From 617be8dbe38d8da2d638cfb47122eb196d80fe25 Mon Sep 17 00:00:00 2001
From: per1234 <accounts@perglass.com>
Date: Mon, 24 Oct 2022 01:44:41 -0700
Subject: [PATCH] [skip changelog] Migrate workflows from deprecated
 `set-output` commands

GitHub Actions provides the capability for workflow authors to use the capabilities of the GitHub Actions ToolKit
package directly in the `run` keys of workflows via "workflow commands". One such command is `set-output`, which allows
data to be passed out of a workflow step as an output.

It has been determined that this command has potential to be a security risk in some applications. For this reason,
GitHub has deprecated the command and a warning of this is shown in the workflow run summary page of any workflow using
it:

The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more
information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

The identical capability is now provided in a safer form via the GitHub Actions "environment files" system. Migrating
the use of the deprecated workflow commands to use the `GITHUB_OUTPUT` environment file instead fixes any potential
vulnerabilities in the workflows, resolves the warnings, and avoids the eventual complete breakage of the workflows that
would result from GitHub's planned removal of the `set-output` workflow command 2023-05-31.
---
 .github/workflows/check-certificates.yml                   | 2 +-
 .github/workflows/check-go-dependencies-task.yml           | 2 +-
 .github/workflows/check-go-task.yml                        | 2 +-
 .github/workflows/check-protobuf-task.yml                  | 2 +-
 .github/workflows/deploy-cobra-mkdocs-versioned-poetry.yml | 4 ++--
 .github/workflows/publish-go-nightly-task.yml              | 2 +-
 .github/workflows/publish-go-tester-task.yml               | 4 ++--
 .github/workflows/release-go-task.yml                      | 4 ++--
 .github/workflows/sync-labels.yml                          | 2 +-
 .github/workflows/test-go-integration-task.yml             | 4 ++--
 .github/workflows/test-go-task.yml                         | 2 +-
 11 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/check-certificates.yml b/.github/workflows/check-certificates.yml
index 14739bc12c0..85bc015c632 100644
--- a/.github/workflows/check-certificates.yml
+++ b/.github/workflows/check-certificates.yml
@@ -108,7 +108,7 @@ jobs:
           echo "Certificate expiration date: $EXPIRATION_DATE"
           echo "Days remaining before expiration: $DAYS_BEFORE_EXPIRATION"
 
-          echo "::set-output name=days::$DAYS_BEFORE_EXPIRATION"
+          echo "days=$DAYS_BEFORE_EXPIRATION" >> $GITHUB_OUTPUT
 
       - name: Check if expiration notification period has been reached
         id: check-expiration
diff --git a/.github/workflows/check-go-dependencies-task.yml b/.github/workflows/check-go-dependencies-task.yml
index 502bc4141b6..322f6a76548 100644
--- a/.github/workflows/check-go-dependencies-task.yml
+++ b/.github/workflows/check-go-dependencies-task.yml
@@ -56,7 +56,7 @@ jobs:
             RESULT="false"
           fi
 
-          echo "::set-output name=result::$RESULT"
+          echo "result=$RESULT" >> $GITHUB_OUTPUT
 
   check-cache:
     needs: run-determination
diff --git a/.github/workflows/check-go-task.yml b/.github/workflows/check-go-task.yml
index cbe4223f1a7..6b09e1905ee 100644
--- a/.github/workflows/check-go-task.yml
+++ b/.github/workflows/check-go-task.yml
@@ -47,7 +47,7 @@ jobs:
             RESULT="false"
           fi
 
-          echo "::set-output name=result::$RESULT"
+          echo "result=$RESULT" >> $GITHUB_OUTPUT
 
   check-errors:
     name: check-errors (${{ matrix.module.path }})
diff --git a/.github/workflows/check-protobuf-task.yml b/.github/workflows/check-protobuf-task.yml
index f155056bf47..7221d01ed84 100644
--- a/.github/workflows/check-protobuf-task.yml
+++ b/.github/workflows/check-protobuf-task.yml
@@ -42,7 +42,7 @@ jobs:
             RESULT="false"
           fi
 
-          echo "::set-output name=result::$RESULT"
+          echo "result=$RESULT" >> $GITHUB_OUTPUT
 
   build:
     needs: run-determination
diff --git a/.github/workflows/deploy-cobra-mkdocs-versioned-poetry.yml b/.github/workflows/deploy-cobra-mkdocs-versioned-poetry.yml
index 33a8f5d520f..0379bd9fe2f 100644
--- a/.github/workflows/deploy-cobra-mkdocs-versioned-poetry.yml
+++ b/.github/workflows/deploy-cobra-mkdocs-versioned-poetry.yml
@@ -45,7 +45,7 @@ jobs:
             RESULT="false"
           fi
 
-          echo "::set-output name=result::$RESULT"
+          echo "result=$RESULT" >> $GITHUB_OUTPUT
 
   publish:
     runs-on: ubuntu-latest
@@ -93,7 +93,7 @@ jobs:
 
       - name: Determine versioning parameters
         id: determine-versioning
-        run: echo "::set-output name=data::$(poetry run python docs/siteversion/siteversion.py)"
+        run: echo "data=$(poetry run python docs/siteversion/siteversion.py)" >> $GITHUB_OUTPUT
 
       - name: Publish documentation
         if: fromJson(steps.determine-versioning.outputs.data).version != null
diff --git a/.github/workflows/publish-go-nightly-task.yml b/.github/workflows/publish-go-nightly-task.yml
index 821673c8ce0..fdc72cf9be3 100644
--- a/.github/workflows/publish-go-nightly-task.yml
+++ b/.github/workflows/publish-go-nightly-task.yml
@@ -56,7 +56,7 @@ jobs:
         id: get-version
         env:
           NIGHTLY: true
-        run: echo "::set-output name=version::$(task general:get-version)"
+        run: echo "version=$(task general:get-version)" >> $GITHUB_OUTPUT
 
       - name: Upload artifacts
         uses: actions/upload-artifact@v3
diff --git a/.github/workflows/publish-go-tester-task.yml b/.github/workflows/publish-go-tester-task.yml
index b730416c4c8..b3e5d11b0f5 100644
--- a/.github/workflows/publish-go-tester-task.yml
+++ b/.github/workflows/publish-go-tester-task.yml
@@ -51,7 +51,7 @@ jobs:
             RESULT="false"
           fi
 
-          echo "::set-output name=result::$RESULT"
+          echo "result=$RESULT" >> $GITHUB_OUTPUT
 
   package-name-prefix:
     needs: run-determination
@@ -69,7 +69,7 @@ jobs:
           fi
           PACKAGE_NAME_PREFIX="$PACKAGE_NAME_PREFIX-${{ github.sha }}-"
 
-          echo "::set-output name=prefix::$PACKAGE_NAME_PREFIX"
+          echo "prefix=$PACKAGE_NAME_PREFIX" >> $GITHUB_OUTPUT
 
   build:
     needs: package-name-prefix
diff --git a/.github/workflows/release-go-task.yml b/.github/workflows/release-go-task.yml
index 5d026f422bb..d22dd45cf77 100644
--- a/.github/workflows/release-go-task.yml
+++ b/.github/workflows/release-go-task.yml
@@ -61,7 +61,7 @@ jobs:
 
       - name: Output Version
         id: get-version
-        run: echo "::set-output name=version::$(task general:get-version)"
+        run: echo "version=$(task general:get-version)" >> $GITHUB_OUTPUT
 
       - name: Upload artifacts
         uses: actions/upload-artifact@v3
@@ -254,7 +254,7 @@ jobs:
         run: |
           wget -q -P /tmp https://github.com/fsaintjacques/semver-tool/archive/3.0.0.zip
           unzip -p /tmp/3.0.0.zip semver-tool-3.0.0/src/semver >/tmp/semver && chmod +x /tmp/semver
-          if [[ "$(/tmp/semver get prerel ${{ needs.create-release-artifacts.outputs.version }} )" ]]; then echo "::set-output name=IS_PRE::true"; fi
+          if [[ "$(/tmp/semver get prerel ${{ needs.create-release-artifacts.outputs.version }} )" ]]; then echo "IS_PRE=true" >> $GITHUB_OUTPUT; fi
 
       - name: Create Github Release and upload artifacts
         uses: ncipollo/release-action@v1
diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml
index 4376e4c4930..9b946a74c2a 100644
--- a/.github/workflows/sync-labels.yml
+++ b/.github/workflows/sync-labels.yml
@@ -103,7 +103,7 @@ jobs:
         run: |
           # Use of this flag in the github-label-sync command will cause it to only check the validity of the
           # configuration.
-          echo "::set-output name=flag::--dry-run"
+          echo "flag=--dry-run" >> $GITHUB_OUTPUT
 
       - name: Checkout repository
         uses: actions/checkout@v3
diff --git a/.github/workflows/test-go-integration-task.yml b/.github/workflows/test-go-integration-task.yml
index aea78ced81c..d8450c08599 100644
--- a/.github/workflows/test-go-integration-task.yml
+++ b/.github/workflows/test-go-integration-task.yml
@@ -55,7 +55,7 @@ jobs:
             RESULT="false"
           fi
 
-          echo "::set-output name=result::$RESULT"
+          echo "result=$RESULT" >> $GITHUB_OUTPUT
 
   tests-collector:
     runs-on: ubuntu-latest
@@ -70,7 +70,7 @@ jobs:
       - name: Collect tests
         id: collection
         run: |
-          echo "::set-output name=tests-data::$(python .github/tools/get_integration_tests.py ./test/)"
+          echo "tests-data=$(python .github/tools/get_integration_tests.py ./test/)" >> $GITHUB_OUTPUT
 
   test:
     needs: tests-collector
diff --git a/.github/workflows/test-go-task.yml b/.github/workflows/test-go-task.yml
index 836940ef262..f841f9d376c 100644
--- a/.github/workflows/test-go-task.yml
+++ b/.github/workflows/test-go-task.yml
@@ -56,7 +56,7 @@ jobs:
             RESULT="false"
           fi
 
-          echo "::set-output name=result::$RESULT"
+          echo "result=$RESULT" >> $GITHUB_OUTPUT
 
   test:
     needs: run-determination