From 4f8c0c9984b130ffa3ce0537977dc09a08281782 Mon Sep 17 00:00:00 2001
From: "hashicorp-tsccr[bot]"
 <129506189+hashicorp-tsccr[bot]@users.noreply.github.com>
Date: Tue, 13 Aug 2024 10:39:04 +0200
Subject: [PATCH] chore(deps): pin trusted workflows based on HashiCorp TSCCR
 (#3700)

Bumping GitHub Actions version to latest TSCCR release.

* changes in `.github/workflows/docker.yml`
- bump `docker/setup-buildx-action` from `v3.5.0` to `v3.6.1` ([release
notes](https://github.com/docker/setup-buildx-action/releases/tag/v3.6.1))
* changes in `.github/workflows/integration.yml`
- bump `actions/upload-artifact` from `v4.3.4` to `v4.3.5` ([release
notes](https://github.com/actions/upload-artifact/releases/tag/v4.3.5))
- bump `actions/upload-artifact` from `v4.3.4` to `v4.3.5` ([release
notes](https://github.com/actions/upload-artifact/releases/tag/v4.3.5))
* changes in `.github/workflows/provider-integration.yml`
- bump `actions/upload-artifact` from `v4.3.4` to `v4.3.5` ([release
notes](https://github.com/actions/upload-artifact/releases/tag/v4.3.5))
* changes in `.github/workflows/release.yml`
- bump `actions/upload-artifact` from `v4.3.4` to `v4.3.5` ([release
notes](https://github.com/actions/upload-artifact/releases/tag/v4.3.5))
- bump `actions/upload-artifact` from `v4.3.4` to `v4.3.5` ([release
notes](https://github.com/actions/upload-artifact/releases/tag/v4.3.5))
* changes in `.github/workflows/release_next.yml`
- bump `actions/upload-artifact` from `v4.3.4` to `v4.3.5` ([release
notes](https://github.com/actions/upload-artifact/releases/tag/v4.3.5))
- bump `actions/upload-artifact` from `v4.3.4` to `v4.3.5` ([release
notes](https://github.com/actions/upload-artifact/releases/tag/v4.3.5))
* changes in `.github/workflows/yarn-upgrade.yml`
- bump `actions/upload-artifact` from `v4.3.4` to `v4.3.5` ([release
notes](https://github.com/actions/upload-artifact/releases/tag/v4.3.5))

_This PR was auto-generated by
[security-tsccr/actions/runs/10346725273](https://github.com/hashicorp/security-tsccr/actions/runs/10346725273)_

_You can alter the configuration of this automation via the hcl config
in
[security-tsccr/automation](https://github.com/hashicorp/security-tsccr/tree/main/automation)_

_This PR can be regenerated by dispatching the GitHub workflow [Pin
Action
Refs](https://github.com/hashicorp/security-tsccr/actions/workflows/pin-workflows.yml).
Please reach out to #team-prodsec if you have any questions._
[](https://github.com/hashicorp/security-tsccr/issues/193)

Co-authored-by: hashicorp-tsccr[bot] <hashicorp-tsccr[bot]@users.noreply.github.com>
---
 .github/workflows/docker.yml               | 2 +-
 .github/workflows/integration.yml          | 4 ++--
 .github/workflows/provider-integration.yml | 2 +-
 .github/workflows/release.yml              | 4 ++--
 .github/workflows/release_next.yml         | 4 ++--
 .github/workflows/yarn-upgrade.yml         | 2 +-
 6 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index e8141beef8..562bbe0d5d 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -18,7 +18,7 @@ jobs:
     steps:
       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0
+        uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
       - name: Cache Docker layers
         uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
         with:
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index b69f7b8777..05765d6897 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -68,13 +68,13 @@ jobs:
           SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
           GOCACHE: ${{ steps.global-cache-dir-path.outputs.go }}
       - name: Upload dist
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
         if: ${{ !inputs.skip_setup }}
         with:
           name: dist
           path: dist
       - name: Upload edge-provider bindings
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
         if: ${{ !inputs.skip_setup }}
         with:
           name: edge-provider-bindings
diff --git a/.github/workflows/provider-integration.yml b/.github/workflows/provider-integration.yml
index 57b6150df4..e796ff6a29 100644
--- a/.github/workflows/provider-integration.yml
+++ b/.github/workflows/provider-integration.yml
@@ -73,7 +73,7 @@ jobs:
           cd test && yarn
       - name: Upload dist
         if: ${{ !inputs.skip_setup }}
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
         with:
           name: dist
           path: dist
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 30a18c8b6f..999d041358 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -68,12 +68,12 @@ jobs:
         env:
           SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_TOKEN }}
       - name: Upload artifact
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
         with:
           name: dist
           path: dist
       - name: Upload edge-provider bindings
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
         if: ${{ !inputs.skip_setup }}
         with:
           name: edge-provider-bindings
diff --git a/.github/workflows/release_next.yml b/.github/workflows/release_next.yml
index 5b7973c862..d7803a5c13 100644
--- a/.github/workflows/release_next.yml
+++ b/.github/workflows/release_next.yml
@@ -74,12 +74,12 @@ jobs:
         env:
           SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_TOKEN }}
       - name: Upload artifact
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
         with:
           name: dist
           path: dist
       - name: Upload edge-provider bindings
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
         if: ${{ !inputs.skip_setup }}
         with:
           name: edge-provider-bindings
diff --git a/.github/workflows/yarn-upgrade.yml b/.github/workflows/yarn-upgrade.yml
index 06e9b861d9..56b7f2f5c8 100644
--- a/.github/workflows/yarn-upgrade.yml
+++ b/.github/workflows/yarn-upgrade.yml
@@ -63,7 +63,7 @@ jobs:
           git add .
           git diff --patch --staged > ./upgrade.patch
       - name: Upload Patch
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
         with:
           name: upgrade.patch
           path: ./upgrade.patch