diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index d86165df6..60eb88413 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -32,11 +32,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up python id: setup-python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: 3.13 @@ -55,7 +55,7 @@ jobs: #---------------------------------------------- - name: Load cached venv id: cached-poetry-dependencies - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: .venv key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }} @@ -100,7 +100,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Install ORAS id: install_oras @@ -108,23 +108,23 @@ jobs: - name: Install Cosign id: install_cosign - uses: sigstore/cosign-installer@v2.8.1 + uses: sigstore/cosign-installer@v3.7.0 - name: Set up QEMU - uses: docker/setup-qemu-action@v2.1.0 + uses: docker/setup-qemu-action@v3.2.0 with: platforms: all # Workaround: https://github.com/docker/build-push-action/issues/461 - name: Setup Docker buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 # Login against a Docker Hub registry except on PR # https://github.com/docker/login-action - name: Login to Docker Hub id: docker_hub_login if: github.event_name != 'pull_request' && contains(github.ref, 'refs/tags/') - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: docker.io username: ${{ github.actor }} @@ -135,7 +135,7 @@ jobs: - name: Login to GitHub Container Registry id: ghcr_login if: github.event_name != 'pull_request' && contains(github.ref, 'refs/tags/') - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} @@ -161,7 +161,7 @@ jobs: - name: Extract Docker metadata if: github.event_name != 'pull_request' && contains(github.ref, 'refs/tags/') id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: | docker.io/${{ env.IMAGE_NAME }} @@ -181,7 +181,7 @@ jobs: # Build Docker image with Buildx and don't push it - name: Build Docker image id: build-docker-image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v6 with: context: . platforms: linux/arm64/v8,linux/amd64 @@ -191,7 +191,7 @@ jobs: - name: Run Snyk to check Docker image for vulnerabilities id: docker-image-scan continue-on-error: true - uses: snyk/actions/docker@0.3.0 + uses: snyk/actions/docker@0.4.0 env: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} with: @@ -200,7 +200,7 @@ jobs: - name: Upload result to GitHub Code Scanning if: hashFiles('snyk.sarif') != '' - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: snyk.sarif @@ -214,7 +214,7 @@ jobs: - name: Build and push Docker image if: github.event_name != 'pull_request' && contains(github.ref, 'refs/tags/') id: build-and-push - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v6 with: context: . platforms: linux/arm64/v8,linux/amd64 diff --git a/.github/workflows/dockerhub-description.yml b/.github/workflows/dockerhub-description.yml index d4f624c2f..d8faa57de 100644 --- a/.github/workflows/dockerhub-description.yml +++ b/.github/workflows/dockerhub-description.yml @@ -12,10 +12,10 @@ jobs: dockerHubDescription: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v4 - name: Docker Hub Description - uses: peter-evans/dockerhub-description@v3 + uses: peter-evans/dockerhub-description@v4 with: username: ${{ github.actor }} password: ${{ secrets.DOCKER_HUB_TOKEN }}