From b561b4b2ca112744fe9600083898250915948791 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Sep 2023 10:59:02 +0000 Subject: [PATCH 1/5] chore(deps): bump docker/login-action from 2 to 3 Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v2...v3) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/irs-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/irs-build.yml b/.github/workflows/irs-build.yml index 0918fae1a3..573a0a7263 100644 --- a/.github/workflows/irs-build.yml +++ b/.github/workflows/irs-build.yml @@ -146,7 +146,7 @@ jobs: env: DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} if: env.DOCKER_HUB_USER != '' - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_HUB_USER }} password: ${{ secrets.DOCKER_HUB_TOKEN }} From b7076f9ffb5fca49026efd726a0dcaaab38d46be Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Sep 2023 10:59:07 +0000 Subject: [PATCH 2/5] chore(deps): bump docker/build-push-action from 4 to 5 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 5. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v4...v5) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/helm-test.yaml | 2 +- .github/workflows/trivy-image-scan.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/helm-test.yaml b/.github/workflows/helm-test.yaml index 74e71b1924..8ac33df36c 100644 --- a/.github/workflows/helm-test.yaml +++ b/.github/workflows/helm-test.yaml @@ -35,7 +35,7 @@ jobs: version: v0.20.0 - name: Build image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . push: true diff --git a/.github/workflows/trivy-image-scan.yml b/.github/workflows/trivy-image-scan.yml index fcde93dfa4..ba650c4f13 100644 --- a/.github/workflows/trivy-image-scan.yml +++ b/.github/workflows/trivy-image-scan.yml @@ -39,7 +39,7 @@ jobs: uses: actions/checkout@v3 - name: Build image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . push: true From d982ccea861fc8106dacf51ebef8c8bf4c7e687d Mon Sep 17 00:00:00 2001 From: Sebastian Scherer <59142915+scherersebastian@users.noreply.github.com> Date: Sun, 17 Sep 2023 16:39:15 +0200 Subject: [PATCH 3/5] chore: no secret scanning by KICS --- .github/workflows/kics.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 5d9f055597..95260daad0 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -52,6 +52,8 @@ jobs: exclude_results: "03df1ef13c69b0ada26fc5bbf35eabca288c5c3c93c0f5d918e41f4951ca8795,8bdf179adec9aee0035149315b63a3f8afd684076358433767758a4a9aeac922" # application-local.yml - local env minio password # Exclude accepted queries from the build #exclude_queries: "" + # No secret scanning + disable_secrets: true # Upload findings to GitHub Advanced Security Dashboard - name: Upload SARIF file for GitHub Advanced Security Dashboard @@ -65,4 +67,4 @@ jobs: if: always() with: name: kicsResults.json - path: kicsResults/results.json \ No newline at end of file + path: kicsResults/results.json From 7a509cc8f1ece716386ac5815b7f1e9234516c64 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 26 Sep 2023 10:40:02 +0000 Subject: [PATCH 4/5] chore(deps): bump mikefarah/yq from 4.34.2 to 4.35.2 Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.34.2 to 4.35.2. - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](https://github.com/mikefarah/yq/compare/v4.34.2...v4.35.2) --- updated-dependencies: - dependency-name: mikefarah/yq dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 2751b16a75..8733b4ee71 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -16,12 +16,12 @@ jobs: run: echo HELM_VERSION=$(cat charts/irs-helm/CHANGELOG.md | sed -n 's/.*\[\([0-9]\+\.[0-9]\+\.[0-9]\+\)\].*/\1/p' | head -n 1) >> $GITHUB_ENV - name: Update Chart.yaml appVersion - uses: mikefarah/yq@v4.34.2 + uses: mikefarah/yq@v4.35.2 with: cmd: yq -i eval '.appVersion = "${{ github.ref_name }}"' charts/irs-helm/Chart.yaml - name: Update Chart.yaml version - uses: mikefarah/yq@v4.34.2 + uses: mikefarah/yq@v4.35.2 with: cmd: yq -i eval '.version = "${{ env.HELM_VERSION }}"' charts/irs-helm/Chart.yaml From 246c3957ee813fae87a6da6122bf70be17a6d9c6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 4 Oct 2023 14:45:00 +0000 Subject: [PATCH 5/5] chore(deps): bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/BETA-xray-cucumber-integration.yaml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/eclipse-dash.yml | 2 +- .github/workflows/helm-chart-release.yaml | 4 ++-- .github/workflows/helm-test.yaml | 2 +- .github/workflows/helm-upgrade.yaml | 2 +- .github/workflows/int-setup-testdata.yml | 2 +- .github/workflows/int-test-automation.yml | 2 +- .github/workflows/irs-build.yml | 6 +++--- .github/workflows/irs-load-test.yaml | 2 +- .github/workflows/jira-publish-release.yaml | 2 +- .github/workflows/kics.yml | 2 +- .github/workflows/maven-deploy.yaml | 2 +- .github/workflows/owasp.yml | 2 +- .github/workflows/publish-documentation.yaml | 2 +- .github/workflows/release.yaml | 2 +- .github/workflows/spectral.yaml | 2 +- .github/workflows/spotbugs.yml | 2 +- .github/workflows/swagger-editor-validate.yml | 2 +- .github/workflows/synch-env-branch.yml | 2 +- .github/workflows/tavern-integration.yml | 2 +- .github/workflows/tavern.yml | 2 +- .github/workflows/trivy-docker-hub-scan.yml | 2 +- .github/workflows/trivy-image-scan.yml | 2 +- .github/workflows/trivy.yml | 2 +- .github/workflows/veracode.yaml | 2 +- .github/workflows/xray-cucumber-integration.yaml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/.github/workflows/BETA-xray-cucumber-integration.yaml b/.github/workflows/BETA-xray-cucumber-integration.yaml index b072dc37da..f99f639906 100644 --- a/.github/workflows/BETA-xray-cucumber-integration.yaml +++ b/.github/workflows/BETA-xray-cucumber-integration.yaml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v3 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f3cdc69b3f..f4e2d93b56 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -49,7 +49,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v3 diff --git a/.github/workflows/eclipse-dash.yml b/.github/workflows/eclipse-dash.yml index 0555c7827a..efb978f182 100644 --- a/.github/workflows/eclipse-dash.yml +++ b/.github/workflows/eclipse-dash.yml @@ -17,7 +17,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v3 diff --git a/.github/workflows/helm-chart-release.yaml b/.github/workflows/helm-chart-release.yaml index 5c50ac9186..9afdf5887d 100644 --- a/.github/workflows/helm-chart-release.yaml +++ b/.github/workflows/helm-chart-release.yaml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 @@ -45,7 +45,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 diff --git a/.github/workflows/helm-test.yaml b/.github/workflows/helm-test.yaml index 8ac33df36c..a954977931 100644 --- a/.github/workflows/helm-test.yaml +++ b/.github/workflows/helm-test.yaml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 diff --git a/.github/workflows/helm-upgrade.yaml b/.github/workflows/helm-upgrade.yaml index a0900f0878..762675e705 100644 --- a/.github/workflows/helm-upgrade.yaml +++ b/.github/workflows/helm-upgrade.yaml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 diff --git a/.github/workflows/int-setup-testdata.yml b/.github/workflows/int-setup-testdata.yml index 12629d14e2..fc11f6c2c8 100644 --- a/.github/workflows/int-setup-testdata.yml +++ b/.github/workflows/int-setup-testdata.yml @@ -32,7 +32,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: setup python uses: actions/setup-python@v4 diff --git a/.github/workflows/int-test-automation.yml b/.github/workflows/int-test-automation.yml index e505dd2c77..aa19f1981c 100644 --- a/.github/workflows/int-test-automation.yml +++ b/.github/workflows/int-test-automation.yml @@ -13,7 +13,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of sonar analysis diff --git a/.github/workflows/irs-build.yml b/.github/workflows/irs-build.yml index 573a0a7263..eaeeb9c54d 100644 --- a/.github/workflows/irs-build.yml +++ b/.github/workflows/irs-build.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v3 @@ -49,7 +49,7 @@ jobs: github.actor != 'dependabot[bot]' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of sonar analysis @@ -91,7 +91,7 @@ jobs: outputs: image-tag: ${{ steps.version.outputs.image_tag }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Build image to make sure Dockerfile is valid run: | diff --git a/.github/workflows/irs-load-test.yaml b/.github/workflows/irs-load-test.yaml index cd7ff73ba8..e6e931fc80 100644 --- a/.github/workflows/irs-load-test.yaml +++ b/.github/workflows/irs-load-test.yaml @@ -22,7 +22,7 @@ jobs: gatling-test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v3 diff --git a/.github/workflows/jira-publish-release.yaml b/.github/workflows/jira-publish-release.yaml index 8ddc5270ff..dc442b3705 100644 --- a/.github/workflows/jira-publish-release.yaml +++ b/.github/workflows/jira-publish-release.yaml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set current date as env variable run: echo "NOW=$(date +'%Y-%m-%d')" >> $GITHUB_ENV diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 95260daad0..806cdfe01a 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -24,7 +24,7 @@ jobs: security-events: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: KICS scan uses: checkmarx/kics-github-action@master diff --git a/.github/workflows/maven-deploy.yaml b/.github/workflows/maven-deploy.yaml index f59070333c..1ad049cf89 100644 --- a/.github/workflows/maven-deploy.yaml +++ b/.github/workflows/maven-deploy.yaml @@ -40,7 +40,7 @@ jobs: needs.secret-presence.outputs.HAS_OSSRH && github.event_name != 'pull_request' && github.ref != 'refs/heads/releases' steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v3 diff --git a/.github/workflows/owasp.yml b/.github/workflows/owasp.yml index e3553280ec..d783444d88 100644 --- a/.github/workflows/owasp.yml +++ b/.github/workflows/owasp.yml @@ -24,7 +24,7 @@ jobs: name: owasp-check steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v3 diff --git a/.github/workflows/publish-documentation.yaml b/.github/workflows/publish-documentation.yaml index 0623173695..de2086ef85 100644 --- a/.github/workflows/publish-documentation.yaml +++ b/.github/workflows/publish-documentation.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 8733b4ee71..8ac4ed5861 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -10,7 +10,7 @@ jobs: release: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Calculate Helm release version from CHANGELOG run: echo HELM_VERSION=$(cat charts/irs-helm/CHANGELOG.md | sed -n 's/.*\[\([0-9]\+\.[0-9]\+\.[0-9]\+\)\].*/\1/p' | head -n 1) >> $GITHUB_ENV diff --git a/.github/workflows/spectral.yaml b/.github/workflows/spectral.yaml index 4cb95de87b..79e3e0d111 100644 --- a/.github/workflows/spectral.yaml +++ b/.github/workflows/spectral.yaml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: # Check out the repository - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # Run Spectral - uses: stoplightio/spectral-action@latest diff --git a/.github/workflows/spotbugs.yml b/.github/workflows/spotbugs.yml index 59d448bd49..494513a954 100644 --- a/.github/workflows/spotbugs.yml +++ b/.github/workflows/spotbugs.yml @@ -29,7 +29,7 @@ jobs: name: spotbugs-check steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v3 diff --git a/.github/workflows/swagger-editor-validate.yml b/.github/workflows/swagger-editor-validate.yml index 6853f4d2fc..1dd027c847 100644 --- a/.github/workflows/swagger-editor-validate.yml +++ b/.github/workflows/swagger-editor-validate.yml @@ -15,7 +15,7 @@ jobs: name: Swagger Editor Validator Remote steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Validate OpenAPI definition uses: char0n/swagger-editor-validate@v1 with: diff --git a/.github/workflows/synch-env-branch.yml b/.github/workflows/synch-env-branch.yml index f5b87320d0..3388e510d0 100644 --- a/.github/workflows/synch-env-branch.yml +++ b/.github/workflows/synch-env-branch.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Merge main into catena-x-environments run: | diff --git a/.github/workflows/tavern-integration.yml b/.github/workflows/tavern-integration.yml index d534c50cac..0e243f3fdc 100644 --- a/.github/workflows/tavern-integration.yml +++ b/.github/workflows/tavern-integration.yml @@ -43,7 +43,7 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Setup python uses: actions/setup-python@v4 diff --git a/.github/workflows/tavern.yml b/.github/workflows/tavern.yml index d41dd2481d..825e0eab82 100644 --- a/.github/workflows/tavern.yml +++ b/.github/workflows/tavern.yml @@ -45,7 +45,7 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Setup python uses: actions/setup-python@v4 diff --git a/.github/workflows/trivy-docker-hub-scan.yml b/.github/workflows/trivy-docker-hub-scan.yml index 1cf40378c2..a5c186afa9 100644 --- a/.github/workflows/trivy-docker-hub-scan.yml +++ b/.github/workflows/trivy-docker-hub-scan.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master diff --git a/.github/workflows/trivy-image-scan.yml b/.github/workflows/trivy-image-scan.yml index ba650c4f13..0acd9c7e1a 100644 --- a/.github/workflows/trivy-image-scan.yml +++ b/.github/workflows/trivy-image-scan.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Build image uses: docker/build-push-action@v5 diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index ced51141a0..0dafa7fea6 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -28,7 +28,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner in repo mode uses: aquasecurity/trivy-action@master diff --git a/.github/workflows/veracode.yaml b/.github/workflows/veracode.yaml index d1f62c1d47..1e1bef3f0a 100644 --- a/.github/workflows/veracode.yaml +++ b/.github/workflows/veracode.yaml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v3 diff --git a/.github/workflows/xray-cucumber-integration.yaml b/.github/workflows/xray-cucumber-integration.yaml index 1ac7111cfa..b08b96bf94 100644 --- a/.github/workflows/xray-cucumber-integration.yaml +++ b/.github/workflows/xray-cucumber-integration.yaml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v3