Skip to content

Bump multiple github action versions #1504

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Akshay2191 merged 4 commits into from
Jan 30, 2026
Merged

Bump multiple github action versions #1504

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
58ce629
dependabot stuff
Akshay2191 Jan 29, 2026
a6bd89b
fixed a typo
Akshay2191 Jan 29, 2026
96b3025
fixed a typo
Akshay2191 Jan 29, 2026
3ad6b3d
fixing Vuln pipeline
Akshay2191 Jan 29, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/assertion.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
osarch: [amd64, arm64]
steps:
- name: Checkout Repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

- name: Download nginx-agent binary artifacts
if: ${{ inputs.runId != '' }}
Expand Down
52 changes: 26 additions & 26 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
id-token: write # for OIDC authentication
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-tags: 'true'

Expand All @@ -44,7 +44,7 @@ jobs:
secrets-filter: 'artifactory'
- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand All @@ -69,7 +69,7 @@ jobs:
permissions:
id-token: write # for OIDC authentication
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Secrets from Azure Key Vault
uses: ./.github/actions/az-sync
with:
Expand All @@ -80,7 +80,7 @@ jobs:
secrets-filter: 'artifactory'
- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand Down Expand Up @@ -111,7 +111,7 @@ jobs:
permissions:
id-token: write # for OIDC authentication
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Secrets from Azure Key Vault
uses: ./.github/actions/az-sync
with:
Expand All @@ -122,7 +122,7 @@ jobs:
secrets-filter: 'artifactory'
- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand All @@ -146,7 +146,7 @@ jobs:
permissions:
id-token: write # for OIDC authentication
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Secrets from Azure Key Vault
uses: ./.github/actions/az-sync
with:
Expand All @@ -157,7 +157,7 @@ jobs:
secrets-filter: 'artifactory'
- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand All @@ -176,7 +176,7 @@ jobs:
permissions:
id-token: write # for OIDC authentication
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-tags: 'true'
- name: Get Secrets from Azure Key Vault
Expand All @@ -189,7 +189,7 @@ jobs:
secrets-filter: 'artifactory'
- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand Down Expand Up @@ -231,7 +231,7 @@ jobs:
- image: "alpine"
version: "3.23"
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Secrets from Azure Key Vault
uses: ./.github/actions/az-sync
with:
Expand All @@ -242,7 +242,7 @@ jobs:
secrets-filter: 'artifactory'
- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand Down Expand Up @@ -293,7 +293,7 @@ jobs:
- image: "alpine"
version: "3.22"
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Secrets from Azure Key Vault
uses: ./.github/actions/az-sync
with:
Expand All @@ -304,7 +304,7 @@ jobs:
secrets-filter: 'artifactory'
- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand Down Expand Up @@ -362,7 +362,7 @@ jobs:
version: "mainline"
release: "alpine"
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Secrets from Azure Key Vault
uses: ./.github/actions/az-sync
with:
Expand All @@ -373,7 +373,7 @@ jobs:
secrets-filter: 'artifactory'
- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand Down Expand Up @@ -441,7 +441,7 @@ jobs:
release: "debian"
path: "/nginx-plus/agent"
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Secrets from Azure Key Vault
uses: ./.github/actions/az-sync
with:
Expand All @@ -453,7 +453,7 @@ jobs:

- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand Down Expand Up @@ -531,7 +531,7 @@ jobs:
version: "mainline"
release: "alpine"
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Secrets from Azure Key Vault
uses: ./.github/actions/az-sync
with:
Expand All @@ -542,7 +542,7 @@ jobs:
secrets-filter: 'artifactory'
- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand Down Expand Up @@ -610,7 +610,7 @@ jobs:
release: "debian"
path: "/nginx-plus/agent"
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Secrets from Azure Key Vault
uses: ./.github/actions/az-sync
with:
Expand All @@ -621,7 +621,7 @@ jobs:
secrets-filter: 'artifactory'
- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand Down Expand Up @@ -682,7 +682,7 @@ jobs:
id-token: write # for OIDC authentication
contents: write # Needed for pushing benchmark results to github branch
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Secrets from Azure Key Vault
uses: ./.github/actions/az-sync
with:
Expand All @@ -693,7 +693,7 @@ jobs:
secrets-filter: 'artifactory'
- name: Configure Go Proxy
uses: ./.github/actions/configure-goproxy
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand Down Expand Up @@ -731,8 +731,8 @@ jobs:
runs-on: ubuntu-22.04
needs: build-unsigned-snapshot
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
docs_only: ${{ github.event.pull_request && steps.docs.outputs.docs_only == 'true' }}
steps:
- name: Checkout Repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/dependency-review.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
pull-requests: write # for actions/dependency-review-action to post comments
steps:
- name: "Checkout Repository"
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

- name: "Dependency Review"
uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/label-pr.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
pull-requests: write
runs-on: ubuntu-22.04
steps:
- uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6.1.0
- uses: release-drafter/release-drafter@6db134d15f3909ccc9eefd369f02bd1e9cffdf97 # v6.2.0
with:
disable-releaser: true
env:
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/release-branch.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ jobs:
create_pull_request: ${{steps.vars.outputs.create_pull_request }}
steps:
- name: Checkout Repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: ${{ inputs.releaseBranch }}

Expand All @@ -91,7 +91,7 @@ jobs:
release_id: ${{ steps.vars.outputs.RELEASE_ID }}
steps:
- name: Checkout Repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
if: ${{ needs.vars.outputs.github_release == 'true' }}
with:
ref: ${{ inputs.releaseBranch }}
Expand Down Expand Up @@ -187,7 +187,7 @@ jobs:
contents: write # Needed to tag a release
steps:
- name: Checkout Repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
if: ${{ needs.vars.outputs.tag_release == 'true' }}
with:
ref: ${{ inputs.releaseBranch }}
Expand All @@ -208,7 +208,7 @@ jobs:
id-token: write # Needed to get a token to upload packages to NGINX repo
steps:
- name: Checkout Repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: ${{ inputs.releaseBranch }}

Expand All @@ -222,7 +222,7 @@ jobs:
secrets-filter: 'artifactory'

- name: Setup go
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version-file: 'go.mod'
cache: false
Expand Down Expand Up @@ -304,7 +304,7 @@ jobs:
pull-requests: write # Needed to create pull request back into main branch
steps:
- name: Checkout Repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/ccheckout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: ${{ inputs.releaseBranch }}

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/scorecards.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:

steps:
- name: "Checkout code"
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false

Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/upload-release-assets.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
upload_azure: ${{steps.vars.outputs.upload_azure }}
steps:
- name: Checkout Repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: ${{ inputs.releaseBranch }}

Expand All @@ -56,7 +56,7 @@ jobs:
contents: write # Needed for uploading release assets to GitHub
steps:
- name: Checkout Repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: ${{ inputs.releaseBranch }}

Expand All @@ -75,7 +75,7 @@ jobs:
echo "Checking Packages in ${{inputs.pkgRepo}}/nginx-agent"
echo "${{ env.nginx-pkg-certificate }}" > pubtest.crt
echo "${{ env.nginx-pkg-key }}" > pubtest.key

DL=1 PKG_REPO=${{inputs.pkgRepo}} \
CERT=pubtest.crt KEY=pubtest.key \
scripts/packages/package-check.sh ${{inputs.pkgVersion}}
Expand Down Expand Up @@ -107,7 +107,7 @@ jobs:
-c ${{ secrets.AZURE_CONTAINER_NAME }} \
--account-name ${{ secrets.AZURE_ACCOUNT_NAME }} \
--overwrite -n nginx-agent/release-${{ inputs.pkgVersion }}/nginx-agent.tar.gz

echo "Uploading packages..."
for i in $(find ${{ inputs.pkgRepo }}/nginx-agent | grep -e "nginx-agent[_-]${{ inputs.pkgVersion }}"); do
dest="nginx-agent/release-${{ inputs.pkgVersion }}/${i##*/}"
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/vulncheck.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,16 +27,16 @@ jobs:
- name: Checkout Repository
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
with:
fetch-depth: 0
ref: ${{ inputs.target-branch || 'main' }}
fetch-depth: 0
ref: ${{ inputs.target-branch || 'main' }}

- name: Check Go version
id: get-go-version
run: |
echo "Reading from go.mod"
GO_VERSION=$(grep -E "^toolchain " go.mod | awk -F' ' '{print $2}' | tr -d 'go')
echo "Found $GO_VERSION"
echo "go-version="$GO_VERSION"" >> $GITHUB_OUTPUT
echo "go-version="$GO_VERSION"" >> $GITHUB_OUTPUT

- name: Run govulncheck
id: govulncheck
Expand Down
Loading