[StepSecurity] Apply security best practices

[stepsecurity-app]

Summary

This pull request has been generated by StepSecurity as part of your enterprise subscription to ensure compliance with recommended security best practices. Please review and merge the pull request to apply these security enhancements.

Security Fixes

Harden Runner

Harden-Runner is an open-source security agent for the GitHub-hosted runner to prevent software supply chain attacks. It prevents exfiltration of credentials, detects tampering of source code during build, and enables running jobs without sudo access.

• GitHub Security Guide
• The Open Source Security Foundation (OpenSSF) Security Guide

Pinned Dependencies

Pinning GitHub Actions to specific versions or commit SHAs ensures that your workflows remain consistent and secure.
Unpinned actions can lead to unexpected changes or vulnerabilities caused by upstream updates.

• GitHub Security Guide
• The Open Source Security Foundation (OpenSSF) Security Guide

StepSecurity Maintained Actions

Risky GitHub Actions can expose your project to potential security risks. Risky actions have been replaced with StepSecurity maintained actions, that are secure drop-in replacements.

• StepSecurity Maintained Actions

Feedback

For bug reports, feature requests, and general feedback; please create an issue in step-security/secure-repo or contact us via our website.

[github-actions]

Package	Line Rate
github.com/netapp/trident/acp	56%
github.com/netapp/trident/acp/rest	85%
github.com/netapp/trident/chwrap	0%
github.com/netapp/trident/cli/api	100%
github.com/netapp/trident/cli/cmd	70%
github.com/netapp/trident/cli/k8s_client	79%
github.com/netapp/trident/cli	0%
github.com/netapp/trident/cmd/node_prep	0%
github.com/netapp/trident/cmd/syswrap	0%
github.com/netapp/trident/config	100%
github.com/netapp/trident/core/cache	100%
github.com/netapp/trident/core	75%
github.com/netapp/trident/core/concurrent_cache	93%
github.com/netapp/trident/frontend/autogrow	80%
github.com/netapp/trident/frontend/autogrow/cache	100%
github.com/netapp/trident/frontend/autogrow/controller	100%
github.com/netapp/trident/frontend/autogrow/poller	94%
github.com/netapp/trident/frontend/autogrow/requester	92%
github.com/netapp/trident/frontend/autogrow/scheduler/assorter	92%
github.com/netapp/trident/frontend/autogrow/scheduler/assorter/periodic	99%
github.com/netapp/trident/frontend/autogrow/scheduler	94%
github.com/netapp/trident/frontend/common	95%
github.com/netapp/trident/frontend/crd/controller	71%
github.com/netapp/trident/frontend/crd/controller/indexers	100%
github.com/netapp/trident/frontend/crd/controller/indexers/vaindexer	100%
github.com/netapp/trident/frontend/crd/node	88%
github.com/netapp/trident/frontend/csi/controller_api	92%
github.com/netapp/trident/frontend/csi/controller_helpers/kubernetes	73%
github.com/netapp/trident/frontend/csi/controller_helpers/plain	91%
github.com/netapp/trident/frontend/csi	81%
github.com/netapp/trident/frontend/csi/node_helpers/kubernetes	86%
github.com/netapp/trident/frontend/csi/node_helpers/plain	89%
github.com/netapp/trident/frontend/csi/node_helpers	87%
github.com/netapp/trident/frontend/docker	78%
github.com/netapp/trident/frontend/metrics	71%
github.com/netapp/trident/frontend/rest	88%
github.com/netapp/trident/internal/autogrow	100%
github.com/netapp/trident/internal/chwrap	0%
github.com/netapp/trident/internal/crypto	31%
github.com/netapp/trident/internal/fiji	83%
github.com/netapp/trident/internal/fiji/models	74%
github.com/netapp/trident/internal/fiji/models/handlers	76%
github.com/netapp/trident/internal/fiji/rest	72%
github.com/netapp/trident/internal/fiji/store	96%
github.com/netapp/trident/internal/nodeprep/execution	100%
github.com/netapp/trident/internal/nodeprep/instruction	100%
github.com/netapp/trident/internal/nodeprep/mpathconfig	90%
github.com/netapp/trident/internal/nodeprep/nodeinfo	92%
github.com/netapp/trident/internal/nodeprep	100%
github.com/netapp/trident/internal/nodeprep/packagemanager/apt	91%
github.com/netapp/trident/internal/nodeprep/packagemanager/yum	100%
github.com/netapp/trident/internal/nodeprep/protocol	100%
github.com/netapp/trident/internal/nodeprep/step	100%
github.com/netapp/trident/internal/nodeprep/systemmanager/debian	100%
github.com/netapp/trident/internal/nodeprep/systemmanager/rhel	100%
github.com/netapp/trident/internal/nodeprep/systemmanager/systemctl	100%
github.com/netapp/trident/internal/syswrap	0%
github.com/netapp/trident/internal/syswrap/unix	0%
github.com/netapp/trident/logging	87%
github.com/netapp/trident	53%
github.com/netapp/trident/operator/clients	64%
github.com/netapp/trident/operator/config	100%
github.com/netapp/trident/operator/controllers/configurator/clients	69%
github.com/netapp/trident/operator/controllers/configurator	64%
github.com/netapp/trident/operator/controllers/configurator/storage_drivers	74%
github.com/netapp/trident/operator/controllers/orchestrator	31%
github.com/netapp/trident/operator/controllers/orchestrator/installer	78%
github.com/netapp/trident/operator/controllers/resourcemonitor	13%
github.com/netapp/trident/operator/crd/apis/netapp/v1	9%
github.com/netapp/trident/operator/frontend/rest	98%
github.com/netapp/trident/operator	4%
github.com/netapp/trident/persistent_store/crd/apis/netapp/v1	41%
github.com/netapp/trident/persistent_store	63%
github.com/netapp/trident/pkg/cache/generic_cache	97%
github.com/netapp/trident/pkg/capacity	96%
github.com/netapp/trident/pkg/collection	84%
github.com/netapp/trident/pkg/convert	65%
github.com/netapp/trident/pkg/eventbus	0%
github.com/netapp/trident/pkg/eventbus/mutexbus/simple	80%
github.com/netapp/trident/pkg/eventbus/types	0%
github.com/netapp/trident/pkg/generic_syncpool	100%
github.com/netapp/trident/pkg/locks	71%
github.com/netapp/trident/pkg/maths	74%
github.com/netapp/trident/pkg/network	100%
github.com/netapp/trident/pkg/workerpool/ants	91%
github.com/netapp/trident/pkg/workerpool	82%
github.com/netapp/trident/pkg/yaml	43%
github.com/netapp/trident/storage	62%
github.com/netapp/trident/storage/factory	91%
github.com/netapp/trident/storage_attribute	98%
github.com/netapp/trident/storage_class	92%
github.com/netapp/trident/storage_drivers/azure/api	37%
github.com/netapp/trident/storage_drivers/azure	98%
github.com/netapp/trident/storage_drivers	81%
github.com/netapp/trident/storage_drivers/gcp/api	41%
github.com/netapp/trident/storage_drivers/gcp	94%
github.com/netapp/trident/storage_drivers/ontap/api	72%
github.com/netapp/trident/storage_drivers/ontap	92%
github.com/netapp/trident/storage_drivers/ontap/awsapi	70%
github.com/netapp/trident/storage_drivers/solidfire/api	78%
github.com/netapp/trident/storage_drivers/solidfire	33%
github.com/netapp/trident/testing	0%
github.com/netapp/trident/utils/autogrow	100%
github.com/netapp/trident/utils/blockdevice	43%
github.com/netapp/trident/utils/devices	90%
github.com/netapp/trident/utils/devices/luks	82%
github.com/netapp/trident/utils/durations	100%
github.com/netapp/trident/utils/errors	99%
github.com/netapp/trident/utils/exec	87%
github.com/netapp/trident/utils/fcp	73%
github.com/netapp/trident/utils/filesystem	84%
github.com/netapp/trident/utils/iscsi	73%
github.com/netapp/trident/utils/limiter	95%
github.com/netapp/trident/utils/lsblk	89%
github.com/netapp/trident/utils/models	91%
github.com/netapp/trident/utils/mount/filepathwrapper	0%
github.com/netapp/trident/utils/mount	95%
github.com/netapp/trident/utils/mount/oswrapper	0%
github.com/netapp/trident/utils/nfs	100%
github.com/netapp/trident/utils/nvme	85%
github.com/netapp/trident/utils/osutils	83%
github.com/netapp/trident/utils/version	59%
Summary	76% (91533 / 120126)

Minimum allowed line rate is 75%