diff --git a/.github/workflows/cache.yml b/.github/workflows/cache.yml index d64649415..862596bb8 100644 --- a/.github/workflows/cache.yml +++ b/.github/workflows/cache.yml @@ -43,14 +43,14 @@ jobs: - name: Extract metadata (tags, labels) for Test Container id: test-meta - uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 + uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=raw,value=${{ env.TEST_TAG }} - name: Build and export Container image - uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0 + uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0 with: context: ./packaging/cache/ load: true @@ -65,7 +65,7 @@ jobs: - name: Extract metadata (tags, labels) for Container id: meta - uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 + uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | @@ -79,7 +79,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push Docker image - uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0 + uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0 with: context: ./packaging/cache/ push: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b9f940997..2e5cc371e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -67,7 +67,7 @@ jobs: ls -R ${{ env.BUILD_PACKAGES }} - name: generate build provenance - uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4 # v2.2.0 + uses: actions/attest-build-provenance@bd77c077858b8d561b7a36cbe48ef4cc642ca39d # v2.2.2 with: subject-path: "${{ github.workspace }}/${{ env.BUILD_PACKAGES }}/*"