CICD-3007: upgrade actions to node 20

orcasecurity · Jun 10, 2024 · b37d3de · b37d3de
1 parent a4d9411
commit b37d3de
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 18 deletions.
diff --git a/.github/workflows/test-secrets-action-sarif.yaml b/.github/workflows/test-secrets-action-sarif.yaml
@@ -8,24 +8,20 @@ jobs:
     permissions:
       security-events: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # ratchet:actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Scan Secrets
         id: orcasecurity_secrets_scan
         uses: ./
         with:
-          api_token:
-            ${{ secrets.ORCA_SECURITY_API_TOKEN }}
-          project_key:
-            "default"
-          format:
-            "sarif"
-          output:
-            "results/"
+          api_token: ${{ secrets.ORCA_SECURITY_API_TOKEN }}
+          project_key: "default"
+          format: "sarif"
+          output: "results/"
           console_output: "table"
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@6ac9fc7e8e290bda8fac86290b68e176def71959 # ratchet:github/codeql-action/upload-sarif@v2
         if: ${{ always() && steps.orcasecurity_secrets_scan.outputs.exit_code != 1 }}
         with:
           sarif_file: results/secrets.sarif
diff --git a/.github/workflows/test-secrets-action.yaml b/.github/workflows/test-secrets-action.yaml
@@ -7,16 +7,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # ratchet:actions/checkout@v4
         with:
           fetch-depth: 0
-  
+
       - name: Scan Secrets
         id: orcasecurity
         uses: ./
         with:
-          api_token:
-            ${{ secrets.ORCA_SECURITY_API_TOKEN }}
-          project_key:
-            "default"
+          api_token: ${{ secrets.ORCA_SECURITY_API_TOKEN }}
+          project_key: "default"
           console_output: "table"
diff --git a/README.md b/README.md
@@ -35,7 +35,7 @@ jobs:
     steps:
       # Checkout your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Checkout Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0       
 
@@ -116,7 +116,7 @@ jobs:
     permissions:
       security-events: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Scan Secrets