ci(deps): bump docker/* actions to Node 24 majors (#4131)

GitHub Actions deprecates the Node 20 runtime; older versions of every docker/* action run on Node 20 and emit the "Node.js 20 actions are deprecated" warning in every release / e2e / image-build run today. Each action shipped a "Node 24 as default runtime" major: - docker/setup-buildx-action v3 → v4 (2026-03-05) - docker/setup-qemu-action v3 → v4 - docker/metadata-action v5 → v6 - docker/login-action v3 → v4 - docker/build-push-action v6 → v7 None of our usages touch the deprecated inputs removed in the bumps — release.yml / e2e.yml call setup-buildx with no `with:` block, and build-and-publish-image.yml only passes the universally-supported `images` / `tags` / `registry` / `username` / `password` / `context` / `platforms` / `push` / `labels` / `build-args` inputs. ESM internal refactor of each action is transparent to consumers. Ratchet-pinned bumps use the v4.0.0 commit SHA `4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd` (release.yml + e2e.yml). Other action references in build-and-publish-image.yml use `# ratchet:exclude` per existing convention, so version-string bumps suffice there. Verified runtime hosts (`actions/runner` v2.327.1+) are already in use on github-hosted runners as of 2026-03; no infra bump required. Co-authored-by: 秦奇 <gary.gq@alibaba-inc.com>
2026-05-16 19:44:31 +00:00 · 2026-05-14 10:54:01 +08:00 · 2026-05-14 10:54:01 +08:00 · 3cc66f9ae5
commit 3cc66f9ae5
parent c512427f93
3 changed files with 7 additions and 7 deletions
--- a/.github/workflows/build-and-publish-image.yml
+++ b/.github/workflows/build-and-publish-image.yml
@ -67,14 +67,14 @@ jobs:
          echo "GitHub ref: ${{ github.ref }}"

      - name: 'Set up QEMU'
-        uses: 'docker/setup-qemu-action@v3' # ratchet:exclude
+        uses: 'docker/setup-qemu-action@v4' # ratchet:exclude

      - name: 'Set up Docker Buildx'
-        uses: 'docker/setup-buildx-action@v3' # ratchet:exclude
+        uses: 'docker/setup-buildx-action@v4' # ratchet:exclude

      - name: 'Extract metadata (tags, labels) for Docker'
        id: 'meta'
-        uses: 'docker/metadata-action@v5' # ratchet:exclude
+        uses: 'docker/metadata-action@v6' # ratchet:exclude
        with:
          images: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}'
          tags: |
@ -89,7 +89,7 @@ jobs:
      - name: 'Log in to the Container registry'
        if: |-
          ${{ (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')) || (github.event_name == 'workflow_dispatch' && github.event.inputs.publish == 'true') }}
-        uses: 'docker/login-action@v3' # ratchet:exclude
+        uses: 'docker/login-action@v4' # ratchet:exclude
        with:
          registry: '${{ env.REGISTRY }}'
          username: '${{ github.actor }}'
@ -97,7 +97,7 @@ jobs:

      - name: 'Build and push Docker image'
        id: 'build-and-push'
-        uses: 'docker/build-push-action@v6' # ratchet:exclude
+        uses: 'docker/build-push-action@v7' # ratchet:exclude
        with:
          context: '.'
          platforms: 'linux/amd64,linux/arm64'
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@ -58,7 +58,7 @@ jobs:
      - name: 'Set up Docker'
        if: |-
          ${{ matrix.sandbox == 'sandbox:docker' }}
-        uses: 'docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435' # ratchet:docker/setup-buildx-action@v3
+        uses: 'docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd' # ratchet:docker/setup-buildx-action@v4

      - name: 'Set up Podman'
        if: |-
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -266,7 +266,7 @@ jobs:
          npm ci --no-audit --progress=false

      - name: 'Set up Docker'
-        uses: 'docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435' # ratchet:docker/setup-buildx-action@v3
+        uses: 'docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd' # ratchet:docker/setup-buildx-action@v4

      - name: 'Build Sandbox'
        env: