From a12dbb0972ffa57a93459c423a9a239c46f79c93 Mon Sep 17 00:00:00 2001 From: valyo <582646+valyo@users.noreply.github.com> Date: Wed, 25 Sep 2024 12:13:01 +0200 Subject: [PATCH 01/17] bump actions/checkout to v4 --- .github/workflows/trivy-scan-branch.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/trivy-scan-branch.yml b/.github/workflows/trivy-scan-branch.yml index e17032ce5..2597ea7f5 100644 --- a/.github/workflows/trivy-scan-branch.yml +++ b/.github/workflows/trivy-scan-branch.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master From 2e2e00d8d0b11c0975b9cec957f0dcc06451c611 Mon Sep 17 00:00:00 2001 From: valyo <582646+valyo@users.noreply.github.com> Date: Fri, 27 Sep 2024 10:39:22 +0200 Subject: [PATCH 02/17] add sprintlog --- SPRINTLOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/SPRINTLOG.md b/SPRINTLOG.md index c8c7c7d62..afbaaf5ca 100644 --- a/SPRINTLOG.md +++ b/SPRINTLOG.md @@ -430,3 +430,7 @@ _Nothing merged during this sprint_ - Flask command to update unit quotas ([#1551](https://github.com/ScilifelabDataCentre/dds_web/pull/1551)) - Bump python base image to 3.12 and related libraries in both web and client([#1548](https://github.com/ScilifelabDataCentre/dds_web/pull/1548)) + +# 2024-09-23 - 2024-10-04 + +- Bump GitHub checkout action to v4 ([#1556](https://github.com/ScilifelabDataCentre/dds_web/pull/1556)) From 2d6abc7ca31fcaae36d7d019ed29eafc0804bfce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Fri, 25 Oct 2024 08:59:00 +0200 Subject: [PATCH 03/17] bump python-black checkout version --- .github/workflows/python-black.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python-black.yml b/.github/workflows/python-black.yml index 9536d5c96..3e674e485 100644 --- a/.github/workflows/python-black.yml +++ b/.github/workflows/python-black.yml @@ -15,7 +15,7 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: psf/black@stable with: version: ${{ env.INPUT_VERSION }} From 0eb129b03dcf74cfdf7b2516024900fa84203ec5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Fri, 25 Oct 2024 09:03:05 +0200 Subject: [PATCH 04/17] prettier --- .github/workflows/prettier.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/prettier.yml b/.github/workflows/prettier.yml index 11177e326..99ad0661c 100644 --- a/.github/workflows/prettier.yml +++ b/.github/workflows/prettier.yml @@ -9,9 +9,9 @@ jobs: Prettier: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 - name: Install Prettier run: npm install -g prettier From 10a0df24a660346310709073c29a18858fbafa08 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Fri, 25 Oct 2024 09:04:28 +0200 Subject: [PATCH 05/17] yaml --- .github/workflows/lint-yaml.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index e7ce78f9b..b64a8820c 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -13,7 +13,7 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: yaml-lint uses: ibiqlik/action-yamllint@v3 with: From 84875070e78d812e8cd5bba98a069f1f4605377a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Fri, 25 Oct 2024 09:05:40 +0200 Subject: [PATCH 06/17] trivy scan branch bump --- .github/workflows/trivy-scan-branch.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/trivy-scan-branch.yml b/.github/workflows/trivy-scan-branch.yml index e17032ce5..2597ea7f5 100644 --- a/.github/workflows/trivy-scan-branch.yml +++ b/.github/workflows/trivy-scan-branch.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master From a77d36477ecfe04ac6490557bbd606971c2972f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Fri, 25 Oct 2024 09:13:12 +0200 Subject: [PATCH 07/17] upload sarif snyk --- .github/workflows/snyk-scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/snyk-scan.yml b/.github/workflows/snyk-scan.yml index c6c9a48e7..0d1c905fe 100644 --- a/.github/workflows/snyk-scan.yml +++ b/.github/workflows/snyk-scan.yml @@ -30,7 +30,7 @@ jobs: command: code test args: --sarif-file-output=snyk.sarif - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: snyk.sarif category: snyk From 30684d3948a519d982fd8e3992cb8834509a03a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Fri, 25 Oct 2024 10:50:35 +0200 Subject: [PATCH 08/17] bump all checkout actions to v4 --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/docker-compose-tests.yml | 2 +- .github/workflows/trivy-scheduled-dev.yml | 2 +- .github/workflows/trivy-scheduled-master.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 7b2b043b5..6bd457ef8 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -51,7 +51,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/docker-compose-tests.yml b/.github/workflows/docker-compose-tests.yml index 8dd1e6c79..76ece1bb5 100644 --- a/.github/workflows/docker-compose-tests.yml +++ b/.github/workflows/docker-compose-tests.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run tests against database container run: docker compose -f docker-compose.yml -f tests/docker-compose-test.yml up --build --exit-code-from backend diff --git a/.github/workflows/trivy-scheduled-dev.yml b/.github/workflows/trivy-scheduled-dev.yml index 7bd34cf9d..00aaafd12 100644 --- a/.github/workflows/trivy-scheduled-dev.yml +++ b/.github/workflows/trivy-scheduled-dev.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Ensure lowercase name run: echo REPOSITORY_OWNER=$(echo ${{ github.repository_owner }} | tr "[:upper:]" "[:lower:]") >> $GITHUB_ENV diff --git a/.github/workflows/trivy-scheduled-master.yml b/.github/workflows/trivy-scheduled-master.yml index e2ef46b86..682a83200 100644 --- a/.github/workflows/trivy-scheduled-master.yml +++ b/.github/workflows/trivy-scheduled-master.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: master From 2dc25e8e55d0d276952a91b4ed8de49960ea8d24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Fri, 25 Oct 2024 10:56:37 +0200 Subject: [PATCH 09/17] only change checkout versions --- .github/workflows/prettier.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prettier.yml b/.github/workflows/prettier.yml index 99ad0661c..2cbb09232 100644 --- a/.github/workflows/prettier.yml +++ b/.github/workflows/prettier.yml @@ -11,7 +11,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v3 - name: Install Prettier run: npm install -g prettier From 7bbf20ce405c411c4d8e40bc7dc857c65f9a9ed9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Fri, 25 Oct 2024 10:57:39 +0200 Subject: [PATCH 10/17] only change checkout versions --- .github/workflows/publish_and_trivyscan.yml | 2 +- .github/workflows/snyk-scan.yml | 2 +- .github/workflows/trivy-scan-branch.yml | 2 +- .github/workflows/trivy-scheduled-dev.yml | 2 +- .github/workflows/trivy-scheduled-master.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/publish_and_trivyscan.yml b/.github/workflows/publish_and_trivyscan.yml index f250b7fba..b81a31092 100644 --- a/.github/workflows/publish_and_trivyscan.yml +++ b/.github/workflows/publish_and_trivyscan.yml @@ -127,7 +127,7 @@ jobs: output: "trivy-results.sarif" severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to Github Security tab - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v2 with: sarif_file: "trivy-results.sarif" category: trivy-build diff --git a/.github/workflows/snyk-scan.yml b/.github/workflows/snyk-scan.yml index 0d1c905fe..c6c9a48e7 100644 --- a/.github/workflows/snyk-scan.yml +++ b/.github/workflows/snyk-scan.yml @@ -30,7 +30,7 @@ jobs: command: code test args: --sarif-file-output=snyk.sarif - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v2 with: sarif_file: snyk.sarif category: snyk diff --git a/.github/workflows/trivy-scan-branch.yml b/.github/workflows/trivy-scan-branch.yml index 2597ea7f5..25dbee8f9 100644 --- a/.github/workflows/trivy-scan-branch.yml +++ b/.github/workflows/trivy-scan-branch.yml @@ -31,7 +31,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v2 with: sarif_file: "trivy-results.sarif" category: trivy diff --git a/.github/workflows/trivy-scheduled-dev.yml b/.github/workflows/trivy-scheduled-dev.yml index 00aaafd12..338e924fe 100644 --- a/.github/workflows/trivy-scheduled-dev.yml +++ b/.github/workflows/trivy-scheduled-dev.yml @@ -33,7 +33,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to dev branch GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v2 with: sarif_file: "trivy-results-dev.sarif" category: trivy-dev diff --git a/.github/workflows/trivy-scheduled-master.yml b/.github/workflows/trivy-scheduled-master.yml index 682a83200..374bfe394 100644 --- a/.github/workflows/trivy-scheduled-master.yml +++ b/.github/workflows/trivy-scheduled-master.yml @@ -35,7 +35,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to master branch GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v2 with: sarif_file: "trivy-results-master.sarif" category: trivy-master From 68829a61b94d8ff173be24b89b055a1d39c651dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Fri, 25 Oct 2024 10:58:09 +0200 Subject: [PATCH 11/17] only change checkout versions --- .github/workflows/publish_and_trivyscan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish_and_trivyscan.yml b/.github/workflows/publish_and_trivyscan.yml index b81a31092..f250b7fba 100644 --- a/.github/workflows/publish_and_trivyscan.yml +++ b/.github/workflows/publish_and_trivyscan.yml @@ -127,7 +127,7 @@ jobs: output: "trivy-results.sarif" severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to Github Security tab - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: "trivy-results.sarif" category: trivy-build From f443da96b1f88020945b85a88eab79489953a35e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Fri, 25 Oct 2024 10:59:27 +0200 Subject: [PATCH 12/17] only change checkout versions --- .github/workflows/trivy-scan-branch.yml | 2 +- .github/workflows/trivy-scheduled-dev.yml | 2 +- .github/workflows/trivy-scheduled-master.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/trivy-scan-branch.yml b/.github/workflows/trivy-scan-branch.yml index 25dbee8f9..2597ea7f5 100644 --- a/.github/workflows/trivy-scan-branch.yml +++ b/.github/workflows/trivy-scan-branch.yml @@ -31,7 +31,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: "trivy-results.sarif" category: trivy diff --git a/.github/workflows/trivy-scheduled-dev.yml b/.github/workflows/trivy-scheduled-dev.yml index 338e924fe..00aaafd12 100644 --- a/.github/workflows/trivy-scheduled-dev.yml +++ b/.github/workflows/trivy-scheduled-dev.yml @@ -33,7 +33,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to dev branch GitHub Security tab - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: "trivy-results-dev.sarif" category: trivy-dev diff --git a/.github/workflows/trivy-scheduled-master.yml b/.github/workflows/trivy-scheduled-master.yml index 374bfe394..682a83200 100644 --- a/.github/workflows/trivy-scheduled-master.yml +++ b/.github/workflows/trivy-scheduled-master.yml @@ -35,7 +35,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to master branch GitHub Security tab - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: "trivy-results-master.sarif" category: trivy-master From c60b5d703c191b3a72b1ecad0d7ccc4174890455 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Fri, 25 Oct 2024 11:59:35 +0200 Subject: [PATCH 13/17] redo 1566 --- .github/workflows/codeql-analysis.yml | 6 +++--- SPRINTLOG.md | 3 ++- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6bd457ef8..099bfd758 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -55,7 +55,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -66,7 +66,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -80,4 +80,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/SPRINTLOG.md b/SPRINTLOG.md index ac07167e7..ce6a22536 100644 --- a/SPRINTLOG.md +++ b/SPRINTLOG.md @@ -447,4 +447,5 @@ _Nothing merged during this sprint_ # 2024-10-21 - 2024-11-01 -- Bump GitHub checkout action to v4 ([#1556](https://github.com/ScilifelabDataCentre/dds_web/pull/1556)) +- Workflow: Bump GitHub checkout action to v4 ([#1556](https://github.com/ScilifelabDataCentre/dds_web/pull/1556)) +- Workflow: CodeQL action version(s) bumped to v3 ([#1569](https://github.com/ScilifelabDataCentre/dds_web/pull/1569)) From e3d6b245d1ac7dc2de725c46ac631cc2c6b22e16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Mon, 28 Oct 2024 11:21:50 +0100 Subject: [PATCH 14/17] setup node to v4 --- .github/workflows/prettier.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prettier.yml b/.github/workflows/prettier.yml index 2cbb09232..99ad0661c 100644 --- a/.github/workflows/prettier.yml +++ b/.github/workflows/prettier.yml @@ -11,7 +11,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 - name: Install Prettier run: npm install -g prettier From f3e4cbf01a3d885a8d39260096d211c602a7e53c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Mon, 28 Oct 2024 11:51:18 +0100 Subject: [PATCH 15/17] codecov to v4 --- .github/workflows/docker-compose-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-compose-tests.yml b/.github/workflows/docker-compose-tests.yml index 76ece1bb5..3bc8b81b1 100644 --- a/.github/workflows/docker-compose-tests.yml +++ b/.github/workflows/docker-compose-tests.yml @@ -31,7 +31,7 @@ jobs: ## If no one connects after 5 minutes, shut down server. wait-timeout-minutes: 5 - - uses: codecov/codecov-action@v3 + - uses: codecov/codecov-action@v4 with: token: ${{ secrets.CODECOV_TOKEN }} files: ./coverage/report.xml From 936398379f0f50fc0c13ef7e54ccecd2439b0260 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Mon, 28 Oct 2024 11:52:24 +0100 Subject: [PATCH 16/17] codeql upload-sarif to v3 --- .github/workflows/snyk-scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/snyk-scan.yml b/.github/workflows/snyk-scan.yml index c6c9a48e7..0d1c905fe 100644 --- a/.github/workflows/snyk-scan.yml +++ b/.github/workflows/snyk-scan.yml @@ -30,7 +30,7 @@ jobs: command: code test args: --sarif-file-output=snyk.sarif - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: snyk.sarif category: snyk From ff2b577979e98dfc8f271b4d47a6119ef030b4d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ina=20Od=C3=A9n=20=C3=96sterbo?= Date: Mon, 28 Oct 2024 11:58:27 +0100 Subject: [PATCH 17/17] sprintlog --- SPRINTLOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/SPRINTLOG.md b/SPRINTLOG.md index ce6a22536..e5316de21 100644 --- a/SPRINTLOG.md +++ b/SPRINTLOG.md @@ -449,3 +449,4 @@ _Nothing merged during this sprint_ - Workflow: Bump GitHub checkout action to v4 ([#1556](https://github.com/ScilifelabDataCentre/dds_web/pull/1556)) - Workflow: CodeQL action version(s) bumped to v3 ([#1569](https://github.com/ScilifelabDataCentre/dds_web/pull/1569)) +- Workflow: Setup-node, codecov and upload-sarif action versions bumped to v4, v4 and v3, respectively ([#1570](https://github.com/ScilifelabDataCentre/dds_web/pull/1570))