Skip to content

Commit

Permalink
Merge branch 'master' into dependabot/docker/kubernetes/postgres/post…
Browse files Browse the repository at this point in the history
…gres-16.0-alpine
  • Loading branch information
yurake committed Sep 15, 2024
2 parents 64df633 + afdb0c9 commit 0aeec2e
Show file tree
Hide file tree
Showing 144 changed files with 1,100 additions and 1,361 deletions.
40 changes: 27 additions & 13 deletions .github/pr-labeler.yml
Original file line number Diff line number Diff line change
@@ -1,23 +1,37 @@
# Directory pattern
cicd:
- .github/**/*
- changed-files:
- any-glob-to-any-file: .github/**/*
docs:
- docs/**/*
- "**/*.md"
- changed-files:
- any-glob-to-any-file:
- docs/**/*
- "**/*.md"
github-action:
- .github/**/*
- changed-files:
- any-glob-to-any-file: .github/**/*
java:
- application/**/*
- "**/*.java"
- changed-files:
- any-glob-to-any-file:
- application/**/*
- "**/*.java"
javascript:
- application/**/*.js
- "**/*.js"
- changed-files:
- any-glob-to-any-file:
- application/**/*.js
- "**/*.js"
kubernetes:
- kubernetes/**/*
- changed-files:
- any-glob-to-any-file: kubernetes/**/*
quarkus:
- application/*-quarkus/*
- changed-files:
- any-glob-to-any-file: application/*-quarkus/*
docker:
- "**/Dockerfile"
- changed-files:
- any-glob-to-any-file: "**/Dockerfile"
kind:
- "**/kind-*"
- changed-files:
- any-glob-to-any-file: "**/kind-*"
minikube:
- "**/minikube-*"
- changed-files:
- any-glob-to-any-file: "**/minikube-*"
2 changes: 1 addition & 1 deletion .github/workflows/cancel-workflow.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Cancel Previous Runs
uses: styfle/cancel-workflow-action@0.11.0
uses: styfle/cancel-workflow-action@0.12.1
with:
access_token: ${{ secrets.GITHUB_TOKEN }}
- name: cancel running workflows
Expand Down
16 changes: 8 additions & 8 deletions .github/workflows/check-for-update.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
minikube-version:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3.5.3
- uses: actions/checkout@v4.1.7
- name: check minikube version
working-directory: ./.github/workflows
run: |
Expand Down Expand Up @@ -55,7 +55,7 @@ jobs:
sed -i -e "s/$SOURCE_DOC_VERSION/$TARGET_MINIKUBE_VERSION/g" ../../README.md
- name: Add, commit, push, and create PR
if: env.UNMATCH_VERSION == 'true' && env.BRANCH_IS_EXISTING == 'false'
uses: peter-evans/[email protected].2
uses: peter-evans/[email protected].3
with:
token: ${{ secrets.PAT_GITHUB_ACTION_WORKFLOW }}
branch: actions/check-for-update-minikube
Expand All @@ -67,7 +67,7 @@ jobs:
kubernetes-version:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3.5.3
- uses: actions/checkout@v4.1.7
- name: check kubernetes version
working-directory: ./.github/workflows
run: |
Expand Down Expand Up @@ -113,7 +113,7 @@ jobs:
sed -i -e "s/$SOURCE_DOC_VERSION/$TARGET_KUBERNETES_VERSION/g" ../../README.md
- name: Add, commit, push, and create PR
if: env.UNMATCH_VERSION == 'true' && env.BRANCH_IS_EXISTING == 'false'
uses: peter-evans/[email protected].2
uses: peter-evans/[email protected].3
with:
token: ${{ secrets.PAT_GITHUB_ACTION_WORKFLOW }}
branch: actions/check-for-update-kubernetes
Expand All @@ -125,7 +125,7 @@ jobs:
chaos-mesh-version:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3.5.3
- uses: actions/checkout@v4.1.7
- name: check current chaos-mesh version
working-directory: ./.github/workflows
run: |
Expand Down Expand Up @@ -163,7 +163,7 @@ jobs:
sed -i -e "s/$SOURCE_DOC_VERSION/$TARGET_VERSION/g" ../../README.md
- name: Add, commit, push, and create PR
if: env.UNMATCH_VERSION == 'true' && env.BRANCH_IS_EXISTING == 'false'
uses: peter-evans/[email protected].2
uses: peter-evans/[email protected].3
with:
token: ${{ secrets.PAT_GITHUB_ACTION_WORKFLOW }}
branch: actions/check-for-update-chaos-mesh
Expand All @@ -175,7 +175,7 @@ jobs:
quarkus-version:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3.5.3
- uses: actions/checkout@v4.1.7
- name: check current quarkus version
run: |
echo "SOURCE_VERSION=$(grep "Quarkus Version" README.md | cut -d '-' -f 2)" >> $GITHUB_ENV
Expand Down Expand Up @@ -208,7 +208,7 @@ jobs:
sed -i -e "s/$SOURCE_VERSION/$TARGET_VERSION/g" README.md
- name: Add, commit, push, and create PR
if: env.UNMATCH_VERSION == 'true' && env.BRANCH_IS_EXISTING == 'false'
uses: peter-evans/[email protected].2
uses: peter-evans/[email protected].3
with:
token: ${{ secrets.PAT_GITHUB_ACTION_WORKFLOW }}
branch: actions/check-for-update-quarkus
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/cis-dockerfile-benchmark.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
validation:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3.5.3
- uses: actions/checkout@v4.1.7
- name: Sysdig CIS Dockerfile Benchmark
uses: sysdiglabs/[email protected]
with:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/codacy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,11 +34,11 @@ jobs:
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout code
uses: actions/checkout@v3.5.3
uses: actions/checkout@v4.1.7

# Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
- name: Run Codacy Analysis CLI
uses: codacy/codacy-analysis-cli-action@fde117cc9d692f9e6f9221272c7b65a2f659f064
uses: codacy/codacy-analysis-cli-action@09916000460adeeedc96b9704f86deba53e2ad5d
with:
# Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
# You can also omit the token and run the tools that support default configurations
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v3.5.3
uses: actions/checkout@v4.1.7

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/cypress-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,11 @@ on:

jobs:
cypress-run:
runs-on: ubuntu-20.04
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v3.5.3
- uses: bahmutov/npm-install@v1.8.34
uses: actions/checkout@v4.1.7
- uses: bahmutov/npm-install@v1.10.2
with:
working-directory: kubernetes/monitoring/test/cypress
- name: Cypress run
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v3.5.3
uses: actions/checkout@v4.1.7
- name: 'Dependency Review'
uses: actions/dependency-review-action@v3.1.0
uses: actions/dependency-review-action@v4.3.4
6 changes: 3 additions & 3 deletions .github/workflows/devskim.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,17 +14,17 @@ on:
jobs:
lint:
name: DevSkim
runs-on: ubuntu-20.04
runs-on: ubuntu-22.04
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout code
uses: actions/checkout@v3.5.3
uses: actions/checkout@v4.1.7

- name: Run DevSkim scanner
uses: microsoft/[email protected].10
uses: microsoft/[email protected].14

- name: Upload DevSkim scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
Expand Down
40 changes: 20 additions & 20 deletions .github/workflows/docker-image-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,13 +21,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out Git repository
uses: actions/checkout@v3.5.3
uses: actions/checkout@v4.1.7

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2.9.1
uses: docker/setup-buildx-action@v2.10.0

- name: Cache Docker layers
uses: actions/cache@v3.3.1
uses: actions/cache@v4.0.2
with:
path: /tmp/.buildx-cache
key: ${{ github.ref }}-${{ github.sha }}
Expand Down Expand Up @@ -59,7 +59,7 @@ jobs:
run: docker login -u $DOCKERHUB_USER -p $DOCKERHUB_PASS

- name: Build and push - nginx
uses: docker/build-push-action@v4.1.1
uses: docker/build-push-action@v4.2.1
with:
context: ./kubernetes/nginx
push: ${{ env.PUSH }}
Expand All @@ -72,7 +72,7 @@ jobs:

- name: Run Snyk to check Docker image for vulnerabilities - nginx
continue-on-error: true
uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
uses: snyk/actions/docker@cdb760004ba9ea4d525f2e043745dfe85bb9077e
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
Expand All @@ -82,7 +82,7 @@ jobs:
run: mv snyk.sarif nginx.sarif

- name: Build and push - mysql
uses: docker/build-push-action@v4.1.1
uses: docker/build-push-action@v4.2.1
with:
context: ./kubernetes/mysql
push: ${{ env.PUSH }}
Expand All @@ -95,7 +95,7 @@ jobs:

- name: Run Snyk to check Docker image for vulnerabilities - mysql
continue-on-error: true
uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
uses: snyk/actions/docker@cdb760004ba9ea4d525f2e043745dfe85bb9077e
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
Expand All @@ -105,7 +105,7 @@ jobs:
run: mv snyk.sarif mysql.sarif

- name: Build and push - postgres
uses: docker/build-push-action@v4.1.1
uses: docker/build-push-action@v4.2.1
with:
context: ./kubernetes/postgres
push: ${{ env.PUSH }}
Expand All @@ -118,7 +118,7 @@ jobs:

- name: Run Snyk to check Docker image for vulnerabilities - postgres
continue-on-error: true
uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
uses: snyk/actions/docker@cdb760004ba9ea4d525f2e043745dfe85bb9077e
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
Expand All @@ -128,7 +128,7 @@ jobs:
run: mv snyk.sarif postgres.sarif

- name: Build and push - mongodb
uses: docker/build-push-action@v4.1.1
uses: docker/build-push-action@v4.2.1
with:
context: ./kubernetes/mongodb
push: ${{ env.PUSH }}
Expand All @@ -141,7 +141,7 @@ jobs:

- name: Run Snyk to check Docker image for vulnerabilities - mongodb
continue-on-error: true
uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
uses: snyk/actions/docker@cdb760004ba9ea4d525f2e043745dfe85bb9077e
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
Expand All @@ -151,7 +151,7 @@ jobs:
run: mv snyk.sarif mongodb.sarif

- name: Build and push - cassandra
uses: docker/build-push-action@v4.1.1
uses: docker/build-push-action@v4.2.1
with:
context: ./kubernetes/cassandra
push: ${{ env.PUSH }}
Expand All @@ -164,7 +164,7 @@ jobs:

- name: Run Snyk to check Docker image for vulnerabilities - cassandra
continue-on-error: true
uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
uses: snyk/actions/docker@cdb760004ba9ea4d525f2e043745dfe85bb9077e
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
Expand All @@ -174,7 +174,7 @@ jobs:
run: mv snyk.sarif cassandra.sarif

- name: Build and push - rabbitmq
uses: docker/build-push-action@v4.1.1
uses: docker/build-push-action@v4.2.1
with:
context: ./kubernetes/rabbitmq
push: ${{ env.PUSH }}
Expand All @@ -187,7 +187,7 @@ jobs:

- name: Run Snyk to check Docker image for vulnerabilities - rabbitmq
continue-on-error: true
uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
uses: snyk/actions/docker@cdb760004ba9ea4d525f2e043745dfe85bb9077e
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
Expand All @@ -197,7 +197,7 @@ jobs:
run: mv snyk.sarif rabbitmq.sarif

- name: Build and push - jenkins
uses: docker/build-push-action@v4.1.1
uses: docker/build-push-action@v4.2.1
with:
context: ./kubernetes/monitoring/jenkins
push: ${{ env.PUSH }}
Expand All @@ -209,7 +209,7 @@ jobs:
cache-to: type=local,dest=/tmp/.buildx-cache

- name: Build and push - ab
uses: docker/build-push-action@v4.1.1
uses: docker/build-push-action@v4.2.1
with:
context: ./kubernetes/monitoring/test/ab
push: ${{ env.PUSH }}
Expand All @@ -222,7 +222,7 @@ jobs:

- name: Run Snyk to check Docker image for vulnerabilities - ab
continue-on-error: true
uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
uses: snyk/actions/docker@cdb760004ba9ea4d525f2e043745dfe85bb9077e
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
Expand All @@ -232,7 +232,7 @@ jobs:
run: mv snyk.sarif ab.sarif

- name: Build and push - postmannewman-quarkus
uses: docker/build-push-action@v4.1.1
uses: docker/build-push-action@v4.2.1
with:
context: ./kubernetes/monitoring/test/postmannewman/quarkus
push: ${{ env.PUSH }}
Expand All @@ -245,7 +245,7 @@ jobs:

- name: Run Snyk to check Docker image for vulnerabilities - postmannewman-quarkus
continue-on-error: true
uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
uses: snyk/actions/docker@cdb760004ba9ea4d525f2e043745dfe85bb9077e
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
Expand Down
Loading

0 comments on commit 0aeec2e

Please sign in to comment.