eclipse-tractusx · evegufy · Nov 22, 2024 · Nov 22, 2024 · Nov 22, 2024 · Nov 22, 2024
diff --git a/.github/workflows/trivy-main.yml b/.github/workflows/trivy-main.yml
@@ -61,6 +61,9 @@ jobs:
           output: "trivy-results1.sarif"
           vuln-type: "os,library"
           timeout: "3600s"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
@@ -93,6 +96,10 @@ jobs:
           format: "sarif"
           output: "trivy-results2.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -126,6 +133,10 @@ jobs:
           output: "trivy-results3.sarif"
           vuln-type: "os,library"
           skip-dirs: "docs/"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -62,6 +62,9 @@ jobs:
           vuln-type: "os,library"
           skip-dirs: "docs/"
           timeout: "3600s"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
@@ -94,6 +97,10 @@ jobs:
           format: "sarif"
           output: "trivy-results2.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -126,6 +133,10 @@ jobs:
           format: "sarif"
           output: "trivy-results3.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()

diff --git a/.tractusx b/.tractusx
@@ -20,4 +20,4 @@
 product: "SSI Authority & Schema Registry"
 leadingRepository: "https://github.com/eclipse-tractusx/ssi-authority-schema-registry"
 openApiSpecs:
-- "https://raw.githubusercontent.com/eclipse-tractusx/ssi-authority-schema-registry/refs/tags/ssi-asr-1.1.0-rc.2/docs/api/asr-service.yaml"
+- "https://raw.githubusercontent.com/eclipse-tractusx/ssi-authority-schema-registry/refs/tags/ssi-asr-1.1.0/docs/api/asr-service.yaml"
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -70,6 +70,10 @@ fulfills the DCO's requirement that you sign-off on your contributions.
 For more information, please see the Eclipse Committer Handbook:
 https://www.eclipse.org/projects/handbook/#resources-commit
 
+## How To Contribute
+
+For more practical information, please refer to [Contribution details](/docs/admin/dev-process/How%20to%20contribute.md).
+
 ## Contact
 
 Contact the project developers via the project's "dev" list.

diff --git a/charts/ssi-asr/Chart.yaml b/charts/ssi-asr/Chart.yaml
@@ -20,8 +20,8 @@
 apiVersion: v2
 name: ssi-asr
 type: application
-version: 1.1.0-rc.2
-appVersion: 1.1.0-rc.2
+version: 1.1.0
+appVersion: 1.1.0
 description: Helm chart for SSI Authority & Schema Registry
 home: https://github.com/eclipse-tractusx/ssi-authority-schema-registry
 dependencies:

diff --git a/charts/ssi-asr/README.md b/charts/ssi-asr/README.md
@@ -27,7 +27,7 @@ To use the helm chart as a dependency:
 dependencies:
   - name: ssi-asr
     repository: https://eclipse-tractusx.github.io/charts/dev
-    version: 1.1.0-rc.2
+    version: 1.1.0
 ```
 
 ## Requirements

diff --git a/docs/api/asr-service.yaml b/docs/api/asr-service.yaml
@@ -1,7 +1,7 @@
 openapi: 3.0.1
 info:
   title: Org.Eclipse.TractusX.SsiAuthoritySchemaRegistry.Service
-  version: v1.1.0-rc.2
+  version: v1.1.0
 paths:
   /api/registry/credentials:
     get:

diff --git a/environments/argocd-app-templates/appsetup-int.yaml b/environments/argocd-app-templates/appsetup-int.yaml
@@ -28,7 +28,7 @@ spec:
   source:
     path: charts/ssi-asr
     repoURL: 'https://github.com/eclipse-tractusx/ssi-authority-schema-registry.git'
-    targetRevision: ssi-asr-1.1.0-rc.2
+    targetRevision: ssi-asr-1.1.0
     plugin:
       env:
         - name: AVP_SECRET

diff --git a/environments/argocd-app-templates/appsetup-stable.yaml b/environments/argocd-app-templates/appsetup-stable.yaml
@@ -28,7 +28,7 @@ spec:
   source:
     path: charts/ssi-asr
     repoURL: 'https://github.com/eclipse-tractusx/ssi-authority-schema-registry.git'
-    targetRevision: ssi-asr-1.1.0-rc.2
+    targetRevision: ssi-asr-1.1.0
     plugin:
       env:
         - name: AVP_SECRET

diff --git a/src/Directory.Build.props b/src/Directory.Build.props
@@ -20,6 +20,6 @@
 <Project>
   <PropertyGroup>
     <VersionPrefix>1.1.0</VersionPrefix>
-    <VersionSuffix>rc.2</VersionSuffix>
+    <VersionSuffix></VersionSuffix>
   </PropertyGroup>
 </Project>