This is an automated email from the ASF dual-hosted git repository.
chia7712 pushed a commit to branch 4.1
in repository https://gitbox.apache.org/repos/asf/kafka.git
The following commit(s) were added to refs/heads/4.1 by this push:
new 849feac5199 MINOR: Update all github actions to latest version (#20649)
849feac5199 is described below
commit 849feac51993949aadb3d2a92fff985bf6083e3e
Author: Jhen-Yung Hsu <[email protected]>
AuthorDate: Wed Oct 8 19:13:51 2025 +0800
MINOR: Update all github actions to latest version (#20649)
Updates all GitHub Actions to their latest versions.
----
**Upgraded Actions:**
* **Gradle setup**:
* `gradle/actions/setup-gradle` **v4.4.4 → v5.0.0**
* **Trivy security scanner**:
* `aquasecurity/trivy-action` **v0.24.0 → v0.33.1**
* **Docker build tools:**
* `docker/setup-qemu-action` **v3.2.0 → v3.6.0**
* `docker/setup-buildx-action` **v3.6.1 → v3.11.1**
* `docker/login-action` **v3.3.0 → v3.6.0**
* **GitHub utilities:**
* `actions/github-script` **v7 → v8**
* `actions/stale` **v9 → v10**
Reviewers: Chia-Ping Tsai <[email protected]>
---
.github/actions/setup-gradle/action.yml | 2 +-
.github/workflows/docker_build_and_test.yml | 2 +-
.github/workflows/docker_official_image_build_and_test.yml | 2 +-
.github/workflows/docker_promote.yml | 6 +++---
.github/workflows/docker_rc_release.yml | 6 +++---
.github/workflows/docker_scan.yml | 2 +-
.github/workflows/pr-labels-cron.yml | 4 ++--
.github/workflows/stale.yml | 2 +-
8 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/.github/actions/setup-gradle/action.yml
b/.github/actions/setup-gradle/action.yml
index 1a5b0902703..f1112a7ffd5 100644
--- a/.github/actions/setup-gradle/action.yml
+++ b/.github/actions/setup-gradle/action.yml
@@ -42,7 +42,7 @@ runs:
distribution: temurin
java-version: ${{ inputs.java-version }}
- name: Setup Gradle
- uses:
gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
+ uses:
gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
env:
GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED: true
with:
diff --git a/.github/workflows/docker_build_and_test.yml
b/.github/workflows/docker_build_and_test.yml
index 67acdf9fb74..5c71af2cd12 100644
--- a/.github/workflows/docker_build_and_test.yml
+++ b/.github/workflows/docker_build_and_test.yml
@@ -54,7 +54,7 @@ jobs:
run: |
python docker_build_test.py kafka/test -tag=test -type=$IMAGE_TYPE
-u=$KAFKA_URL
- name: Run CVE scan
- uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8
# v0.24.0
+ uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
# v0.33.1
with:
image-ref: 'kafka/test:test'
format: 'table'
diff --git a/.github/workflows/docker_official_image_build_and_test.yml
b/.github/workflows/docker_official_image_build_and_test.yml
index 58866a19d6c..73ca9d52141 100644
--- a/.github/workflows/docker_official_image_build_and_test.yml
+++ b/.github/workflows/docker_official_image_build_and_test.yml
@@ -53,7 +53,7 @@ jobs:
run: |
python docker_official_image_build_test.py kafka/test -tag=test
-type=$IMAGE_TYPE -v=$KAFKA_VERSION
- name: Run CVE scan
- uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8
# v0.24.0
+ uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
# v0.33.1
with:
image-ref: 'kafka/test:test'
format: 'table'
diff --git a/.github/workflows/docker_promote.yml
b/.github/workflows/docker_promote.yml
index 3b9a6f1d4fb..e6f8779de69 100644
--- a/.github/workflows/docker_promote.yml
+++ b/.github/workflows/docker_promote.yml
@@ -31,11 +31,11 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Set up QEMU
- uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf
# v3.2.0
+ uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392
# v3.6.0
- name: Set up Docker Buildx
- uses:
docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
+ uses:
docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
- name: Login to Docker Hub
- uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 #
v3.3.0
+ uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef #
v3.6.0
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
diff --git a/.github/workflows/docker_rc_release.yml
b/.github/workflows/docker_rc_release.yml
index 1f824b39b97..bb7ec89c870 100644
--- a/.github/workflows/docker_rc_release.yml
+++ b/.github/workflows/docker_rc_release.yml
@@ -47,11 +47,11 @@ jobs:
python -m pip install --upgrade pip
pip install -r docker/requirements.txt
- name: Set up QEMU
- uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf
# v3.2.0
+ uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392
# v3.6.0
- name: Set up Docker Buildx
- uses:
docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
+ uses:
docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
- name: Login to Docker Hub
- uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 #
v3.3.0
+ uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef #
v3.6.0
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
diff --git a/.github/workflows/docker_scan.yml
b/.github/workflows/docker_scan.yml
index 1d8ee25e08b..3db8ff79ff9 100644
--- a/.github/workflows/docker_scan.yml
+++ b/.github/workflows/docker_scan.yml
@@ -29,7 +29,7 @@ jobs:
supported_image_tag: ['latest', '3.7.2', '3.8.1', '3.9.1', '4.0.0']
steps:
- name: Run CVE scan
- uses:
aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
+ uses:
aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # v0.33.1
if: always()
with:
image-ref: apache/kafka:${{ matrix.supported_image_tag }}
diff --git a/.github/workflows/pr-labels-cron.yml
b/.github/workflows/pr-labels-cron.yml
index 5faaca72ed3..420d80498ba 100644
--- a/.github/workflows/pr-labels-cron.yml
+++ b/.github/workflows/pr-labels-cron.yml
@@ -35,7 +35,7 @@ jobs:
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
- name: Remove label
- uses: actions/github-script@v7
+ uses: actions/github-script@v8
continue-on-error: true
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -77,7 +77,7 @@ jobs:
issues: write
pull-requests: write
steps:
- - uses: actions/stale@v9
+ - uses: actions/stale@v10
with:
debug-only: ${{ inputs.dryRun || false }}
operations-per-run: ${{ inputs.operationsPerRun || 500 }}
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index 9382d4173e9..74de2a967b5 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -38,7 +38,7 @@ jobs:
stale:
runs-on: ubuntu-latest
steps:
- - uses: actions/stale@v9
+ - uses: actions/stale@v10
with:
debug-only: ${{ inputs.dryRun || false }}
operations-per-run: ${{ inputs.operationsPerRun || 500 }}
