From a2d023391608f1dd0b66cc32f96e3502a47d80f0 Mon Sep 17 00:00:00 2001 From: Techassi Date: Fri, 16 Jan 2026 10:38:46 +0100 Subject: [PATCH] ci: Bump actions - Bump actions/checkout to v6.0.1 - Bump EmbarkStudios/cargo-deny-action to v2.0.15 - Bump orhun/git-cliff-action to v4.7.0 - Bump softprops/action-gh-release to v2.5.0 - Bump stackabletech/actions to v0.12.2 - Bump actions/setup-python to v6.1.0 - Bump sigstore/cosign-installer to v3.10.1 --- .github/workflows/boil_pr.yaml | 6 +++--- .github/workflows/boil_release.yaml | 24 ++++++++++++++------- .github/workflows/mirror.yaml | 8 +++---- .github/workflows/pr_pre-commit.yaml | 4 ++-- .github/workflows/preflight.yaml | 4 ++-- .github/workflows/reusable_build_image.yaml | 20 ++++++++--------- .github/workflows/ubi-rust-builder.yml | 8 +++---- 7 files changed, 41 insertions(+), 33 deletions(-) diff --git a/.github/workflows/boil_pr.yaml b/.github/workflows/boil_pr.yaml index fd053bffc..2d548d9d1 100644 --- a/.github/workflows/boil_pr.yaml +++ b/.github/workflows/boil_pr.yaml @@ -26,13 +26,13 @@ jobs: - bans licenses sources steps: - name: Checkout Repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false submodules: recursive - name: Run cargo-deny - uses: EmbarkStudios/cargo-deny-action@f2ba7abc2abebaf185c833c3961145a3c275caad # v2.0.13 + uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2.0.15 with: command: check ${{ matrix.checks }} @@ -50,7 +50,7 @@ jobs: runs-on: ${{ matrix.targets.os }} steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/boil_release.yaml b/.github/workflows/boil_release.yaml index 3cb60ba82..7121ed7ea 100644 --- a/.github/workflows/boil_release.yaml +++ b/.github/workflows/boil_release.yaml @@ -15,28 +15,27 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false fetch-depth: 0 - name: Generate Changelog id: changelog - uses: orhun/git-cliff-action@d77b37db2e3f7398432d34b72a12aa3e2ba87e51 # v4.6.0 + uses: orhun/git-cliff-action@e16f179f0be49ecdfe63753837f20b9531642772 # v4.7.0 with: config: rust/boil/cliff.toml args: --latest --strip header - name: Create Draft Release - uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 + uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 with: body: ${{ steps.changelog.outputs.content }} draft: true build: name: Build boil - needs: - - create-release + needs: [create-release] strategy: fail-fast: false matrix: @@ -47,7 +46,7 @@ jobs: runs-on: ${{ matrix.targets.os }} steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -67,7 +66,16 @@ jobs: run: mv "target/$TARGET/release/boil" "boil-$TARGET" - name: Upload Artifact to Release - uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 + uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 with: - draft: false files: boil-${{ matrix.targets.target }} + draft: true + + finish-release: + needs: [build] + runs-on: ubuntu-latest + steps: + - name: Finish Release + uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 + with: + draft: false diff --git a/.github/workflows/mirror.yaml b/.github/workflows/mirror.yaml index 0ec99fab5..b94769095 100644 --- a/.github/workflows/mirror.yaml +++ b/.github/workflows/mirror.yaml @@ -36,7 +36,7 @@ jobs: - amd64 - arm64 steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -57,7 +57,7 @@ jobs: echo "IMAGE_REPOSITORY=$(.scripts/get_repo_name.sh)" | tee -a "$GITHUB_ENV" - name: Publish Container Image on oci.stackable.tech - uses: stackabletech/actions/publish-image@976e8c293cb59f391dbf8563ab28e965e79ca36d # v0.10.4 + uses: stackabletech/actions/publish-image@c34dbb4f27b274736c7d2edc6f6f30a03d03edf5 # v0.12.2 with: image-registry-uri: oci.stackable.tech image-registry-username: robot$sdp+github-action-build @@ -73,7 +73,7 @@ jobs: id-token: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -84,7 +84,7 @@ jobs: echo "IMAGE_REPOSITORY=$(.scripts/get_repo_name.sh)" | tee -a "$GITHUB_ENV" - name: Publish and Sign Image Index Manifest to oci.stackable.tech - uses: stackabletech/actions/publish-image-index-manifest@976e8c293cb59f391dbf8563ab28e965e79ca36d # v0.10.4 + uses: stackabletech/actions/publish-image-index-manifest@c34dbb4f27b274736c7d2edc6f6f30a03d03edf5 # v0.12.2 with: image-registry-uri: oci.stackable.tech image-registry-username: robot$sdp+github-action-build diff --git a/.github/workflows/pr_pre-commit.yaml b/.github/workflows/pr_pre-commit.yaml index a47e419da..031e3e103 100644 --- a/.github/workflows/pr_pre-commit.yaml +++ b/.github/workflows/pr_pre-commit.yaml @@ -14,11 +14,11 @@ jobs: pre-commit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false fetch-depth: 0 - - uses: stackabletech/actions/run-pre-commit@976e8c293cb59f391dbf8563ab28e965e79ca36d # v0.10.4 + - uses: stackabletech/actions/run-pre-commit@c34dbb4f27b274736c7d2edc6f6f30a03d03edf5 # v0.12.2 with: python-version: ${{ env.PYTHON_VERSION }} rust: ${{ env.RUST_TOOLCHAIN_VERSION }} diff --git a/.github/workflows/preflight.yaml b/.github/workflows/preflight.yaml index a01d15551..5695cf893 100644 --- a/.github/workflows/preflight.yaml +++ b/.github/workflows/preflight.yaml @@ -76,10 +76,10 @@ jobs: env: GITHUB_REF_NAME: ${{ github.ref_name }} steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: "3.x" - run: pip install image-tools-stackabletech==0.0.16 diff --git a/.github/workflows/reusable_build_image.yaml b/.github/workflows/reusable_build_image.yaml index a5a070675..c8bc8876d 100644 --- a/.github/workflows/reusable_build_image.yaml +++ b/.github/workflows/reusable_build_image.yaml @@ -30,7 +30,7 @@ jobs: name: Generate Runner Dimension runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - id: runners @@ -55,11 +55,11 @@ jobs: name: Generate Version Dimension runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - id: shard - uses: stackabletech/actions/shard@976e8c293cb59f391dbf8563ab28e965e79ca36d # v0.10.4 + uses: stackabletech/actions/shard@c34dbb4f27b274736c7d2edc6f6f30a03d03edf5 # v0.12.2 with: product-name: ${{ inputs.product-name }} outputs: @@ -80,16 +80,16 @@ jobs: runner: ${{ fromJson(needs.generate_runner_dimension.outputs.runners) }} steps: - name: Checkout Repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Free Disk Space - uses: stackabletech/actions/free-disk-space@976e8c293cb59f391dbf8563ab28e965e79ca36d # v0.10.4 + uses: stackabletech/actions/free-disk-space@c34dbb4f27b274736c7d2edc6f6f30a03d03edf5 # v0.12.2 - name: Build Product Image id: build - uses: stackabletech/actions/build-product-image@976e8c293cb59f391dbf8563ab28e965e79ca36d # v0.10.4 + uses: stackabletech/actions/build-product-image@c34dbb4f27b274736c7d2edc6f6f30a03d03edf5 # v0.12.2 with: registry-namespace: ${{ inputs.registry-namespace }} product-name: ${{ inputs.product-name }} @@ -97,7 +97,7 @@ jobs: sdp-version: ${{ inputs.sdp-version }} - name: Publish Container Image on oci.stackable.tech - uses: stackabletech/actions/publish-image@976e8c293cb59f391dbf8563ab28e965e79ca36d # v0.10.4 + uses: stackabletech/actions/publish-image@c34dbb4f27b274736c7d2edc6f6f30a03d03edf5 # v0.12.2 with: image-registry-uri: oci.stackable.tech image-registry-username: robot$${{ inputs.registry-namespace }}+github-action-build @@ -118,12 +118,12 @@ jobs: versions: ${{ fromJson(needs.generate_version_dimension.outputs.versions) }} steps: - name: Checkout Repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Publish and Sign Image Index Manifest to oci.stackable.tech - uses: stackabletech/actions/publish-image-index-manifest@976e8c293cb59f391dbf8563ab28e965e79ca36d # v0.10.4 + uses: stackabletech/actions/publish-image-index-manifest@c34dbb4f27b274736c7d2edc6f6f30a03d03edf5 # v0.12.2 with: image-registry-uri: oci.stackable.tech image-registry-username: robot$${{ inputs.registry-namespace }}+github-action-build @@ -138,7 +138,7 @@ jobs: if: failure() || (github.run_attempt > 1 && !cancelled()) steps: - name: Send Notification - uses: stackabletech/actions/send-slack-notification@976e8c293cb59f391dbf8563ab28e965e79ca36d # v0.10.4 + uses: stackabletech/actions/send-slack-notification@c34dbb4f27b274736c7d2edc6f6f30a03d03edf5 # v0.12.2 with: publish-manifests-result: ${{ needs.publish_manifests.result }} build-result: ${{ needs.build.result }} diff --git a/.github/workflows/ubi-rust-builder.yml b/.github/workflows/ubi-rust-builder.yml index 7f8f580f5..4f5abcdec 100644 --- a/.github/workflows/ubi-rust-builder.yml +++ b/.github/workflows/ubi-rust-builder.yml @@ -28,7 +28,7 @@ jobs: ubi-version: ["ubi9"] runs-on: ${{ matrix.runner }} steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Login to Stackable Harbor @@ -38,7 +38,7 @@ jobs: username: robot$sdp+github-action-build password: ${{ secrets.HARBOR_ROBOT_SDP_GITHUB_ACTION_BUILD_SECRET }} - name: Set up Cosign - uses: sigstore/cosign-installer@3454372f43399081ed03b604cb2d021dabca52bb # v3.8.2 + uses: sigstore/cosign-installer@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 # v3.10.1 - name: Determine Architecture run: | echo "TAG=$(git rev-parse --short HEAD)-$(arch)" >> "$GITHUB_ENV" @@ -69,7 +69,7 @@ jobs: runs-on: ubuntu-latest needs: ["build"] steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Login to Stackable Harbor @@ -79,7 +79,7 @@ jobs: username: robot$sdp+github-action-build password: ${{ secrets.HARBOR_ROBOT_SDP_GITHUB_ACTION_BUILD_SECRET }} - name: Set up Cosign - uses: sigstore/cosign-installer@3454372f43399081ed03b604cb2d021dabca52bb # v3.8.2 + uses: sigstore/cosign-installer@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 # v3.10.1 - name: Build Manifest List shell: bash run: |