Skip to content

Commit 8924998

Browse files
update github action version
Signed-off-by: Nicolas-Peiffer <102670102+Nicolas-Peiffer@users.noreply.github.com>
1 parent f195cc9 commit 8924998

3 files changed

Lines changed: 10 additions & 10 deletions

File tree

.github/actions/publish-release/action.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ runs:
3636
steps:
3737
# Install go with specific version
3838
- name: Set up Go
39-
uses: actions/setup-go@v5
39+
uses: actions/setup-go@v6
4040
with:
4141
go-version: ${{ inputs.go-version }} # same version than the one in the go.mod or in the .go-version
4242
# Register to ghcr.io container Registry
@@ -48,10 +48,10 @@ runs:
4848
password: ${{ inputs.registry_password }}
4949
# Install ko to publish container images
5050
- name: Set up Ko
51-
uses: ko-build/setup-ko@v0.7
51+
uses: ko-build/setup-ko@v0.9
5252
# Install cosign to sign artfacts with goreleaser
5353
- name: Install Cosign
54-
uses: sigstore/cosign-installer@v3.5.0
54+
uses: sigstore/cosign-installer@v3.10.0
5555
# Get LDFLAGS with a makefile command
5656
- shell: bash
5757
name: Get LDFLAGS

.github/actions/verify-attestations/action.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -25,18 +25,18 @@ runs:
2525
steps:
2626
# Install go with specific version
2727
- name: Set up Go
28-
uses: actions/setup-go@v5
28+
uses: actions/setup-go@v6
2929
with:
3030
go-version: ${{ inputs.go-version }} # same version than the one in the go.mod or in the .go-version
3131

3232
- shell: bash
3333
name : Install dependencies
3434
run : |
35-
go install github.com/slsa-framework/slsa-verifier/v2/cli/slsa-verifier@v2.5.1
35+
go install github.com/slsa-framework/slsa-verifier/v2/cli/slsa-verifier@v2.7.1
3636
- shell: bash
3737
name: verify image provenance
3838
id: image-provenance
3939
run: |
4040
slsa-verifier verify-image ${{ inputs.image }} \
4141
--source-uri github.com/${{github.repository}} \
42-
--builder-id https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@refs/tags/v1.10.0
42+
--builder-id https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@refs/tags/v2.1.0

.github/workflows/Goreleaser.yaml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222
digest: ${{ steps.publish-artifacts.outputs.digest }}
2323
steps:
2424
- name: Checkout
25-
uses: actions/checkout@v4
25+
uses: actions/checkout@v5
2626
with:
2727
fetch-depth: 0
2828
- name: Publish Artifacts
@@ -43,7 +43,7 @@ jobs:
4343
actions: read # To read the workflow path.
4444
id-token: write # To sign the provenance.
4545
contents: write # To add assets to a release.
46-
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0
46+
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.1.0
4747
with:
4848
base64-subjects: "${{ needs.goreleaser.outputs.hashes }}"
4949
upload-assets: true
@@ -54,7 +54,7 @@ jobs:
5454
actions: read
5555
id-token: write
5656
packages: write
57-
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.10.0
57+
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0
5858
with:
5959
image: ${{ needs.goreleaser.outputs.image }}
6060
digest: ${{ needs.goreleaser.outputs.digest }}
@@ -72,7 +72,7 @@ jobs:
7272
packages: write
7373
steps:
7474
- name: Checkout
75-
uses: actions/checkout@v4
75+
uses: actions/checkout@v5
7676
with:
7777
fetch-depth: 0
7878
- name: Verify provenance attestations

0 commit comments

Comments
 (0)