UID2-2861 Update deprecated packages (#66)

* Update github/codeql-action/upload-sarif@v2 to v3

* Use `kcc-UID2-2861-fix-github-warnings` for the changed actions

* Update docker/login-action@v2 to v3

* Update actions/checkout@v3 to v4

* Use $GITHUB_OUTPUT instead of set-output

* Update google-github-actions/setup-gcloud@v1 to v2

* Replace kcc-UID2-2861-fix-github-warnings with v2

.github/workflows/shared-build-and-test.yaml

@@ -15,7 +15,7 @@ jobs:
 
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up JDK
         uses: actions/setup-java@v3
@@ -36,7 +36,7 @@ jobs:
           path: target/site/jacoco/*
 
       - name: Vulnerability Scan
-        uses: IABTechLab/uid2-shared-actions/actions/vulnerability_scan_filesystem@v2.4.0
+        uses: IABTechLab/uid2-shared-actions/actions/vulnerability_scan_filesystem@v2
         with:
           scan_severity: HIGH,CRITICAL
           failure_severity: CRITICAL

.github/workflows/shared-check-stable-dependency.yaml

@@ -8,7 +8,7 @@ jobs:
 
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Resolve dependencies
         run: mvn -B dependency:resolve

.github/workflows/shared-java-publish-versioned-package.yaml

@@ -66,7 +66,7 @@ jobs:
           key: ${{ secrets.GPG_KEY }}
 
       - name: Vulnerability Scan
-        uses: IABTechLab/uid2-shared-actions/actions/vulnerability_scan_filesystem@v2.4.0
+        uses: IABTechLab/uid2-shared-actions/actions/vulnerability_scan_filesystem@v2
         with:
           scan_severity: HIGH,CRITICAL
           failure_severity: CRITICAL

.github/workflows/shared-publish-docker-versioned.yaml

@@ -182,7 +182,7 @@ jobs:
           hide-progress: true
 
       - name: Upload Trivy scan report to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         if: inputs.publish_vulnerabilities == 'true'
         with:
           sarif_file: 'trivy-results.sarif'

.github/workflows/shared-publish-image-aws-ecr.yaml

@@ -30,7 +30,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout code
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
       with:
         # git-restore-mtime requires full git history. The default fetch-depth value (1) creates a shallow checkout.
         fetch-depth: 0

.github/workflows/shared-run-e2e-tests.yaml

@@ -87,52 +87,52 @@ jobs:
       id-token: write
     steps:
       - name: Log in to the Docker container registry
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GHCR_PAT }}
 
       - name: Checkout full history
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Checkout uid2-core repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ inputs.core_branch }}
           repository: IABTechLab/uid2-core
           path: uid2-core
 
       - name: Checkout uid2-optout repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ inputs.optout_branch }}
           repository: IABTechLab/uid2-optout
           path: uid2-optout
 
       - name: Checkout uid2-admin repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ inputs.admin_branch }}
           repository: IABTechLab/uid2-admin
           path: uid2-admin
 
       - name: Checkout uid2-operator repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ inputs.operator_branch }}
           repository: IABTechLab/uid2-operator
           path: uid2-operator
 
       - name: Checkout uid2-shared-actions repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: v2
           repository: IABTechLab/uid2-shared-actions
           path: uid2-shared-actions
 
       - name: Checkout uid2-e2e repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           repository: IABTechLab/uid2-e2e
           path: uid2-e2e

.github/workflows/shared-validate-image.yaml

@@ -43,7 +43,7 @@ jobs:
 
     steps:
       - name: Checkout full history
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # git-restore-mtime requires full git history. The default fetch-depth value (1) creates a shallow checkout.
           fetch-depth: 0
@@ -70,7 +70,7 @@ jobs:
           echo "git_commit=$(git show --format="%h" --no-patch)" >> $GITHUB_OUTPUT
 
       - name: Log in to the Docker container registry
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -106,7 +106,7 @@ jobs:
           output: 'trivy-results.sarif'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         if: inputs.upload_vulnerabilities
         with:
           sarif_file: 'trivy-results.sarif'

actions/build_scan_image/action.yaml

@@ -25,7 +25,7 @@ runs:
         echo "git_commit=$(git show --format="%h" --no-patch)" >> $GITHUB_OUTPUT
 
     - name: Log in to the Container registry
-      uses: docker/login-action@v2
+      uses: docker/login-action@v3
       with:
         registry: ${{ env.REGISTRY }}
         username: ${{ github.actor }}
@@ -72,7 +72,7 @@ runs:
         hide-progress: true
 
     - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@v3
       if: always()
       with:
         sarif_file: 'trivy-results.sarif'

actions/prepare_gcp_metadata/action.yaml

@@ -41,7 +41,7 @@ runs:
         access_token_lifetime: 1200s
 
     - name: Set up Cloud SDK
-      uses: 'google-github-actions/setup-gcloud@v1'
+      uses: google-github-actions/setup-gcloud@v2
 
     - name: Log in to the GCP Registry
       uses: docker/login-action@v3
@@ -62,7 +62,7 @@ runs:
 
         # Get the digest
         IMAGE_HASH=$(docker inspect --format='{{index .RepoDigests 0}}' "${IMAGE_NAME}:${IMAGE_TAG}" | cut -d'@' -f2)
-        echo "::set-output name=image_hash::${IMAGE_HASH}"
+        echo "image_hash=${IMAGE_HASH}" >> $GITHUB_OUTPUT
 
     - name: Prepare GCP enclave metadata
       id: metadata

actions/vulnerability_scan/action.yaml

@@ -33,7 +33,7 @@ runs:
       hide-progress: true
 
   - name: Upload Trivy scan report to GitHub Security tab
-    uses: github/codeql-action/upload-sarif@v2
+    uses: github/codeql-action/upload-sarif@v3
     if: inputs.publish_vulnerabilities == 'true'
     with:
       sarif_file: 'trivy-results.sarif'

actions/vulnerability_scan_filesystem/action.yaml

@@ -29,7 +29,7 @@ runs:
       hide-progress: true
 
   - name: Upload Trivy scan report to GitHub Security tab
-    uses: github/codeql-action/upload-sarif@v2
+    uses: github/codeql-action/upload-sarif@v3
     if: inputs.publish_vulnerabilities == 'true'
     with:
       sarif_file: 'trivy-results.sarif'