4141 runner : ubuntu-22.04-arm
4242 steps :
4343 - name : Free Disk Space for Docker
44- uses : endersonmenezes/free-disk-space@e6ed9b02e683a3b55ed0252f1ee469ce3b39a885
44+ uses : endersonmenezes/free-disk-space@7901478139cff6e9d44df5972fd8ab8fcade4db1
4545 with :
4646 remove_android : true
4747 remove_dotnet : true
5454 dotnet-sdk-*
5555 remove_packages_one_command : true
5656 - name : Login to github container registry
57- uses : docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9
57+ uses : docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2
5858 with :
5959 registry : ghcr.io
6060 username : ${{github.actor}}
6666 - name : setup trivy
6767 uses : aquasecurity/setup-trivy@3fb12ec12f41e471780db15c232d5dd185dcb514
6868 with :
69- version : v0.69.1
69+ version : v0.69.3
7070 - name : setup node
71- uses : actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238
71+ uses : actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f
7272 with :
7373 node-version-file : .tool-versions
7474
9898 IMAGE_TAG : " ${{ inputs.docker_tag }}-${{ matrix.arch }}"
9999 EXIT_CODE : 0
100100 EXTRA_COMMON : " ${{ inputs.extra_common }}"
101- - uses : actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
101+ - uses : actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f
102102 name : Upload scan results
103103 with :
104104 name : " scan_results_docker_${{ inputs.container_name }}_${{ matrix.arch }}.json"
@@ -149,7 +149,7 @@ jobs:
149149 CONTAINER_NAME : ' ${{ inputs.container_name }}'
150150 ARCHITECTURE : ' ${{ matrix.arch }}'
151151 - name : Attest image
152- uses : actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
152+ uses : actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
153153 with :
154154 subject-name : ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
155155 subject-digest : ${{ steps.resolve_arch_digest.outputs.digest }}
@@ -173,7 +173,7 @@ jobs:
173173 CONTAINER_NAME : ' ${{ inputs.container_name }}'
174174 ARCHITECTURE : ' ${{ matrix.arch }}'
175175 - name : Attest github actions image
176- uses : actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
176+ uses : actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
177177 with :
178178 subject-name : ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
179179 subject-digest : ${{ steps.resolve_githubactions_arch_digest.outputs.digest }}
@@ -214,7 +214,7 @@ jobs:
214214 ARCHITECTURE : ' ${{ matrix.arch }}'
215215 - name : Attest github actions latest image
216216 if : ${{ inputs.tag_latest }}
217- uses : actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
217+ uses : actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
218218 with :
219219 subject-name : ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
220220 subject-digest : ${{ steps.resolve_githubactions_latest_arch_digest.outputs.digest }}
@@ -239,7 +239,7 @@ jobs:
239239 ARCHITECTURE : ' ${{ matrix.arch }}'
240240 - name : Attest latest image
241241 if : ${{ inputs.tag_latest }}
242- uses : actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
242+ uses : actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
243243 with :
244244 subject-name : ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
245245 subject-digest : ${{ steps.resolve_latest_arch_digest.outputs.digest }}
@@ -263,7 +263,7 @@ jobs:
263263 id-token : write
264264 steps :
265265 - name : Login to github container registry
266- uses : docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9
266+ uses : docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2
267267 with :
268268 registry : ghcr.io
269269 username : ${{github.actor}}
@@ -334,7 +334,7 @@ jobs:
334334 CONTAINER_NAME : ' ${{ inputs.container_name }}'
335335
336336 - name : Attest combined image
337- uses : actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
337+ uses : actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
338338 with :
339339 subject-name : ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
340340 subject-digest : ${{ steps.resolve_combined_digest.outputs.digest }}
@@ -358,7 +358,7 @@ jobs:
358358 CONTAINER_NAME : ' ${{ inputs.container_name }}'
359359
360360 - name : Attest combined github actions image
361- uses : actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
361+ uses : actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
362362 with :
363363 subject-name : ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
364364 subject-digest : ${{ steps.resolve_githubactions_combined_digest.outputs.digest }}
@@ -383,7 +383,7 @@ jobs:
383383
384384 - name : Attest latest github actions image
385385 if : ${{ inputs.tag_latest }}
386- uses : actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
386+ uses : actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
387387 with :
388388 subject-name : ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
389389 subject-digest : ${{ steps.resolve_githubactions_latest_digest.outputs.digest }}
@@ -408,7 +408,7 @@ jobs:
408408
409409 - name : Attest latest image
410410 if : ${{ inputs.tag_latest }}
411- uses : actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
411+ uses : actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
412412 with :
413413 subject-name : ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
414414 subject-digest : ${{ steps.resolve_latest_digest.outputs.digest }}
0 commit comments