From 695a9dd7b2285f484c72007ae1a55d7522cfc828 Mon Sep 17 00:00:00 2001 From: Roman Zabaluev Date: Tue, 21 Apr 2026 03:00:46 +0800 Subject: [PATCH 1/5] Infra: Bump actions to migrate to node22 --- .github/workflows/backend_tests.yml | 2 +- .github/workflows/branch-deploy.yml | 2 +- .github/workflows/branch-remove.yml | 2 +- .github/workflows/build-public-image.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/cve_checks.yml | 4 ++-- .github/workflows/docker_build.yml | 2 +- .github/workflows/e2e-playwright-run.yml | 6 +++--- .github/workflows/frontend_tests.yml | 6 +++--- .github/workflows/main.yml | 2 +- .github/workflows/md-links.yml | 2 +- .github/workflows/release-serde-api.yml | 2 +- .github/workflows/release.yml | 4 ++-- .github/workflows/separate_env_public_create.yml | 2 +- .github/workflows/workflow_linter.yml | 2 +- 15 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/workflows/backend_tests.yml b/.github/workflows/backend_tests.yml index cf4d11e58..f921034c0 100644 --- a/.github/workflows/backend_tests.yml +++ b/.github/workflows/backend_tests.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/branch-deploy.yml b/.github/workflows/branch-deploy.yml index a16cd10fe..dc98ee599 100644 --- a/.github/workflows/branch-deploy.yml +++ b/.github/workflows/branch-deploy.yml @@ -15,7 +15,7 @@ jobs: if: ${{ github.event.label.name == 'status/feature_testing' || github.event.label.name == 'status/feature_testing_public' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} diff --git a/.github/workflows/branch-remove.yml b/.github/workflows/branch-remove.yml index 5ff9c1afe..b96c0ab39 100644 --- a/.github/workflows/branch-remove.yml +++ b/.github/workflows/branch-remove.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest if: ${{ (github.event.label.name == 'status/feature_testing' || github.event.label.name == 'status/feature_testing_public') || (github.event.action == 'closed' && (contains(github.event.pull_request.labels.*.name, 'status/feature_testing') || contains(github.event.pull_request.labels.*.name, 'status/feature_testing_public'))) }} steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: token: ${{ github.token }} - name: clone diff --git a/.github/workflows/build-public-image.yml b/.github/workflows/build-public-image.yml index e00716dc3..f31806aa8 100644 --- a/.github/workflows/build-public-image.yml +++ b/.github/workflows/build-public-image.yml @@ -15,7 +15,7 @@ jobs: if: ${{ github.event.label.name == 'status/image_testing' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index efd82d589..8cfac8836 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: token: ${{ github.token }} diff --git a/.github/workflows/cve_checks.yml b/.github/workflows/cve_checks.yml index 17e2f641c..fa6a10ba8 100644 --- a/.github/workflows/cve_checks.yml +++ b/.github/workflows/cve_checks.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: token: ${{ github.token }} @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: token: ${{ github.token }} diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml index 6f2fd6897..6f2947a81 100644 --- a/.github/workflows/docker_build.yml +++ b/.github/workflows/docker_build.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} diff --git a/.github/workflows/e2e-playwright-run.yml b/.github/workflows/e2e-playwright-run.yml index b492f3856..fc33d386d 100644 --- a/.github/workflows/e2e-playwright-run.yml +++ b/.github/workflows/e2e-playwright-run.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: token: ${{ github.token }} ref: ${{ inputs.sha }} @@ -51,13 +51,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: token: ${{ github.token }} ref: ${{ inputs.sha }} - name: Set up Node.js - uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # https://github.com/actions/setup-node/releases/tag/v3.9.1 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # https://github.com/actions/setup-node/releases/tag/v4.2.0 with: node-version: 18 cache-dependency-path: ./e2e-playwright/package-lock.json diff --git a/.github/workflows/frontend_tests.yml b/.github/workflows/frontend_tests.yml index d9e79b5ee..37f980010 100644 --- a/.github/workflows/frontend_tests.yml +++ b/.github/workflows/frontend_tests.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # https://github.com/pnpm/action-setup/releases/tag/v4.2.0 with: @@ -47,7 +47,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: fetch-depth: 0 @@ -89,7 +89,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # https://github.com/pnpm/action-setup/releases/tag/v4.2.0 with: diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index de7f22649..fc90e2bb9 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} diff --git a/.github/workflows/md-links.yml b/.github/workflows/md-links.yml index 51925679c..e1d4d9c04 100644 --- a/.github/workflows/md-links.yml +++ b/.github/workflows/md-links.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: token: ${{ github.token }} - name: Check URLs in files diff --git a/.github/workflows/release-serde-api.yml b/.github/workflows/release-serde-api.yml index e3578af9d..f7e66c7df 100644 --- a/.github/workflows/release-serde-api.yml +++ b/.github/workflows/release-serde-api.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: fetch-depth: 0 token: ${{ github.token }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ddf9ba5f5..cef5d32e9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,7 +15,7 @@ jobs: outputs: version: ${{steps.build.outputs.version}} steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} @@ -81,7 +81,7 @@ jobs: needs: release steps: - name: Repository Dispatch - uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # https://github.com/peter-evans/repository-dispatch/releases/tag/v3 + uses: peter-evans/repository-dispatch@ce5485de42c9b2622d2ed064be479e8ed65e76f4 # https://github.com/peter-evans/repository-dispatch/releases/tag/v4.0.0 with: token: ${{ secrets.CHARTS_ACTIONS_TOKEN }} repository: kafbat/helm-charts diff --git a/.github/workflows/separate_env_public_create.yml b/.github/workflows/separate_env_public_create.yml index da44661f8..a35b0bbe6 100644 --- a/.github/workflows/separate_env_public_create.yml +++ b/.github/workflows/separate_env_public_create.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: ref: ${{ github.event.pull_request.head.sha }} token: ${{ github.token }} diff --git a/.github/workflows/workflow_linter.yml b/.github/workflows/workflow_linter.yml index 399534ed5..b81dc9f02 100644 --- a/.github/workflows/workflow_linter.yml +++ b/.github/workflows/workflow_linter.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # https://github.com/actions/checkout/releases/tag/v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # https://github.com/actions/checkout/releases/tag/v4.2.2 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} From afb8e6a3e77dd6ca9045a2fcf086704750217013 Mon Sep 17 00:00:00 2001 From: Roman Zabaluev Date: Tue, 21 Apr 2026 19:56:44 +0800 Subject: [PATCH 2/5] bump others --- .github/workflows/backend_pr.yml | 2 +- .github/workflows/backend_tests.yml | 2 +- .github/workflows/branch-deploy.yml | 6 +++--- .github/workflows/build-public-image.yml | 6 +++--- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/cve_checks.yml | 2 +- .github/workflows/delete-public-image.yml | 4 ++-- .github/workflows/docker_build.yml | 4 ++-- .github/workflows/docker_publish.yml | 6 +++--- .github/workflows/e2e-playwright-run.yml | 8 ++++---- .github/workflows/frontend_pr.yml | 2 +- .github/workflows/frontend_tests.yml | 6 +++--- .github/workflows/main.yml | 4 ++-- .github/workflows/release-serde-api.yml | 2 +- .github/workflows/release.yml | 4 ++-- .github/workflows/separate_env_public_create.yml | 6 +++--- 16 files changed, 33 insertions(+), 33 deletions(-) diff --git a/.github/workflows/backend_pr.yml b/.github/workflows/backend_pr.yml index 39c167785..591d0bca0 100644 --- a/.github/workflows/backend_pr.yml +++ b/.github/workflows/backend_pr.yml @@ -19,7 +19,7 @@ jobs: outputs: backend: ${{ steps.filter.outputs.backend }} steps: - - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # https://github.com/dorny/paths-filter/releases/tag/v3.0.2 + - uses: dorny/paths-filter@7267a8516b6f92bdb098633903c7f4657d1eb4ab # https://github.com/dorny/paths-filter/releases/tag/v3.0.3 id: filter with: filters: | diff --git a/.github/workflows/backend_tests.yml b/.github/workflows/backend_tests.yml index f921034c0..811645ccc 100644 --- a/.github/workflows/backend_tests.yml +++ b/.github/workflows/backend_tests.yml @@ -25,7 +25,7 @@ jobs: fetch-depth: 0 - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # https://github.com/actions/setup-java/releases/tag/v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' diff --git a/.github/workflows/branch-deploy.yml b/.github/workflows/branch-deploy.yml index dc98ee599..4ba9b132c 100644 --- a/.github/workflows/branch-deploy.yml +++ b/.github/workflows/branch-deploy.yml @@ -27,7 +27,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # https://github.com/actions/setup-java/releases/tag/v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -52,14 +52,14 @@ jobs: restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: eu-central-1 - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.0.1 + uses: aws-actions/amazon-ecr-login@5a88a04c91d5c6f97a1f8cae877e99aabe25db5e # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 - name: Build and push id: docker_build_and_push uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # https://github.com/docker/build-push-action/releases/tag/v6.18.0 diff --git a/.github/workflows/build-public-image.yml b/.github/workflows/build-public-image.yml index f31806aa8..ab082cfb7 100644 --- a/.github/workflows/build-public-image.yml +++ b/.github/workflows/build-public-image.yml @@ -25,7 +25,7 @@ jobs: tag='${{ github.event.pull_request.number }}' echo "tag=${tag}" >> $GITHUB_OUTPUT - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # https://github.com/actions/setup-java/releases/tag/v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -50,13 +50,13 @@ jobs: restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 with: aws-region: us-east-1 role-to-assume: ${{ secrets.AWS_ROLE }} - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.0.1 + uses: aws-actions/amazon-ecr-login@5a88a04c91d5c6f97a1f8cae877e99aabe25db5e # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 with: registry-type: 'public' - name: Build and push diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 8cfac8836..43dcc1b97 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -49,7 +49,7 @@ jobs: languages: ${{ matrix.language }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # https://github.com/actions/setup-java/releases/tag/v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' diff --git a/.github/workflows/cve_checks.yml b/.github/workflows/cve_checks.yml index fa6a10ba8..0f0c4c218 100644 --- a/.github/workflows/cve_checks.yml +++ b/.github/workflows/cve_checks.yml @@ -40,7 +40,7 @@ jobs: token: ${{ github.token }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # https://github.com/actions/setup-java/releases/tag/v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' diff --git a/.github/workflows/delete-public-image.yml b/.github/workflows/delete-public-image.yml index 388ec2902..d9d64a3f9 100644 --- a/.github/workflows/delete-public-image.yml +++ b/.github/workflows/delete-public-image.yml @@ -15,14 +15,14 @@ jobs: tag='${{ github.event.pull_request.number }}' echo "tag=${tag}" >> $GITHUB_OUTPUT - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.0.1 + uses: aws-actions/amazon-ecr-login@5a88a04c91d5c6f97a1f8cae877e99aabe25db5e # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 with: registry-type: 'public' - name: Remove from ECR diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml index 6f2947a81..c5979c2cd 100644 --- a/.github/workflows/docker_build.yml +++ b/.github/workflows/docker_build.yml @@ -24,7 +24,7 @@ jobs: token: ${{ github.token }} - name: Download artifacts - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # https://github.com/actions/download-artifact/releases/tag/v4 + uses: actions/download-artifact@d3f86a106a0bea5b636e7a6e63ea32bea3f23689 # https://github.com/actions/download-artifact/releases/tag/v4.1.8 with: name: kafbat-ui-${{ inputs.version }} path: api/build/libs @@ -81,7 +81,7 @@ jobs: docker image save kafka-ui:temp > /tmp/image.tar - name: Upload docker image - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # https://github.com/actions/upload-artifact/releases/tag/v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 with: name: image path: /tmp/image.tar diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 2b86c56a7..f6dbde093 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Download docker image - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # https://github.com/actions/download-artifact/releases/tag/v4 + uses: actions/download-artifact@d3f86a106a0bea5b636e7a6e63ea32bea3f23689 # https://github.com/actions/download-artifact/releases/tag/v4.1.8 with: name: image path: /tmp @@ -63,7 +63,7 @@ jobs: - name: Configure AWS credentials if: matrix.registry == 'ecr' - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 with: aws-region: us-east-1 # This region only for public ECR role-to-assume: ${{ secrets.AWS_ROLE }} @@ -71,7 +71,7 @@ jobs: - name: Login to public ECR if: matrix.registry == 'ecr' id: login-ecr-public - uses: aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.0.1 + uses: aws-actions/amazon-ecr-login@5a88a04c91d5c6f97a1f8cae877e99aabe25db5e # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 with: registry-type: public diff --git a/.github/workflows/e2e-playwright-run.yml b/.github/workflows/e2e-playwright-run.yml index fc33d386d..8624f66a5 100644 --- a/.github/workflows/e2e-playwright-run.yml +++ b/.github/workflows/e2e-playwright-run.yml @@ -23,7 +23,7 @@ jobs: ref: ${{ inputs.sha }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # https://github.com/actions/setup-java/releases/tag/v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -40,7 +40,7 @@ jobs: run: docker image save ghcr.io/kafbat/kafka-ui:latest > /tmp/kafka-ui-e2e-image.tar - name: Upload docker image - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # https://github.com/actions/upload-artifact/releases/tag/v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 with: name: kafka-ui-e2e-image path: /tmp/kafka-ui-e2e-image.tar @@ -84,7 +84,7 @@ jobs: run: npx playwright install --with-deps - name: Download docker image - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # https://github.com/actions/download-artifact/releases/tag/v4 + uses: actions/download-artifact@d3f86a106a0bea5b636e7a6e63ea32bea3f23689 # https://github.com/actions/download-artifact/releases/tag/v4.1.8 with: name: kafka-ui-e2e-image path: /tmp @@ -101,7 +101,7 @@ jobs: - name: Upload report if: failure() - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # https://github.com/actions/upload-artifact/releases/tag/v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 with: name: playwright-results path: ./e2e-playwright/test-results/ diff --git a/.github/workflows/frontend_pr.yml b/.github/workflows/frontend_pr.yml index 49524a450..b628564fe 100644 --- a/.github/workflows/frontend_pr.yml +++ b/.github/workflows/frontend_pr.yml @@ -18,7 +18,7 @@ jobs: outputs: frontend: ${{ steps.filter.outputs.frontend }} steps: - - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # https://github.com/dorny/paths-filter/releases/tag/v3.0.2 + - uses: dorny/paths-filter@7267a8516b6f92bdb098633903c7f4657d1eb4ab # https://github.com/dorny/paths-filter/releases/tag/v3.0.3 id: filter with: filters: | diff --git a/.github/workflows/frontend_tests.yml b/.github/workflows/frontend_tests.yml index 37f980010..59daffd4f 100644 --- a/.github/workflows/frontend_tests.yml +++ b/.github/workflows/frontend_tests.yml @@ -24,7 +24,7 @@ jobs: version: 10.26.1 - name: Install node - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # https://github.com/actions/setup-node/releases/tag/v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # https://github.com/actions/setup-node/releases/tag/v4.2.0 with: node-version: "22.12.0" cache: "pnpm" @@ -56,7 +56,7 @@ jobs: version: 10.26.1 - name: Install node - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # https://github.com/actions/setup-node/releases/tag/v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # https://github.com/actions/setup-node/releases/tag/v4.2.0 with: node-version: "22.12.0" cache: "pnpm" @@ -96,7 +96,7 @@ jobs: version: 10.26.1 - name: Install node - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # https://github.com/actions/setup-node/releases/tag/v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # https://github.com/actions/setup-node/releases/tag/v4.2.0 with: node-version: "22.12.0" cache: "pnpm" diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index fc90e2bb9..1344f1dee 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -26,7 +26,7 @@ jobs: token: ${{ github.token }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # https://github.com/actions/setup-java/releases/tag/v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -43,7 +43,7 @@ jobs: -Pversion=$version - name: Upload jar - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # https://github.com/actions/upload-artifact/releases/tag/v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 with: name: kafbat-ui-${{ steps.build.outputs.version }} path: api/build/libs/api-${{ steps.build.outputs.version }}.jar diff --git a/.github/workflows/release-serde-api.yml b/.github/workflows/release-serde-api.yml index f7e66c7df..0e08699b9 100644 --- a/.github/workflows/release-serde-api.yml +++ b/.github/workflows/release-serde-api.yml @@ -27,7 +27,7 @@ jobs: git config user.email github-actions@github.com - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # https://github.com/actions/setup-java/releases/tag/v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cef5d32e9..6ac33f0f4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -26,7 +26,7 @@ jobs: git config user.email github-actions@github.com - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # https://github.com/actions/setup-java/releases/tag/v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -50,7 +50,7 @@ jobs: tag: ${{ github.event.release.tag_name }} - name: Archive JAR - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # https://github.com/actions/upload-artifact/releases/tag/v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 with: name: kafbat-ui-${{ steps.build.outputs.version }} path: api/build/libs/api-${{ steps.build.outputs.version }}.jar diff --git a/.github/workflows/separate_env_public_create.yml b/.github/workflows/separate_env_public_create.yml index a35b0bbe6..1f2d8ab88 100644 --- a/.github/workflows/separate_env_public_create.yml +++ b/.github/workflows/separate_env_public_create.yml @@ -27,7 +27,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up JDK - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # https://github.com/actions/setup-java/releases/tag/v4 + uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -52,14 +52,14 @@ jobs: restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: eu-central-1 - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.0.1 + uses: aws-actions/amazon-ecr-login@5a88a04c91d5c6f97a1f8cae877e99aabe25db5e # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 - name: Build and push id: docker_build_and_push uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # https://github.com/docker/build-push-action/releases/tag/v6.18.0 From 3b6aa10617520dd49fa47b2e2105b48ac385d4c0 Mon Sep 17 00:00:00 2001 From: Roman Zabaluev Date: Tue, 21 Apr 2026 19:57:43 +0800 Subject: [PATCH 3/5] bump aws --- .github/workflows/branch-deploy.yml | 2 +- .github/workflows/build-public-image.yml | 2 +- .github/workflows/delete-public-image.yml | 2 +- .github/workflows/docker_publish.yml | 2 +- .github/workflows/separate_env_public_create.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/branch-deploy.yml b/.github/workflows/branch-deploy.yml index 4ba9b132c..c5dac19cc 100644 --- a/.github/workflows/branch-deploy.yml +++ b/.github/workflows/branch-deploy.yml @@ -52,7 +52,7 @@ jobs: restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/build-public-image.yml b/.github/workflows/build-public-image.yml index ab082cfb7..1ddac7d0a 100644 --- a/.github/workflows/build-public-image.yml +++ b/.github/workflows/build-public-image.yml @@ -50,7 +50,7 @@ jobs: restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 with: aws-region: us-east-1 role-to-assume: ${{ secrets.AWS_ROLE }} diff --git a/.github/workflows/delete-public-image.yml b/.github/workflows/delete-public-image.yml index d9d64a3f9..4648087c8 100644 --- a/.github/workflows/delete-public-image.yml +++ b/.github/workflows/delete-public-image.yml @@ -15,7 +15,7 @@ jobs: tag='${{ github.event.pull_request.number }}' echo "tag=${tag}" >> $GITHUB_OUTPUT - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index f6dbde093..370a7ec8b 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -63,7 +63,7 @@ jobs: - name: Configure AWS credentials if: matrix.registry == 'ecr' - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 with: aws-region: us-east-1 # This region only for public ECR role-to-assume: ${{ secrets.AWS_ROLE }} diff --git a/.github/workflows/separate_env_public_create.yml b/.github/workflows/separate_env_public_create.yml index 1f2d8ab88..3d43a662b 100644 --- a/.github/workflows/separate_env_public_create.yml +++ b/.github/workflows/separate_env_public_create.yml @@ -52,7 +52,7 @@ jobs: restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4 + uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} From b59743ddb55d0ef8363a7a00545a2ee4c0d852cf Mon Sep 17 00:00:00 2001 From: Roman Zabaluev Date: Thu, 7 May 2026 21:52:31 +0800 Subject: [PATCH 4/5] bump moar --- .github/workflows/backend_pr.yml | 2 +- .github/workflows/backend_tests.yml | 2 +- .github/workflows/branch-deploy.yml | 6 +++--- .github/workflows/build-public-image.yml | 6 +++--- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/cve_checks.yml | 2 +- .github/workflows/delete-public-image.yml | 4 ++-- .github/workflows/docker_build.yml | 4 ++-- .github/workflows/docker_publish.yml | 6 +++--- .github/workflows/e2e-playwright-run.yml | 10 +++++----- .github/workflows/frontend_pr.yml | 2 +- .github/workflows/frontend_tests.yml | 6 +++--- .github/workflows/main.yml | 4 ++-- .github/workflows/release-serde-api.yml | 2 +- .github/workflows/release.yml | 6 +++--- .github/workflows/separate_env_public_create.yml | 6 +++--- 16 files changed, 35 insertions(+), 35 deletions(-) diff --git a/.github/workflows/backend_pr.yml b/.github/workflows/backend_pr.yml index 591d0bca0..f849bdcbe 100644 --- a/.github/workflows/backend_pr.yml +++ b/.github/workflows/backend_pr.yml @@ -19,7 +19,7 @@ jobs: outputs: backend: ${{ steps.filter.outputs.backend }} steps: - - uses: dorny/paths-filter@7267a8516b6f92bdb098633903c7f4657d1eb4ab # https://github.com/dorny/paths-filter/releases/tag/v3.0.3 + - uses: dorny/paths-filter@d1c1ffe0248fe513906c8e24db8ea791d46f8590 # https://github.com/dorny/paths-filter/releases/tag/v3.0.3 id: filter with: filters: | diff --git a/.github/workflows/backend_tests.yml b/.github/workflows/backend_tests.yml index 811645ccc..8fa497955 100644 --- a/.github/workflows/backend_tests.yml +++ b/.github/workflows/backend_tests.yml @@ -25,7 +25,7 @@ jobs: fetch-depth: 0 - name: Set up JDK - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' diff --git a/.github/workflows/branch-deploy.yml b/.github/workflows/branch-deploy.yml index c5dac19cc..558f2eaf6 100644 --- a/.github/workflows/branch-deploy.yml +++ b/.github/workflows/branch-deploy.yml @@ -27,7 +27,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up JDK - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -52,14 +52,14 @@ jobs: restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 + uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: eu-central-1 - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@5a88a04c91d5c6f97a1f8cae877e99aabe25db5e # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 + uses: aws-actions/amazon-ecr-login@c75a9a1d9c6f7cf1e4cfb2966839b590c3d46865 # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 - name: Build and push id: docker_build_and_push uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # https://github.com/docker/build-push-action/releases/tag/v6.18.0 diff --git a/.github/workflows/build-public-image.yml b/.github/workflows/build-public-image.yml index 1ddac7d0a..73478680d 100644 --- a/.github/workflows/build-public-image.yml +++ b/.github/workflows/build-public-image.yml @@ -25,7 +25,7 @@ jobs: tag='${{ github.event.pull_request.number }}' echo "tag=${tag}" >> $GITHUB_OUTPUT - name: Set up JDK - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -50,13 +50,13 @@ jobs: restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 + uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 with: aws-region: us-east-1 role-to-assume: ${{ secrets.AWS_ROLE }} - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@5a88a04c91d5c6f97a1f8cae877e99aabe25db5e # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 + uses: aws-actions/amazon-ecr-login@c75a9a1d9c6f7cf1e4cfb2966839b590c3d46865 # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 with: registry-type: 'public' - name: Build and push diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 43dcc1b97..53e3459c7 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -49,7 +49,7 @@ jobs: languages: ${{ matrix.language }} - name: Set up JDK - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' diff --git a/.github/workflows/cve_checks.yml b/.github/workflows/cve_checks.yml index 0f0c4c218..ea6af20d7 100644 --- a/.github/workflows/cve_checks.yml +++ b/.github/workflows/cve_checks.yml @@ -40,7 +40,7 @@ jobs: token: ${{ github.token }} - name: Set up JDK - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' diff --git a/.github/workflows/delete-public-image.yml b/.github/workflows/delete-public-image.yml index 4648087c8..dcaf6a10a 100644 --- a/.github/workflows/delete-public-image.yml +++ b/.github/workflows/delete-public-image.yml @@ -15,14 +15,14 @@ jobs: tag='${{ github.event.pull_request.number }}' echo "tag=${tag}" >> $GITHUB_OUTPUT - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 + uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@5a88a04c91d5c6f97a1f8cae877e99aabe25db5e # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 + uses: aws-actions/amazon-ecr-login@c75a9a1d9c6f7cf1e4cfb2966839b590c3d46865 # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 with: registry-type: 'public' - name: Remove from ECR diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml index c5979c2cd..ab14fd4ae 100644 --- a/.github/workflows/docker_build.yml +++ b/.github/workflows/docker_build.yml @@ -24,7 +24,7 @@ jobs: token: ${{ github.token }} - name: Download artifacts - uses: actions/download-artifact@d3f86a106a0bea5b636e7a6e63ea32bea3f23689 # https://github.com/actions/download-artifact/releases/tag/v4.1.8 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # https://github.com/actions/download-artifact/releases/tag/v4.1.8 with: name: kafbat-ui-${{ inputs.version }} path: api/build/libs @@ -81,7 +81,7 @@ jobs: docker image save kafka-ui:temp > /tmp/image.tar - name: Upload docker image - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 with: name: image path: /tmp/image.tar diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 370a7ec8b..177792d7d 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Download docker image - uses: actions/download-artifact@d3f86a106a0bea5b636e7a6e63ea32bea3f23689 # https://github.com/actions/download-artifact/releases/tag/v4.1.8 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # https://github.com/actions/download-artifact/releases/tag/v4.1.8 with: name: image path: /tmp @@ -63,7 +63,7 @@ jobs: - name: Configure AWS credentials if: matrix.registry == 'ecr' - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 + uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 with: aws-region: us-east-1 # This region only for public ECR role-to-assume: ${{ secrets.AWS_ROLE }} @@ -71,7 +71,7 @@ jobs: - name: Login to public ECR if: matrix.registry == 'ecr' id: login-ecr-public - uses: aws-actions/amazon-ecr-login@5a88a04c91d5c6f97a1f8cae877e99aabe25db5e # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 + uses: aws-actions/amazon-ecr-login@c75a9a1d9c6f7cf1e4cfb2966839b590c3d46865 # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 with: registry-type: public diff --git a/.github/workflows/e2e-playwright-run.yml b/.github/workflows/e2e-playwright-run.yml index 8624f66a5..0abca0780 100644 --- a/.github/workflows/e2e-playwright-run.yml +++ b/.github/workflows/e2e-playwright-run.yml @@ -23,7 +23,7 @@ jobs: ref: ${{ inputs.sha }} - name: Set up JDK - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -40,7 +40,7 @@ jobs: run: docker image save ghcr.io/kafbat/kafka-ui:latest > /tmp/kafka-ui-e2e-image.tar - name: Upload docker image - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 with: name: kafka-ui-e2e-image path: /tmp/kafka-ui-e2e-image.tar @@ -57,7 +57,7 @@ jobs: ref: ${{ inputs.sha }} - name: Set up Node.js - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # https://github.com/actions/setup-node/releases/tag/v4.2.0 + uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # https://github.com/actions/setup-node/releases/tag/v4.2.0 with: node-version: 18 cache-dependency-path: ./e2e-playwright/package-lock.json @@ -84,7 +84,7 @@ jobs: run: npx playwright install --with-deps - name: Download docker image - uses: actions/download-artifact@d3f86a106a0bea5b636e7a6e63ea32bea3f23689 # https://github.com/actions/download-artifact/releases/tag/v4.1.8 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # https://github.com/actions/download-artifact/releases/tag/v4.1.8 with: name: kafka-ui-e2e-image path: /tmp @@ -101,7 +101,7 @@ jobs: - name: Upload report if: failure() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 with: name: playwright-results path: ./e2e-playwright/test-results/ diff --git a/.github/workflows/frontend_pr.yml b/.github/workflows/frontend_pr.yml index b628564fe..2b76300cf 100644 --- a/.github/workflows/frontend_pr.yml +++ b/.github/workflows/frontend_pr.yml @@ -18,7 +18,7 @@ jobs: outputs: frontend: ${{ steps.filter.outputs.frontend }} steps: - - uses: dorny/paths-filter@7267a8516b6f92bdb098633903c7f4657d1eb4ab # https://github.com/dorny/paths-filter/releases/tag/v3.0.3 + - uses: dorny/paths-filter@d1c1ffe0248fe513906c8e24db8ea791d46f8590 # https://github.com/dorny/paths-filter/releases/tag/v3.0.3 id: filter with: filters: | diff --git a/.github/workflows/frontend_tests.yml b/.github/workflows/frontend_tests.yml index 59daffd4f..b63fe930c 100644 --- a/.github/workflows/frontend_tests.yml +++ b/.github/workflows/frontend_tests.yml @@ -24,7 +24,7 @@ jobs: version: 10.26.1 - name: Install node - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # https://github.com/actions/setup-node/releases/tag/v4.2.0 + uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # https://github.com/actions/setup-node/releases/tag/v4.2.0 with: node-version: "22.12.0" cache: "pnpm" @@ -56,7 +56,7 @@ jobs: version: 10.26.1 - name: Install node - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # https://github.com/actions/setup-node/releases/tag/v4.2.0 + uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # https://github.com/actions/setup-node/releases/tag/v4.2.0 with: node-version: "22.12.0" cache: "pnpm" @@ -96,7 +96,7 @@ jobs: version: 10.26.1 - name: Install node - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # https://github.com/actions/setup-node/releases/tag/v4.2.0 + uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # https://github.com/actions/setup-node/releases/tag/v4.2.0 with: node-version: "22.12.0" cache: "pnpm" diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1344f1dee..9f9efa342 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -26,7 +26,7 @@ jobs: token: ${{ github.token }} - name: Set up JDK - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -43,7 +43,7 @@ jobs: -Pversion=$version - name: Upload jar - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 with: name: kafbat-ui-${{ steps.build.outputs.version }} path: api/build/libs/api-${{ steps.build.outputs.version }}.jar diff --git a/.github/workflows/release-serde-api.yml b/.github/workflows/release-serde-api.yml index 0e08699b9..28a8f7eea 100644 --- a/.github/workflows/release-serde-api.yml +++ b/.github/workflows/release-serde-api.yml @@ -27,7 +27,7 @@ jobs: git config user.email github-actions@github.com - name: Set up JDK - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6ac33f0f4..cf6b9cbf2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -26,7 +26,7 @@ jobs: git config user.email github-actions@github.com - name: Set up JDK - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -50,7 +50,7 @@ jobs: tag: ${{ github.event.release.tag_name }} - name: Archive JAR - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # https://github.com/actions/upload-artifact/releases/tag/v4.6.0 with: name: kafbat-ui-${{ steps.build.outputs.version }} path: api/build/libs/api-${{ steps.build.outputs.version }}.jar @@ -81,7 +81,7 @@ jobs: needs: release steps: - name: Repository Dispatch - uses: peter-evans/repository-dispatch@ce5485de42c9b2622d2ed064be479e8ed65e76f4 # https://github.com/peter-evans/repository-dispatch/releases/tag/v4.0.0 + uses: peter-evans/repository-dispatch@5fc4efd1a4797ddb68ffd0714a238564e4cc0e6f # https://github.com/peter-evans/repository-dispatch/releases/tag/v4.0.0 with: token: ${{ secrets.CHARTS_ACTIONS_TOKEN }} repository: kafbat/helm-charts diff --git a/.github/workflows/separate_env_public_create.yml b/.github/workflows/separate_env_public_create.yml index 3d43a662b..25d1f011f 100644 --- a/.github/workflows/separate_env_public_create.yml +++ b/.github/workflows/separate_env_public_create.yml @@ -27,7 +27,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up JDK - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # https://github.com/actions/setup-java/releases/tag/v4.6.0 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # https://github.com/actions/setup-java/releases/tag/v4.6.0 with: java-version-file: '.java-version' distribution: 'zulu' @@ -52,14 +52,14 @@ jobs: restore-keys: | ${{ runner.os }}-buildx- - name: Configure AWS credentials for Kafka-UI account - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 + uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.1.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: eu-central-1 - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@5a88a04c91d5c6f97a1f8cae877e99aabe25db5e # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 + uses: aws-actions/amazon-ecr-login@c75a9a1d9c6f7cf1e4cfb2966839b590c3d46865 # https://github.com/aws-actions/amazon-ecr-login/releases/tag/v2.1.0 - name: Build and push id: docker_build_and_push uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # https://github.com/docker/build-push-action/releases/tag/v6.18.0 From 85f5f56af0f99fb6e93ee96bd945035ddb3cb9f6 Mon Sep 17 00:00:00 2001 From: Roman Zabaluev Date: Fri, 8 May 2026 01:59:58 +0800 Subject: [PATCH 5/5] review fixes --- .github/workflows/branch-deploy.yml | 2 +- .github/workflows/build-public-image.yml | 2 +- .github/workflows/cve_checks.yml | 2 +- .github/workflows/docker_build.yml | 2 +- .github/workflows/e2e-playwright-run.yml | 4 ++-- .github/workflows/separate_env_public_create.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/branch-deploy.yml b/.github/workflows/branch-deploy.yml index 558f2eaf6..118842049 100644 --- a/.github/workflows/branch-deploy.yml +++ b/.github/workflows/branch-deploy.yml @@ -45,7 +45,7 @@ jobs: id: buildx uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # https://github.com/docker/setup-buildx-action/releases/tag/v3.11.1 - name: Cache Docker layers - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # https://github.com/actions/cache/releases/tag/v4.3.0 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # https://github.com/actions/cache/releases/tag/v4.3.0 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} diff --git a/.github/workflows/build-public-image.yml b/.github/workflows/build-public-image.yml index 73478680d..8e9745bae 100644 --- a/.github/workflows/build-public-image.yml +++ b/.github/workflows/build-public-image.yml @@ -43,7 +43,7 @@ jobs: id: buildx uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # https://github.com/docker/setup-buildx-action/releases/tag/v3.11.1 - name: Cache Docker layers - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # https://github.com/actions/cache/releases/tag/v4.3.0 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # https://github.com/actions/cache/releases/tag/v4.3.0 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} diff --git a/.github/workflows/cve_checks.yml b/.github/workflows/cve_checks.yml index ea6af20d7..7bded95f9 100644 --- a/.github/workflows/cve_checks.yml +++ b/.github/workflows/cve_checks.yml @@ -62,7 +62,7 @@ jobs: uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # https://github.com/docker/setup-buildx-action/releases/tag/v3.11.1 - name: Cache Docker layers - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # https://github.com/actions/cache/releases/tag/v4.3.0 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # https://github.com/actions/cache/releases/tag/v4.3.0 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml index ab14fd4ae..b3acc710d 100644 --- a/.github/workflows/docker_build.yml +++ b/.github/workflows/docker_build.yml @@ -37,7 +37,7 @@ jobs: uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # https://github.com/docker/setup-buildx-action/releases/tag/v3.11.1 - name: Cache Docker layers - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # https://github.com/actions/cache/releases/tag/v4.3.0 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # https://github.com/actions/cache/releases/tag/v4.3.0 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ inputs.sha }} diff --git a/.github/workflows/e2e-playwright-run.yml b/.github/workflows/e2e-playwright-run.yml index 0abca0780..52d68676b 100644 --- a/.github/workflows/e2e-playwright-run.yml +++ b/.github/workflows/e2e-playwright-run.yml @@ -59,7 +59,7 @@ jobs: - name: Set up Node.js uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # https://github.com/actions/setup-node/releases/tag/v4.2.0 with: - node-version: 18 + node-version: "22.12.0" cache-dependency-path: ./e2e-playwright/package-lock.json cache: 'npm' @@ -68,7 +68,7 @@ jobs: run: npm install - name: Cache Playwright browser binaries - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # https://github.com/actions/cache/releases/tag/v4.3.0 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # https://github.com/actions/cache/releases/tag/v4.3.0 id: playwright-cache with: path: ~/.cache/ms-playwright diff --git a/.github/workflows/separate_env_public_create.yml b/.github/workflows/separate_env_public_create.yml index 25d1f011f..c524ad5c6 100644 --- a/.github/workflows/separate_env_public_create.yml +++ b/.github/workflows/separate_env_public_create.yml @@ -45,7 +45,7 @@ jobs: id: buildx uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # https://github.com/docker/setup-buildx-action/releases/tag/v3.11.1 - name: Cache Docker layers - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # https://github.com/actions/cache/releases/tag/v4.3.0 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # https://github.com/actions/cache/releases/tag/v4.3.0 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }}