diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index ad6d24e..640d919 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -42,7 +42,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4 - name: Initialize CodeQL uses: github/codeql-action/init@08bc0cf022445eacafaa248bf48da20f26b8fd40 # v4 diff --git a/.github/workflows/create-release-tag.yml b/.github/workflows/create-release-tag.yml index 4d852b0..68e3fef 100644 --- a/.github/workflows/create-release-tag.yml +++ b/.github/workflows/create-release-tag.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 0 ref: main diff --git a/.github/workflows/helm-lint-test.yml b/.github/workflows/helm-lint-test.yml index cb5b1c6..409d500 100644 --- a/.github/workflows/helm-lint-test.yml +++ b/.github/workflows/helm-lint-test.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4 with: fetch-depth: 0 @@ -29,12 +29,12 @@ jobs: version: 'v3.14.0' - name: Set up Python - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v5 with: python-version: '3.11' - name: Set up chart-testing - uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 + uses: helm/chart-testing-action@6ec842c01de15ebb84c8627d2744a0c2f2755c9f # v2.8.0 - name: Add Helm repositories run: | @@ -147,7 +147,7 @@ jobs: echo "::endgroup::" - name: Create kind cluster for testing - uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 + uses: helm/kind-action@92086f6be054225fa813e0a4b13787fc9088faab # v1.13.0 with: cluster_name: helm-test wait: 5m diff --git a/.github/workflows/main-build-image.yml b/.github/workflows/main-build-image.yml index 06ff476..21ac39c 100644 --- a/.github/workflows/main-build-image.yml +++ b/.github/workflows/main-build-image.yml @@ -16,7 +16,7 @@ jobs: IMAGE_NAME: ${{ github.repository }} steps: - name: Checkout code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4 with: fetch-depth: 0 @@ -35,7 +35,7 @@ jobs: fi - name: Setup Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v5 with: go-version: ${{ steps.dotenv.outputs.GO_VERSION }} cache: true @@ -85,7 +85,7 @@ jobs: - name: Build and push image id: build - uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v5 with: context: . push: true diff --git a/.github/workflows/main-check-formatting.yml b/.github/workflows/main-check-formatting.yml index 94e6419..4c309c3 100644 --- a/.github/workflows/main-check-formatting.yml +++ b/.github/workflows/main-check-formatting.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Read .env file id: dotenv @@ -24,7 +24,7 @@ jobs: fi - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version: ${{ steps.dotenv.outputs.GO_VERSION }} cache: true diff --git a/.github/workflows/main-smoke-tests.yml b/.github/workflows/main-smoke-tests.yml index 01946b8..72043d2 100644 --- a/.github/workflows/main-smoke-tests.yml +++ b/.github/workflows/main-smoke-tests.yml @@ -21,20 +21,20 @@ jobs: - name: Set Test Cluster Name run: echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV - - uses: actions/checkout@v2 + - uses: actions/checkout@v5 - - uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - uses: falti/dotenv-action@f4656c46de6bc223dda660f6724d52537bc0642a id: dotenv - name: Set SPLUNK_ENTERPRISE_IMAGE for main branch if: github.ref == 'refs/heads/main' run: echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - - uses: Azure/setup-kubectl@v3 + - uses: Azure/setup-kubectl@v4 with: version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} - - uses: actions/setup-python@v2 + - uses: actions/setup-python@v6 - name: Install AWS CLI run: | @@ -42,7 +42,7 @@ jobs: unzip awscliv2.zip sudo ./aws/install --update - - uses: actions/setup-go@v2 + - uses: actions/setup-go@v6 with: go-version: ${{ steps.dotenv.outputs.GO_VERSION }} @@ -59,14 +59,14 @@ jobs: curl -sL "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp sudo mv /tmp/eksctl /usr/local/bin - - uses: docker/setup-buildx-action@v2.5.0 + - uses: docker/setup-buildx-action@v3.11.1 - name: Install Operator SDK run: | sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu sudo chmod +x /usr/local/bin/operator-sdk - - uses: docker/login-action@v1 + - uses: docker/login-action@v3 continue-on-error: true with: username: ${{ secrets.DOCKERHUB_USERNAME }} @@ -77,13 +77,13 @@ jobs: - run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - - uses: aws-actions/configure-aws-credentials@v1 + - uses: aws-actions/configure-aws-credentials@v5 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - - uses: aws-actions/amazon-ecr-login@v1 + - uses: aws-actions/amazon-ecr-login@v2 - name: Tag and Push Splunk Enterprise Image run: | @@ -96,7 +96,7 @@ jobs: go install sigs.k8s.io/kubetest2/kubetest2-eks@latest echo "$HOME/go/bin" >> $GITHUB_PATH - - uses: aws-actions/configure-aws-credentials@v2 + - uses: aws-actions/configure-aws-credentials@v5 with: role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-role aws-region: us-west-2 @@ -124,7 +124,7 @@ jobs: mkdir -p /tmp/pod_logs find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; - - uses: actions/upload-artifact@v4.4.0 + - uses: actions/upload-artifact@v5.0.0 if: ${{ always() }} with: name: "splunk-pods-logs--artifacts-${{ matrix.test }}" diff --git a/.github/workflows/main-unit-tests.yml b/.github/workflows/main-unit-tests.yml index 0bda094..6f26fea 100644 --- a/.github/workflows/main-unit-tests.yml +++ b/.github/workflows/main-unit-tests.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4 - name: Read .env file id: dotenv @@ -24,7 +24,7 @@ jobs: fi - name: Setup Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v5 with: go-version: ${{ steps.dotenv.outputs.GO_VERSION }} cache: true @@ -40,7 +40,7 @@ jobs: format: golang - name: Upload coverage artifact - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v4 with: name: code-coverage path: cover.out diff --git a/.github/workflows/main-vulnerability-scan.yml b/.github/workflows/main-vulnerability-scan.yml index eb696cb..016452c 100644 --- a/.github/workflows/main-vulnerability-scan.yml +++ b/.github/workflows/main-vulnerability-scan.yml @@ -16,10 +16,10 @@ jobs: IMAGE_NAME: ${{ github.repository }} steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v3.11.1 - name: Log in to GitHub Container Registry uses: docker/login-action@v3 diff --git a/.github/workflows/prerelease-update-versions.yml b/.github/workflows/prerelease-update-versions.yml index 88bb1d3..06ced45 100644 --- a/.github/workflows/prerelease-update-versions.yml +++ b/.github/workflows/prerelease-update-versions.yml @@ -11,7 +11,7 @@ jobs: pull-requests: write steps: - name: Checkout code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4 - name: Deep Fetch run: | @@ -36,7 +36,7 @@ jobs: fi - name: Setup Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v5 with: go-version: ${{ steps.dotenv.outputs.GO_VERSION }} cache: true @@ -55,7 +55,7 @@ jobs: replace: "${{ github.event.inputs.new_operator_version }}" include: "**.md" - name: Create Pull Request - uses: peter-evans/create-pull-request@7380612b49221684fefa025244f2ef4008ae50ad # v3.10.1 + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 with: branch: "release/${{ github.event.inputs.new_operator_version }}" title: "Splunk AI Operator ${{ github.event.inputs.new_operator_version }} release" diff --git a/.github/workflows/release-package-helm.yml b/.github/workflows/release-package-helm.yml index dc50e47..44c4685 100644 --- a/.github/workflows/release-package-helm.yml +++ b/.github/workflows/release-package-helm.yml @@ -27,7 +27,7 @@ jobs: IMAGE_NAME: ${{ github.repository }} steps: - name: Checkout code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4 with: fetch-depth: 0 @@ -46,7 +46,7 @@ jobs: fi - name: Setup Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v5 with: go-version: ${{ steps.dotenv.outputs.GO_VERSION }} cache: true @@ -90,7 +90,7 @@ jobs: - name: Build and push Docker images id: build - uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v5 with: context: . push: true @@ -115,7 +115,7 @@ jobs: packages: write # For pushing to GHCR OCI registry steps: - name: Checkout code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4 with: fetch-depth: 0 @@ -139,7 +139,7 @@ jobs: version: 'v3.14.0' - name: Setup Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v5 with: go-version: ${{ steps.dotenv.outputs.GO_VERSION }} cache: true @@ -242,7 +242,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Install Syft for SBOM generation - uses: anchore/sbom-action/download-syft@ab5d7b5f48981941c4c5d6bf33aeb98fe3bae38c # v0.15.10 + uses: anchore/sbom-action/download-syft@fbfd9c6c189226748411491745178e0c2017392d # v0.20.10 - name: Generate SBOM for operator image run: | diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 40c089e..a7c8379 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -18,12 +18,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 + uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 with: results_file: results.sarif results_format: sarif