build(deps): bump the ci group with 5 updates

Bumps the ci group with 5 updates: | Package | From | To | | --- | --- | --- | | [korthout/backport-action](https://github.com/korthout/backport-action) | `2.3.0` | `2.4.0` | | [actions/cache](https://github.com/actions/cache) | `3.3.3` | `4.0.0` | | [Azure/login](https://github.com/azure/login) | `1.6.0` | `1.6.1` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.15.3` | `0.15.5` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.23.0` | `3.23.1` | Updates `korthout/backport-action` from 2.3.0 to 2.4.0 - [Release notes](https://github.com/korthout/backport-action/releases) - [Commits](addffea45a...79b9f245a4) Updates `actions/cache` from 3.3.3 to 4.0.0 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](e12d46a63a...13aacd865c) Updates `Azure/login` from 1.6.0 to 1.6.1 - [Release notes](https://github.com/azure/login/releases) - [Commits](e15b166166...cb79c773a3) Updates `anchore/sbom-action` from 0.15.3 to 0.15.5 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](c7f031d924...24b0d52385) Updates `github/codeql-action` from 3.23.0 to 3.23.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](e5f05b81d5...0b21cf2492) --- updated-dependencies: - dependency-name: korthout/backport-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: Azure/login dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci ... Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 21:39:42 +00:00 · 2024-01-22 21:39:42 +00:00 · 19d9274743
parent dc21441505
commit 19d9274743
6 changed files with 9 additions and 9 deletions
--- a/.github/workflows/backport.yaml
+++ b/.github/workflows/backport.yaml
@ -17,7 +17,7 @@ jobs:
        with:
          ref: ${{ github.event.pull_request.head.sha }}
      - name: Create backport PRs
-        uses: korthout/backport-action@addffea45a2f0b5682f1d5ba0506f45bc18bf174 # v2.3.0
+        uses: korthout/backport-action@79b9f245a4132c5bf4bca01c7526cfea24059c03 # v2.4.0
        # xref: https://github.com/korthout/backport-action#inputs
        with:
          # Use token to allow workflows to be triggered for the created PR
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@ -21,7 +21,7 @@ jobs:
      id: buildx
      uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
    - name: Cache Docker layers
-      uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3.3.3
+      uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
      id: cache
      with:
        path: /tmp/.buildx-cache
--- a/.github/workflows/integration-azure.yaml
+++ b/.github/workflows/integration-azure.yaml
@ -26,7 +26,7 @@ jobs:
          go-version: 1.20.x
          cache-dependency-path: tests/integration/go.sum
      - name: Authenticate to Azure
-        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.4.6
+        uses: Azure/login@cb79c773a3cfa27f31f25eb3f677781210c9ce3d # v1.4.6
        with:
          creds: '{"clientId":"${{ secrets.IRC_E2E_AZ_ARM_CLIENT_ID }}","clientSecret":"${{ secrets.IRC_E2E_AZ_ARM_CLIENT_SECRET }}","subscriptionId":"${{ secrets.IRC_E2E_AZ_ARM_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.IRC_E2E_AZ_ARM_TENANT_ID }}"}'
      - name: Set up QEMU
@ -34,7 +34,7 @@ jobs:
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
      - name: Cache Docker layers
-        uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3.3.3
+        uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
        id: cache
        with:
          path: /tmp/.buildx-cache
--- a/.github/workflows/integration-gcp.yaml
+++ b/.github/workflows/integration-gcp.yaml
@ -38,7 +38,7 @@ jobs:
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226  # v3.0.0
      - name: Cache Docker layers
-        uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3.3.3
+        uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
        id: cache
        with:
          path: /tmp/.buildx-cache
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -92,7 +92,7 @@ jobs:
          mkdir -p config/release
          kustomize build ./config/crd > ./config/release/${{ env.CONTROLLER }}.crds.yaml
          kustomize build ./config/manager > ./config/release/${{ env.CONTROLLER }}.deployment.yaml
-      - uses: anchore/sbom-action/download-syft@c7f031d9249a826a082ea14c79d3b686a51d485a # v0.15.3
+      - uses: anchore/sbom-action/download-syft@24b0d5238516480139aa8bc6f92eeb7b54a9eb0a # v0.15.5
      - name: Create release and SBOM
        id: run-goreleaser
        if: startsWith(github.ref, 'refs/tags/v')
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@ -40,13 +40,13 @@ jobs:
            **/go.sum
            **/go.mod
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0
+        uses: github/codeql-action/init@0b21cf2492b6b02c465a3e5d7c473717ad7721ba # v3.23.1
        with:
          languages: go
          # xref: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
          # xref: https://codeql.github.com/codeql-query-help/go/
          queries: security-and-quality
      - name: Autobuild
-        uses: github/codeql-action/autobuild@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0
+        uses: github/codeql-action/autobuild@0b21cf2492b6b02c465a3e5d7c473717ad7721ba # v3.23.1
      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0
+        uses: github/codeql-action/analyze@0b21cf2492b6b02c465a3e5d7c473717ad7721ba # v3.23.1