Update GitHub Actions

2026-02-16 10:59:55 +00:00 · 2026-02-16 05:11:09 +00:00
3 changed files with 5 additions and 5 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -50,7 +50,7 @@ jobs:
        output: 'trivy-results-k3kcli.sarif'

    - name: Upload Trivy scan results to GitHub Security tab (k3kcli)
-      uses: github/codeql-action/upload-sarif@38e701f46e33fb233075bf4238cb1e5d68e429e4 # v3
+      uses: github/codeql-action/upload-sarif@f5c2471be782132e47a6e6f9c725e56730d6e9a3 # v3
      with:
        sarif_file: trivy-results-k3kcli.sarif
        category: k3kcli
@@ -66,7 +66,7 @@ jobs:
        output: 'trivy-results-k3k.sarif'

    - name: Upload Trivy scan results to GitHub Security tab (k3k)
-      uses: github/codeql-action/upload-sarif@38e701f46e33fb233075bf4238cb1e5d68e429e4 # v3
+      uses: github/codeql-action/upload-sarif@f5c2471be782132e47a6e6f9c725e56730d6e9a3 # v3
      with:
        sarif_file: trivy-results-k3k.sarif
        category: k3k
@@ -82,7 +82,7 @@ jobs:
        output: 'trivy-results-k3k-kubelet.sarif'

    - name: Upload Trivy scan results to GitHub Security tab (k3k-kubelet)
-      uses: github/codeql-action/upload-sarif@38e701f46e33fb233075bf4238cb1e5d68e429e4 # v3
+      uses: github/codeql-action/upload-sarif@f5c2471be782132e47a6e6f9c725e56730d6e9a3 # v3
      with:
        sarif_file: trivy-results-k3k-kubelet.sarif
        category: k3k-kubelet
--- a/.github/workflows/fossa.yml
+++ b/.github/workflows/fossa.yml
@@ -15,7 +15,7 @@ jobs:
    timeout-minutes: 30
    steps:
    - name: Checkout
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

    # The FOSSA token is shared between all repos in Rancher's GH org. It can be
    # used directly and there is no need to request specific access to EIO.
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -55,7 +55,7 @@ jobs:
        echo "DOCKER_PASSWORD=${{ github.token }}"  >> $GITHUB_ENV

    - name: Login to container registry
-      uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
+      uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
      with:
        registry: ${{ env.REGISTRY }}
        username: ${{ env.DOCKER_USERNAME }}