From 7c4cfb44769e96057a64bc1a9abe51f904ea6751 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 15 Jan 2025 17:44:58 +0000 Subject: [PATCH 1/2] chore(deps): update all actions --- .github/workflows/continuous-delivery.yml | 8 ++++---- .github/workflows/continuous-integration.yml | 8 ++++---- .github/workflows/publish-image.yml | 6 +++--- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index aa58d4c6a..7ed3cf021 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -142,7 +142,7 @@ jobs: ref: ${{ needs.merge.outputs.sha }} - name: Start deployment - uses: bobheadxi/deployments@88ce5600046c82542f8246ac287d0a53c461bca3 # v1.4.0 + uses: bobheadxi/deployments@648679e8e4915b27893bd7dbc35cb504dc915bc8 # v1.5.0 id: start_deployment with: step: start @@ -163,7 +163,7 @@ jobs: docker-compose up -d - name: Finalize Sentry release - uses: getsentry/action-release@4744f6a65149f441c5f396d5b0877307c0db52c7 # v1.4.1 + uses: getsentry/action-release@f6dfa3d84a1c740b94aa45255c5e032b744a095d # v1.9.0 env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ vars.SENTRY_ORG_NAME }} @@ -174,7 +174,7 @@ jobs: set_commits: skip - name: Finish deployment - uses: bobheadxi/deployments@88ce5600046c82542f8246ac287d0a53c461bca3 # v1.4.0 + uses: bobheadxi/deployments@648679e8e4915b27893bd7dbc35cb504dc915bc8 # v1.5.0 if: steps.start_deployment.conclusion == 'success' && always() with: step: finish @@ -211,7 +211,7 @@ jobs: done - name: Update Continuous Delivery check run - uses: guidojw/actions/update-check-run@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/update-check-run@3ad963828827110a6b716a011f242bf01fdf1db4 # v1.4.7 with: app_id: ${{ vars.GH_APP_ID }} private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 71e38ba57..5ae60d002 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -27,7 +27,7 @@ jobs: ref: ${{ inputs.sha }} - name: Build test image - uses: guidojw/actions/build-docker-image@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/build-docker-image@3ad963828827110a6b716a011f242bf01fdf1db4 # v1.4.7 with: file: Dockerfile target: base @@ -54,7 +54,7 @@ jobs: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) 1.7.6 - name: Load test image - uses: guidojw/actions/load-docker-image@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/load-docker-image@3ad963828827110a6b716a011f242bf01fdf1db4 # v1.4.7 with: name: app @@ -80,7 +80,7 @@ jobs: ref: ${{ inputs.sha }} - name: Load test image - uses: guidojw/actions/load-docker-image@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/load-docker-image@3ad963828827110a6b716a011f242bf01fdf1db4 # v1.4.7 with: name: app @@ -98,7 +98,7 @@ jobs: - name: Upload coverage report artifact if: ${{ !cancelled() }} - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: coverage path: coverage/ diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml index c80e76205..0d909d908 100644 --- a/.github/workflows/publish-image.yml +++ b/.github/workflows/publish-image.yml @@ -72,7 +72,7 @@ jobs: - name: Build and push image id: build_push_image - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 + uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d # v6.12.0 with: push: true context: . @@ -92,7 +92,7 @@ jobs: - name: Create Sentry release if: ${{ !(github.event_name == 'workflow_dispatch' && github.workflow == 'Publish Image') }} - uses: getsentry/action-release@4744f6a65149f441c5f396d5b0877307c0db52c7 # v1.4.1 + uses: getsentry/action-release@f6dfa3d84a1c740b94aa45255c5e032b744a095d # v1.9.0 env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ vars.SENTRY_ORG_NAME }} @@ -123,7 +123,7 @@ jobs: done - name: Update Publish Image check run - uses: guidojw/actions/update-check-run@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: guidojw/actions/update-check-run@3ad963828827110a6b716a011f242bf01fdf1db4 # v1.4.7 with: app_id: ${{ vars.GH_APP_ID }} private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} From 259e417a5b67c146c8bc34c114a91eaea1de89b1 Mon Sep 17 00:00:00 2001 From: Jorai Geertsema Date: Sun, 19 Jan 2025 19:46:58 +0100 Subject: [PATCH 2/2] replace guidojw with louisbrunner check action --- .github/workflows/continuous-delivery.yml | 7 ++++--- .github/workflows/continuous-integration.yml | 4 ++-- .github/workflows/publish-image.yml | 7 ++++--- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index 7ed3cf021..20b73348d 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -196,6 +196,8 @@ jobs: deploy, ] if: (github.ref_name == 'staging' || github.ref_name == 'master') && always() + permissions: + checks: write steps: - name: Get conclusion id: get_conclusion @@ -211,11 +213,10 @@ jobs: done - name: Update Continuous Delivery check run - uses: guidojw/actions/update-check-run@3ad963828827110a6b716a011f242bf01fdf1db4 # v1.4.7 + uses: LouisBrunner/checks-action@6b626ffbad7cc56fd58627f774b9067e6118af23 # v2.0.0 with: - app_id: ${{ vars.GH_APP_ID }} - private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} sha: ${{ needs.merge.outputs.sha }} + token: ${{ github.token }} name: Continuous Delivery conclusion: ${{ steps.get_conclusion.outputs.conclusion }} details_url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 5ae60d002..27b294d37 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -61,8 +61,8 @@ jobs: - name: Lint run: | EXIT_STATUS=0 - ./actionlint -ignore 'property "gh_app_private_key" is not defined' -ignore 'SC2153:' \ - -ignore 'property "sha" is not defined in object type {}' || EXIT_STATUS=$? + ./actionlint -ignore 'SC2153:' -ignore 'property "sha" is not defined in object type {}' || \ + EXIT_STATUS=$? docker run app yarn lint:hbs || EXIT_STATUS=$? docker run app yarn lint:js || EXIT_STATUS=$? docker run app /bin/bash -c 'yarn lint:scss -f github | sed "s|$(pwd)/||g" ; exit ${PIPESTATUS[0]}' || \ diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml index 0d909d908..6c30f3799 100644 --- a/.github/workflows/publish-image.yml +++ b/.github/workflows/publish-image.yml @@ -108,6 +108,8 @@ jobs: runs-on: ubuntu-latest needs: [metadata, publish] if: github.event_name == 'workflow_dispatch' && github.workflow == 'Publish Image' && always() + permissions: + checks: write steps: - name: Get conclusion id: get_conclusion @@ -123,10 +125,9 @@ jobs: done - name: Update Publish Image check run - uses: guidojw/actions/update-check-run@3ad963828827110a6b716a011f242bf01fdf1db4 # v1.4.7 + uses: LouisBrunner/checks-action@6b626ffbad7cc56fd58627f774b9067e6118af23 # v2.0.0 with: - app_id: ${{ vars.GH_APP_ID }} - private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} + token: ${{ github.token }} name: Publish Image conclusion: ${{ steps.get_conclusion.outputs.conclusion }} details_url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}