From 86f73633319e1b0f29b409c76e6133dd5e8611d4 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 23 Sep 2024 20:49:32 +0000 Subject: [PATCH] Update CI/CD --- .../configure-aws-credentials/action.yml | 2 +- .github/workflows/build-and-publish.yml | 2 +- .github/workflows/cd-analytics-infra.yml | 8 +++---- .github/workflows/cd-api-infra.yml | 8 +++---- .github/workflows/cd-frontend-infra.yml | 8 +++---- .github/workflows/cd-storybook.yml | 10 ++++----- .github/workflows/check-infra-auth.yml | 4 ++-- .github/workflows/ci-analytics.yml | 6 ++--- .github/workflows/ci-api.yml | 2 +- .github/workflows/ci-erd-diagrams.yml | 2 +- .github/workflows/ci-frontend-a11y.yml | 2 +- .github/workflows/ci-frontend-e2e.yml | 6 ++--- .github/workflows/ci-frontend.yml | 14 ++++++------ .github/workflows/ci-infra.yml | 18 +++++++-------- .github/workflows/ci-openapi.yml | 2 +- .github/workflows/ci-project-linters.yml | 2 +- .github/workflows/ci-wiki-links.yml | 2 +- .github/workflows/database-migrations.yml | 2 +- .github/workflows/deploy.yml | 2 +- .github/workflows/infra-service.yml | 6 ++--- .github/workflows/labeler.yml | 2 +- .github/workflows/lint-close-done-issues.yml | 2 +- .github/workflows/vulnerability-scans.yml | 22 +++++++++---------- 23 files changed, 67 insertions(+), 67 deletions(-) diff --git a/.github/actions/configure-aws-credentials/action.yml b/.github/actions/configure-aws-credentials/action.yml index 0380ac953..4f390a32c 100644 --- a/.github/actions/configure-aws-credentials/action.yml +++ b/.github/actions/configure-aws-credentials/action.yml @@ -61,7 +61,7 @@ runs: echo "AWS_REGION=$AWS_REGION" >> "$GITHUB_ENV" shell: bash - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v3 + uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: ${{ env.AWS_ROLE_TO_ASSUME }} aws-region: ${{ env.AWS_REGION }} diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index c6bf4261e..058adf2c2 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -42,7 +42,7 @@ jobs: id-token: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: ${{ inputs.ref }} diff --git a/.github/workflows/cd-analytics-infra.yml b/.github/workflows/cd-analytics-infra.yml index 3bdf1203d..b7aaf9f98 100644 --- a/.github/workflows/cd-analytics-infra.yml +++ b/.github/workflows/cd-analytics-infra.yml @@ -20,8 +20,8 @@ jobs: id-token: write steps: - - uses: actions/checkout@v3 - - uses: hashicorp/setup-terraform@v2 + - uses: actions/checkout@v4 + - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.8.2 terraform_wrapper: false @@ -49,8 +49,8 @@ jobs: id-token: write steps: - - uses: actions/checkout@v3 - - uses: hashicorp/setup-terraform@v2 + - uses: actions/checkout@v4 + - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.8.2 terraform_wrapper: false diff --git a/.github/workflows/cd-api-infra.yml b/.github/workflows/cd-api-infra.yml index afaa15d36..5b607ad20 100644 --- a/.github/workflows/cd-api-infra.yml +++ b/.github/workflows/cd-api-infra.yml @@ -20,8 +20,8 @@ jobs: id-token: write steps: - - uses: actions/checkout@v3 - - uses: hashicorp/setup-terraform@v2 + - uses: actions/checkout@v4 + - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.8.2 terraform_wrapper: false @@ -48,8 +48,8 @@ jobs: id-token: write steps: - - uses: actions/checkout@v3 - - uses: hashicorp/setup-terraform@v2 + - uses: actions/checkout@v4 + - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.8.2 terraform_wrapper: false diff --git a/.github/workflows/cd-frontend-infra.yml b/.github/workflows/cd-frontend-infra.yml index 8d10624a2..f1dc46d09 100644 --- a/.github/workflows/cd-frontend-infra.yml +++ b/.github/workflows/cd-frontend-infra.yml @@ -20,8 +20,8 @@ jobs: id-token: write steps: - - uses: actions/checkout@v3 - - uses: hashicorp/setup-terraform@v2 + - uses: actions/checkout@v4 + - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.8.2 terraform_wrapper: false @@ -48,8 +48,8 @@ jobs: id-token: write steps: - - uses: actions/checkout@v3 - - uses: hashicorp/setup-terraform@v2 + - uses: actions/checkout@v4 + - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.8.2 terraform_wrapper: false diff --git a/.github/workflows/cd-storybook.yml b/.github/workflows/cd-storybook.yml index ddd07cac0..340f32ade 100644 --- a/.github/workflows/cd-storybook.yml +++ b/.github/workflows/cd-storybook.yml @@ -26,15 +26,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version: 18 cache-dependency-path: ./frontend/package-lock.json # or yarn.lock cache: npm # or yarn - name: Setup Pages - uses: actions/configure-pages@v2 + uses: actions/configure-pages@v5 id: pages_config - name: Install dependencies run: npm ci @@ -43,7 +43,7 @@ jobs: run: NEXT_PUBLIC_BASE_PATH=${{ steps.pages_config.outputs.base_path }} npm run storybook-build working-directory: ./frontend - name: Upload artifact - uses: actions/upload-pages-artifact@v1 + uses: actions/upload-pages-artifact@v3 with: path: ./frontend/storybook-static @@ -56,4 +56,4 @@ jobs: steps: - name: Deploy to GitHub Pages id: hosting - uses: actions/deploy-pages@v1 + uses: actions/deploy-pages@v4 diff --git a/.github/workflows/check-infra-auth.yml b/.github/workflows/check-infra-auth.yml index 3e908148e..10cd5cf8f 100644 --- a/.github/workflows/check-infra-auth.yml +++ b/.github/workflows/check-infra-auth.yml @@ -21,9 +21,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v3 + uses: aws-actions/configure-aws-credentials@v4 with: aws-region: ${{ inputs.aws_region }} role-to-assume: ${{ inputs.role_to_assume }} diff --git a/.github/workflows/ci-analytics.yml b/.github/workflows/ci-analytics.yml index c37608d2e..26c20471a 100644 --- a/.github/workflows/ci-analytics.yml +++ b/.github/workflows/ci-analytics.yml @@ -22,13 +22,13 @@ jobs: ACTION: show-results # show results, but don't post them to slack steps: # set up python - - uses: actions/checkout@v3 - - uses: actions/setup-python@v4 + - uses: actions/checkout@v4 + - uses: actions/setup-python@v5 with: python-version: "3.12" # install poetry - - uses: Gr1N/setup-poetry@v8 + - uses: Gr1N/setup-poetry@v9 - name: Install analytics package using poetry run: make install diff --git a/.github/workflows/ci-api.yml b/.github/workflows/ci-api.yml index 85865ce2c..4707aadc3 100644 --- a/.github/workflows/ci-api.yml +++ b/.github/workflows/ci-api.yml @@ -16,7 +16,7 @@ jobs: name: API Lint, Format & Tests runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Initialize the docker containers run: make init diff --git a/.github/workflows/ci-erd-diagrams.yml b/.github/workflows/ci-erd-diagrams.yml index acd62fe72..f5a81b494 100644 --- a/.github/workflows/ci-erd-diagrams.yml +++ b/.github/workflows/ci-erd-diagrams.yml @@ -25,7 +25,7 @@ jobs: update-database-erd: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: # Checkout the feature branch associated with the pull request ref: ${{ github.head_ref }} diff --git a/.github/workflows/ci-frontend-a11y.yml b/.github/workflows/ci-frontend-a11y.yml index dab69f8a3..b7ed6613c 100644 --- a/.github/workflows/ci-frontend-a11y.yml +++ b/.github/workflows/ci-frontend-a11y.yml @@ -67,7 +67,7 @@ jobs: - name: Upload screenshots to artifacts if: always() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: screenshots path: ./frontend/screenshots-output diff --git a/.github/workflows/ci-frontend-e2e.yml b/.github/workflows/ci-frontend-e2e.yml index 1a1712993..5e2ef9bea 100644 --- a/.github/workflows/ci-frontend-e2e.yml +++ b/.github/workflows/ci-frontend-e2e.yml @@ -26,10 +26,10 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Setup Node.js - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: ${{ env.PACKAGE_MANAGER }} @@ -53,7 +53,7 @@ jobs: - name: Run E2E Tests run: npm run test:e2e - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 if: always() with: name: playwright-report diff --git a/.github/workflows/ci-frontend.yml b/.github/workflows/ci-frontend.yml index 67766d706..f18dad641 100644 --- a/.github/workflows/ci-frontend.yml +++ b/.github/workflows/ci-frontend.yml @@ -26,8 +26,8 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache-dependency-path: ${{ env.LOCKFILE_PATH }} @@ -61,15 +61,15 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache-dependency-path: ${{ env.LOCKFILE_PATH }} cache: ${{ env.PACKAGE_MANAGER }} # https://nextjs.org/docs/advanced-features/ci-build-caching - - uses: actions/cache@v3 + - uses: actions/cache@v4 with: path: | ~/.npm @@ -89,8 +89,8 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache-dependency-path: ${{ env.LOCKFILE_PATH }} diff --git a/.github/workflows/ci-infra.yml b/.github/workflows/ci-infra.yml index 92885ae7c..70cac2079 100644 --- a/.github/workflows/ci-infra.yml +++ b/.github/workflows/ci-infra.yml @@ -21,7 +21,7 @@ jobs: name: Lint GitHub Actions workflows runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Download actionlint id: get_actionlint run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) @@ -33,15 +33,15 @@ jobs: name: Lint scripts runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Shellcheck run: make infra-lint-scripts check-terraform-format: name: Check Terraform format runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: hashicorp/setup-terraform@v2 + - uses: actions/checkout@v4 + - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.8.2 terraform_wrapper: false @@ -53,8 +53,8 @@ jobs: name: Validate Terraform modules runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: hashicorp/setup-terraform@v2 + - uses: actions/checkout@v4 + - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.8.2 terraform_wrapper: false @@ -64,8 +64,8 @@ jobs: name: Check compliance with checkov runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-python@v4 + - uses: actions/checkout@v4 + - uses: actions/setup-python@v5 with: python-version: "3.10" - name: Run Checkov check @@ -88,7 +88,7 @@ jobs: pull-requests: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Run tfsec check uses: aquasecurity/tfsec-pr-commenter-action@v1.3.1 with: diff --git a/.github/workflows/ci-openapi.yml b/.github/workflows/ci-openapi.yml index ca082c624..276238cee 100644 --- a/.github/workflows/ci-openapi.yml +++ b/.github/workflows/ci-openapi.yml @@ -24,7 +24,7 @@ jobs: update-openapi-docs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: # Checkout the feature branch associated with the pull request ref: ${{ github.head_ref }} diff --git a/.github/workflows/ci-project-linters.yml b/.github/workflows/ci-project-linters.yml index ff173c1a2..c2f5f236e 100644 --- a/.github/workflows/ci-project-linters.yml +++ b/.github/workflows/ci-project-linters.yml @@ -18,7 +18,7 @@ jobs: env: GH_TOKEN: ${{ secrets.GH_TOKEN_PROJECT_ACCESS }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Dry run - Close open issues marked as "Done" in Sprint Board run: | diff --git a/.github/workflows/ci-wiki-links.yml b/.github/workflows/ci-wiki-links.yml index b163f614e..9b7a9c726 100644 --- a/.github/workflows/ci-wiki-links.yml +++ b/.github/workflows/ci-wiki-links.yml @@ -18,7 +18,7 @@ jobs: name: Check wiki links in SUMMARY.md runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Check all wiki files are linked in SUMMARY.md run: ./scripts/check-wiki-pages-linked-to-summary.sh diff --git a/.github/workflows/database-migrations.yml b/.github/workflows/database-migrations.yml index 8c295a10e..bd4bfa0de 100644 --- a/.github/workflows/database-migrations.yml +++ b/.github/workflows/database-migrations.yml @@ -32,7 +32,7 @@ jobs: id-token: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Configure AWS credentials uses: ./.github/actions/configure-aws-credentials diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 42ed679a1..17ed9afdc 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -31,7 +31,7 @@ jobs: contents: read id-token: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Configure AWS credentials uses: ./.github/actions/configure-aws-credentials diff --git a/.github/workflows/infra-service.yml b/.github/workflows/infra-service.yml index 32d8d19ea..9a3333c46 100644 --- a/.github/workflows/infra-service.yml +++ b/.github/workflows/infra-service.yml @@ -18,14 +18,14 @@ jobs: id-token: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - - uses: hashicorp/setup-terraform@v2 + - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.8.2 terraform_wrapper: false - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v5 with: go-version: ">=1.19.0" diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index be097841b..bd064d688 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -20,4 +20,4 @@ jobs: pull-requests: write runs-on: ubuntu-latest steps: - - uses: actions/labeler@v4 \ No newline at end of file + - uses: actions/labeler@v5 \ No newline at end of file diff --git a/.github/workflows/lint-close-done-issues.yml b/.github/workflows/lint-close-done-issues.yml index 462e131a6..6f8e89dd9 100644 --- a/.github/workflows/lint-close-done-issues.yml +++ b/.github/workflows/lint-close-done-issues.yml @@ -16,7 +16,7 @@ jobs: env: GH_TOKEN: ${{ secrets.GH_TOKEN_PROJECT_ACCESS }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Close open issues marked as "Done" in Sprint Board run: | diff --git a/.github/workflows/vulnerability-scans.yml b/.github/workflows/vulnerability-scans.yml index 634ccad15..1e6b2f8da 100644 --- a/.github/workflows/vulnerability-scans.yml +++ b/.github/workflows/vulnerability-scans.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # Scans Dockerfile for any bad practices or issues - name: Scan Dockerfile by hadolint @@ -39,14 +39,14 @@ jobs: image: ${{ steps.shared-output.outputs.image }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@master - name: Cache Docker layers id: cache-buildx - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: /tmp/.buildx-cache key: ${{ inputs.app_name }}-buildx-${{ github.sha }} @@ -81,7 +81,7 @@ jobs: - name: Cache Docker image if: steps.cache-buildx.outputs.cache-hit != 'true' - uses: actions/cache/save@v3 + uses: actions/cache/save@v4 with: path: /tmp/docker-image.tar key: ${{ inputs.app_name }}-docker-image-${{ github.sha }} @@ -92,10 +92,10 @@ jobs: needs: build-and-cache steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Restore cached Docker image - uses: actions/cache/restore@v3 + uses: actions/cache/restore@v4 with: path: /tmp/docker-image.tar key: ${{ inputs.app_name }}-docker-image-${{ github.sha }} @@ -128,10 +128,10 @@ jobs: needs: build-and-cache steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Restore cached Docker image - uses: actions/cache/restore@v3 + uses: actions/cache/restore@v4 with: path: /tmp/docker-image.tar key: ${{ inputs.app_name }}-docker-image-${{ github.sha }} @@ -143,7 +143,7 @@ jobs: docker load < /tmp/docker-image.tar - name: Run Anchore vulnerability scan - uses: anchore/scan-action@v3 + uses: anchore/scan-action@v4 with: image: ${{ needs.build-and-cache.outputs.image }} output-format: table @@ -159,10 +159,10 @@ jobs: needs: build-and-cache steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Restore cached Docker image - uses: actions/cache/restore@v3 + uses: actions/cache/restore@v4 with: path: /tmp/docker-image.tar key: ${{ inputs.app_name }}-docker-image-${{ github.sha }}