diff --git a/.github/workflows/_build.yml b/.github/workflows/_build.yml index a8b02a2a..ba85d859 100644 --- a/.github/workflows/_build.yml +++ b/.github/workflows/_build.yml @@ -62,7 +62,7 @@ jobs: run: helm verify ${{ steps.helm_package.outputs.name }} --keyring public.gpg - name: Upload Helm chart artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: ${{ inputs.chart_name }} path: | diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index b63f72f5..338f4074 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -29,7 +29,7 @@ jobs: ref: ${{ github.event.pull_request.head.sha }} - name: Scan with Checkmarx - uses: checkmarx/ast-github-action@de327a92d7f419bfdc7c3e5535ad7b3bbce91677 # 2.0.38 + uses: checkmarx/ast-github-action@629a9fac14369bf2898d583b22bf8c40a5caf8e9 # 2.0.40 env: INCREMENTAL: "${{ contains(github.event_name, 'pull_request') && '--sast-incremental' || '' }}" with: @@ -44,7 +44,7 @@ jobs: --output-path . ${{ env.INCREMENTAL }} - name: Upload Checkmarx results to GitHub - uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 + uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 with: sarif_file: cx_result.sarif diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 519f0b7d..f3ad4eac 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -62,7 +62,7 @@ jobs: - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 + uses: helm/kind-action@ae94020eaf628e9b9b9f341a10cc0cdcf5c018fb # v1.11.0 with: config: .github/workflows/config/cluster.yaml