diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index b81dca3..c7bac64 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -104,14 +104,14 @@ jobs: uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Download build image - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 if: ${{ github.event_name == 'pull_request' }} with: name: ${{ needs.build.outputs.image-slug }} path: /tmp - name: Download test image - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 if: ${{ github.event_name == 'pull_request' }} with: name: ${{ needs.build.outputs.image-slug }}-test diff --git a/.github/workflows/standard-build.yaml b/.github/workflows/standard-build.yaml index 5411bb7..dc16f34 100644 --- a/.github/workflows/standard-build.yaml +++ b/.github/workflows/standard-build.yaml @@ -201,7 +201,7 @@ jobs: - name: Upload test image if: ${{ (inputs.enable-build-test-layer == true) && (inputs.enable-upload-test-image == true) }} - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: ${{ steps.slugify-image.outputs.slug }}-test path: | @@ -229,7 +229,7 @@ jobs: - name: Upload container image if: ${{ github.event_name == 'pull_request' && inputs.enable-upload-image == true }} - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: ${{ steps.slugify-image.outputs.slug }} path: | @@ -259,7 +259,7 @@ jobs: "${IMAGE_TO_SCAN}" - name: Upload image vulnerability attestation - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 if: ${{ inputs.enable-trivy-scan }} with: name: ${{ steps.slugify-image.outputs.slug }}-trivy-attestation @@ -305,7 +305,7 @@ jobs: trivy image --format spdx-json -o "sboms/$IMAGE_SLUG-sbom.spdx.json" "$IMAGE_TO_SCAN" - name: Upload SBOMs - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: ${{ steps.slugify-image.outputs.slug }}-sboms path: | @@ -394,7 +394,7 @@ jobs: password: ${{ secrets.github-token }} - name: Download attestations - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: ${{ needs.build.outputs.image-slug }}-trivy-attestation path: /tmp @@ -456,7 +456,7 @@ jobs: egress-policy: audit # change to 'egress-policy: block' after couple of runs - name: Download sboms - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: ${{ needs.build.outputs.image-slug }}-sboms path: ./sboms diff --git a/.github/workflows/standard-lint.yaml b/.github/workflows/standard-lint.yaml index ef1577b..5c193f1 100644 --- a/.github/workflows/standard-lint.yaml +++ b/.github/workflows/standard-lint.yaml @@ -94,7 +94,7 @@ jobs: # Upload MegaLinter artifacts - name: Archive production artifacts if: ${{ always() }} - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: MegaLinter reports path: |