Bump actions/checkout from 4.1.1 to 4.1.2

[dependabot]

Bumps actions/checkout from 4.1.1 to 4.1.2.

Release notes

Sourced from actions/checkout's releases.

v4.1.2

We are investigating the following issue with this release and have rolled-back the v4 tag to point to v4.1.1

• sparse-checkout is not available on git versions prior to 2.27.0 (see actions/checkout#1651)

What's Changed

• Fix: Disable sparse checkout whenever sparse-checkout option is not present @​dscho in actions/checkout#1598
• Bump tough-cookie from 4.0.0 to 4.1.3 by @​dependabot in actions/checkout#1406
• Bump @​babel/traverse from 7.20.5 to 7.24.0 by @​dependabot in actions/checkout#1642

New Contributors

• @​jww3 made their first contribution in actions/checkout#1616

Full Changelog: actions/checkout@v4.1.1...v4.1.2

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.2

• Fix: Disable sparse checkout whenever sparse-checkout option is not present @​dscho in actions/checkout#1598

v4.1.1

• Correct link to GitHub Docs by @​peterbe in actions/checkout#1511
• Link to release page from what's new section by @​cory-miller in actions/checkout#1514

v4.1.0

• Add support for partial checkout filters

v4.0.0

• Support fetching without the --progress option
• Update to node20

v3.6.0

• Fix: Mark test scripts with Bash'isms to be run via Bash
• Add option to fetch tags even if fetch-depth > 0

v3.5.3

• Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
• Fix typos found by codespell
• Add support for sparse checkouts

v3.5.2

• Fix api endpoint for GHES

v3.5.1

• Fix slow checkout on Windows

v3.5.0

• Add new public key for known_hosts

v3.4.0

• Upgrade codeql actions to v2
• Upgrade dependencies
• Upgrade @​actions/io

v3.3.0

• Implement branch list using callbacks from exec function
• Add in explicit reference to private checkout options
• [Fix comment typos (that got added in #770)](actions/checkout#1057)

v3.2.0

• Add GitHub Action to perform release
• Fix status badge
• Replace datadog/squid with ubuntu/squid Docker image
• Wrap pipeline commands for submoduleForeach in quotes
• Update @​actions/io to 1.1.2

... (truncated)

Commits

• 9bb5618 Prep for release of v4.1.2 (#1649)
• 8eb1f6a Bump @​babel/traverse from 7.20.5 to 7.24.0 (#1642)
• 556e4c3 Bump tough-cookie from 4.0.0 to 4.1.3 (#1406)
• b32f140 Warn on attempts to publish test-ubuntu-git from non-main branch. (#1623)
• 2650dbd Give test-ubuntu-git its own README (#1620)
• aadec89 Explicitly disable sparse checkout unless asked for (#1598)
• df0bcdd Refine workflow for generating test-ubuntu-git (#1617)
• 473055b Create test-ubuntu-git Docker Container for Proxy Tests (#1616)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

TFSEC Scan Success

Show Output

```hcl

---

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

Trivy Scan

Show Output

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

[github-actions]

commonimages/components terraform plan on pull_request event #253

data.aws_secretsmanager_secret.environment_management: Reading...
data.aws_secretsmanager_secret.environment_management: Read complete after 0s [id=<REDACTED>]
data.aws_secretsmanager_secret_version.environment_management: Reading...
data.aws_secretsmanager_secret_version.environment_management: Read complete after 0s [id=<REDACTED>]
data.aws_caller_identity.current: Reading...
data.aws_caller_identity.current: Read complete after 0s [id=<REDACTED>]
data.aws_kms_key.hmpps_ebs_encryption_cmk: Reading...
data.aws_kms_key.hmpps_ebs_encryption_cmk: Read complete after 0s [id=<REDACTED>]
aws_imagebuilder_component.this["psreadline_fix.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["prometheus_windows_exporter.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["python_3_6.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["powershell_core.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["aws_cli.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["ansible.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["powershell_core_server_2012.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["git_windows.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["python_3_9.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["yum_packages.yml"]: Refreshing state... [id=<REDACTED>]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # aws_imagebuilder_component.this["chocolatey.yml"] will be created
  + resource "aws_imagebuilder_component" "this" {
      + arn          = (known after apply)
      + data         = <<-EOT
            ---
            name: chocolatey
            description: Component to install chocolatey
            schemaVersion: 1.0
            parameters:
              - Version:
                  type: string
                  default: 0.0.4
                  description: Component version (update this each time the file changes)
              - Platform:
                  type: string
                  default: "Windows"
                  description: Platform.
            phases:
              - name: build
                steps:
                  - name: InstallChocolatey
                    action: ExecutePowerShell
                    inputs:
                      commands:
                        - |
                          if (Get-Command choco.exe -ErrorAction SilentlyContinue) {
                            Write-Host "Chocolatey already installed"
                            [System.Environment]::Exit(0)
                          } else {
                            Write-Host "Installing Chocolatey"
                            Set-ExecutionPolicy Bypass -Scope Process -Force
                            [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
                            Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
                            [System.Environment]::Exit(3010)
                          }
        EOT
      + date_created = (known after apply)
      + description  = "Component to install chocolatey"
      + encrypted    = (known after apply)
      + id           = (known after apply)
      + kms_key_id   = "arn:aws:kms:eu-west-2:374269020027:key/12984197-3371-4c21-8e43-a88a1581e691"
      + name         = "chocolatey"
      + owner        = (known after apply)
      + platform     = "Windows"
      + skip_destroy = false
      + tags         = {
          + "application"   = "n/a"
          + "branch"        = "main"
          + "business-unit" = "HMPPS"
          + "is-production" = "true"
          + "owner"         = "digital-studio-operations-team@digital.justice.gov.uk"
          + "source-code"   = "https://github.com/ministryofjustice/modernisation-platform-ami-builds/tree/main/commonimages/components"
        }
      + tags_all     = {
          + "application"   = "n/a"
          + "branch"        = "main"
          + "business-unit" = "HMPPS"
          + "is-production" = "true"
          + "owner"         = "digital-studio-operations-team@digital.justice.gov.uk"
          + "source-code"   = "https://github.com/ministryofjustice/modernisation-platform-ami-builds/tree/main/commonimages/components"
        }
      + type         = (known after apply)
      + version      = "0.0.4"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Warning: Value for undeclared variable

The root module does not declare a variable named "account_to_distribute_ami"
but a value was found in file "terraform.tfvars". If you meant to use this
value, add a "variable" block to the configuration.

To silence these warnings, use TF_VAR_... environment variables to provide
certain "global" settings to all configurations in your organization. To
reduce the verbosity of these warnings, use the -compact-warnings option.

[github-actions]

TFSEC Scan Success

Show Output

```hcl

---

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

Trivy Scan

Show Output

[github-actions]

commonimages/components terraform plan on push event #254

data.aws_secretsmanager_secret.environment_management: Reading...
data.aws_secretsmanager_secret.environment_management: Read complete after 0s [id=<REDACTED>]
data.aws_secretsmanager_secret_version.environment_management: Reading...
data.aws_secretsmanager_secret_version.environment_management: Read complete after 0s [id=<REDACTED>]
data.aws_caller_identity.current: Reading...
data.aws_caller_identity.current: Read complete after 0s [id=<REDACTED>]
data.aws_kms_key.hmpps_ebs_encryption_cmk: Reading...
data.aws_kms_key.hmpps_ebs_encryption_cmk: Read complete after 0s [id=<REDACTED>]
aws_imagebuilder_component.this["yum_packages.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["python_3_9.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["prometheus_windows_exporter.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["powershell_core_server_2012.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["psreadline_fix.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["git_windows.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["aws_cli.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["python_3_6.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["ansible.yml"]: Refreshing state... [id=<REDACTED>]
aws_imagebuilder_component.this["powershell_core.yml"]: Refreshing state... [id=<REDACTED>]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # aws_imagebuilder_component.this["chocolatey.yml"] will be created
  + resource "aws_imagebuilder_component" "this" {
      + arn          = (known after apply)
      + data         = <<-EOT
            ---
            name: chocolatey
            description: Component to install chocolatey
            schemaVersion: 1.0
            parameters:
              - Version:
                  type: string
                  default: 0.0.4
                  description: Component version (update this each time the file changes)
              - Platform:
                  type: string
                  default: "Windows"
                  description: Platform.
            phases:
              - name: build
                steps:
                  - name: InstallChocolatey
                    action: ExecutePowerShell
                    inputs:
                      commands:
                        - |
                          if (Get-Command choco.exe -ErrorAction SilentlyContinue) {
                            Write-Host "Chocolatey already installed"
                            [System.Environment]::Exit(0)
                          } else {
                            Write-Host "Installing Chocolatey"
                            Set-ExecutionPolicy Bypass -Scope Process -Force
                            [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
                            Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
                            [System.Environment]::Exit(3010)
                          }
        EOT
      + date_created = (known after apply)
      + description  = "Component to install chocolatey"
      + encrypted    = (known after apply)
      + id           = (known after apply)
      + kms_key_id   = "arn:aws:kms:eu-west-2:374269020027:key/12984197-3371-4c21-8e43-a88a1581e691"
      + name         = "chocolatey"
      + owner        = (known after apply)
      + platform     = "Windows"
      + skip_destroy = false
      + tags         = {
          + "application"   = "n/a"
          + "branch"        = "main"
          + "business-unit" = "HMPPS"
          + "is-production" = "true"
          + "owner"         = "digital-studio-operations-team@digital.justice.gov.uk"
          + "source-code"   = "https://github.com/ministryofjustice/modernisation-platform-ami-builds/tree/main/commonimages/components"
        }
      + tags_all     = {
          + "application"   = "n/a"
          + "branch"        = "main"
          + "business-unit" = "HMPPS"
          + "is-production" = "true"
          + "owner"         = "digital-studio-operations-team@digital.justice.gov.uk"
          + "source-code"   = "https://github.com/ministryofjustice/modernisation-platform-ami-builds/tree/main/commonimages/components"
        }
      + type         = (known after apply)
      + version      = "0.0.4"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Warning: Value for undeclared variable

The root module does not declare a variable named "account_to_distribute_ami"
but a value was found in file "terraform.tfvars". If you meant to use this
value, add a "variable" block to the configuration.

To silence these warnings, use TF_VAR_... environment variables to provide
certain "global" settings to all configurations in your organization. To
reduce the verbosity of these warnings, use the -compact-warnings option.