From 4f9aa252c97b5bd89dbe5e08cd6d898356731674 Mon Sep 17 00:00:00 2001 From: Scott Schafer Date: Sat, 30 May 2026 21:31:32 -0600 Subject: [PATCH 1/8] chore: Use ubuntu-latest for all CI jobs --- .github/workflows/mirror_stable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mirror_stable.yml b/.github/workflows/mirror_stable.yml index 5bc04c7..06dee59 100644 --- a/.github/workflows/mirror_stable.yml +++ b/.github/workflows/mirror_stable.yml @@ -9,7 +9,7 @@ on: jobs: mirror: name: DockerHub mirror - runs-on: ubuntu-24.04 + runs-on: ubuntu-latest if: github.repository == 'rust-lang/docker-rust' permissions: contents: read From 393b55bb8b6a0d593290421662f2b3bfcdd99c9b Mon Sep 17 00:00:00 2001 From: Scott Schafer Date: Sat, 30 May 2026 21:30:35 -0600 Subject: [PATCH 2/8] chore: Update actions/checkout to v6.0.2 --- .github/workflows/ci.yml | 2 +- .github/workflows/mirror_stable.yml | 2 +- .github/workflows/nightly.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b8c07e5..ac1f5e1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -45,7 +45,7 @@ jobs: #VERSIONS name: ${{ matrix.name }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6.0.2 - run: git clone https://github.com/docker-library/official-images.git ~/official-images - run: docker build -t rust:$RUST_VERSION-${{ matrix.name }} stable/${{ matrix.variant }} - run: ~/official-images/test/run.sh rust:$RUST_VERSION-${{ matrix.name }} diff --git a/.github/workflows/mirror_stable.yml b/.github/workflows/mirror_stable.yml index 06dee59..835d220 100644 --- a/.github/workflows/mirror_stable.yml +++ b/.github/workflows/mirror_stable.yml @@ -87,7 +87,7 @@ jobs: slim #VERSIONS steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6.0.2 with: persist-credentials: false diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 6d5ac81..e2642b7 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -74,7 +74,7 @@ jobs: name: ${{ matrix.name }} steps: - name: Checkout repository - uses: actions/checkout@v5 + uses: actions/checkout@v6.0.2 - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx From e191874d7049dcd2447edc6f9d9915ccb20a794c Mon Sep 17 00:00:00 2001 From: Scott Schafer Date: Sat, 30 May 2026 21:30:35 -0600 Subject: [PATCH 3/8] chore: Update docker/login-action to v4.2.0 --- .github/workflows/mirror_stable.yml | 4 ++-- .github/workflows/nightly.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/mirror_stable.yml b/.github/workflows/mirror_stable.yml index 835d220..c336738 100644 --- a/.github/workflows/mirror_stable.yml +++ b/.github/workflows/mirror_stable.yml @@ -92,13 +92,13 @@ jobs: persist-credentials: false - name: Login to Docker Hub - uses: docker/login-action@v3 + uses: docker/login-action@v4.2.0 with: username: rustopsbot password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Login to GHCR - uses: docker/login-action@v3 + uses: docker/login-action@v4.2.0 with: registry: ghcr.io username: ${{ github.repository_owner }} diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index e2642b7..09498a3 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -80,7 +80,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to GHCR - uses: docker/login-action@v3 + uses: docker/login-action@v4.2.0 if: (github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/master' with: registry: ghcr.io @@ -88,7 +88,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Login to Docker Hub - uses: docker/login-action@v3 + uses: docker/login-action@v4.2.0 if: (github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/master' with: username: rustopsbot From 10cb1a4e00de0ca38fc04a33ae8414b7fc89fac7 Mon Sep 17 00:00:00 2001 From: Scott Schafer Date: Sat, 30 May 2026 21:30:35 -0600 Subject: [PATCH 4/8] chore: Update docker/setup-qemu-action to v4.1.0 --- .github/workflows/nightly.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 09498a3..1de7a3d 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -76,7 +76,7 @@ jobs: - name: Checkout repository uses: actions/checkout@v6.0.2 - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@v4.1.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to GHCR From 887cec647cc621c5c47e7cd71f33a93c000fd8a6 Mon Sep 17 00:00:00 2001 From: Scott Schafer Date: Sat, 30 May 2026 21:30:35 -0600 Subject: [PATCH 5/8] chore: Update docker/setup-buildx-action to v4.1.0 --- .github/workflows/nightly.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 1de7a3d..d46bee4 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -78,7 +78,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@v4.1.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4.1.0 - name: Login to GHCR uses: docker/login-action@v4.2.0 if: (github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/master' From 6394a13368a50a4da54c9a1b13d636c708d0ac6a Mon Sep 17 00:00:00 2001 From: Scott Schafer Date: Sat, 30 May 2026 21:30:35 -0600 Subject: [PATCH 6/8] chore: Update docker/metadata-action to v6.1.0 --- .github/workflows/nightly.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index d46bee4..66b457f 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -133,7 +133,7 @@ jobs: - name: Docker Metadata id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@v6.1.0 with: images: | rustlang/rust From b6a537090ea57cfcd46fab9a06e407863aef1f03 Mon Sep 17 00:00:00 2001 From: Scott Schafer Date: Sat, 30 May 2026 21:30:35 -0600 Subject: [PATCH 7/8] chore: Update docker/build-push-action to v7.2.0 --- .github/workflows/nightly.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 66b457f..31d1649 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -143,7 +143,7 @@ jobs: ${{ steps.dated_tags.outputs.tags }} - name: Build and push image - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7.2.0 with: context: ${{ matrix.context }} platforms: ${{ matrix.platforms }} From 9858af36d4fce1ca6265e7e79eb7b211e0060111 Mon Sep 17 00:00:00 2001 From: Scott Schafer Date: Sat, 30 May 2026 23:37:49 -0600 Subject: [PATCH 8/8] chore: Pin GitHub Actions to a specific version --- .github/workflows/ci.yml | 2 +- .github/workflows/mirror_stable.yml | 6 +++--- .github/workflows/nightly.yml | 14 +++++++------- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ac1f5e1..07314c0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -45,7 +45,7 @@ jobs: #VERSIONS name: ${{ matrix.name }} steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - run: git clone https://github.com/docker-library/official-images.git ~/official-images - run: docker build -t rust:$RUST_VERSION-${{ matrix.name }} stable/${{ matrix.variant }} - run: ~/official-images/test/run.sh rust:$RUST_VERSION-${{ matrix.name }} diff --git a/.github/workflows/mirror_stable.yml b/.github/workflows/mirror_stable.yml index c336738..20845a0 100644 --- a/.github/workflows/mirror_stable.yml +++ b/.github/workflows/mirror_stable.yml @@ -87,18 +87,18 @@ jobs: slim #VERSIONS steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Login to Docker Hub - uses: docker/login-action@v4.2.0 + uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 with: username: rustopsbot password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Login to GHCR - uses: docker/login-action@v4.2.0 + uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 with: registry: ghcr.io username: ${{ github.repository_owner }} diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 31d1649..f551505 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -74,13 +74,13 @@ jobs: name: ${{ matrix.name }} steps: - name: Checkout repository - uses: actions/checkout@v6.0.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up QEMU - uses: docker/setup-qemu-action@v4.1.0 + uses: docker/setup-qemu-action@06116385d9baf250c9f4dcb4858b16962ea869c3 # v4.1.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v4.1.0 + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 - name: Login to GHCR - uses: docker/login-action@v4.2.0 + uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 if: (github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/master' with: registry: ghcr.io @@ -88,7 +88,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Login to Docker Hub - uses: docker/login-action@v4.2.0 + uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 if: (github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/master' with: username: rustopsbot @@ -133,7 +133,7 @@ jobs: - name: Docker Metadata id: meta - uses: docker/metadata-action@v6.1.0 + uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0 with: images: | rustlang/rust @@ -143,7 +143,7 @@ jobs: ${{ steps.dated_tags.outputs.tags }} - name: Build and push image - uses: docker/build-push-action@v7.2.0 + uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0 with: context: ${{ matrix.context }} platforms: ${{ matrix.platforms }}