From 939929c032f3deed4b13cf001eb15f4d4c11cf80 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Oct 2024 11:36:20 +0000 Subject: [PATCH] ci: bump the github-actions group with 4 updates Bumps the github-actions group with 4 updates: [fluxcd/flux2](https://github.com/fluxcd/flux2), [github/codeql-action](https://github.com/github/codeql-action), [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) and [PaloAltoNetworks/prisma-cloud-scan](https://github.com/paloaltonetworks/prisma-cloud-scan). Updates `fluxcd/flux2` from 2.2.1 to 2.4.0 - [Release notes](https://github.com/fluxcd/flux2/releases) - [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml) - [Commits](https://github.com/fluxcd/flux2/compare/9b3958825a314eb79495c6993ef397ddbf87f32f...5350425cdcd5fa015337e09fa502153c0275bd4b) Updates `github/codeql-action` from 3.26.12 to 3.26.13 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/c36620d31ac7c881962c3d9dd939c40ec9434f2b...f779452ac5af1c261dce0346a8f964149f49322b) Updates `aquasecurity/trivy-action` from 0.27.0 to 0.28.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/5681af892cd0f4997658e2bacc62bd0a894cf564...915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2) Updates `PaloAltoNetworks/prisma-cloud-scan` from 1.4.0 to 1.6.7 - [Release notes](https://github.com/paloaltonetworks/prisma-cloud-scan/releases) - [Commits](https://github.com/paloaltonetworks/prisma-cloud-scan/compare/1f38c94d789ff9b01a4e80070b442294ebd3e362...124b48d8325c23f58a35da0f1b4d9a6b54301d05) --- updated-dependencies: - dependency-name: fluxcd/flux2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: PaloAltoNetworks/prisma-cloud-scan dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yaml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/security.yaml | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ece74b9d8f26c..77d747466f1f3 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -970,7 +970,7 @@ jobs: uses: google-github-actions/setup-gcloud@f0990588f1e5b5af6827153b93673613abdc6ec7 # v2.1.1 - name: Set up Flux CLI - uses: fluxcd/flux2/action@9b3958825a314eb79495c6993ef397ddbf87f32f # v2.2.1 + uses: fluxcd/flux2/action@5350425cdcd5fa015337e09fa502153c0275bd4b # v2.4.0 with: # Keep this and the github action up to date with the version of flux installed in dogfood cluster version: "2.2.1" diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 5e06a095f0229..5913c0349e99a 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -47,6 +47,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 + uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 with: sarif_file: results.sarif diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index 91b82f7aa107f..b06157722a159 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -37,7 +37,7 @@ jobs: uses: ./.github/actions/setup-go - name: Initialize CodeQL - uses: github/codeql-action/init@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 + uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 with: languages: go, javascript @@ -47,7 +47,7 @@ jobs: rm Makefile - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 + uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 - name: Send Slack notification on failure if: ${{ failure() }} @@ -124,7 +124,7 @@ jobs: echo "image=$(cat "$image_job")" >> $GITHUB_OUTPUT - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 + uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 with: image-ref: ${{ steps.build.outputs.image }} format: sarif @@ -132,7 +132,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 + uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 with: sarif_file: trivy-results.sarif category: "Trivy" @@ -147,7 +147,7 @@ jobs: # Prisma cloud scan runs last because it fails the entire job if it # detects vulnerabilities. :| - name: Run Prisma Cloud image scan - uses: PaloAltoNetworks/prisma-cloud-scan@1f38c94d789ff9b01a4e80070b442294ebd3e362 # v1.4.0 + uses: PaloAltoNetworks/prisma-cloud-scan@124b48d8325c23f58a35da0f1b4d9a6b54301d05 # v1.6.7 with: pcc_console_url: ${{ secrets.PRISMA_CLOUD_URL }} pcc_user: ${{ secrets.PRISMA_CLOUD_ACCESS_KEY }} pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy