Bump the github-actions-updates group with 3 updates (#31094)

Bumps the github-actions-updates group with 3 updates: [docker/build-push-action](https://github.com/docker/build-push-action), [github/codeql-action](https://github.com/github/codeql-action) and [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials). Updates `docker/build-push-action` from 6.16.0 to 6.17.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](14487ce63c...1dc7386353) Updates `github/codeql-action` from 3.28.17 to 3.28.18 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](60168efe1c...ff0a06e83c) Updates `aws-actions/configure-aws-credentials` from 4.2.0 to 4.2.1 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](f24d7193d9...b475783126) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-version: 6.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: github/codeql-action dependency-version: 3.28.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: aws-actions/configure-aws-credentials dependency-version: 4.2.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-26 00:33:23 -04:00 · 2025-05-19 14:29:58 +03:00 · 2025-05-19 14:29:58 +03:00 · 51c0908d7d
commit 51c0908d7d
parent f54d5b41c1
5 changed files with 7 additions and 7 deletions
--- a/.github/workflows/build-opensearch-image.yml
+++ b/.github/workflows/build-opensearch-image.yml
@ -22,7 +22,7 @@ jobs:
          password: ${{ secrets.DOCKERHUB_DEV_TOKEN }}

      - name: opensearch/build-and-push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        uses: docker/build-push-action@1dc73863535b631f98b2378be8619f83b136f4a0 # v6.17.0
        with:
          provenance: false
          file: server/build/Dockerfile.opensearch
--- a/.github/workflows/build-server-image.yml
+++ b/.github/workflows/build-server-image.yml
@ -27,7 +27,7 @@ jobs:
          password: ${{ secrets.DOCKERHUB_DEV_TOKEN }}

      - name: buildenv/build-and-push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        uses: docker/build-push-action@1dc73863535b631f98b2378be8619f83b136f4a0 # v6.17.0
        with:
          provenance: false
          file: server/build/Dockerfile.buildenv
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -29,14 +29,14 @@ jobs:

      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17
+        uses: github/codeql-action/init@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
        with:
          languages: ${{ matrix.language }}
          debug: false
          config-file: ./.github/codeql/codeql-config.yml

      - name: Build JavaScript
-        uses: github/codeql-action/autobuild@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17
+        uses: github/codeql-action/autobuild@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
        if: ${{ matrix.language  == 'javascript' }}

      - name: Setup go
@ -54,4 +54,4 @@ jobs:

      # Perform Analysis
      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17
+        uses: github/codeql-action/analyze@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@ -56,6 +56,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v2.27.0
+        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v2.27.0
        with:
          sarif_file: results.sarif
--- a/.github/workflows/server-ci-artifacts.yml
+++ b/.github/workflows/server-ci-artifacts.yml
@ -33,7 +33,7 @@ jobs:
      - update-initial-status
    steps:
      - name: cd/configure-aws-credentials
-        uses: aws-actions/configure-aws-credentials@f24d7193d98baebaeacc7e2227925dd47cc267f5 # v4.2.0
+        uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # v4.2.1
        with:
          aws-region: us-east-1
          aws-access-key-id: ${{ secrets.PR_BUILDS_BUCKET_AWS_ACCESS_KEY_ID }}