v1 → v3

Fixes: deprecated action versions causing workflow failures

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: vsilent

.github/workflows/codacy-analysis.yml

@@ -21,7 +21,7 @@ jobs:
     steps:
       # Checkout the repository to the GitHub Actions runner
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI
@@ -41,6 +41,6 @@ jobs:
 
       # Upload the SARIF file generated in the previous step
       - name: Upload SARIF results file
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: results.sarif

.github/workflows/docker.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: [self-hosted, linux]
     steps:
       - name: Checkout sources
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Install stable toolchain
         uses: actions-rs/toolchain@v1
@@ -27,7 +27,7 @@ jobs:
           components: rustfmt, clippy
 
       - name: Cache cargo registry
-        uses: actions/cache@v2.1.6
+        uses: actions/cache@v4
         with:
           path: ~/.cargo/registry
           key: docker-registry-${{ hashFiles('**/Cargo.lock') }}
@@ -36,7 +36,7 @@ jobs:
             docker-
 
       - name: Cache cargo index
-        uses: actions/cache@v2.1.6
+        uses: actions/cache@v4
         with:
           path: ~/.cargo/git
           key: docker-index-${{ hashFiles('**/Cargo.lock') }}
@@ -49,7 +49,7 @@ jobs:
           head -c16 /dev/urandom > src/secret.key
 
       - name: Cache cargo build
-        uses: actions/cache@v2.1.6
+        uses: actions/cache@v4
         with:
           path: target
           key: docker-build-${{ hashFiles('**/Cargo.lock') }}
@@ -102,15 +102,15 @@ jobs:
       #   npm test
 
       - name: Archive production artifacts
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         with:
           name: dist-without-markdown
           path: |
             web/dist
             !web/dist/**/*.md
 
 #      - name: Archive code coverage results
-#        uses: actions/upload-artifact@v2
+#        uses: actions/upload-artifact@v4
 #        with:
 #          name: code-coverage-report
 #          path: output/test/code-coverage.html
@@ -129,7 +129,7 @@ jobs:
           cd ..
 
       - name: Upload app archive for Docker job
-        uses: actions/upload-artifact@v2.2.2
+        uses: actions/upload-artifact@v4
         with:
           name: artifact-linux-docker
           path: app.tar.gz
@@ -141,7 +141,7 @@ jobs:
     needs: cicd-linux-docker
     steps:
       - name: Download app archive
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v4
         with:
           name: artifact-linux-docker
 
@@ -151,12 +151,14 @@ jobs:
       - name: Display structure of downloaded files
         run: ls -R
 
-      - name: Docker build and publish
-        uses: docker/build-push-action@v1
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
-          repository: trydirect/stackdog
-          add_git_labels: true
-          tag_with_ref: true
-          #no-cache: true
+
+      - name: Docker build and publish
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          tags: trydirect/stackdog:latest