update github actions versions

microsoft · Jan 7, 2025 · 3421789 · 3421789
1 parent 9f3cc1a
commit 3421789
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -97,7 +97,7 @@ jobs:
       uses: github/codeql-action/analyze@v3
 
     - name: Aqua Security Trivy
-      uses: aquasecurity/trivy-action@0.28.0
+      uses: aquasecurity/trivy-action@0.29.0
       with:
         scan-type: 'fs'
         scan-ref: '.'
@@ -106,7 +106,7 @@ jobs:
         severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
 
     - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@v3
       with:
         sarif_file: 'trivy-results.sarif'
 

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -12,6 +12,9 @@ on:
       - tools/importkey/**
       - pkg/common/akv.go
       - pkg/common/keyblob.go
+
+permissions:
+  contents: write # needed to create release
 
 env:
   GO_VERSION: "1.23.x"
@@ -44,7 +47,7 @@ jobs:
           GOARCH: amd64
 
       - name: Upload Executables
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: binaries
           path: |
@@ -59,12 +62,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifacts
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: binaries
 
       - name: Publish release
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
         with:
           tag_name: ${{ github.ref_name }}
           files: |