fix!: Upgrade to Node 16

npalm · Dec 12, 2022 · 2d4efb8 · 2d4efb8
1 parent 2c8473d
commit 2d4efb8
Show file tree

Hide file tree

Showing 6 changed files with 58 additions and 35 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -7,3 +7,9 @@ updates:
     # Check the npm registry for updates every day (weekdays)
     schedule:
       interval: 'daily'
+
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -11,25 +11,25 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node-version: ["14", "16"]
+        node-version: ["16", "18"]
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
         with:
           fetch-depth: 0
 
-      - uses: actions/setup-node@v2
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # v3.5.1
         with:
           node-version: ${{ matrix.node-version }}
       - name: Install dependencies
         run: yarn install --ignore-engines
 
       - name: Check format and lint
-        if: matrix.node-version == 14 
+        if: matrix.node-version == 16
         run: yarn run format-check && yarn run lint
 
       - name: Run tests
         run: yarn test
 
       - name: Build and package
-        if: matrix.node-version == 14 
+        if: matrix.node-version == 16
         run: yarn run build
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -17,10 +17,10 @@ jobs:
         uses: actions/checkout@v2
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v1
+        uses: github/codeql-action/init@896079047b4bb059ba6f150a5d87d47dde99e6e5
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v1
+        uses: github/codeql-action/autobuild@896079047b4bb059ba6f150a5d87d47dde99e6e5
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v1
+        uses: github/codeql-action/analyze@896079047b4bb059ba6f150a5d87d47dde99e6e5
diff --git a/.github/workflows/dependabot-merge.yml b/.github/workflows/dependabot-merge.yml
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,3 +1,35 @@
+name: Release
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get app installation token
+        uses: npalm/action-app-token@dd4bb16d91ced5659bc618705c96b822c5a42136 # v1.1.0
+        id: token
+        with:
+          appId: ${{ secrets.APP_ID }}
+          appPrivateKeyBase64: ${{ secrets.APP_PRIVATE_KEY_BASE64 }}
+          appInstallationType: repo
+          appInstallationValue: ${{ github.repository }}
+
+      # bootstrap-sha and release-as needs to be removed after first release
+      - name: Release
+        uses: google-github-actions/release-please-action@af1990728f970ad54c88e130c02a1521988127a2 # v3.7.0
+        with:
+          release-type: terraform-module
+          token: ${{ steps.token.outputs.token }}
+          include-v-in-tag: false
+          signoff: "Niek Palm <[email protected]>"
+          bootstrap-sha: 78bf422d362ea613ea5511dfa62d30bd00ffc025
+
+
+
 name: 'Release'
 on:
   workflow_dispatch:
@@ -12,23 +44,23 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
         with:
           fetch-depth: 0
           persist-credentials: false
 
-      - uses: actions/setup-node@v2
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # v3.5.1
         with:
-          node-version: 14.18.1
+          node-version: 16
 
       - name: Install dependencies
         run: yarn 
 
       - name: Run checks
         run: yarn run test && yarn lint && yarn run build
 
-      - name: Get installation token
-        uses: npalm/action-app-token@v1.0.0
+      - name: Get app installation token
+        uses: npalm/action-app-token@dd4bb16d91ced5659bc618705c96b822c5a42136 # v1.1.0
         id: app-token
         with:
           appId: ${{ secrets.APP_ID }}

diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml
@@ -11,28 +11,28 @@ jobs:
   build: 
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
         with:
           fetch-depth: 0
 
       - name: Get info
         id: info
         run: |
-          echo ::set-output name=repo_name::$(echo $GITHUB_REPOSITORY| cut -d / -f 2)
-          echo ::set-output name=repo_owner::$(echo $GITHUB_REPOSITORY| cut -d / -f 1)
+          echo "repo_name=$(echo $GITHUB_REPOSITORY| cut -d / -f 2)" >> $GITHUB_OUTPUT
+          echo "repo_owner=$(echo $GITHUB_REPOSITORY| cut -d / -f 1)" >> $GITHUB_OUTPUT
           
-      - uses: actions/setup-node@v2
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # v3.5.1
         with:
-          node-version: 14.18.1
+          node-version: 16
       - name: Install dependencies
         run: yarn install
 
       - name: Run all checks and build
         run: yarn run all
 
       - name: SonarCloud Scan
-        if: matrix.node-version == 14 
-        uses: sonarsource/sonarcloud-github-action@master
+        if: matrix.node-version == 16
+        uses: sonarsource/sonarcloud-github-action@cb201f3b2d7a38231a8c042dfea4539c8bea180b # v1.8
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}