redhat-certification · komish · Jun 6, 2024 · Jun 5, 2024
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -27,7 +27,7 @@ jobs:
                 path: "chart-verifier"
 
             - name: Setup Go
-              uses: actions/setup-go@v4
+              uses: actions/setup-go@v5
               with:
                 go-version-file: ./chart-verifier/go.mod
 
@@ -51,7 +51,7 @@ jobs:
                   fi
 
             - name: Set up Python 3.x
-              uses: actions/setup-python@v4
+              uses: actions/setup-python@v5
               with:
                 python-version: '3.9'
 
@@ -76,7 +76,7 @@ jobs:
                 echo "date=$(/bin/date -u "+%Y%m%d")" | tee -a $GITHUB_OUTPUT
               shell: bash
 
-            - uses: actions/cache@v3
+            - uses: actions/cache@v4
               id: cache
               with:
                   path: ./chart-verifier/oc
@@ -179,7 +179,7 @@ jobs:
             - name: Merge PR
               id: merge_pr
               if: ${{ steps.check_version_updated.outputs.updated == 'true'}}
-              uses: pascalgn/[email protected].2
+              uses: pascalgn/[email protected].3
               env:
                 GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
                 MERGE_METHOD: squash
@@ -196,7 +196,7 @@ jobs:
             - name: Create release tag
               id: create_release_tag
               if: ${{ steps.check_version_updated.outputs.updated == 'true'}}
-              uses: mathieudutour/github-tag-action@v6.1
+              uses: mathieudutour/github-tag-action@v6.2
               with:
                 # It is necessary to use a Personal Access Token here rather than the usual GITHUB_TOKEN, as this
                 # step should trigger the release.yaml workflow, and events (such as tags) triggered by the

diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
@@ -40,7 +40,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -65,12 +65,12 @@ jobs:
 
     - name: Perform CodeQL Analysis
       id: codeql_analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3
 
     - name: Send message to helm_dev slack channel
       id: notify_dev
       if: ${{ always() &&  github.event_name == 'schedule' && steps.codeql_analysis.conclusion != 'success' }}
-      uses: archive/github-actions-slack@v2.8.0
+      uses: archive/github-actions-slack@v2.9.0
       with:
         slack-bot-user-oauth-access-token: ${{ secrets.SLACK_BOT_USER_OAUTH_ACCESS_TOKEN }}
         slack-channel: C02979BDUPL
@@ -83,7 +83,7 @@ jobs:
     - name: Send message to helm_notify slack channel
       id: notify
       if: ${{ always() &&  github.event_name == 'schedule' && steps.codeql_analysis.conclusion == 'success' }}
-      uses: archive/github-actions-slack@v2.8.0
+      uses: archive/github-actions-slack@v2.9.0
       with:
         slack-bot-user-oauth-access-token: ${{ secrets.SLACK_BOT_USER_OAUTH_ACCESS_TOKEN }}
         slack-channel: C04K1ARMH8A

diff --git a/.github/workflows/dev_release.yaml b/.github/workflows/dev_release.yaml
@@ -22,12 +22,12 @@ jobs:
               uses: actions/checkout@v4
 
             - name: Setup Go
-              uses: actions/setup-go@v4
+              uses: actions/setup-go@v5
               with:
                 go-version-file: go.mod
 
             - name: Set up Python 3.x
-              uses: actions/setup-python@v4
+              uses: actions/setup-python@v5
               with:
                   python-version: '3.9'
 
@@ -52,12 +52,11 @@ jobs:
             - name: Delete previous release and tag
               id: delete-previous
               if: ${{ steps.create-tarfile.outcome == 'success' }}
-              uses: dev-drprasad/delete-tag-and-release@v0.2.1
+              uses: dev-drprasad/delete-tag-and-release@v1.1
               with:
                 delete_release: true # default: false
                 tag_name: ${{ env.DEV_RELEASE }} # tag name to delete
-              env:
-                GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+                github_token: ${{ secrets.GITHUB_TOKEN }}
 
               # The next step seems to periodically create a draft release.
               # We think this is because of a race condition.
@@ -69,12 +68,11 @@ jobs:
             - name: Create the release
               id: create_release
               if: ${{ steps.delete-previous.outcome == 'success' && steps.sleep-after-delete-previous.outcome == 'success' }}
-              uses: softprops/action-gh-release@v1
+              uses: softprops/action-gh-release@v2
               with:
                 tag_name: ${{ env.DEV_RELEASE }}
                 body: "Development release created with each merge into the main branch."
                 files: ${{ steps.create-tarfile.outputs.tarball_full_name }}
                 prerelease: true
                 draft: false
-              env:
-                GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+                token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/golang-style.yml b/.github/workflows/golang-style.yml
@@ -13,7 +13,7 @@ jobs:
       uses: actions/checkout@v4
 
     - name: Setup Go
-      uses: actions/setup-go@v4
+      uses: actions/setup-go@v5
       with:
         go-version-file: go.mod
 

diff --git a/.github/workflows/python-style.yml b/.github/workflows/python-style.yml
@@ -15,7 +15,7 @@ jobs:
       uses: actions/checkout@v4
 
     - name: Set up Python 3.x Part 1
-      uses: actions/setup-python@v4
+      uses: actions/setup-python@v5
       with:
         python-version: "3.9"
 

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -36,7 +36,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Setup Go
-        uses: actions/setup-go@v4
+        uses: actions/setup-go@v5
         with:
           go-version-file: go.mod
 
@@ -64,7 +64,7 @@ jobs:
           fi
 
       - name: Set up Python 3.x
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: '3.9'
 
@@ -81,7 +81,7 @@ jobs:
 
       - name: Create the release
         id: create_release
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
         with:
           tag_name: ${{ steps.get_tag.outputs.release_version }}
           body: ${{ steps.release_body.outputs.release_body }}

diff --git a/.github/workflows/vulnerability.yaml b/.github/workflows/vulnerability.yaml
@@ -26,7 +26,7 @@ jobs:
           fi
 
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         if: always()
         with:
           # Path to SARIF file relative to the root of the repository