From 0b329a96cba0ab539f20d649842ad0fd687e6ff2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 4 Nov 2024 11:02:33 +0000 Subject: [PATCH] Update GitHub Action Versions --- .github/workflows/actions-update.yml | 2 +- .github/workflows/code-scan.yml | 4 ++-- .github/workflows/dbmisvc-app-deploy.yml | 10 +++++----- .github/workflows/requirements-update.yml | 6 +++--- .github/workflows/scan.yml | 10 +++++----- .github/workflows/test-image-build.yml | 8 ++++---- 6 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/actions-update.yml b/.github/workflows/actions-update.yml index 51fd019..9013c4b 100644 --- a/.github/workflows/actions-update.yml +++ b/.github/workflows/actions-update.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.2.2 with: # [Required] Access token with `workflow` scope. token: ${{ secrets.WORKFLOW_TOKEN }} diff --git a/.github/workflows/code-scan.yml b/.github/workflows/code-scan.yml index 219fc88..28e3f9f 100644 --- a/.github/workflows/code-scan.yml +++ b/.github/workflows/code-scan.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checking out - uses: actions/checkout@master + uses: actions/checkout@v4.2.2 with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 @@ -28,7 +28,7 @@ jobs: # Check the Quality Gate status. - name: SonarQube Quality Gate check id: sonarqube-quality-gate-check - uses: sonarsource/sonarqube-quality-gate-action@master + uses: sonarsource/sonarqube-quality-gate-action@v1.1.0 # Force to fail step after specific time. timeout-minutes: 5 env: diff --git a/.github/workflows/dbmisvc-app-deploy.yml b/.github/workflows/dbmisvc-app-deploy.yml index 1eda739..e7642ba 100644 --- a/.github/workflows/dbmisvc-app-deploy.yml +++ b/.github/workflows/dbmisvc-app-deploy.yml @@ -52,15 +52,15 @@ jobs: released: ${{ steps.semantic.outputs.new_release_published }} channel: ${{ steps.semantic.outputs.new_release_channel }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.2.2 - name: Set up Python 3.11 - uses: actions/setup-python@v5 + uses: actions/setup-python@v5.3.0 with: python-version: 3.11 - name: Install Python packages run: | python -m pip install --upgrade pip - - uses: cycjimmy/semantic-release-action@v4 + - uses: cycjimmy/semantic-release-action@v4.1.1 id: semantic env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} @@ -89,7 +89,7 @@ jobs: git checkout ${{ needs.metadata.outputs.branch }} - name: Configure AWS credentials if: steps.semantic.outputs.new_release_published == 'true' || inputs.force - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v4.0.2 with: aws-region: ${{ env.AWS_REGION }} role-to-assume: ${{ inputs.role }} @@ -101,7 +101,7 @@ jobs: run: git rev-parse HEAD > COMMIT - name: Zip artifacts if: steps.semantic.outputs.new_release_published == 'true' || inputs.force - uses: thedoctor0/zip-release@master + uses: thedoctor0/zip-release@0.7.6 with: type: "zip" filename: "${{ inputs.filename }}" diff --git a/.github/workflows/requirements-update.yml b/.github/workflows/requirements-update.yml index e5148e3..101fc62 100644 --- a/.github/workflows/requirements-update.yml +++ b/.github/workflows/requirements-update.yml @@ -25,12 +25,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: ref: development - name: Setup python - uses: actions/setup-python@v5 + uses: actions/setup-python@v5.3.0 with: python-version: '3.11' @@ -47,7 +47,7 @@ jobs: --output-file requirements.txt requirements.in - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@v7.0.5 with: token: ${{ secrets.GH_TOKEN }} base: development diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index 4a6b0c8..650369f 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -22,13 +22,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v3.7.1 - name: Login to DockerHub - uses: docker/login-action@v3 + uses: docker/login-action@v3.3.0 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_PASSWORD }} @@ -44,7 +44,7 @@ jobs: - name: Build the image id: buildimage - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6.9.0 with: load: true context: ./ @@ -53,7 +53,7 @@ jobs: tags: ${{ steps.setimagename.outputs.imagename }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@0.28.0 env: TRIVY_DB_REPOSITORY: "aquasec/trivy-db:2,public.ecr.aws/aquasecurity/trivy-db:2,ghcr.io/aquasecurity/trivy-db:2" TRIVY_JAVA_DB_REPOSITORY: "aquasec/trivy-java-db:1,public.ecr.aws/aquasecurity/trivy-java-db:1,ghcr.io/aquasecurity/trivy-java-db:1" diff --git a/.github/workflows/test-image-build.yml b/.github/workflows/test-image-build.yml index b9700fe..c9a4124 100644 --- a/.github/workflows/test-image-build.yml +++ b/.github/workflows/test-image-build.yml @@ -22,13 +22,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v3.7.1 - name: Login to DockerHub - uses: docker/login-action@v3 + uses: docker/login-action@v3.3.0 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_PASSWORD }} @@ -44,7 +44,7 @@ jobs: - name: Build the image id: buildimage - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6.9.0 with: context: ./ file: ./Dockerfile