Update actions

.github/workflows/build.yml

@@ -6,7 +6,7 @@ permissions:
 jobs:
   go-version:
     name: Lookup go versions
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     outputs:
       minimal: ${{ steps.go-version.outputs.minimal }}
       matrix: ${{ steps.go-version.outputs.matrix }}
@@ -17,26 +17,19 @@ jobs:
   go_generate:
     name: Check generated code is up to date
     needs: go-version
-    runs-on: ubuntu-22.04
-    env:
-      workdir: go/src/${{ github.repository }}
+    runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@v6
-      with:
-        path: ${{env.workdir}}
     - name: Install Go ${{ needs.go-version.outputs.minimal }}
-      uses: WillAbides/setup-go[email protected]
+      uses: actions/setup-go@v6
       with:
         go-version: ${{ needs.go-version.outputs.minimal }}
     - run: go version
     - name: go generate
       env:
         GO111MODULE: 'on'
-        GOPATH: ${{ github.workspace }}/go
-      working-directory: ${{env.workdir}}
       run: go generate -x
     - name: Diff after go generate
-      working-directory: ${{env.workdir}}
       run: git diff --exit-code
   build_and_test:
     name: Build and test
@@ -48,10 +41,9 @@ jobs:
     steps:
     - uses: actions/checkout@v6
     - name: Install Go ${{ matrix.go-version }}
-      uses: WillAbides/setup-go[email protected]
+      uses: actions/setup-go@v6
       with:
         go-version: ${{ matrix.go-version }}.x
-        ignore-local: true
     - run: go version
     - name: go test
       env:

.github/workflows/dependency-review.yml

@@ -6,7 +6,7 @@ permissions:
 
 jobs:
   dependency-review:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
       - name: 'Checkout Repository'
         uses: actions/checkout@v6

.github/workflows/docker-image-security-scan.yml

@@ -7,7 +7,7 @@ jobs:
   security-scan:
     name: Docker build and scan
     if: '!github.event.deleted'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@v6
     - name: Set up Docker Buildx

.github/workflows/lint.yml

@@ -7,7 +7,7 @@ permissions:
 jobs:
   dockerfile:
     name: dockerfile
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@v6
       - name: Run hadolint
@@ -17,21 +17,21 @@ jobs:
 
   markdownlint:
     name: markdown
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@v6
     - name: Run markdownlint
       uses: DavidAnson/markdownlint-cli2-action@v21
 
   golangci:
     name: lint
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@v6
       - uses: arnested/go-version-action@v1
         id: go-version
       - name: Install Go ${{ steps.go-version.outputs.minimal }}
-        uses: WillAbides/setup-go[email protected]
+        uses: actions/setup-go@v6
         with:
           go-version: ${{ steps.go-version.outputs.minimal }}
       - run: go version

.github/workflows/release.yml

@@ -13,7 +13,7 @@ permissions:
   actions: read
 jobs:
   bump-version:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@v6
       with:
@@ -29,10 +29,9 @@ jobs:
         DEFAULT_BUMP: patch
         DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
     - name: Set up Go ${{ steps.go-version.outputs.latest }}
-      uses: WillAbides/setup-go[email protected]
+      uses: actions/setup-go@v6
       with:
         go-version: ${{ steps.go-version.outputs.latest }}.x
-        ignore-local: true
     - run: go version
     - name: Install changelog management tool
       run: go install github.com/goreleaser/chglog/cmd/chglog@main
@@ -95,7 +94,7 @@ jobs:
         message: "Released `${{ github.repository }}`@`${{ github.sha }}` as ${{ steps.version.outputs.tag }}: *${{ job.status }}*."
   docker-build:
     name: Docker build and push
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@v6
     - name: Set up Docker Buildx

.github/workflows/security.yml

@@ -16,7 +16,7 @@ permissions:
 jobs:
   gosec:
     name: Golang Security Checker
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     env:
       GO111MODULE: on
     steps:
@@ -33,23 +33,21 @@ jobs:
           sarif_file: results.sarif
   govulncheck:
     name: Govulncheck
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@v6
-    - uses: arnested/go-version-action@v1
-      id: go-version
+    - name: Setup Go
+      uses: actions/setup-go@v6
       with:
-        patch-level: true
+        go-version-file: go.mod
     - id: govulncheck
-      uses: golang/govulncheck-action@master
+      uses: arnested/govulncheck-action@main
       with:
-        go-version-input: ${{ steps.go-version.outputs.latest }}
         output-format: sarif
         output-file: results.sarif
+        setup-go: false
         repo-checkout: false
-    - name: Fix SARIF format
-      run: yq --inplace --output-format json '.runs |= map ({"results":[]} + .)' results.sarif
-    - name: Upload SARIF file
+   - name: Upload SARIF file
       uses: github/codeql-action/upload-sarif@v4
       with:
         sarif_file: results.sarif