Skip to content

Commit b67a850

Browse files
dependabot[bot]dependabot[bot]
authored
ci: bump the github-actions group with 4 updates (#15158)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 32d5875 commit b67a850

File tree

3 files changed

+7
-7
lines changed

3 files changed

+7
-7
lines changed

.github/workflows/ci.yaml

+1-1
Original file line numberDiff line numberDiff line change
@@ -970,7 +970,7 @@ jobs:
970970
uses: google-github-actions/setup-gcloud@f0990588f1e5b5af6827153b93673613abdc6ec7 # v2.1.1
971971

972972
- name: Set up Flux CLI
973-
uses: fluxcd/flux2/action@9b3958825a314eb79495c6993ef397ddbf87f32f # v2.2.1
973+
uses: fluxcd/flux2/action@5350425cdcd5fa015337e09fa502153c0275bd4b # v2.4.0
974974
with:
975975
# Keep this and the github action up to date with the version of flux installed in dogfood cluster
976976
version: "2.2.1"

.github/workflows/scorecard.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,6 @@ jobs:
4747

4848
# Upload the results to GitHub's code scanning dashboard.
4949
- name: "Upload to code-scanning"
50-
uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
50+
uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
5151
with:
5252
sarif_file: results.sarif

.github/workflows/security.yaml

+5-5
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ jobs:
3737
uses: ./.github/actions/setup-go
3838

3939
- name: Initialize CodeQL
40-
uses: github/codeql-action/init@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
40+
uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
4141
with:
4242
languages: go, javascript
4343

@@ -47,7 +47,7 @@ jobs:
4747
rm Makefile
4848
4949
- name: Perform CodeQL Analysis
50-
uses: github/codeql-action/analyze@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
50+
uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
5151

5252
- name: Send Slack notification on failure
5353
if: ${{ failure() }}
@@ -124,15 +124,15 @@ jobs:
124124
echo "image=$(cat "$image_job")" >> $GITHUB_OUTPUT
125125
126126
- name: Run Trivy vulnerability scanner
127-
uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564
127+
uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2
128128
with:
129129
image-ref: ${{ steps.build.outputs.image }}
130130
format: sarif
131131
output: trivy-results.sarif
132132
severity: "CRITICAL,HIGH"
133133

134134
- name: Upload Trivy scan results to GitHub Security tab
135-
uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
135+
uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
136136
with:
137137
sarif_file: trivy-results.sarif
138138
category: "Trivy"
@@ -147,7 +147,7 @@ jobs:
147147
# Prisma cloud scan runs last because it fails the entire job if it
148148
# detects vulnerabilities. :|
149149
- name: Run Prisma Cloud image scan
150-
uses: PaloAltoNetworks/prisma-cloud-scan@1f38c94d789ff9b01a4e80070b442294ebd3e362 # v1.4.0
150+
uses: PaloAltoNetworks/prisma-cloud-scan@124b48d8325c23f58a35da0f1b4d9a6b54301d05 # v1.6.7
151151
with:
152152
pcc_console_url: ${{ secrets.PRISMA_CLOUD_URL }}
153153
pcc_user: ${{ secrets.PRISMA_CLOUD_ACCESS_KEY }}

0 commit comments

Comments
 (0)