From d7cf852d808dcb883cd011877fed5666277c2f70 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 27 Dec 2024 12:02:27 +0000 Subject: [PATCH] chore(deps): update github-actions --- .github/workflows/build-docs.yaml | 4 ++-- .github/workflows/build.yaml | 20 +++++++++---------- .github/workflows/chaos-test.yaml | 8 ++++---- .github/workflows/check-links.yaml | 4 ++-- .github/workflows/ci.yaml | 2 +- .github/workflows/codeql.yaml | 10 +++++----- .github/workflows/helm-lint.yaml | 6 +++--- .github/workflows/mega-linter.yml | 6 +++--- .github/workflows/release.yaml | 18 ++++++++--------- .../reset-chart-changelog-annotations.yaml | 4 ++-- .github/workflows/scorecards.yml | 6 +++--- .../workflows/test-compose-installation.yaml | 2 +- .github/workflows/test-k8s-installation.yaml | 10 +++++----- .../workflows/validate-fhir-resources.yaml | 4 ++-- .../workflows/validate-gradle-wrapper.yaml | 4 ++-- .github/workflows/yamllint.yaml | 4 ++-- 16 files changed, 56 insertions(+), 56 deletions(-) diff --git a/.github/workflows/build-docs.yaml b/.github/workflows/build-docs.yaml index 10873984..0d474f96 100644 --- a/.github/workflows/build-docs.yaml +++ b/.github/workflows/build-docs.yaml @@ -17,8 +17,8 @@ jobs: contents: write pages: write steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: "3.12" - run: pip install -r docs/requirements.txt diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index b7125fa3..84b3ddc4 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -33,7 +33,7 @@ jobs: digest: ${{ steps.build.outputs.digest }} tag: ${{ steps.container_meta.outputs.version }} steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Login to GitHub Container Registry uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 @@ -44,11 +44,11 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Container meta id: container_meta - uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 + uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 with: images: | ${{ env.IMAGE_NAME }} @@ -57,7 +57,7 @@ jobs: - name: Build image id: build - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 with: cache-from: type=registry,ref=${{ env.IMAGE_NAME }}:buildcache cache-to: type=inline @@ -70,7 +70,7 @@ jobs: MODULE_NAME=${{ inputs.module-name }} - name: Run unit tests - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 with: cache-from: type=gha cache-to: type=gha,mode=max @@ -81,12 +81,12 @@ jobs: MODULE_NAME=${{ inputs.module-name }} - name: Trivy Cache - uses: yogeshlonkar/trivy-cache-action@5e3c2d406dd3a13d95a3eabc520e0ac19ab729b5 # v0.1.8 + uses: yogeshlonkar/trivy-cache-action@2a4da6f2a50df6edd6ddb000b40148bea7b4d510 # v0.1.10 with: gh-token: ${{ secrets.GITHUB_TOKEN }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 with: image-ref: ${{ fromJson(steps.container_meta.outputs.json).tags[0] }} severity: "CRITICAL" @@ -95,7 +95,7 @@ jobs: timeout: 15m - name: Save Trivy vulnerability attestation - uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 with: image-ref: ${{ fromJson(steps.container_meta.outputs.json).tags[0] }} exit-code: "0" @@ -104,7 +104,7 @@ jobs: timeout: 15m - name: Upload image vulnerability attestation - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: ${{ inputs.module-name }}-attestations path: | @@ -120,7 +120,7 @@ jobs: - name: Upload container image if: ${{ github.event_name == 'pull_request' }} - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: ${{ inputs.module-name }}-build-artifacts path: | diff --git a/.github/workflows/chaos-test.yaml b/.github/workflows/chaos-test.yaml index 08d0d2dc..5750a46b 100644 --- a/.github/workflows/chaos-test.yaml +++ b/.github/workflows/chaos-test.yaml @@ -11,13 +11,13 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Build image - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 with: push: false load: true @@ -26,7 +26,7 @@ jobs: ghcr.io/miracum/recruit/chaos-tester:v1 - name: Create KinD cluster - uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 + uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0 with: cluster_name: kind diff --git a/.github/workflows/check-links.yaml b/.github/workflows/check-links.yaml index 268a2972..2403f764 100644 --- a/.github/workflows/check-links.yaml +++ b/.github/workflows/check-links.yaml @@ -14,11 +14,11 @@ jobs: permissions: issues: write steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Link Checker id: lychee - uses: lycheeverse/lychee-action@7cd0af4c74a61395d455af97419279d86aafaede # v2.0.2 + uses: lycheeverse/lychee-action@f796c8b7d468feb9b8c0a46da3fac0af6874d374 # v2.2.0 with: args: "--config=.lychee.toml ." env: diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 5482dbf8..2d30d64c 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -53,7 +53,7 @@ jobs: env: IMAGE_NAME: ghcr.io/${{ github.repository }}/${{ matrix.module }} steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: ./.github/actions/test-image with: diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 48064135..99bd831f 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -42,10 +42,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Java - uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0 with: java-version: "21" distribution: "temurin" @@ -53,7 +53,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -66,7 +66,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/autobuild@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -79,6 +79,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/helm-lint.yaml b/.github/workflows/helm-lint.yaml index 02288f03..86011bd7 100644 --- a/.github/workflows/helm-lint.yaml +++ b/.github/workflows/helm-lint.yaml @@ -10,14 +10,14 @@ permissions: read-all jobs: lint: runs-on: ubuntu-24.04 - container: ghcr.io/chgl/kube-powertools:v2.3.27@sha256:2d1a6a5c0c42a29219550a616c5eeaa5ef9d057f28c40c9d83d048f73d57794b + container: ghcr.io/chgl/kube-powertools:v2.3.36@sha256:1424a809e85eda3a6d7afb2386bdc3b9ac03b2b5244924a7be4851b15a2eca4f steps: - name: Add workspace as safe directory run: | git config --global --add safe.directory /__w/recruit/recruit - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -54,7 +54,7 @@ jobs: - name: Cache kubeconform schemas id: cache-powerlint-kubeconform - uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: /tmp key: ${{ runner.os }}-powerlint-kubeconform diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 7244e4c4..8c48173c 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -30,7 +30,7 @@ jobs: steps: # Git Checkout - name: Checkout Code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to improve performances @@ -40,7 +40,7 @@ jobs: id: ml # You can override MegaLinter flavor used to have faster performances # More info at https://oxsecurity.github.io/megalinter/flavors/ - uses: oxsecurity/megalinter@b38cdf1f0cbe056fad4112cb7cd99c2b574c9617 # v8.1.0 + uses: oxsecurity/megalinter@1fc052d03c7a43c78fe0fee19c9d648b749e0c01 # v8.3.0 env: # All available variables are described in documentation # https://oxsecurity.github.io/megalinter/configuration/ @@ -51,7 +51,7 @@ jobs: # Upload MegaLinter artifacts - name: Archive production artifacts if: ${{ always() }} - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: MegaLinter reports path: | diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 412e2af5..74201e63 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -20,7 +20,7 @@ jobs: id-token: write steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Login to GitHub Container Registry uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 @@ -54,7 +54,7 @@ jobs: cosign sign --yes "ghcr.io/${{ github.repository }}/charts/recruit:${CHART_VERSION}" - - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: helm-chart path: | @@ -66,11 +66,11 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: path: recruit - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: token: ${{ secrets.GITHUB_TOKEN }} repository: miracum/charts @@ -89,7 +89,7 @@ jobs: CHART_VERSION=$(yq .version recruit/charts/recruit/Chart.yaml) echo "version=${CHART_VERSION}" >> "$GITHUB_OUTPUT" - - uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 + - uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 with: token: ${{ secrets.token }} path: miracum-charts @@ -101,11 +101,11 @@ jobs: publish-kyverno-policies: name: publish kyverno policies runs-on: ubuntu-24.04 - container: ghcr.io/chgl/kube-powertools:v2.3.27@sha256:2d1a6a5c0c42a29219550a616c5eeaa5ef9d057f28c40c9d83d048f73d57794b + container: ghcr.io/chgl/kube-powertools:v2.3.36@sha256:1424a809e85eda3a6d7afb2386bdc3b9ac03b2b5244924a7be4851b15a2eca4f continue-on-error: true steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Push policy folder env: @@ -126,7 +126,7 @@ jobs: contents: write # to upload artifacts to the release steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Download Helm chart uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 @@ -159,7 +159,7 @@ jobs: echo "hashes=$(base64 -w0 < checksums.sha256)" >> "$GITHUB_OUTPUT" - name: upload assets to release - uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8 + uses: softprops/action-gh-release@7b4da11513bf3f43f9999e90eabced41ab8bb048 # v2.2.0 with: files: | dist/*.tgz diff --git a/.github/workflows/reset-chart-changelog-annotations.yaml b/.github/workflows/reset-chart-changelog-annotations.yaml index 2f6469b8..0812943b 100644 --- a/.github/workflows/reset-chart-changelog-annotations.yaml +++ b/.github/workflows/reset-chart-changelog-annotations.yaml @@ -16,7 +16,7 @@ jobs: reset-commit-and-push: name: reset changelog annotations, commit, and push runs-on: ubuntu-24.04 - container: ghcr.io/chgl/kube-powertools:v2.3.27@sha256:2d1a6a5c0c42a29219550a616c5eeaa5ef9d057f28c40c9d83d048f73d57794b + container: ghcr.io/chgl/kube-powertools:v2.3.36@sha256:1424a809e85eda3a6d7afb2386bdc3b9ac03b2b5244924a7be4851b15a2eca4f permissions: contents: write steps: @@ -25,7 +25,7 @@ jobs: git config --global --add safe.directory /__w/recruit/recruit - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 ref: ${{ github.head_ref }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 8681be78..3480dd04 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -32,7 +32,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -59,7 +59,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: SARIF file path: results.sarif @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: results.sarif diff --git a/.github/workflows/test-compose-installation.yaml b/.github/workflows/test-compose-installation.yaml index fe1a0ff1..98414e11 100644 --- a/.github/workflows/test-compose-installation.yaml +++ b/.github/workflows/test-compose-installation.yaml @@ -16,7 +16,7 @@ jobs: RECRUIT_IMAGE_BASE_NAME: ghcr.io/${{ github.repository }} RECRUIT_IMAGE_TAG: ${{ inputs.image-tag }} steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Download all artifacts if: ${{ github.event_name == 'pull_request' }} diff --git a/.github/workflows/test-k8s-installation.yaml b/.github/workflows/test-k8s-installation.yaml index 86a2b28f..a5e314e8 100644 --- a/.github/workflows/test-k8s-installation.yaml +++ b/.github/workflows/test-k8s-installation.yaml @@ -14,13 +14,13 @@ jobs: test: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Build tester image - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 with: push: false load: true @@ -31,7 +31,7 @@ jobs: ghcr.io/miracum/recruit/tester:v1 - name: Create k8s KinD cluster - uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 + uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0 with: cluster_name: kind @@ -107,7 +107,7 @@ jobs: - name: Upload cluster dump if: always() - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: kind-cluster-dump.txt path: | diff --git a/.github/workflows/validate-fhir-resources.yaml b/.github/workflows/validate-fhir-resources.yaml index 1846a191..ed362bd8 100644 --- a/.github/workflows/validate-fhir-resources.yaml +++ b/.github/workflows/validate-fhir-resources.yaml @@ -12,10 +12,10 @@ jobs: validate-fhir-resource: name: Validate FHIR resources runs-on: ubuntu-24.04 - container: ghcr.io/miracum/ig-build-tools:v2.1.6@sha256:7349f4ed01036f9fe21b2c4d33b77804eb445d358716c5496a41e1b9347939c4 + container: ghcr.io/miracum/ig-build-tools:v2.1.10@sha256:785b1301048c49457f21e773552507aa9f6697aed12dd2d741367640f9eed864 steps: - name: Checkout code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Restore FHIR package dependencies working-directory: fhir/ diff --git a/.github/workflows/validate-gradle-wrapper.yaml b/.github/workflows/validate-gradle-wrapper.yaml index eadcce30..010466a3 100644 --- a/.github/workflows/validate-gradle-wrapper.yaml +++ b/.github/workflows/validate-gradle-wrapper.yaml @@ -14,5 +14,5 @@ jobs: name: "Validation" runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - - uses: gradle/actions/wrapper-validation@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: gradle/actions/wrapper-validation@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2 diff --git a/.github/workflows/yamllint.yaml b/.github/workflows/yamllint.yaml index 67510695..661338f8 100644 --- a/.github/workflows/yamllint.yaml +++ b/.github/workflows/yamllint.yaml @@ -18,10 +18,10 @@ jobs: yamllint: runs-on: ubuntu-24.04 # contains yamllint - container: ghcr.io/chgl/kube-powertools:v2.3.27@sha256:2d1a6a5c0c42a29219550a616c5eeaa5ef9d057f28c40c9d83d048f73d57794b + container: ghcr.io/chgl/kube-powertools:v2.3.36@sha256:1424a809e85eda3a6d7afb2386bdc3b9ac03b2b5244924a7be4851b15a2eca4f steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run yamllint run: yamllint -c .yamllint.yaml .