diff --git a/.github/workflows/cache.yml b/.github/workflows/cache.yml index 121dd631a..a2b654dd3 100644 --- a/.github/workflows/cache.yml +++ b/.github/workflows/cache.yml @@ -43,14 +43,14 @@ jobs: - name: Extract metadata (tags, labels) for Test Container id: test-meta - uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 + uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=raw,value=${{ env.TEST_TAG }} - name: Build and export Container image - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 with: context: ./packaging/cache/ load: true @@ -65,7 +65,7 @@ jobs: - name: Extract metadata (tags, labels) for Container id: meta - uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 + uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | @@ -79,7 +79,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push Docker image - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 with: context: ./packaging/cache/ push: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9e083c0e5..63b6bc94a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -58,7 +58,7 @@ jobs: path: ${{ env.BUILD_PACKAGES }} - name: generate build provenance - uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4 + uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0 with: subject-path: "${{ github.workspace }}/${{ env.BUILD_PACKAGES }}/*"