diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f3ceec8..d5be523 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -38,11 +38,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -51,4 +51,4 @@ jobs: # queries: ./path/to/local/query, your-org/your-repo/queries@main - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 55ff850..68253cd 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -20,10 +20,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version-file: go.mod check-latest: true @@ -34,19 +34,19 @@ jobs: make build_linux_arm64 - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Login to Docker Hub - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ghcr.io username: ${{ github.repository_owner }} @@ -54,7 +54,7 @@ jobs: - name: Docker meta id: docker-meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@v6 with: images: | ${{ github.repository }} @@ -66,7 +66,7 @@ jobs: type=semver,pattern={{major}} - name: Build image for scanning - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: context: . file: docker/Dockerfile @@ -77,7 +77,7 @@ jobs: - name: Build and push if: success() - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: context: . platforms: linux/amd64,linux/arm64 diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index ddf1036..1f44caf 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -13,18 +13,18 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 - name: Setup go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version-file: go.mod check-latest: true - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v6 + uses: goreleaser/goreleaser-action@v7 with: # either 'goreleaser' (default) or 'goreleaser-pro' distribution: goreleaser diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index 03525a8..18832eb 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -9,21 +9,21 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version-file: go.mod check-latest: true - name: Setup golangci-lint - uses: golangci/golangci-lint-action@v7 + uses: golangci/golangci-lint-action@v9 with: version: latest args: --verbose - - uses: hadolint/hadolint-action@v3.1.0 + - uses: hadolint/hadolint-action@v3.3.0 name: hadolint for Dockerfile with: dockerfile: docker/Dockerfile @@ -38,7 +38,7 @@ jobs: options: --sysctl net.ipv6.conf.all.disable_ipv6=0 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: setup sshd server run: | diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index b9f6bb2..8043c1a 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -22,10 +22,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Run Trivy vulnerability scanner (repo) - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@v0.35.0 with: scan-type: "fs" scan-ref: "." @@ -34,7 +34,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 if: always() with: sarif_file: "trivy-repo-results.sarif" @@ -44,10 +44,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version-file: go.mod check-latest: true @@ -57,10 +57,10 @@ jobs: make build_linux_amd64 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Build Docker image for scanning - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: context: . file: docker/Dockerfile @@ -70,7 +70,7 @@ jobs: tags: drone-ssh:scan - name: Run Trivy vulnerability scanner (image) - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@v0.35.0 with: image-ref: "drone-ssh:scan" format: "sarif" @@ -78,7 +78,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy image scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 if: always() with: sarif_file: "trivy-image-results.sarif"