Merge pull request #122 from ropable/master

Bugfix Kustomize, bump minor dependencies
dbca-wa · Nov 13, 2024 · 7dfaba9 · 7dfaba9
2 parents df79b31 + d1c7d5b
commit 7dfaba9
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 28 deletions.
diff --git a/.github/workflows/image-build-scan.yml b/.github/workflows/image-build-scan.yml
@@ -5,7 +5,7 @@ on:
     # Publish `master` as `latest` image.
     branches: [master]
     # Publish 1.* and 2.* tags as releases.
-    tags: ['1.*','2.*']
+    tags: ["1.*", "2.*"]
   pull_request:
     branches: [master]
 
@@ -77,16 +77,19 @@ jobs:
       # Run vulnerability scan on built image
       #----------------------------------------------
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/[email protected]
+        env:
+          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db
+          TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db
         with:
-          scan-type: 'image'
-          scanners: 'vuln'
+          scan-type: "image"
+          scanners: "vuln"
           image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          vuln-type: 'os,library'
-          severity: 'HIGH,CRITICAL'
-          format: 'sarif'
-          output: 'trivy-results.sarif'
+          vuln-type: "os,library"
+          severity: "HIGH,CRITICAL"
+          format: "sarif"
+          output: "trivy-results.sarif"
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: 'trivy-results.sarif'
+          sarif_file: "trivy-results.sarif"
diff --git a/kustomize/overlays/prod/deployment_patch.yaml b/kustomize/overlays/prod/deployment_patch.yaml
@@ -48,5 +48,5 @@ spec:
             - name: EXAMPLE_VIDEO_URL
               valueFrom:
                 secretKeyRef:
-                  name: penguins-env-uat
+                  name: penguins-env-prod
                   key: EXAMPLE_VIDEO_URL
diff --git a/kustomize/overlays/prod/kustomization.yaml b/kustomize/overlays/prod/kustomization.yaml
@@ -23,4 +23,4 @@ patches:
   - path: cronjob_import_patch.yaml
 images:
   - name: ghcr.io/dbca-wa/penguins
-    newTag: 2.0.0
+    newTag: 2.0.1
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "penguins"
-version = "2.0.0"
+version = "2.0.1"
 description = "DBCA Little Penguins Observations application"
 authors = ["Ashley Felton <[email protected]>"]
 license = "Apache-2.0"
@@ -9,20 +9,20 @@ readme = "README.md"
 [tool.poetry.dependencies]
 python = "~3.12"
 django = "4.2.16"
-psycopg = {version = "3.2.3", extras = ["binary", "pool"]}
+psycopg = { version = "3.2.3", extras = ["binary", "pool"] }
 dbca-utils = "2.0.2"
 python-dotenv = "1.0.1"
-dj-database-url = "2.2.0"
+dj-database-url = "2.3.0"
 django-extensions = "3.2.3"
 gunicorn = "23.0.0"
-whitenoise = { version = "6.7.0", extras = ["brotli"] }
+whitenoise = { version = "6.8.2", extras = ["brotli"] }
 django-storages = { version = "1.14.4", extras = ["azure"] }
 webtemplate-dbca = "1.7.1"
 django-map-widgets = "0.5.1"
 xlsxwriter = "3.2.0"
 
 [tool.poetry.group.dev.dependencies]
-ipython = "^8.28.0"
+ipython = "^8.29.0"
 ipdb = "^0.13.11"
 pre-commit = "^4.0.1"