From 9b235f002c9c539a1a80b76d0f49ef8dafe3caf4 Mon Sep 17 00:00:00 2001
From: Davi Koscianski Vidal <davi.koscianski-vidal@sonarsource.com>
Date: Mon, 10 Feb 2025 12:04:33 +0100
Subject: [PATCH] SONAR-24331 Updates CI tools

---
 .github/workflows/next-scan.yml        | 2 +-
 .github/workflows/release-template.yml | 6 +++---
 .github/workflows/slack_notify.yml     | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/next-scan.yml b/.github/workflows/next-scan.yml
index f6da0598b..bdb1f5166 100644
--- a/.github/workflows/next-scan.yml
+++ b/.github/workflows/next-scan.yml
@@ -21,7 +21,7 @@ jobs:
         # Disabling shallow clone is recommended for improving relevancy of reporting
         fetch-depth: 0
     - id: secrets
-      uses: SonarSource/vault-action-wrapper@3.0.0
+      uses: SonarSource/vault-action-wrapper@v3
       with:
         secrets: |
           development/kv/data/next token | sq_next_token;
diff --git a/.github/workflows/release-template.yml b/.github/workflows/release-template.yml
index e38695cbe..fdc536598 100644
--- a/.github/workflows/release-template.yml
+++ b/.github/workflows/release-template.yml
@@ -13,13 +13,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - id: secrets
-        uses: SonarSource/vault-action-wrapper@3.0.0
+        uses: SonarSource/vault-action-wrapper@v3
         with:
           secrets: |
             development/kv/data/sign key | gpg_key;
             development/kv/data/sign passphrase | gpg_passphrase;
       - name: Generate CycloneDX SBOM
-        uses: SonarSource/gh-action_sbom@v1
+        uses: SonarSource/gh-action_sbom@v3
         with:
           image: "sonarqube:${{ inputs.tag }}"
           filename: "sonarqube-${{ inputs.tag }}-bom.json"
@@ -27,4 +27,4 @@ jobs:
           upload-release-assets: true
         env:
           GPG_PRIVATE_KEY_PASSPHRASE: ${{ fromJSON(steps.secrets.outputs.vault).gpg_passphrase }}
-          GPG_PRIVATE_KEY_BASE64: ${{ fromJSON(steps.secrets.outputs.vault).gpg_key }}
\ No newline at end of file
+          GPG_PRIVATE_KEY_BASE64: ${{ fromJSON(steps.secrets.outputs.vault).gpg_key }}
diff --git a/.github/workflows/slack_notify.yml b/.github/workflows/slack_notify.yml
index d08b6dee1..94d9475ce 100644
--- a/.github/workflows/slack_notify.yml
+++ b/.github/workflows/slack_notify.yml
@@ -7,6 +7,6 @@ jobs:
   slack-notifications:
     permissions:
       id-token: write  # to authenticate via OIDC
-    uses: SonarSource/gh-action_build-notify/.github/workflows/main.yaml@v1
+    uses: SonarSource/gh-action_build-notify/.github/workflows/main.yaml@v2
     with:
       slackChannel: squad-sq-platform-build-notification