diff --git a/.github/workflows/bumpVersions.yml b/.github/workflows/bumpVersions.yml index 94258bb7d..07dc7ee11 100644 --- a/.github/workflows/bumpVersions.yml +++ b/.github/workflows/bumpVersions.yml @@ -32,7 +32,7 @@ jobs: name: Helm charts dependencies if: inputs.update-type == 'charts' steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: token: ${{ secrets.BOT_GITHUB_TOKEN }} @@ -52,9 +52,9 @@ jobs: env: GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v7.0.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v8.1.0 - name: Regenerate helm docs if necessary - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v7.0.0 + uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v8.1.0 with: pre-commit-args: helm-docs || true skip_checkout: "true" @@ -76,7 +76,7 @@ jobs: if: inputs.update-type == 'values' steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: token: ${{ secrets.BOT_GITHUB_TOKEN }} @@ -86,7 +86,7 @@ jobs: version: ${{ env.UPDATE_CLI_VERSION }} - name: Checkout updatecli configs - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: alfresco/alfresco-updatecli ref: ${{ inputs.alfresco-updatecli-ref || env.DEFAULT_BRANCH_NAME }} @@ -107,9 +107,9 @@ jobs: QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }} UPDATECLI_GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }} - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v7.0.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v8.1.0 - name: Regenerate helm docs if necessary - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v7.0.0 + uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v8.1.0 with: pre-commit-args: helm-docs || true skip_checkout: "true" diff --git a/.github/workflows/docker-compose-community.yml b/.github/workflows/docker-compose-community.yml index ce1fa0953..8b0518e1a 100644 --- a/.github/workflows/docker-compose-community.yml +++ b/.github/workflows/docker-compose-community.yml @@ -21,7 +21,7 @@ jobs: name: Docker Compose community runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: >- Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-compose@v8.1.0 with: diff --git a/.github/workflows/docker-compose-enterprise.yml b/.github/workflows/docker-compose-enterprise.yml index b504cb299..81dc0ec21 100644 --- a/.github/workflows/docker-compose-enterprise.yml +++ b/.github/workflows/docker-compose-enterprise.yml @@ -27,7 +27,7 @@ jobs: outputs: matrix_json: ${{ steps.eval.outputs.matrix_json }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Evaluate Matrix id: eval run: >- @@ -53,7 +53,7 @@ jobs: && github.event.pull_request.head.user.login == 'Alfresco' ) steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Verify docker-compose uses: >- Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-compose@v8.1.0 diff --git a/.github/workflows/helm-community.yml b/.github/workflows/helm-community.yml index 27c3097b2..b0765d1fc 100644 --- a/.github/workflows/helm-community.yml +++ b/.github/workflows/helm-community.yml @@ -24,7 +24,7 @@ jobs: outputs: ver_json: ${{ steps.app_versions.outputs.json }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Get charts @@ -54,7 +54,7 @@ jobs: matrix: include: ${{ fromJSON(needs.build_vars.outputs.ver_json) }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 with: @@ -68,7 +68,7 @@ jobs: password: ${{ secrets.DOCKER_PASSWORD }} - name: Setup cluster - uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v7.0.0 + uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v8.1.0 with: ingress-nginx-ref: controller-v1.8.2 diff --git a/.github/workflows/helm-enterprise.yml b/.github/workflows/helm-enterprise.yml index 3f05a942f..402f93c32 100644 --- a/.github/workflows/helm-enterprise.yml +++ b/.github/workflows/helm-enterprise.yml @@ -31,7 +31,7 @@ jobs: outputs: ver_json: ${{ steps.app_versions.outputs.json }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Get charts @@ -65,7 +65,7 @@ jobs: matrix: include: ${{ fromJSON(needs.build_vars.outputs.ver_json) }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 with: @@ -85,7 +85,7 @@ jobs: password: ${{ secrets.QUAY_PASSWORD }} - name: Setup cluster - uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v7.0.0 + uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v8.1.0 with: ingress-nginx-ref: controller-v1.8.2 metrics: "true" diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index 9f4f8ab85..a16b8f6e9 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -10,7 +10,7 @@ jobs: publish: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -20,7 +20,7 @@ jobs: - name: Publish chart uses: >- - Alfresco/alfresco-build-tools/.github/actions/dbp-charts/publish-chart@v7.0.0 + Alfresco/alfresco-build-tools/.github/actions/dbp-charts/publish-chart@v8.1.0 with: chart_name: alfresco-content-services github_token: ${{ secrets.BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/helm-static-checks.yml b/.github/workflows/helm-static-checks.yml index b611b041b..ddae87927 100644 --- a/.github/workflows/helm-static-checks.yml +++ b/.github/workflows/helm-static-checks.yml @@ -21,7 +21,7 @@ jobs: app_charts: ${{ steps.getcharts.outputs.app }} lib_charts: ${{ steps.getcharts.outputs.lib }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 2 - id: getcharts @@ -38,13 +38,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v7.0.0 + Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v8.1.0 with: chart-dir: helm/${{ matrix.charts.name }} - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-plugin@v7.0.0 + Alfresco/alfresco-build-tools/.github/actions/helm-plugin@v8.1.0 with: plugin_url: https://github.com/helm-unittest/helm-unittest - name: Run Helm unit tests if present @@ -61,13 +61,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v7.0.0 + Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v8.1.0 with: chart-dir: helm/${{ matrix.charts.name }} - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-template-yamllint@v7.0.0 + Alfresco/alfresco-build-tools/.github/actions/helm-template-yamllint@v8.1.0 with: chart-dir: helm/${{ matrix.charts.name }} helm-options: >- diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 91484ac09..2831a6035 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -21,9 +21,9 @@ jobs: kics: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: run kics Scan - uses: checkmarx/kics-github-action@530ac1f8efe6202b0f12c9a6e952597ae707b755 # v2.1.2 + uses: checkmarx/kics-github-action@94469746ec2c43de89a42fb9d2a80070f5d25b16 # v2.1.3 with: path: 'docker-compose,helm' ignore_on_exit: results @@ -35,6 +35,6 @@ jobs: disable_secrets: true config_path: .github/kics.yml - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10 + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 with: sarif_file: report-dir/results.sarif diff --git a/.github/workflows/pre-commit-compose.yml b/.github/workflows/pre-commit-compose.yml index 8dc7a6a95..a9ba24cd6 100644 --- a/.github/workflows/pre-commit-compose.yml +++ b/.github/workflows/pre-commit-compose.yml @@ -24,4 +24,4 @@ jobs: name: Run pre-commit runs-on: ubuntu-latest steps: - - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v7.0.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v8.1.0 diff --git a/.github/workflows/pre-commit-helm.yml b/.github/workflows/pre-commit-helm.yml index bdb7c6b61..72df6540d 100644 --- a/.github/workflows/pre-commit-helm.yml +++ b/.github/workflows/pre-commit-helm.yml @@ -27,8 +27,8 @@ jobs: name: Run pre-commit runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # 4.2.0 - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v7.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v8.1.0 - name: Add dependency chart repos run: | for repo in $(yq eval-all \