Upgrade GitHub Actions (#23)

cybcon · web-flow · commit 186535465838 · 2024-02-27T14:57:04.000+01:00
diff --git a/.github/workflows/container-vulnerability-scan.yaml b/.github/workflows/container-vulnerability-scan.yaml
@@ -37,12 +37,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
       - name: Login to DockerHub container registry
         if: inputs.login_dockerhub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_PASSWORD }}
@@ -52,7 +52,7 @@ jobs:
       - name: Download container image from artifacts if uploaded
         if: inputs.image_artifact_name != '' &&
             inputs.image_artifact_filename != ''
-        uses: actions/download-artifact@v3.0.2
+        uses: actions/download-artifact@v4
         with:
           name: ${{ inputs.image_artifact_name }}
           path: /tmp
diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml
@@ -32,13 +32,13 @@ jobs:
         uses: actions/checkout@v4
       - name: Cache asdf
         id: cache
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: /home/runner/.asdf
           key: ${{ runner.os }}-${{ hashFiles('**/.tool-versions') }}
       - name: Install
         if: steps.cache.outputs.cache-hit != 'true'
-        uses: asdf-vm/actions/install@v2.2.0
+        uses: asdf-vm/actions/install@v3
         with:
           # Normally, this action would just install the versions of the .tool-versions file in the root directory of the repository.
           # As we also have .tool-versions files in subdirectories, pre-commit hooks would fail if versions in these files differ from
diff --git a/.github/workflows/release-from-label.yaml b/.github/workflows/release-from-label.yaml
@@ -24,11 +24,11 @@ jobs:
       ) &&
       !contains(github.event.pull_request.labels.*.name, 'chore')
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: install semver
-        uses: asdf-vm/actions/install@v2.2.0
+        uses: asdf-vm/actions/install@v3
         with:
           tool_versions: |
             semver 3.3.0
diff --git a/.github/workflows/release-label-validation.yaml b/.github/workflows/release-label-validation.yaml
@@ -20,7 +20,7 @@ jobs:
       contains(fromJSON('["opened", "edited", "synchronize", "reopened", "labeled", "unlabeled"]'), github.event.action) &&
       !startsWith(github.head_ref, 'renovate/')
     steps:
-      - uses: actions/setup-python@v4
+      - uses: actions/setup-python@v5
         with:
           python-version: '3.10'
       - name: determine labels
