mirror of
https://github.com/argoproj/argo-cd
synced 2026-04-21 08:57:17 +00:00
chore(deps): bump step-security/harden-runner from 2.17.0 to 2.18.0 (#27370)
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit is contained in:
dependabot[bot]
GitHub
parent
30efe53bf2
commit
9cfce1df0e
14 changed files with 24 additions and 24 deletions
2
.github/workflows/bump-major-version.yaml
vendored
2
.github/workflows/bump-major-version.yaml
vendored
|
|
@ -18,7 +18,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
|
|
|
|||
2
.github/workflows/cherry-pick-single.yml
vendored
2
.github/workflows/cherry-pick-single.yml
vendored
|
|
@ -36,7 +36,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
|
|
|
|||
2
.github/workflows/cherry-pick.yml
vendored
2
.github/workflows/cherry-pick.yml
vendored
|
|
@ -24,7 +24,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
|
|
|
|||
22
.github/workflows/ci-build.yaml
vendored
22
.github/workflows/ci-build.yaml
vendored
|
|
@ -35,7 +35,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
||||
|
|
@ -63,7 +63,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- name: Checkout code
|
||||
|
|
@ -88,7 +88,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- name: Checkout code
|
||||
|
|
@ -124,7 +124,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- name: Checkout code
|
||||
|
|
@ -153,7 +153,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- name: Create checkout directory
|
||||
|
|
@ -226,7 +226,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- name: Create checkout directory
|
||||
|
|
@ -295,7 +295,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- name: Checkout code
|
||||
|
|
@ -357,7 +357,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- name: Checkout code
|
||||
|
|
@ -415,7 +415,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- name: Checkout code
|
||||
|
|
@ -496,7 +496,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- name: Free Disk Space (Ubuntu)
|
||||
|
|
@ -632,7 +632,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- run: |
|
||||
|
|
|
|||
2
.github/workflows/codeql.yml
vendored
2
.github/workflows/codeql.yml
vendored
|
|
@ -45,7 +45,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
|
|
|
|||
2
.github/workflows/image-reuse.yaml
vendored
2
.github/workflows/image-reuse.yaml
vendored
|
|
@ -61,7 +61,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
|
|
|
|||
2
.github/workflows/image.yaml
vendored
2
.github/workflows/image.yaml
vendored
|
|
@ -37,7 +37,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
|
|
|
|||
2
.github/workflows/init-release.yaml
vendored
2
.github/workflows/init-release.yaml
vendored
|
|
@ -34,7 +34,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
|
|
|
|||
2
.github/workflows/pr-title-check.yml
vendored
2
.github/workflows/pr-title-check.yml
vendored
|
|
@ -27,7 +27,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
|
|
|
|||
2
.github/workflows/release.yaml
vendored
2
.github/workflows/release.yaml
vendored
|
|
@ -51,7 +51,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
- name: Checkout code
|
||||
|
|
|
|||
2
.github/workflows/renovate.yaml
vendored
2
.github/workflows/renovate.yaml
vendored
|
|
@ -18,7 +18,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Block unknown outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: block
|
||||
disable-sudo-and-containers: "false" # renovatebot runs in `docker run`
|
||||
|
|
|
|||
2
.github/workflows/scorecard.yaml
vendored
2
.github/workflows/scorecard.yaml
vendored
|
|
@ -31,7 +31,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
|
|
|
|||
2
.github/workflows/stale.yaml
vendored
2
.github/workflows/stale.yaml
vendored
|
|
@ -18,7 +18,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Block unknown outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: block
|
||||
disable-sudo-and-containers: "true"
|
||||
|
|
|
|||
2
.github/workflows/update-snyk.yaml
vendored
2
.github/workflows/update-snyk.yaml
vendored
|
|
@ -22,7 +22,7 @@ jobs:
|
|||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
if: ${{ vars.disable_harden_runner != 'true' }}
|
||||
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
|
||||
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
agent-enabled: "false"
|
||||
|
|
|
|||
Loading…
Reference in a new issue