From 4b65deabc6d0e6bcbcfce016cb495d8794e32f59 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Jun 2024 07:41:24 +0000 Subject: [PATCH] Bump the all-actions group across 1 directory with 10 updates Bumps the all-actions group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `3` | `4` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `2` | `3` | | [actions/cache](https://github.com/actions/cache) | `3` | `4` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `3` | `6` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `3` | `4` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `3` | `4` | | [actions/github-script](https://github.com/actions/github-script) | `3` | `7` | | [docker/login-action](https://github.com/docker/login-action) | `1` | `3` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `4` | `5` | | [github/codeql-action](https://github.com/github/codeql-action) | `2` | `3` | Updates `actions/checkout` from 3 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) Updates `docker/setup-buildx-action` from 2 to 3 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3) Updates `actions/cache` from 3 to 4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3...v4) Updates `docker/build-push-action` from 3 to 6 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3...v6) Updates `actions/upload-artifact` from 3 to 4 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) Updates `actions/download-artifact` from 3 to 4 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v3...v4) Updates `actions/github-script` from 3 to 7 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v3...v7) Updates `docker/login-action` from 1 to 3 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v1...v3) Updates `docker/metadata-action` from 4 to 5 - [Release notes](https://github.com/docker/metadata-action/releases) - [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md) - [Commits](https://github.com/docker/metadata-action/compare/v4...v5) Updates `github/codeql-action` from 2 to 3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/build-all.yml | 60 ++++++++++++++++----------------- .github/workflows/trivy-all.yml | 6 ++-- 2 files changed, 33 insertions(+), 33 deletions(-) diff --git a/.github/workflows/build-all.yml b/.github/workflows/build-all.yml index 29c5d9c..bbaefab 100644 --- a/.github/workflows/build-all.yml +++ b/.github/workflows/build-all.yml @@ -20,7 +20,7 @@ jobs: os_matrix: "{\"os_version\":[\"debian10\",\"debian11\",\"ubuntu16\",\"ubuntu18\",\"ubuntu20\"]}" steps: - name: Check out the repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Lowercase repo owner id: repo_owner run: echo "lowercase=$(echo ${{ github.repository_owner }} | tr \"[:upper:]\" \"[:lower:]\")" >>$GITHUB_OUTPUT @@ -34,11 +34,11 @@ jobs: matrix: ${{ fromJson(needs.workflow_setup.outputs.os_matrix) }} steps: - name: Check out the repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Cache Docker layers - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ matrix.os_version }}-${{ github.sha }} @@ -46,7 +46,7 @@ jobs: ${{ runner.os }}-buildx-${{ matrix.os_version }} ${{ runner.os }}-buildx - name: Build node image based on ${{ matrix.os_version }} - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v6 with: file: build/Dockerfile.${{ matrix.os_version }} context: ./build @@ -56,7 +56,7 @@ jobs: cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new - name: Upload docker image artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: indy_node_${{ matrix.os_version }} path: /tmp/indy_node_${{ matrix.os_version }}.tar @@ -76,11 +76,11 @@ jobs: needs: workflow_setup steps: - name: Check out the repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Cache Docker layers - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-controler @@ -88,7 +88,7 @@ jobs: ${{ runner.os }}-buildx-controller ${{ runner.os }}-buildx - name: Build node controller image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v6 with: context: ./controller push: false @@ -97,7 +97,7 @@ jobs: cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new - name: Upload docker image artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: indy_node_controller path: /tmp/indy_node_controller.tar @@ -115,18 +115,18 @@ jobs: fail-fast: false steps: - name: Check out the repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 with: driver-opts: network=host - name: Download node artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: indy_node_${{ matrix.os_version }} path: /tmp - name: Download controller artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: indy_node_controller path: /tmp @@ -148,7 +148,7 @@ jobs: ./parse_validator_info.sh echo "::endgroup::" - name: Safe ledger_state.json for later inspection - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ${{ matrix.os_version }}-tmp-test-${{ github.sha }}-ledger_state.json path: ledger_state.json @@ -167,7 +167,7 @@ jobs: steps.ledger.outputs.n2_unreachable != 0 || steps.ledger.outputs.n3_unreachable != 0 || steps.ledger.outputs.n4_unreachable != 0 - uses: actions/github-script@v3 + uses: actions/github-script@v7 with: script: core.setFailed('${{ matrix.os_version }} - Not all nodes are in sync!') - name: Send node restart command @@ -183,7 +183,7 @@ jobs: echo "::set-output name=count::$(echo "$OUTPUT" | awk -F= '$1>${{ steps.node-restart.outputs.restart-time }}' | wc -l)" - name: Fail if not all nodes restarted if: steps.nodes_restarted.outputs.count != 4 - uses: actions/github-script@v3 + uses: actions/github-script@v7 with: script: core.setFailed('${{ matrix.os_version }} - Not all nodes have been restarted') @@ -203,7 +203,7 @@ jobs: matrix: ${{ fromJson(needs.workflow_setup.outputs.os_matrix) }} steps: - name: Check out the repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: indy-node-version id: indy-node-version shell: bash @@ -215,9 +215,9 @@ jobs: echo "::endgroup::" echo "nodeVersion=${nodeVersion}">> $GITHUB_OUTPUT - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Cache Docker layers - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ matrix.os_version }}-${{ github.sha }} @@ -225,14 +225,14 @@ jobs: ${{ runner.os }}-buildx-${{ matrix.os_version }} ${{ runner.os }}-buildx - name: Log in to GitHub Container Registry - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Meta for indy_node id: meta_indy_node - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ghcr.io/${{ needs.workflow_setup.outputs.repo_owner }}/indy-node-container/indy_node flavor: | @@ -248,7 +248,7 @@ jobs: org.opencontainers.image.description=Indy Node Container based on ${{ matrix.os_version }} org.opencontainers.image.vendor=Hyperledger - name: Push indy node based on ${{ matrix.os_version }} - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v6 with: file: build/Dockerfile.${{ matrix.os_version }} context: ./build @@ -268,11 +268,11 @@ jobs: if: ${{ github.event_name != 'pull_request' }} steps: - name: Check out the repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Cache Docker layers - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-controler @@ -280,14 +280,14 @@ jobs: ${{ runner.os }}-buildx-controller ${{ runner.os }}-buildx - name: Log in to GitHub Container Registry - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Meta for indy_node_controller id: meta_indy_node_controller - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ghcr.io/${{ needs.workflow_setup.outputs.repo_owner }}/indy-node-container/indy_node_controller flavor: | @@ -303,7 +303,7 @@ jobs: org.opencontainers.image.description=Indy Node Container Controller org.opencontainers.image.vendor=Hyperledger - name: Push indy node controller - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v6 with: context: ./controller push: ${{ github.event_name != 'pull_request' }} diff --git a/.github/workflows/trivy-all.yml b/.github/workflows/trivy-all.yml index efb4e55..415d8e5 100644 --- a/.github/workflows/trivy-all.yml +++ b/.github/workflows/trivy-all.yml @@ -28,7 +28,7 @@ jobs: os_version: [ debian10, debian11, ubuntu16, ubuntu18, ubuntu20 ] steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: indy-node-version id: indy-node-version shell: bash @@ -54,14 +54,14 @@ jobs: sed -i 's/"name": "Trivy",/"name": "Trivy${{ matrix.os_version }}Latest",/g' trivy-indy-node-${{ steps.indy-node-version.outputs.nodeVersion }}-${{ matrix.os_version }}.sarif - name: 'Safe trivy-indy-node-${{ matrix.os_version }}.sarif' - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: trivy-indy-node-${{ steps.indy-node-version.outputs.nodeVersion }}-${{ matrix.os_version }}.sarif path: trivy-indy-node-${{ steps.indy-node-version.outputs.nodeVersion }}-${{ matrix.os_version }}.sarif retention-days: 8 - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: 'trivy-indy-node-${{ steps.indy-node-version.outputs.nodeVersion }}-${{ matrix.os_version }}.sarif'