Merge pull request #503 from zalando-incubator/dependabot/github_actions/github-actions-d3099d5121

Bump the github-actions group with 4 updates

Author: mikkeloscar

.github/workflows/ci.yaml

@@ -4,8 +4,8 @@ jobs:
   tests:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-go@v5
+    - uses: actions/checkout@v5
+    - uses: actions/setup-go@v6
       with:
         go-version: '^1.25'
     - run: go version

.github/workflows/docker-multiarch.yaml

@@ -25,12 +25,12 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0  # Fetch full history for git describe
 
       - name: Set up Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v6
         with:
           go-version: '^1.25'
 
@@ -71,7 +71,7 @@ jobs:
           GOOS=linux GOARCH=arm64 CGO_ENABLED=0 go build -o build/linux/arm64/es-operator -ldflags "-X main.version=$(git describe --tags --always --dirty) -w -s" .
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: ./Dockerfile.ghcr
@@ -96,7 +96,7 @@ jobs:
           output: 'trivy-results.sarif'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         if: always()
         with:
           sarif_file: 'trivy-results.sarif'