Result of tsccr-helper -log-level=info gha update -latest . (#4472)

Co-authored-by: hashicorp-tsccr[bot] <hashicorp-tsccr[bot]@users.noreply.github.com> (cherry picked from commit 299dee0932) # Conflicts: # .github/workflows/build.yml # .github/workflows/enos-run.yml # .github/workflows/milestone-checker.yml # .github/workflows/security-scan.yml # .github/workflows/test-cli-ui_oss.yml # .github/workflows/test-race.yml
2 years ago · fcd616dd00
parent 6e5aaae57f
commit fcd616dd00
9 changed files with 28 additions and 28 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -108,7 +108,7 @@ jobs:
          repository: boundary
          version: ${{ needs.set-product-version.outputs.product-version }}
          product: ${{ env.PKG_NAME }}
-      - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+      - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: metadata.json
          path: ${{ steps.generate-metadata-file.outputs.filepath }}
@ -163,7 +163,7 @@ jobs:
        id: set-sha
        run: echo "sha=$(head -n1 internal/ui/VERSION | cut -d ' ' -f1)" >> "$GITHUB_OUTPUT"
      - name: Download UI artifact
-        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e # v2.28.0
+        uses: dawidd6/action-download-artifact@71072fbb1229e1317f1a8de6b04206afb461bd67 # v3.1.2
        with:
          workflow: build-admin-ui.yaml
          commit: ${{ steps.set-sha.outputs.sha }}
@ -185,7 +185,7 @@ jobs:
          reproducible: report
          instructions: |-
            make build
-      - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+      - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: ${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
          path: out/${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
@ -235,7 +235,7 @@ jobs:
        id: set-sha
        run: echo "sha=$(head -n1 internal/ui/VERSION | cut -d ' ' -f1)" >> "$GITHUB_OUTPUT"
      - name: Download UI artifact
-        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e # v2.28.0
+        uses: dawidd6/action-download-artifact@71072fbb1229e1317f1a8de6b04206afb461bd67 # v3.1.2
        with:
          workflow: build-admin-ui.yaml
          commit: ${{ steps.set-sha.outputs.sha }}
@ -257,7 +257,7 @@ jobs:
          reproducible: report
          instructions: |-
            make build
-      - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+      - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: ${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
          path: out/${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
@ -282,12 +282,12 @@ jobs:
          echo "RPM_PACKAGE=$(basename out/*.rpm)" >> "$GITHUB_ENV"
          echo "DEB_PACKAGE=$(basename out/*.deb)" >> "$GITHUB_ENV"
      - name: Upload RPM package
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: ${{ env.RPM_PACKAGE }}
          path: out/${{ env.RPM_PACKAGE }}
      - name: Upload DEB package
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: ${{ env.DEB_PACKAGE }}
          path: out/${{ env.DEB_PACKAGE }}
@ -334,7 +334,7 @@ jobs:
        id: set-sha
        run: echo "sha=$(head -n1 internal/ui/VERSION | cut -d ' ' -f1)" >> "$GITHUB_OUTPUT"
      - name: Download UI artifact
-        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e # v2.28.0
+        uses: dawidd6/action-download-artifact@71072fbb1229e1317f1a8de6b04206afb461bd67 # v3.1.2
        with:
          workflow: build-admin-ui.yaml
          commit: ${{ steps.set-sha.outputs.sha }}
@ -356,7 +356,7 @@ jobs:
          reproducible: report
          instructions: |-
            make build
-      - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+      - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: ${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
          path: out/${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
--- a/.github/workflows/enos-run.yml
+++ b/.github/workflows/enos-run.yml
@ -140,7 +140,7 @@ jobs:
          echo "trusted-key ${{ secrets.ENOS_GPG_UID }}" >> ~/.gnupg/gpg.conf
          cat ~/.gnupg/gpg.conf
      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1
+        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CI }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CI }}
@ -219,7 +219,7 @@ jobs:
        run: |
          mv ${{ steps.download-docker.outputs.download-path }}/*.tar enos/support/boundary_docker_image.tar
      - name: Set up Node.js
-        uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
+        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
        if: contains(matrix.filter, 'e2e_ui')
        with:
          node-version: '16.x'
@ -262,7 +262,7 @@ jobs:
          fi
          popd
      - name: Upload e2e tests output
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: test-e2e-output
          path: enos/*.log
@ -275,7 +275,7 @@ jobs:
          docker logs database
      - name: Upload e2e UI tests debug info
        if: contains(matrix.filter, 'e2e_ui') && steps.run.outcome == 'failure'
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: test-e2e-ui-debug
          path: enos/support/src/boundary-ui/ui/admin/tests/e2e/artifacts/test-failures
@ -288,7 +288,7 @@ jobs:
          enos scenario launch --timeout 60m0s --chdir ./enos ${{ matrix.filter }}
      - name: Upload Debug Data
        if: ${{ always() && steps.run_retry.outcome == 'failure' }}
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          # The name of the artifact is the same as the matrix scenario name with the spaces replaced with underscores and colons replaced by equals.
          name: ${{ steps.prepare_scenario.outputs.debug_data_artifact_name }}
@ -323,7 +323,7 @@ jobs:
          env
          find ./enos -name "scenario.tf" -exec cat {} \;
      - name: Send Slack message if Run and Retry fails (or if something else went wrong)
-        uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0
+        uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
        # steps.run.outcome reports as failure when there is an error in `Run Enos scenario`
        # failure() captures errors before `Run Enos scenario`
        # failure() does not capture errors in `Run Enos scenario` due to continue-on-error
@ -337,7 +337,7 @@ jobs:
        env:
          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }}
      - name: Send Slack message if Run but Retry passes
-        uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0
+        uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
        if: ${{ steps.run.outcome == 'failure' && steps.run_retry.outcome != 'failure' }}
        with:
          channel-id: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }}
--- a/.github/workflows/fuzz.yml
+++ b/.github/workflows/fuzz.yml
@ -49,7 +49,7 @@ jobs:
        run: go test ./internal/perms -fuzz=FuzzParse -fuzztime=30s
      - name: Upload fuzz failure seed corpus as run artifact
        if: failure()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: fuzz-corpus
          path: ./internal/perms/testdata/fuzz
--- a/.github/workflows/milestone-checker.yml
+++ b/.github/workflows/milestone-checker.yml
@ -29,7 +29,7 @@ jobs:
          path: ./actions
          ref: be89ad434792280ebaa4d982ac72ba548b6f7095
      - name: Set up Node.js
-        uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
+        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
        with:
          node-version: '16.x'
      - name: Install Actions
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@ -8,7 +8,7 @@ on:
      - 'main'
    paths-ignore:
      - 'website/**'
-      
+
 jobs:
  scan:
    runs-on: ${{ fromJSON(vars.RUNNER_LARGE) }}
@ -76,7 +76,7 @@ jobs:
        repository: "$PWD"

    - name: Upload SARIF file
-      uses: github/codeql-action/upload-sarif@4b6aa0b07da05d6e43d0e5f9c8596a6532ce1c85 # codeql-bundle-v2.15.3
+      uses: github/codeql-action/upload-sarif@592977e6ae857384aa79bb31e7a1d62d63449ec5 # codeql-bundle-v2.16.3
      with:
        sarif_file: results.sarif

--- a/.github/workflows/test-ci-bootstrap-oss.yml
+++ b/.github/workflows/test-ci-bootstrap-oss.yml
@ -31,7 +31,7 @@ jobs:
      - name: Set up Terraform
        uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36    # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed
      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1
+        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CI }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CI }}
--- a/.github/workflows/test-ci-cleanup-oss.yml
+++ b/.github/workflows/test-ci-cleanup-oss.yml
@ -15,7 +15,7 @@ jobs:
      regions: ${{steps.regions.outputs.regions}}
    steps:
      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1
+        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CI }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CI }}
@ -44,7 +44,7 @@ jobs:
    steps:
      - name: Configure AWS credentials
        id: aws-configure
-        uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1
+        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CI }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CI }}
@ -80,7 +80,7 @@ jobs:
        region: ${{ fromJSON(needs.setup.outputs.regions) }}
    steps:
      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1
+        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CI }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CI }}
--- a/.github/workflows/test-cli-ui_oss.yml
+++ b/.github/workflows/test-cli-ui_oss.yml
@ -36,7 +36,7 @@ jobs:
          path: /tmp/bats-cli-ui-deps
          key: enos-bats-cli-ui-deps-jq-1.6-password-store-1.7.4-vault-1.12.2
      - name: Set up Node for Bats install
-        uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
+        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
        with:
          node-version: 16
      - name: Install Bats via NPM
@ -73,7 +73,7 @@ jobs:
        run: |
          unzip /tmp/bats-cli-ui-deps/vault.zip -d /usr/local/bin
      - name: Download Linux AMD64 Boundary bundle
-        uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+        uses: actions/download-artifact@87c55149d96e628cc2ef7e6fc2aab372015aec85 # v4.1.3
        with:
          name: ${{ inputs.artifact-name }}
          path: /tmp
@ -112,7 +112,7 @@ jobs:
          make -C internal/tests/cli test-vault-down
      - name: Send Slack message
        if: ${{ failure() }}
-        uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0
+        uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
        with:
          channel-id: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }}
          payload: |
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -164,7 +164,7 @@ jobs:
          until pg_isready -h 127.0.0.1; do docker container inspect boundary-sql-tests &> /dev/null || exit 255; sleep 1; done

      - name: Test
-        uses: nick-fields/retry@14672906e672a08bd6eeb15720e9ed3ce869cdd4 # v2.9.0
+        uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0
        env:
          TEST_PACKAGE: "./..."
          TESTARGS: -v