diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml
index fe0ccda76..bebca8f9c 100644
--- a/.github/workflows/actionlint.yml
+++ b/.github/workflows/actionlint.yml
@@ -38,7 +38,7 @@ jobs:
     name: actionlint with reviewdog
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: actionlint
         uses: reviewdog/action-actionlint@v1
         with:
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index e52063e62..0af189114 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -13,14 +13,14 @@ jobs:
     if: github.event.pusher.name != 'dreamkast-cloudnativedays'
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up Docker Buildx
         id: buildx
         uses: docker/setup-buildx-action@v2
 
       - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v3
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -72,7 +72,7 @@ jobs:
         uses: docker/setup-buildx-action@v2
         
       - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v3
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index cb5de87ef..d9a63305b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-22.04
     if: github.event.pusher.name != 'dreamkast-cloudnativedays'
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - name: dependencies
       run: |
         sudo apt update
diff --git a/.github/workflows/gitops-prd.yml b/.github/workflows/gitops-prd.yml
index b9fd25e57..930774ebd 100644
--- a/.github/workflows/gitops-prd.yml
+++ b/.github/workflows/gitops-prd.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Generate token
         id: generate_token
@@ -20,7 +20,7 @@ jobs:
           private_key: ${{ secrets.PRIVATE_KEY }}
 
       - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v3
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -31,7 +31,7 @@ jobs:
         uses: aws-actions/amazon-ecr-login@v1
 
       - name: Checkout dreamkast-infra
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           repository: cloudnativedaysjp/dreamkast-infra
           path: dreamkast-infra
diff --git a/.github/workflows/gitops-stg.yml b/.github/workflows/gitops-stg.yml
index 8579e202b..9db03a4d5 100644
--- a/.github/workflows/gitops-stg.yml
+++ b/.github/workflows/gitops-stg.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Generate token
         id: generate_token
@@ -20,7 +20,7 @@ jobs:
           private_key: ${{ secrets.PRIVATE_KEY }}
 
       - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v3
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -31,7 +31,7 @@ jobs:
         uses: aws-actions/amazon-ecr-login@v1
 
       - name: Checkout dreamkast-infra
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           repository: cloudnativedaysjp/dreamkast-infra
           path: dreamkast-infra
diff --git a/.github/workflows/make-swagger-artifacts.yml b/.github/workflows/make-swagger-artifacts.yml
index afcc2c768..1a492a824 100644
--- a/.github/workflows/make-swagger-artifacts.yml
+++ b/.github/workflows/make-swagger-artifacts.yml
@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Generate token
         id: generate_token
@@ -29,7 +29,7 @@ jobs:
           private_key: ${{ secrets.PRIVATE_KEY }}
 
       - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v3
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -68,7 +68,7 @@ jobs:
           echo "::set-output name=IMAGE_WITH_SHA::${IMAGE_WITH_SHA}"
 
       - name: Checkout dreamkast-infra
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           repository: cloudnativedaysjp/dreamkast-infra
           path: dreamkast-infra
@@ -103,7 +103,7 @@ jobs:
           branch: main
 
       - name: Checkout dreamkast-ui
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           repository: cloudnativedaysjp/dreamkast-ui
           path: dreamkast-ui
diff --git a/.github/workflows/push-tag-by-releasebot.yml b/.github/workflows/push-tag-by-releasebot.yml
index 5d01c9dbb..a3c9c237f 100644
--- a/.github/workflows/push-tag-by-releasebot.yml
+++ b/.github/workflows/push-tag-by-releasebot.yml
@@ -16,7 +16,7 @@ jobs:
           app_id: ${{ secrets.APP_ID }}
           private_key: ${{ secrets.PRIVATE_KEY }}
 
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           token: ${{ steps.generate_token.outputs.token }}
 
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 3e242664a..aec542278 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Release
         uses: softprops/action-gh-release@v1
         with:
diff --git a/.github/workflows/reviewapp.yml b/.github/workflows/reviewapp.yml
index 9c95ad4d5..d30accf1a 100644
--- a/.github/workflows/reviewapp.yml
+++ b/.github/workflows/reviewapp.yml
@@ -8,7 +8,7 @@ jobs:
     name: grant 'reviewapps' label
     if: ${{ ! startsWith(github.head_ref, 'renovate/') }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - uses: actions/setup-python@v4
@@ -18,7 +18,7 @@ jobs:
 
       - name: Get changed files
         id: changed-files
-        uses: tj-actions/changed-files@v37
+        uses: tj-actions/changed-files@v38
         with:
           use_fork_point: true
 
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index ec7bb1f55..e2d14f7fe 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -11,10 +11,10 @@ on:
 jobs:
   build:
     name: Build
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
     - name: Checkout code
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     - name: Run Trivy vulnerability scanner in fs mode
       uses: aquasecurity/trivy-action@master