From 3c5bf5fc03df248d68eae61fd21dd5379fdb9ba8 Mon Sep 17 00:00:00 2001 From: Bence Csati <bence.csati@axoflow.com> Date: Thu, 28 Nov 2024 10:49:00 +0100 Subject: [PATCH] chore(deps): bump some deps switch env signatures Signed-off-by: Bence Csati <bence.csati@axoflow.com> --- .github/workflows/artifacts.yaml | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml index 29ee8a441..afe81e850 100644 --- a/.github/workflows/artifacts.yaml +++ b/.github/workflows/artifacts.yaml @@ -210,7 +210,7 @@ jobs: tar -xf image.tar -C image - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 env: TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2 TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:1 @@ -227,7 +227,7 @@ jobs: retention-days: 5 - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: sarif_file: trivy-results.sarif @@ -251,9 +251,9 @@ jobs: uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Set up Helm - uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 with: - version: v3.12.0 + version: v3.13.3 - name: Set up Cosign uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 @@ -361,7 +361,7 @@ jobs: fi - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 env: TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2 TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:1 @@ -379,7 +379,7 @@ jobs: retention-days: 5 - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: sarif_file: trivy-results.sarif @@ -408,16 +408,16 @@ jobs: uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Set up Helm - uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 with: - version: v3.12.0 + version: v3.13.3 - name: Set up Cosign uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Set chart name id: chart-name - run: echo "value=${{ github.event.repository.name }}/$subchartName" >> "$GITHUB_OUTPUT" + run: echo "value=${{ github.event.repository.name }}/${{ env.subchartName }}" >> "$GITHUB_OUTPUT" - name: Set OCI registry name id: oci-registry-name @@ -428,7 +428,7 @@ jobs: run: echo "value=${{ steps.oci-registry-name.outputs.value }}/${{ steps.chart-name.outputs.value }}" >> "$GITHUB_OUTPUT" - name: Helm lint - run: helm lint charts/$subchartPath + run: helm lint charts/${{ env.subchartPath }} - name: Determine raw version uses: haya14busa/action-cond@94f77f7a80cd666cb3155084e428254fea4281fd # v1.2.1 @@ -441,8 +441,8 @@ jobs: - name: Helm package id: build run: | - helm package charts/$subchartPath --version ${{ steps.version.outputs.value }} --app-version ${{ steps.version.outputs.value }} - echo "package=${{ github.workspace }}/$subchartName-${{ steps.version.outputs.value }}.tgz" >> "$GITHUB_OUTPUT" + helm package charts/${{ env.subchartPath }} --version ${{ steps.version.outputs.value }} --app-version ${{ steps.version.outputs.value }} + echo "package=${{ github.workspace }}/${{ env.subchartName }}-${{ steps.version.outputs.value }}.tgz" >> "$GITHUB_OUTPUT" - name: Upload chart as artifact uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 @@ -484,13 +484,13 @@ jobs: --certificate-oidc-issuer "https://token.actions.githubusercontent.com" | jq - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 env: TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2 TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:1 with: scan-type: config - scan-ref: charts/$subchartPath + scan-ref: charts/${{ env.subchartPath }} format: sarif output: trivy-results.sarif @@ -502,6 +502,6 @@ jobs: retention-days: 5 - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: sarif_file: trivy-results.sarif