From cac6476bc0f49e5cc7832cbbc872c3a17829065b Mon Sep 17 00:00:00 2001 From: Renovate Date: Wed, 11 Sep 2024 06:08:15 +0000 Subject: [PATCH] chore(deps): Update step-security/harden-runner action to v2.10.1 Signed-off-by: Renovate --- .github/workflows/ansible-lint.yml | 2 +- .github/workflows/commitlint.yml | 2 +- .github/workflows/container_image_retention.yml | 4 ++-- .github/workflows/dependency_review.yml | 2 +- .github/workflows/docs_image.yml | 4 ++-- .github/workflows/github_pages.yml | 4 ++-- .github/workflows/gitleaks.yml | 2 +- .github/workflows/hadolint.yml | 2 +- .github/workflows/kics.yml | 2 +- .github/workflows/markdown-link-check.yml | 2 +- .github/workflows/markdownlint.yml | 2 +- .github/workflows/molecule_certified_ees.yml | 4 ++-- .github/workflows/pre-commit.yml | 2 +- .github/workflows/purge_caches.yml | 4 ++-- .github/workflows/pyspelling.yml | 2 +- .github/workflows/release.yml | 4 ++-- .github/workflows/renovate.yml | 6 +++--- .github/workflows/renovate_configuration_check.yml | 2 +- .github/workflows/scorecard.yml | 4 ++-- .github/workflows/trivy.yml | 2 +- .github/workflows/wf_call_molecule_certified_ees.yml | 2 +- 21 files changed, 30 insertions(+), 30 deletions(-) diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml index b5d21bff..fedf4df5 100644 --- a/.github/workflows/ansible-lint.yml +++ b/.github/workflows/ansible-lint.yml @@ -32,7 +32,7 @@ jobs: contents: 'read' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: disable-sudo: true egress-policy: 'block' diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml index 0736c180..07d4aae6 100644 --- a/.github/workflows/commitlint.yml +++ b/.github/workflows/commitlint.yml @@ -14,7 +14,7 @@ jobs: contents: 'read' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' allowed-endpoints: > diff --git a/.github/workflows/container_image_retention.yml b/.github/workflows/container_image_retention.yml index 4755b63d..c97b12d4 100644 --- a/.github/workflows/container_image_retention.yml +++ b/.github/workflows/container_image_retention.yml @@ -41,7 +41,7 @@ jobs: require-result: '${{ steps.check-access.outputs.require-result }}' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' allowed-endpoints: > @@ -180,7 +180,7 @@ jobs: packages: 'write' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: disable-sudo: true egress-policy: 'block' diff --git a/.github/workflows/dependency_review.yml b/.github/workflows/dependency_review.yml index 5b0f8ab9..88e79a25 100644 --- a/.github/workflows/dependency_review.yml +++ b/.github/workflows/dependency_review.yml @@ -17,7 +17,7 @@ jobs: pull-requests: 'write' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: disable-sudo: true egress-policy: 'block' diff --git a/.github/workflows/docs_image.yml b/.github/workflows/docs_image.yml index 39e7df8c..c22167b9 100644 --- a/.github/workflows/docs_image.yml +++ b/.github/workflows/docs_image.yml @@ -45,7 +45,7 @@ jobs: require-result: '${{ steps.check-access.outputs.require-result }}' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' allowed-endpoints: > @@ -190,7 +190,7 @@ jobs: security-events: 'write' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' allowed-endpoints: > diff --git a/.github/workflows/github_pages.yml b/.github/workflows/github_pages.yml index 4b63b51e..4136c620 100644 --- a/.github/workflows/github_pages.yml +++ b/.github/workflows/github_pages.yml @@ -45,7 +45,7 @@ jobs: runs-on: 'ubuntu-22.04' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' allowed-endpoints: > @@ -124,7 +124,7 @@ jobs: url: '${{ steps.pages-info.outputs.page_url }}' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' allowed-endpoints: > diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index d66ac5f7..bc4286ed 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -18,7 +18,7 @@ jobs: contents: 'read' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' disable-sudo: true diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml index 97872fb2..ce4f4995 100644 --- a/.github/workflows/hadolint.yml +++ b/.github/workflows/hadolint.yml @@ -20,7 +20,7 @@ jobs: contents: 'read' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' disable-sudo: true diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 9eee8e98..0b32f83e 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -37,7 +37,7 @@ jobs: steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' disable-sudo: true diff --git a/.github/workflows/markdown-link-check.yml b/.github/workflows/markdown-link-check.yml index a7d3b0d1..61e90d8b 100644 --- a/.github/workflows/markdown-link-check.yml +++ b/.github/workflows/markdown-link-check.yml @@ -21,7 +21,7 @@ jobs: contents: 'read' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'audit' disable-sudo: true diff --git a/.github/workflows/markdownlint.yml b/.github/workflows/markdownlint.yml index 041c8b00..e0286667 100644 --- a/.github/workflows/markdownlint.yml +++ b/.github/workflows/markdownlint.yml @@ -21,7 +21,7 @@ jobs: contents: 'read' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' disable-sudo: true diff --git a/.github/workflows/molecule_certified_ees.yml b/.github/workflows/molecule_certified_ees.yml index 94ec40bf..9bce1a7d 100644 --- a/.github/workflows/molecule_certified_ees.yml +++ b/.github/workflows/molecule_certified_ees.yml @@ -106,7 +106,7 @@ jobs: secrets-defined: '${{ steps.secret-check.outputs.secrets-defined }}' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: disable-sudo: true egress-policy: 'block' @@ -149,7 +149,7 @@ jobs: repo-cache: '${{ steps.cache-check.outputs.repo-cache }}' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: disable-sudo: true egress-policy: 'block' diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 4c7b5a0f..5fe9b50b 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -54,7 +54,7 @@ jobs: runs-on: 'ubuntu-22.04' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'audit' diff --git a/.github/workflows/purge_caches.yml b/.github/workflows/purge_caches.yml index 6fe358d6..95862bb4 100644 --- a/.github/workflows/purge_caches.yml +++ b/.github/workflows/purge_caches.yml @@ -30,7 +30,7 @@ jobs: require-result: '${{ steps.check-access.outputs.require-result }}' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' allowed-endpoints: > @@ -76,7 +76,7 @@ jobs: actions: 'write' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: disable-sudo: true egress-policy: 'block' diff --git a/.github/workflows/pyspelling.yml b/.github/workflows/pyspelling.yml index 1643942a..e1a1dfb8 100644 --- a/.github/workflows/pyspelling.yml +++ b/.github/workflows/pyspelling.yml @@ -18,7 +18,7 @@ jobs: contents: 'read' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' disable-sudo: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index edd5bb08..53cc0244 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,7 @@ jobs: secrets-defined: '${{ steps.secret-check.outputs.secrets-defined }}' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: disable-sudo: true egress-policy: 'block' @@ -70,7 +70,7 @@ jobs: pull-requests: 'write' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' disable-sudo: true diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 60f8ca35..8abf9671 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -76,7 +76,7 @@ jobs: secrets-defined: '${{ steps.secret-check.outputs.secrets-defined }}' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: disable-sudo: true egress-policy: 'block' @@ -121,7 +121,7 @@ jobs: require-result: '${{ steps.check-access.outputs.require-result }}' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' allowed-endpoints: > @@ -167,7 +167,7 @@ jobs: pull-requests: 'write' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' allowed-endpoints: > diff --git a/.github/workflows/renovate_configuration_check.yml b/.github/workflows/renovate_configuration_check.yml index 4c21380e..346ce0e2 100644 --- a/.github/workflows/renovate_configuration_check.yml +++ b/.github/workflows/renovate_configuration_check.yml @@ -29,7 +29,7 @@ jobs: contents: 'read' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: disable-sudo: true egress-policy: 'block' diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index e92d54d9..268456dd 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -30,7 +30,7 @@ jobs: secrets-defined: '${{ steps.secret-check.outputs.secrets-defined }}' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: disable-sudo: true egress-policy: 'block' @@ -70,7 +70,7 @@ jobs: steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' disable-sudo: true diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 4f9b5a78..6b14cfaa 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -32,7 +32,7 @@ jobs: steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: disable-sudo: true egress-policy: 'block' diff --git a/.github/workflows/wf_call_molecule_certified_ees.yml b/.github/workflows/wf_call_molecule_certified_ees.yml index a57a649d..3b598b64 100644 --- a/.github/workflows/wf_call_molecule_certified_ees.yml +++ b/.github/workflows/wf_call_molecule_certified_ees.yml @@ -52,7 +52,7 @@ jobs: require-result: '${{ steps.check-access.outputs.require-result }}' steps: - name: 'Harden Runner' - uses: 'step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858' # v2.10.0 + uses: 'step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7' # v2.10.1 with: egress-policy: 'block' allowed-endpoints: >