Bump actions/checkout from 6 to 7

Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](https://github.com/actions/checkout/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/build-and-publish-develop.yml

@@ -26,7 +26,7 @@ jobs:
       id-token: write
     steps:
       - name: Checkout Repo
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v7
         with:
           ref: ${{ github.event.workflow_run.head_sha }}
       - name: Set SHA

.github/workflows/build-and-publish-release.yml

@@ -66,7 +66,7 @@ jobs:
           echo "BRANCH_NAME=v${RELEASE_VERSION%.*}" >> $GITHUB_OUTPUT
 
       - name: Checkout Repo
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v7
         with:
           ref: '${{ steps.branch.outputs.BRANCH_NAME }}'
 

.github/workflows/build-test-image.yml

@@ -48,7 +48,7 @@ jobs:
       packages: write
     steps:
       - name: Checkout Repo
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v7
         with:
           ref: ${{ github.event.merge_group.head_sha || github.event.pull_request.head.sha }}
       - name: Set SHA

.github/workflows/build-test.yaml

@@ -18,7 +18,7 @@ jobs:
   validate-protobuf:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6.0.2
+      - uses: actions/checkout@v7
         with:
           path: ./
       -
@@ -48,7 +48,7 @@ jobs:
   backend:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6.0.2
+      - uses: actions/checkout@v7
         with:
           path: ./
 

.github/workflows/format-check.yaml

@@ -14,7 +14,7 @@ jobs:
   format-check:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6.0.2
+      - uses: actions/checkout@v7
 
       - name: Install Go
         uses: actions/setup-go@v6

.github/workflows/golangci-lint.yaml

@@ -9,7 +9,7 @@ jobs:
     name: lint
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6.0.2
+      - uses: actions/checkout@v7
       - uses: actions/setup-go@v6
         with:
           go-version: stable

.github/workflows/integration-testing.yaml

@@ -67,7 +67,7 @@ jobs:
             MAINBRANCH: ${{ steps.set_image_tags.outputs.mainbranch }}
             passed: ${{ steps.wait_for_image_ready.outputs.passed }}
         steps:
-          - uses: actions/checkout@v6.0.2
+          - uses: actions/checkout@v7
             with:
               ref: ${{ github.event.merge_group.head.sha || github.event.pull_request.head.sha || github.ref }}
           - name: Set OC SHA

.github/workflows/promote-to-demo.yaml

@@ -19,7 +19,7 @@ jobs:
       image_tag: ${{ steps.tags.outputs.IMAGE_TAG }}
     steps:
       - name: Checkout Repo
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v7
       - name: Set SHA
         id: sha
         run: |

.github/workflows/sbom.yml

@@ -34,7 +34,7 @@ jobs:
     steps:
       - name: Checkout Repo (for version detection)
         if: github.event_name == 'workflow_run'
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v7
         with:
           fetch-depth: 0
 
@@ -80,7 +80,7 @@ jobs:
 
       - name: Checkout Repo
         if: github.event_name != 'workflow_run'
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v7
         with:
           ref: ${{ github.event_name != 'pull_request' && steps.branch.outputs.BRANCH_NAME || '' }}
 

.github/workflows/scorecard.yml

@@ -34,7 +34,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
         with:
           persist-credentials: false
 

.github/workflows/sonar.yaml

@@ -27,7 +27,7 @@ jobs:
           sha: ${{ github.event.workflow_run.head_sha }}
           target_url: 'https://sonarcloud.io/dashboard?id=opencost_opencost'
       - name: Checkout upstream repository
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v7
         with:
           repository: opencost/opencost
           ref: develop

.github/workflows/update-go-version.yaml

@@ -18,7 +18,7 @@ jobs:
       pull-requests: write
       contents: write
     steps:
-    - uses: actions/checkout@v6
+    - uses: actions/checkout@v7
       with:
         repository: 'opencost/opencost'
         ref: 'develop'

.github/workflows/vulnerability-scan.yaml

@@ -22,7 +22,7 @@ jobs:
       security-events: write
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v7
 
       - name: Install Trivy
         run: |