Bump actions/checkout from 4.0.0 to 4.1.0

[dependabot]

Bumps actions/checkout from 4.0.0 to 4.1.0.

Release notes

Sourced from actions/checkout's releases.

v4.1.0

What's Changed

• Update README.md for V4 by @​sivapalan in actions/checkout#1452
• Add support for partial checkout filters by @​finleygn in actions/checkout#1396
• Prepare 4.1.0 release by @​cory-miller in actions/checkout#1496

New Contributors

• @​sivapalan made their first contribution in actions/checkout#1452
• @​finleygn made their first contribution in actions/checkout#1396

Full Changelog: actions/checkout@v4.0.0...v4.1.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.0

• Add support for partial checkout filters

v4.0.0

• Support fetching without the --progress option
• Update to node20

v3.6.0

• Fix: Mark test scripts with Bash'isms to be run via Bash
• Add option to fetch tags even if fetch-depth > 0

v3.5.3

• Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
• Fix typos found by codespell
• Add support for sparse checkouts

v3.5.2

• Fix api endpoint for GHES

v3.5.1

• Fix slow checkout on Windows

v3.5.0

• Add new public key for known_hosts

v3.4.0

• Upgrade codeql actions to v2
• Upgrade dependencies
• Upgrade @​actions/io

v3.3.0

• Implement branch list using callbacks from exec function
• Add in explicit reference to private checkout options
• [Fix comment typos (that got added in #770)](actions/checkout#1057)

v3.2.0

• Add GitHub Action to perform release
• Fix status badge
• Replace datadog/squid with ubuntu/squid Docker image
• Wrap pipeline commands for submoduleForeach in quotes
• Update @​actions/io to 1.1.2
• Upgrading version to 3.2.0

v3.1.0

• Use @​actions/core saveState and getState
• Add github-server-url input

v3.0.2

... (truncated)

Commits

• 8ade135 Prepare 4.1.0 release (#1496)
• c533a0a Add support for partial checkout filters (#1396)
• 72f2cec Update README.md for V4 (#1452)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

TFSEC Scan Success

Show Output

*****************************

TFSEC will check the following folders:

Checkov Scan Success

Show Output

*****************************

Checkov will check the following folders:

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:

[github-actions]

commonimages/base/windows_2012_r2 terragrunt plan on push event #370

module.imagebuilder.data.terraform_remote_state.imagebuilder_mp: Reading...
module.imagebuilder.data.terraform_remote_state.core_shared_services_production: Reading...
module.imagebuilder.data.terraform_remote_state.imagebuilder_mp: Read complete after 1s
module.imagebuilder.data.aws_secretsmanager_secret.environment_management: Reading...
module.imagebuilder.data.terraform_remote_state.core_shared_services_production: Read complete after 2s
module.imagebuilder.data.aws_secretsmanager_secret.environment_management: Read complete after 0s [id=<REDACTED>]
module.imagebuilder.data.aws_secretsmanager_secret_version.environment_management: Reading...
module.imagebuilder.data.aws_secretsmanager_secret_version.environment_management: Read complete after 1s [id=<REDACTED>]
module.imagebuilder.data.aws_caller_identity.current: Reading...
module.imagebuilder.data.aws_ami.parent[0]: Reading...
module.imagebuilder.data.aws_imagebuilder_component.this["amazon-cloudwatch-agent-windows"]: Reading...
module.imagebuilder.data.aws_caller_identity.current: Read complete after 0s [id=<REDACTED>]
module.imagebuilder.data.aws_kms_key.hmpps_ebs_encryption_cmk: Reading...
module.imagebuilder.data.aws_kms_key.hmpps_ebs_encryption_cmk: Read complete after 0s [id=<REDACTED>]
module.imagebuilder.data.aws_ami.parent[0]: Read complete after 0s [id=<REDACTED>]
module.imagebuilder.data.aws_imagebuilder_component.this["amazon-cloudwatch-agent-windows"]: Read complete after 0s [id=<REDACTED>]
module.imagebuilder.aws_imagebuilder_image_recipe.this: Refreshing state... [id=<REDACTED>]
module.imagebuilder.aws_imagebuilder_infrastructure_configuration.this: Refreshing state... [id=<REDACTED>]
module.imagebuilder.aws_imagebuilder_distribution_configuration.this: Refreshing state... [id=<REDACTED>]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create
+/- create replacement and then destroy

Terraform will perform the following actions:

  # module.imagebuilder.aws_imagebuilder_image_pipeline.this will be created
  + resource "aws_imagebuilder_image_pipeline" "this" {
      + arn                              = (known after apply)
      + date_created                     = (known after apply)
      + date_last_run                    = (known after apply)
      + date_next_run                    = (known after apply)
      + date_updated                     = (known after apply)
      + description                      = "Windows Server 2012 R2"
      + distribution_configuration_arn   = "arn:aws:imagebuilder:eu-west-2:374269020027:distribution-configuration/base-windows-server-2012-r2"
      + enhanced_image_metadata_enabled  = true
      + id                               = (known after apply)
      + image_recipe_arn                 = (known after apply)
      + infrastructure_configuration_arn = "arn:aws:imagebuilder:eu-west-2:374269020027:infrastructure-configuration/base-windows-server-2012-r2-0-0-7"
      + name                             = "base_windows_server_2012_r2"
      + platform                         = (known after apply)
      + status                           = "ENABLED"
      + tags                             = {
          + "amazon-cloudwatch-agent-windows-version" = "1.0.0"
          + "application"                             = "n/a"
          + "branch"                                  = "main"
          + "business-unit"                           = "HMPPS"
          + "image-pipeline"                          = "base_windows_server_2012_r2"
          + "image-recipe"                            = "base_windows_server_2012_r2/0.0.7"
          + "infrastructure-configuration"            = "base_windows_server_2012_r2/0.0.7"
          + "is-production"                           = "true"
          + "os-version"                              = "windows server 2012 r2"
          + "release-or-patch"                        = "release"
          + "source-code"                             = "https://github.com/ministryofjustice/modernisation-platform-ami-builds/tree/main/commonimages/base/windows_server_2012_r2"
        }
      + tags_all                         = {
          + "amazon-cloudwatch-agent-windows-version" = "1.0.0"
          + "application"                             = "n/a"
          + "branch"                                  = "main"
          + "business-unit"                           = "HMPPS"
          + "image-pipeline"                          = "base_windows_server_2012_r2"
          + "image-recipe"                            = "base_windows_server_2012_r2/0.0.7"
          + "infrastructure-configuration"            = "base_windows_server_2012_r2/0.0.7"
          + "is-production"                           = "true"
          + "os-version"                              = "windows server 2012 r2"
          + "release-or-patch"                        = "release"
          + "source-code"                             = "https://github.com/ministryofjustice/modernisation-platform-ami-builds/tree/main/commonimages/base/windows_server_2012_r2"
        }

      + image_scanning_configuration {
          + image_scanning_enabled = (known after apply)

          + ecr_configuration {
              + container_tags  = (known after apply)
              + repository_name = (known after apply)
            }
        }

      + image_tests_configuration {
          + image_tests_enabled = false
          + timeout_minutes     = 720
        }

      + schedule {
          + pipeline_execution_start_condition = "EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE"
          + schedule_expression                = "cron(0 0 1 * ? *)"
          + timezone                           = (known after apply)
        }
    }

  # module.imagebuilder.aws_imagebuilder_image_recipe.this must be replaced
+/- resource "aws_imagebuilder_image_recipe" "this" {
      ~ arn              = "arn:aws:imagebuilder:eu-west-2:374269020027:image-recipe/base-windows-server-2012-r2/0.0.7" -> (known after apply)
      ~ date_created     = "2023-09-07T13:34:37.506Z" -> (known after apply)
      ~ id               = "arn:aws:imagebuilder:eu-west-2:374269020027:image-recipe/base-windows-server-2012-r2/0.0.7" -> (known after apply)
        name             = "base_windows_server_2012_r2"
      ~ owner            = "374269020027" -> (known after apply)
      ~ parent_image     = "ami-0bade639263758113" -> "ami-03ec0ba37fcffce0f" # forces replacement
      ~ platform         = "Windows" -> (known after apply)
        tags             = {
            "amazon-cloudwatch-agent-windows-version" = "1.0.0"
            "application"                             = "n/a"
            "branch"                                  = "main"
            "business-unit"                           = "HMPPS"
            "image-pipeline"                          = "base_windows_server_2012_r2"
            "image-recipe"                            = "base_windows_server_2012_r2/0.0.7"
            "infrastructure-configuration"            = "base_windows_server_2012_r2/0.0.7"
            "is-production"                           = "true"
            "os-version"                              = "windows server 2012 r2"
            "release-or-patch"                        = "release"
            "source-code"                             = "https://github.com/ministryofjustice/modernisation-platform-ami-builds/tree/main/commonimages/base/windows_server_2012_r2"
        }
      + user_data_base64 = (known after apply)
        # (3 unchanged attributes hidden)

      - block_device_mapping {
          - device_name = "/dev/sda1" -> null
          - no_device   = false -> null

          - ebs {
              - delete_on_termination = "true" -> null
              - encrypted             = "true" -> null
              - iops                  = 0 -> null
              - kms_key_id            = "arn:aws:kms:eu-west-2:374269020027:key/12984197-3371-4c21-8e43-a88a1581e691" -> null
              - throughput            = 0 -> null
              - volume_size           = 128 -> null
              - volume_type           = "gp3" -> null
            }
        }
      + block_device_mapping {
          + device_name = "/dev/sda1"

          + ebs {
              + delete_on_termination = "true"
              + encrypted             = "true"
              + kms_key_id            = "arn:aws:kms:eu-west-2:374269020027:key/12984197-3371-4c21-8e43-a88a1581e691"
              + volume_size           = 128
              + volume_type           = "gp3"
            }
        }
      - block_device_mapping {
          - device_name = "/dev/sdb" -> null
          - no_device   = false -> null

          - ebs {
              - delete_on_termination = "true" -> null
              - encrypted             = "true" -> null
              - iops                  = 0 -> null
              - kms_key_id            = "arn:aws:kms:eu-west-2:374269020027:key/12984197-3371-4c21-8e43-a88a1581e691" -> null
              - throughput            = 0 -> null
              - volume_size           = 100 -> null
              - volume_type           = "gp3" -> null
            }
        }
      + block_device_mapping {
          + device_name = "/dev/sdb"

          + ebs {
              + delete_on_termination = "true"
              + encrypted             = "true"
              + kms_key_id            = "arn:aws:kms:eu-west-2:374269020027:key/12984197-3371-4c21-8e43-a88a1581e691"
              + volume_size           = 100
              + volume_type           = "gp3"
            }
        }

      + systems_manager_agent {
          + uninstall_after_build = (known after apply)
        }

        # (3 unchanged blocks hidden)
    }

Plan: 2 to add, 0 to change, 1 to destroy.