Update github-actions to 5.8.2

.github/dependabot.yaml

@@ -8,6 +8,38 @@ updates:
 
   # Maintain dependencies for GitHub Actions
   - package-ecosystem: "github-actions"
-    directory: "/"
+    directories:
+      - "/"
+      - "/actionlint"
+      - "/append_report"
+      - "/begin_report"
+      - "/build_docker"
+      - "/clean_cache"
+      - "/composer_merge"
+      - "/consolidate_artifacts"
+      - "/generate_report"
+      - "/load_cached_testplan"
+      - "/prepare_shop"
+      - "/run_custom_scripts"
+      - "/run_test_script"
+      - "/sonarcloud"
+      - "/start_shop"
+      - "/stop_shop"
+      - "/yamllint"
     schedule:
-      interval: "daily"
+      interval: "weekly"
+      day: "monday"
+    cooldown:
+      semver-major-days: 7
+    groups:
+      major-updates:
+        applies-to: version-updates
+        patterns:
+          - "*"
+        update-types:
+          - "major"
+        group-by: dependency-name
+    ignore:
+      # v2 is a full API rewrite with multiple breaking changes, not ready
+      - dependency-name: "slackapi/slack-github-action"
+        update-types: ["version-update:semver-major"]

.github/workflows/dispatch-release.yaml

@@ -96,7 +96,7 @@ jobs:
 
       - name: 'Generate a token'
         id: generate_token
-        uses: 'actions/create-github-app-token@v2'
+        uses: 'actions/create-github-app-token@v3'
         with:
           app-id: ${{ secrets.ACTIONS_RELEASE_APP_ID }}
           private-key: ${{ secrets.ACTIONS_RELEASE_APP_PRIVATE_KEY }}

.github/workflows/universal_workflow_light.yaml

@@ -126,7 +126,7 @@ jobs:
 
       - name: 'Load Testplan'
         id: ltp
-        uses: 'joernott/load_testplan@v1'
+        uses: 'joernott/load_testplan@v2.0.0'
         with:
           files: '${{ steps.consolidate_plans.outputs.testplan }}'
           set_output: true
@@ -295,7 +295,7 @@ jobs:
 
       - name: 'Load Testplan'
         id: iltp
-        uses: 'joernott/load_testplan@v1'
+        uses: 'joernott/load_testplan@v2.0.0'
         with:
           files: '${{steps.itn.outputs.testplan}}'
           set_output: true
@@ -344,7 +344,7 @@ jobs:
       - name: 'Run composer for each module'
         shell: bash
         run: |
-          git clone --depth=1 --quiet --branch v1 https://github.com/joernott/load_testplan.git load_testplan
+          git clone --depth=1 --quiet --branch v2.0.0 https://github.com/joernott/load_testplan.git load_testplan
           LOAD_TESTPLAN=$(find ./load_testplan -iname 'main-linux-amd64-*')
           chmod a+x "${LOAD_TESTPLAN}"
           PREFIXES=$(echo '${{steps.iltp.outputs.runscript_matrix_script}}'|tr ',' '\n'|tr -d '[]" '|sed -e 's|-|_|g' -e 's|:.*||'|sort|uniq)
@@ -622,7 +622,7 @@ jobs:
 
       - name: 'Upload configuration artifacts'
         if: always()
-        uses: 'actions/upload-artifact@v6'
+        uses: 'actions/upload-artifact@v7'
         with:
           name: '${{ steps.iltp.outputs.install_output_artifact_prefix }}-${{steps.itn.outputs.matrix_suffix}}'
           path: |-
@@ -734,7 +734,7 @@ jobs:
 
       - name: 'Load Testplan'
         id: rsltp
-        uses: 'joernott/load_testplan@v1'
+        uses: 'joernott/load_testplan@v2.0.0'
         with:
           files: '${{steps.rstn.outputs.testplan}}'
           set_output: true
@@ -888,7 +888,7 @@ jobs:
 
       - name: 'Upload coverage report'
         if: ${{ always() && steps.rt.outputs.runscript_coverage_prefix != '' }}
-        uses: 'actions/upload-artifact@v6'
+        uses: 'actions/upload-artifact@v7'
         with:
           name: ${{ steps.rt.outputs.runscript_coverage_prefix}}-${{steps.rt.outputs.runscript_suffix }}
           path: source/${{ steps.rt.outputs.runscript_path }}/tests/Reports/*
@@ -949,7 +949,7 @@ jobs:
 
       - name: 'Load Testplan'
         id: rsltp
-        uses: 'joernott/load_testplan@v1'
+        uses: 'joernott/load_testplan@v2.0.0'
         with:
           files: '${{steps.rstn.outputs.testplan}}'
           set_output: true
@@ -1092,7 +1092,7 @@ jobs:
 
       - name: 'Upload coverage report'
         if: ${{ always() && steps.rt.outputs.runslim_coverage_prefix != '' }}
-        uses: 'actions/upload-artifact@v6'
+        uses: 'actions/upload-artifact@v7'
         with:
           name: ${{ steps.rt.outputs.runslim_coverage_prefix}}-${{steps.rt.outputs.runslim_suffix }}
           path: source/${{ steps.rt.outputs.runslim_path }}/tests/Reports/*
@@ -1163,7 +1163,7 @@ jobs:
       - name: 'Load Testplan'
         id: sonarcloud_testplan
         if: ${{ env.SONAR_TOKEN != '' }}
-        uses: 'joernott/load_testplan@v1'
+        uses: 'joernott/load_testplan@v2.0.0'
         with:
           files: '${{steps.sonarcloud_testplan_name.outputs.testplan}}'
           set_output: true
@@ -1186,7 +1186,7 @@ jobs:
         env:
           DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
         if: ${{ steps.sonarcloud_testplan.outputs.sonarcloud_docker_login == 'true' && env.DOCKER_HUB_USER != '' }}
-        uses: 'docker/login-action@v3'
+        uses: 'docker/login-action@v4'
         with:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_TOKEN }}

actionlint/action.yaml

@@ -28,7 +28,7 @@ runs:
   steps:
     - name: 'Checkout'
       id: checkout
-      uses: 'actions/checkout@v4'
+      uses: 'actions/checkout@v6'
 
     - name: 'Generate custom config'
       id: generate_custom_config
@@ -78,7 +78,7 @@ runs:
 
     - name: 'Upload artifact'
       if: always()
-      uses: 'actions/upload-artifact@v4'
+      uses: 'actions/upload-artifact@v7'
       with:
         name: '${{ inputs.output_artifact }}'
         include-hidden-files: true

append_report/action.yaml

@@ -153,7 +153,7 @@ runs:
 
     - name: 'Upload Artifacts'
       if: always()
-      uses: 'actions/upload-artifact@v4'
+      uses: 'actions/upload-artifact@v7'
       with:
         name: '${{ steps.safe_title.outputs.title }}'
         path: |

begin_report/action.yaml

@@ -176,7 +176,7 @@ runs:
 
     - name: 'Upload Artifacts'
       if: always()
-      uses: 'actions/upload-artifact@v4'
+      uses: 'actions/upload-artifact@v7'
       with:
         name: 'testplan-${{inputs.prefix}}-000_header'
         path: |

build_docker/action.yaml

@@ -37,23 +37,23 @@ runs:
   using: "composite"
   steps:
     - name: 'Checkout repository'
-      uses: 'actions/checkout@v4'
+      uses: 'actions/checkout@v6'
 
     - name: 'Set up QEMU'
-      uses: 'docker/setup-qemu-action@v3'
+      uses: 'docker/setup-qemu-action@v4'
 
     - name: 'Set up Docker Buildx'
-      uses: 'docker/setup-buildx-action@v3'
+      uses: 'docker/setup-buildx-action@v4'
 
     - name: 'Log into Docker Hub'
       if: ${{ github.event_name != 'pull_request' && inputs.dockerhub_username != '' }}
-      uses: 'docker/login-action@v3'
+      uses: 'docker/login-action@v4'
       with:
         username: ${{ inputs.dockerhub_username }}
         password: ${{ inputs.dockerhub_password }}
 
     - name: 'Build and push'
-      uses: 'docker/build-push-action@v5'
+      uses: 'docker/build-push-action@v7'
       with:
         context: ${{ inputs.image_name }}
         file: ${{ inputs.image_name }}/Dockerfile

composer_merge/action.yaml

@@ -82,7 +82,7 @@ runs:
         cat .composer_merge.tmp.json
 
     - name: 'Merge files'
-      uses: 'joernott/load_testplan@v1'
+      uses: 'joernott/load_testplan@v2.0.0'
       with:
         files: '${{ inputs.file }},.composer_merge.tmp.json'
         input_type: 'json'

consolidate_artifacts/action.yaml

@@ -28,13 +28,13 @@ runs:
 
     - name: 'Download consolidated artifact'
       if: ${{ steps.check_consolidated.outputs.exists == 'true' }}
-      uses: 'actions/download-artifact@v4'
+      uses: 'actions/download-artifact@v8'
       with:
         name: '${{ inputs.target }}'
         path: ${{ inputs.path }}
 
     - name: 'Download artifacts'
-      uses: 'actions/download-artifact@v4'
+      uses: 'actions/download-artifact@v8'
       with:
         pattern: '${{ inputs.pattern }}'
         merge-multiple: true
@@ -47,7 +47,7 @@ runs:
         name: '${{ inputs.target }}'
 
     - name: 'Upload consolidated artifact'
-      uses: 'actions/upload-artifact@v4'
+      uses: 'actions/upload-artifact@v7'
       with:
         name: '${{ inputs.target }}'
         path: ${{ inputs.path }}

load_cached_testplan/action.yaml

@@ -92,7 +92,7 @@ runs:
     - name: 'Load cached testplan from GitHub'
       if: ${{ inputs.runs_on == '"ubuntu-latest"'}}
       id: load_testplan_cache_gh
-      uses: 'actions/cache/restore@v4'
+      uses: 'actions/cache/restore@v5'
       with:
         path: |
           ${{ inputs.plan_folder}}/*

prepare_shop/action.yaml

@@ -283,7 +283,7 @@ runs:
 
     - name: 'Login to Docker Hub'
       if: ${{ inputs.docker_login == 'true' && inputs.docker_user != '' }}
-      uses: 'docker/login-action@v3'
+      uses: 'docker/login-action@v4'
       with:
         username: ${{ inputs.docker_user }}
         password: ${{ inputs.docker_token }}

run_test_script/action.yaml

@@ -164,7 +164,7 @@ runs:
 
     - name: 'Upload artifact'
       if: always()
-      uses: 'actions/upload-artifact@v4'
+      uses: 'actions/upload-artifact@v7'
       with:
         name: '${{ inputs.output_artifact }}'
         path: |

sonarcloud/action.yaml

@@ -81,7 +81,7 @@ runs:
   using: "composite"
   steps:
     - name: 'Download artifacts'
-      uses: 'actions/download-artifact@v4'
+      uses: 'actions/download-artifact@v8'
       with:
         pattern: '${{ inputs.coverage_artifact }}'
         merge-multiple: true
@@ -132,7 +132,7 @@ runs:
         fi
 
     - name: 'Upload consolidated artifact'
-      uses: 'actions/upload-artifact@v4'
+      uses: 'actions/upload-artifact@v7'
       with:
         name: '${{ inputs.output_artifact }}'
         path: 'coverage-reports'
@@ -166,7 +166,7 @@ runs:
         cat >debug/debug.sh <<EODS
           banner "sonarcloud: Debug sonarcloud Scan (simulated)"
           cat <<'EOF'
-          # would call SonarSource/sonarqube-scan-action@v6
+          # would call SonarSource/sonarqube-scan-action@v7
           -Dsonar.organization=${{ inputs.sonarcloud_organization }}
           -Dsonar.projectKey=${{ inputs.sonarcloud_project_key }}
           -Dsonar.projectName=${{ inputs.sonarcloud_project_name }}
@@ -180,7 +180,7 @@ runs:
         EODS
 
     - name: 'SonarCloud Scan'
-      uses: 'SonarSource/sonarqube-scan-action@v6'
+      uses: 'SonarSource/sonarqube-scan-action@v7'
       env:
         SONAR_TOKEN: ${{ inputs.sonar_token }}
         GITHUB_TOKEN: ${{ inputs.github_token }}

start_shop/action.yaml

@@ -83,7 +83,7 @@ runs:
     - name: 'Load cached testplan from GitHub'
       if: ${{ inputs.runs_on == '"ubuntu-latest"'}}
       id: load_installed_shop_gh
-      uses: 'actions/cache/restore@v4'
+      uses: 'actions/cache/restore@v5'
       with:
         path: |
           ./*
@@ -109,7 +109,7 @@ runs:
 
     - name: 'Login to Docker Hub'
       if: ${{ inputs.docker_login == 'true' && inputs.docker_user != '' }}
-      uses: 'docker/login-action@v3'
+      uses: 'docker/login-action@v4'
       with:
         username: ${{ inputs.docker_user }}
         password: ${{ inputs.docker_token }}