chore(deps): update github-actions dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/upload-artifact	action	digest	b4b15b8 -> 6f51ac0
docker/setup-buildx-action	action	digest	c47758b -> 6524bf6
reviewdog/action-yamllint	action	minor	v1.19.0 -> v1.20.0

---

Release Notes

reviewdog/action-yamllint (reviewdog/action-yamllint)

v1.20.0

Compare Source

What's Changed

• Add fail_level and deduplicate fail_on_error by @​massongit in https://github.com/reviewdog/action-yamllint/pull/45

New Contributors

• @​massongit made their first contribution in https://github.com/reviewdog/action-yamllint/pull/45

Full Changelog: reviewdog/action-yamllint@v1.19.0...v1.20.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[village-labs-bot]

upbound/configuration-gcp-gke #52

Change Summary:

• Updating the yamllint GitHub Action from version 1.19.0 to 1.20.0 by updating the commit hash reference
• Version bump appears to be a routine maintenance update to keep the CI/CD tooling current

Potential Vulnerability:

• File: .github/workflows/yamllint.yaml:8
• Code: uses: reviewdog/action-yamllint@1dca3ad811867be18fbe293a9818d715a6c2cd46 # v1.20.0
• Explanation: While using specific commit hashes for GitHub Actions is a security best practice, it's important to verify that this commit hash matches the official v1.20.0 release tag of the reviewdog/action-yamllint repository to ensure no malicious code is being referenced.

Code Smell:
No code smells identified. The change is straightforward and follows GitHub Actions best practices.

Debug Log:
No debug logs present in the changes.

Unintended Consequences:

• File: .github/workflows/yamllint.yaml:8
• Code: uses: reviewdog/action-yamllint@1dca3ad811867be18fbe293a9818d715a6c2cd46 # v1.20.0
• Explanation: Version updates, even minor ones, can introduce breaking changes or new behavior in the linting rules. The yamllint action might flag new warnings or errors in existing YAML files that previously passed. Team should review the changelog between v1.19.0 and v1.20.0 to understand any potential impact.

Risk Score: 2
The risk is relatively low as this is a minor version bump of a well-maintained linting tool. The use of pinned commit hashes reduces the risk of supply chain attacks. Main consideration is potential new lint rules affecting existing code.