ci: update actions for docker, trivy, and artifacts

- Update the `docker/build-push-action` GitHub Action from version `v5` to `v6` across multiple build jobs. - Upgrade the Docker Build and Push Action from version 5 to version 6 in the GitHub workflow. - Update GitHub Actions to use newer versions of Trivy (`0.29.0`) and upload-artifact (`v4`). Signed-off-by: CHEN, CHUN <jim60105@gmail.com>
jim60105 · Feb 10, 2025 · e53d4d1 · e53d4d1
1 parent 5290df5
commit e53d4d1
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 8 deletions.
diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml
@@ -33,7 +33,7 @@ jobs:
           tag: alpine
 
       - name: Build and push
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: ./alpine.Dockerfile
@@ -71,7 +71,7 @@ jobs:
           tag: ubi
 
       - name: Build and push
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: ./ubi.Dockerfile
@@ -109,7 +109,7 @@ jobs:
           tag: distroless
 
       - name: Build and push
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: ./distroless.Dockerfile

diff --git a/.github/workflows/docker_publish_latest.yml b/.github/workflows/docker_publish_latest.yml
@@ -35,7 +35,7 @@ jobs:
           tag: latest
 
       - name: Build and push
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: ./Dockerfile

diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
@@ -22,7 +22,7 @@ jobs:
           sparse-checkout-cone-mode: false
 
       - name: Run Trivy vulnerability scanner for alpine image
-        uses: aquasecurity/trivy-action@0.14.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: "ghcr.io/jim60105/streamlink:alpine"
           vuln-type: "os,library"
@@ -33,7 +33,7 @@ jobs:
           output: "trivy-results-alpine.html"
 
       - name: Run Trivy vulnerability scanner for ubi image
-        uses: aquasecurity/trivy-action@0.14.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: "ghcr.io/jim60105/streamlink:ubi"
           vuln-type: "os,library"
@@ -44,7 +44,7 @@ jobs:
           output: "trivy-results-ubi.html"
 
       - name: Run Trivy vulnerability scanner for distroless image
-        uses: aquasecurity/trivy-action@0.14.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: "ghcr.io/jim60105/streamlink:distroless"
           vuln-type: "os,library"
@@ -55,7 +55,7 @@ jobs:
           output: "trivy-results-distroless.html"
 
       - name: Upload Artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: trivy-results
           path: trivy-results-*