diff --git a/.github/workflows/administration-service-image-update.yml b/.github/workflows/administration-service-image-update.yml index a27c72e2..ccda0860 100644 --- a/.github/workflows/administration-service-image-update.yml +++ b/.github/workflows/administration-service-image-update.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/chart-release.yaml b/.github/workflows/chart-release.yaml index e2fcc161..0787fe3a 100644 --- a/.github/workflows/chart-release.yaml +++ b/.github/workflows/chart-release.yaml @@ -36,7 +36,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index a399ce48..b14bd507 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -42,7 +42,7 @@ jobs: security-events: write steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: KICS scan uses: checkmarx/kics-github-action@94469746ec2c43de89a42fb9d2a80070f5d25b16 # v2.1.3 @@ -69,6 +69,6 @@ jobs: # Upload findings to GitHub Advanced Security Dashboard - name: Upload SARIF file for GitHub Advanced Security Dashboard if: always() - uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 with: sarif_file: kicsResults/results.sarif diff --git a/.github/workflows/localdev-chart-test.yaml b/.github/workflows/localdev-chart-test.yaml index c6c0b20a..78759752 100644 --- a/.github/workflows/localdev-chart-test.yaml +++ b/.github/workflows/localdev-chart-test.yaml @@ -46,7 +46,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -62,7 +62,7 @@ jobs: version: v3.10.3 # Setup python as a prerequisite for chart linting - - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 + - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: '3.9' check-latest: true diff --git a/.github/workflows/maintenance-service-image-update.yml b/.github/workflows/maintenance-service-image-update.yml index 5069f731..af4c2da6 100644 --- a/.github/workflows/maintenance-service-image-update.yml +++ b/.github/workflows/maintenance-service-image-update.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/marketplace-app-service-image-update.yml b/.github/workflows/marketplace-app-service-image-update.yml index faab1900..d9e0687b 100644 --- a/.github/workflows/marketplace-app-service-image-update.yml +++ b/.github/workflows/marketplace-app-service-image-update.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/notification-service-image-update.yml b/.github/workflows/notification-service-image-update.yml index f725b036..0a269a04 100644 --- a/.github/workflows/notification-service-image-update.yml +++ b/.github/workflows/notification-service-image-update.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/portal-assets-image-update.yml b/.github/workflows/portal-assets-image-update.yml index 345b29d0..a7349c46 100644 --- a/.github/workflows/portal-assets-image-update.yml +++ b/.github/workflows/portal-assets-image-update.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/portal-backend-release-image-update.yml b/.github/workflows/portal-backend-release-image-update.yml index fc44636a..f9b5fb2c 100644 --- a/.github/workflows/portal-backend-release-image-update.yml +++ b/.github/workflows/portal-backend-release-image-update.yml @@ -57,7 +57,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/portal-chart-test.yaml b/.github/workflows/portal-chart-test.yaml index 2d21e4c9..593e1908 100644 --- a/.github/workflows/portal-chart-test.yaml +++ b/.github/workflows/portal-chart-test.yaml @@ -47,7 +47,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -67,7 +67,7 @@ jobs: version: v3.10.3 # Setup python as a prerequisite for chart linting - - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 + - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: '3.9' check-latest: true diff --git a/.github/workflows/portal-image-update.yml b/.github/workflows/portal-image-update.yml index f014945d..84e0a439 100644 --- a/.github/workflows/portal-image-update.yml +++ b/.github/workflows/portal-image-update.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/portal-migrations-image-update.yml b/.github/workflows/portal-migrations-image-update.yml index a111eb2c..5c555b3e 100644 --- a/.github/workflows/portal-migrations-image-update.yml +++ b/.github/workflows/portal-migrations-image-update.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/portal-registration-image-update.yml b/.github/workflows/portal-registration-image-update.yml index ea350c6f..f2c09716 100644 --- a/.github/workflows/portal-registration-image-update.yml +++ b/.github/workflows/portal-registration-image-update.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/processes-worker-image-update.yml b/.github/workflows/processes-worker-image-update.yml index e4a8203a..d096209f 100644 --- a/.github/workflows/processes-worker-image-update.yml +++ b/.github/workflows/processes-worker-image-update.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/provisioning-migrations-image-update.yml b/.github/workflows/provisioning-migrations-image-update.yml index d7185ba9..5fe026d6 100644 --- a/.github/workflows/provisioning-migrations-image-update.yml +++ b/.github/workflows/provisioning-migrations-image-update.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/registration-service-image-update.yml b/.github/workflows/registration-service-image-update.yml index 3cb8bd42..34e940ad 100644 --- a/.github/workflows/registration-service-image-update.yml +++ b/.github/workflows/registration-service-image-update.yml @@ -38,7 +38,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/services-service-image-update.yml b/.github/workflows/services-service-image-update.yml index 808d89d8..f1859eb4 100644 --- a/.github/workflows/services-service-image-update.yml +++ b/.github/workflows/services-service-image-update.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Modify image tag in values.yaml run: | diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 6f29f025..75fa0b8d 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -47,7 +47,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run Trivy vulnerability scanner in repo mode uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0 @@ -59,7 +59,7 @@ jobs: vuln-type: "os,library" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 if: always() with: sarif_file: "trivy-results1.sarif" diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml index 05e57ad0..726db9ae 100644 --- a/.github/workflows/trufflehog.yml +++ b/.github/workflows/trufflehog.yml @@ -42,13 +42,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 # Ensure full clone for pull request workflows - name: TruffleHog OSS id: trufflehog - uses: trufflesecurity/trufflehog@b66c1670749c06f8d18f96bcbc5a6b80f7a7108e #v3.82.11 + uses: trufflesecurity/trufflehog@1aa1871f9ae24a8c8a3a48a9345514acf42beb39 #v3.82.13 continue-on-error: true with: path: ./ # Scan the entire repository