diff --git a/.github/workflows/backport-command.yml b/.github/workflows/backport-command.yml index fbe01e11cf4f9..89c7609d4bf78 100644 --- a/.github/workflows/backport-command.yml +++ b/.github/workflows/backport-command.yml @@ -28,11 +28,11 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + - uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/actions_bot_token @@ -45,7 +45,7 @@ jobs: run: $SCRIPT_DIR/get_backport_type.sh shell: bash - name: Failed reaction - uses: peter-evans/create-or-update-comment@v4 + uses: peter-evans/create-or-update-comment@v5 if: failure() with: token: ${{ env.ACTIONS_BOT_TOKEN }} @@ -69,11 +69,11 @@ jobs: BACKPORT_BRANCH: ${{ needs.backport-type.outputs.backport_branch }} steps: - uses: actions/checkout@v6 - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + - uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/actions_bot_token @@ -155,14 +155,14 @@ jobs: run: $SCRIPT_DIR/create_pr.sh shell: bash - name: Add reaction - uses: peter-evans/create-or-update-comment@v4 + uses: peter-evans/create-or-update-comment@v5 with: token: ${{ env.ACTIONS_BOT_TOKEN }} repository: ${{ github.event.client_payload.github.payload.repository.full_name }} comment-id: ${{ github.event.client_payload.github.payload.comment.id }} reactions: hooray - name: Failed reaction - uses: peter-evans/create-or-update-comment@v4 + uses: peter-evans/create-or-update-comment@v5 if: failure() with: token: ${{ env.ACTIONS_BOT_TOKEN }} diff --git a/.github/workflows/backport-on-merge.yml b/.github/workflows/backport-on-merge.yml index 6808a014c9712..fa3a0ab711523 100644 --- a/.github/workflows/backport-on-merge.yml +++ b/.github/workflows/backport-on-merge.yml @@ -25,11 +25,11 @@ jobs: if: success() && steps.findPr.outputs.number env: PR: ${{ steps.findPr.outputs.pr }} - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + - uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/actions_bot_token diff --git a/.github/workflows/buf.yml b/.github/workflows/buf.yml index c4a9f7bfb1c30..97d9f5055bbd3 100644 --- a/.github/workflows/buf.yml +++ b/.github/workflows/buf.yml @@ -62,11 +62,11 @@ jobs: needs: validate # Only run after validation passes runs-on: ubuntu-latest steps: - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + - uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/buf_token diff --git a/.github/workflows/buildkite-slash-commands.yml b/.github/workflows/buildkite-slash-commands.yml index 3047947ce69be..f8924762e1276 100644 --- a/.github/workflows/buildkite-slash-commands.yml +++ b/.github/workflows/buildkite-slash-commands.yml @@ -19,11 +19,11 @@ jobs: id-token: write contents: read steps: - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + - uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/actions_bot_token @@ -48,7 +48,7 @@ jobs: buildkite_pipeline: redpanda command: ${{ github.event.client_payload.slash_command.command }} - name: Success reaction - uses: peter-evans/create-or-update-comment@v4 + uses: peter-evans/create-or-update-comment@v5 with: token: ${{ env.ACTIONS_BOT_TOKEN }} repository: ${{ github.event.client_payload.github.payload.repository.full_name }} diff --git a/.github/workflows/check-ducktape-protos.yml b/.github/workflows/check-ducktape-protos.yml index cb87c97adb755..cc6d13c6d0d5e 100644 --- a/.github/workflows/check-ducktape-protos.yml +++ b/.github/workflows/check-ducktape-protos.yml @@ -38,8 +38,8 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 - - uses: bazel-contrib/setup-bazel@0.15.0 + uses: actions/checkout@v6 + - uses: bazel-contrib/setup-bazel@0.19.0 with: bazelisk-cache: true repository-cache: true @@ -48,7 +48,7 @@ jobs: CI: false run: bazel fetch --lockfile_mode=off //proto/... - name: Install uv - uses: astral-sh/setup-uv@v6 + uses: astral-sh/setup-uv@v8.2.0 - name: Regenerate ducktape proto bindings env: CI: false diff --git a/.github/workflows/close-backport-issues.yml b/.github/workflows/close-backport-issues.yml index 6ef87720a005c..ae0e304215fb9 100644 --- a/.github/workflows/close-backport-issues.yml +++ b/.github/workflows/close-backport-issues.yml @@ -17,7 +17,7 @@ jobs: contents: read steps: - name: Close backport issues and PRs - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | const version = '${{ github.event.inputs.version }}'; diff --git a/.github/workflows/cloud-installpack-bk-trigger.yml b/.github/workflows/cloud-installpack-bk-trigger.yml index 19a32a227b6b4..f4fa5b6f7f87b 100644 --- a/.github/workflows/cloud-installpack-bk-trigger.yml +++ b/.github/workflows/cloud-installpack-bk-trigger.yml @@ -10,11 +10,11 @@ jobs: id-token: write contents: read steps: - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + - uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/actions_bot_token diff --git a/.github/workflows/dispatch-docs-updates.yml b/.github/workflows/dispatch-docs-updates.yml index c143a3a59c00e..f7830817ed584 100644 --- a/.github/workflows/dispatch-docs-updates.yml +++ b/.github/workflows/dispatch-docs-updates.yml @@ -22,13 +22,13 @@ jobs: echo "Draft: ${{ github.event.release.draft }}" # Assume AWS role and fetch ACTIONS_BOT_TOKEN - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - id: ghsecrets - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/actions_bot_token @@ -54,7 +54,7 @@ jobs: # Dispatch to api-docs repo if latest - name: Dispatch to api-docs repo if: steps.latest.outputs.is_latest == 'true' - uses: peter-evans/repository-dispatch@v3 + uses: peter-evans/repository-dispatch@v4 with: token: ${{ env.ACTIONS_BOT_TOKEN }} repository: redpanda-data/api-docs @@ -65,7 +65,7 @@ jobs: # Dispatch to docs repo for property docs generation if latest - name: Dispatch property docs generation to docs repo if: steps.latest.outputs.is_latest == 'true' - uses: peter-evans/repository-dispatch@v3 + uses: peter-evans/repository-dispatch@v4 with: token: ${{ env.ACTIONS_BOT_TOKEN }} repository: redpanda-data/docs diff --git a/.github/workflows/lint-bazel-dependency-graph.yml b/.github/workflows/lint-bazel-dependency-graph.yml index 8f8000a942769..8daaa13fd82f2 100644 --- a/.github/workflows/lint-bazel-dependency-graph.yml +++ b/.github/workflows/lint-bazel-dependency-graph.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v6 - - uses: bazel-contrib/setup-bazel@0.15.0 + - uses: bazel-contrib/setup-bazel@0.19.0 with: # Avoid downloading Bazel every time. bazelisk-cache: true diff --git a/.github/workflows/lint-bazel-pkg-tool.yml b/.github/workflows/lint-bazel-pkg-tool.yml index 23dc8375ccd07..7a92e53aae7db 100644 --- a/.github/workflows/lint-bazel-pkg-tool.yml +++ b/.github/workflows/lint-bazel-pkg-tool.yml @@ -19,11 +19,11 @@ jobs: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: stable cache: false - - uses: golangci/golangci-lint-action@v8 + - uses: golangci/golangci-lint-action@v9 with: version: latest args: --timeout 10m --verbose tool.go diff --git a/.github/workflows/lint-cpp.yml b/.github/workflows/lint-cpp.yml index e703f545cb74e..fbc05bde03587 100644 --- a/.github/workflows/lint-cpp.yml +++ b/.github/workflows/lint-cpp.yml @@ -29,7 +29,7 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v6 - - uses: bazel-contrib/setup-bazel@0.15.0 + - uses: bazel-contrib/setup-bazel@0.19.0 with: # Avoid downloading Bazel every time. bazelisk-cache: true diff --git a/.github/workflows/lint-golang.yml b/.github/workflows/lint-golang.yml index ef88f3eb6868c..8102421dc7bff 100644 --- a/.github/workflows/lint-golang.yml +++ b/.github/workflows/lint-golang.yml @@ -49,7 +49,7 @@ jobs: go mod tidy git diff --exit-code -- go.mod go.sum - name: Check goreleaser configuration file - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@v7 with: version: v1.24.0 args: check src/go/.goreleaser.yaml diff --git a/.github/workflows/lint-python.yml b/.github/workflows/lint-python.yml index 564b1d7afe600..4f9e7b8e45790 100644 --- a/.github/workflows/lint-python.yml +++ b/.github/workflows/lint-python.yml @@ -22,12 +22,12 @@ jobs: - name: Checkout code uses: actions/checkout@v6 - name: Ruff format --check - uses: astral-sh/ruff-action@v3 + uses: astral-sh/ruff-action@v4.0.0 with: args: "format --check --diff" version: "0.12.10" - name: Ruff check (/tests only) - uses: astral-sh/ruff-action@v3 + uses: astral-sh/ruff-action@v4.0.0 with: args: "check --output-format=github" src: "./tests" diff --git a/.github/workflows/pr-labeler.yml b/.github/workflows/pr-labeler.yml index c4534bd43539e..d9de788d93bd7 100644 --- a/.github/workflows/pr-labeler.yml +++ b/.github/workflows/pr-labeler.yml @@ -9,6 +9,6 @@ jobs: pull-requests: write runs-on: ubuntu-latest steps: - - uses: actions/labeler@v5 + - uses: actions/labeler@v6 with: repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/promote.yml b/.github/workflows/promote.yml index b57e4a84d2df9..4aff6c0829b6c 100644 --- a/.github/workflows/promote.yml +++ b/.github/workflows/promote.yml @@ -10,11 +10,11 @@ jobs: id-token: write contents: read steps: - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + - uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/buildkite_token diff --git a/.github/workflows/publish-apache-polaris-python-client.yml b/.github/workflows/publish-apache-polaris-python-client.yml index 3ac5aa0932c8b..1b792240712ee 100644 --- a/.github/workflows/publish-apache-polaris-python-client.yml +++ b/.github/workflows/publish-apache-polaris-python-client.yml @@ -37,7 +37,7 @@ jobs: with: repository: 'apache/polaris' - name: Set up Python 3.11 - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: 3.11 - name: Generate client @@ -52,7 +52,7 @@ jobs: -e 's/"polaris\/\*\*"/"polaris\/\*\*\/\*\.py"/' \ -e 's/boto3==/boto3>=/' pyproject.toml - name: Install uv - uses: astral-sh/setup-uv@v6 + uses: astral-sh/setup-uv@v8.2.0 - name: Build distribution packages working-directory: client/python run: uv build diff --git a/.github/workflows/release-rp-storage-tool.yml b/.github/workflows/release-rp-storage-tool.yml index 3e3215361ccd1..0c0128ecaf78e 100644 --- a/.github/workflows/release-rp-storage-tool.yml +++ b/.github/workflows/release-rp-storage-tool.yml @@ -19,7 +19,7 @@ jobs: id-token: write contents: read steps: - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} diff --git a/.github/workflows/render-pr-body-release-notes.yml b/.github/workflows/render-pr-body-release-notes.yml index 7042f346c153a..5b95838e15bf7 100644 --- a/.github/workflows/render-pr-body-release-notes.yml +++ b/.github/workflows/render-pr-body-release-notes.yml @@ -22,7 +22,7 @@ jobs: curl -s -S -f -L -o rpchangelog/requirements.txt https://vectorized-public.s3.us-west-2.amazonaws.com/rpchangelog/requirements.txt curl -s -S -f -L -o rpchangelog/rpchangelog.py https://vectorized-public.s3.us-west-2.amazonaws.com/rpchangelog/rpchangelog.py chmod +x rpchangelog/rpchangelog.py - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: '3.12' cache: 'pip' diff --git a/.github/workflows/rp-storage-tool-checks.yml b/.github/workflows/rp-storage-tool-checks.yml index 2b57f39c31736..db7a07ef451cb 100644 --- a/.github/workflows/rp-storage-tool-checks.yml +++ b/.github/workflows/rp-storage-tool-checks.yml @@ -22,16 +22,9 @@ jobs: - name: Checkout sources uses: actions/checkout@v6 - name: Install stable toolchain - uses: actions-rs/toolchain@v1 - with: - profile: minimal - toolchain: stable - override: true + uses: dtolnay/rust-toolchain@stable - name: Run cargo check - uses: actions-rs/cargo@v1 - with: - command: check - args: --manifest-path tools/rp_storage_tool/Cargo.toml + run: cargo check --manifest-path tools/rp_storage_tool/Cargo.toml test: name: Unit tests runs-on: ubuntu-latest @@ -39,13 +32,6 @@ jobs: - name: Checkout sources uses: actions/checkout@v6 - name: Install stable toolchain - uses: actions-rs/toolchain@v1 - with: - profile: minimal - toolchain: stable - override: true + uses: dtolnay/rust-toolchain@stable - name: Run cargo test - uses: actions-rs/cargo@v1 - with: - command: test - args: --manifest-path tools/rp_storage_tool/Cargo.toml + run: cargo test --manifest-path tools/rp_storage_tool/Cargo.toml diff --git a/.github/workflows/rpk-build.yml b/.github/workflows/rpk-build.yml index 1abdbc55410ca..4f2b1d385a8c0 100644 --- a/.github/workflows/rpk-build.yml +++ b/.github/workflows/rpk-build.yml @@ -44,7 +44,7 @@ jobs: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: stable cache-dependency-path: 'src/go/rpk/go.sum' @@ -57,7 +57,7 @@ jobs: runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: stable cache-dependency-path: 'src/go/rpk/go.sum' @@ -67,7 +67,7 @@ jobs: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: stable - uses: bufbuild/buf-action@v1 diff --git a/.github/workflows/slash-commands.yml b/.github/workflows/slash-commands.yml index ed48238e20552..ed6e1aeeef69c 100644 --- a/.github/workflows/slash-commands.yml +++ b/.github/workflows/slash-commands.yml @@ -10,16 +10,16 @@ jobs: id-token: write contents: read steps: - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + - uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/actions_bot_token parse-json-secrets: true - - uses: peter-evans/slash-command-dispatch@v4 + - uses: peter-evans/slash-command-dispatch@v5 with: token: ${{ env.ACTIONS_BOT_TOKEN }} permission: read diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 111f50ea025d9..9b2aee0749bd3 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -11,7 +11,7 @@ jobs: permissions: issues: write steps: - - uses: actions/stale@v9 + - uses: actions/stale@v10 with: repo-token: ${{ secrets.GITHUB_TOKEN }} days-before-stale: 90 # 3 months diff --git a/.github/workflows/transform-sdk-build.yml b/.github/workflows/transform-sdk-build.yml index 41dbf406c0d76..e1af2526bd870 100644 --- a/.github/workflows/transform-sdk-build.yml +++ b/.github/workflows/transform-sdk-build.yml @@ -33,15 +33,20 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: ${{ env.GO_VERSION }} cache-dependency-path: src/transform-sdk/go/transform/go.sum - name: Build integration tests working-directory: src/transform-sdk/tests + env: + # setup-go@v6 defaults GOTOOLCHAIN=local; this module's go.mod + # requires a newer Go than the pinned GO_VERSION, so allow the + # toolchain to be fetched as it was under v5. + GOTOOLCHAIN: auto run: go test -c -o ./wasm-integration-test - name: Upload integration test binary - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: wasm-integration-test path: src/transform-sdk/tests/wasm-integration-test @@ -51,14 +56,14 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: ${{ env.GO_VERSION }} cache-dependency-path: src/transform-sdk/go/transform/go.sum - name: Run tests working-directory: src/transform-sdk/go/transform run: go test -v ./... - - uses: golangci/golangci-lint-action@v6 + - uses: golangci/golangci-lint-action@v9 with: version: latest args: --timeout 5m @@ -69,7 +74,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: ${{ env.GO_VERSION }} cache-dependency-path: src/transform-sdk/go/transform/go.sum @@ -86,7 +91,7 @@ jobs: tinygo build -scheduler=none -target=wasi -o tee.wasm ./tee tinygo build -scheduler=none -target=wasi -o sr.wasm ./schema-registry - name: Download integration test suite - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: wasm-integration-test path: src/transform-sdk/go/transform/internal/testdata @@ -140,7 +145,7 @@ jobs: --example=tee \ --example=schema_registry - name: Download integration test suite - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: wasm-integration-test path: src/transform-sdk/rust @@ -187,7 +192,7 @@ jobs: working-directory: src/transform-sdk/cpp/examples run: cmake -B build && cmake --build build - name: Download integration test suite - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: wasm-integration-test path: src/transform-sdk/cpp/examples @@ -231,7 +236,7 @@ jobs: steps: - uses: actions/checkout@v6 - name: Install node - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 20 - name: Build integration tests @@ -264,7 +269,7 @@ jobs: -mvp --enable-simd --enable-bulk-memory --enable-multimemory \ -o sr.wasm - name: Download integration test suite - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: wasm-integration-test path: src/transform-sdk/js diff --git a/.github/workflows/transform-sdk-release.yml b/.github/workflows/transform-sdk-release.yml index bc478865f9fdf..fea3fdfc2d139 100644 --- a/.github/workflows/transform-sdk-release.yml +++ b/.github/workflows/transform-sdk-release.yml @@ -19,13 +19,13 @@ jobs: contents: write steps: - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: 1.22 cache-dependency-path: src/transform-sdk/go/transform/go.sum - name: Create golang specific tag id: gotag - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | const version = '${{github.ref_name}}'.slice('transform-sdk/'.length); @@ -52,11 +52,11 @@ jobs: - uses: actions/checkout@v6 - name: Set up Rust run: rustup update stable --no-self-update && rustup default stable - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + - uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/cargo_registry_token @@ -77,16 +77,16 @@ jobs: id-token: write contents: read steps: - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: node-version: 22 registry-url: 'https://registry.npmjs.org' - uses: actions/checkout@v6 - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + - uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/npm_token diff --git a/.github/workflows/trigger-snyk.yml b/.github/workflows/trigger-snyk.yml index c9257c0ac3b3e..9055269c5b61b 100644 --- a/.github/workflows/trigger-snyk.yml +++ b/.github/workflows/trigger-snyk.yml @@ -15,11 +15,11 @@ jobs: gh: runs-on: ubuntu-24.04 steps: - - uses: aws-actions/configure-aws-credentials@v4 + - uses: aws-actions/configure-aws-credentials@v6 with: aws-region: ${{ vars.RP_AWS_CRED_REGION }} role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }} - - uses: aws-actions/aws-secretsmanager-get-secrets@v2 + - uses: aws-actions/aws-secretsmanager-get-secrets@v3 with: secret-ids: | ,sdlc/prod/github/actions_bot_token diff --git a/.github/workflows/type-check-python.yaml b/.github/workflows/type-check-python.yaml index 814602ac6fbdf..bc505f47ccb7c 100644 --- a/.github/workflows/type-check-python.yaml +++ b/.github/workflows/type-check-python.yaml @@ -28,8 +28,8 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v6 - - uses: docker/setup-buildx-action@v3 - - uses: docker/build-push-action@v6 + - uses: docker/setup-buildx-action@v4 + - uses: docker/build-push-action@v7 with: context: "tests" file: tools/type-checking/Dockerfile