diff --git a/.github/workflows/crowdstrike-scan-test.yaml b/.github/workflows/crowdstrike-scan-test.yaml index bf47d2b..e710201 100644 --- a/.github/workflows/crowdstrike-scan-test.yaml +++ b/.github/workflows/crowdstrike-scan-test.yaml @@ -14,7 +14,7 @@ jobs: - name: 861208160487.dkr.ecr.eu-central-1.amazonaws.com/cardoai-eu-ar-ecr-repository-oxygen:backend-main steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: EU ECR login uses: CardoAI/composite/ecrlogin_with_role@main diff --git a/.github/workflows/single-arch-build.yaml b/.github/workflows/single-arch-build.yaml index 90ec8f1..3d685eb 100644 --- a/.github/workflows/single-arch-build.yaml +++ b/.github/workflows/single-arch-build.yaml @@ -18,11 +18,11 @@ on: directory: description: The directory containing the Dockerfile. type: string - default: '.' + default: "." context: description: The context for the Dockerfile. type: string - default: '.' + default: "." tag: description: The tag to use for the image. type: string @@ -47,11 +47,11 @@ on: build-args: description: The build arguments to pass to the Docker build command. type: string - default: '' + default: "" docker-driver: description: The Docker driver to use for building the image. type: string - default: 'docker-container' + default: "docker-container" aws-region: description: The AWS region where the ECR repository is located. type: string @@ -72,22 +72,22 @@ on: # gh_pat: # description: The GitHub Personal Access Token to access the repository. # required: true - + jobs: build_image: name: ${{ inputs.os}}/${{ inputs.architecture }} runs-on: ${{ inputs.runner-id }} steps: - name: Check out code - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 with: - # token: ${{ secrets.gh_pat }} + # token: ${{ secrets.gh_pat }} ref: ${{ inputs.sha }} fetch-depth: 0 - submodules: 'true' + submodules: "true" - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 with: driver: ${{ inputs.docker-driver }} @@ -97,7 +97,7 @@ jobs: with: aws-region: ${{ inputs.base-image-aws-region }} aws-id: ${{ inputs.base-image-aws-id }} - + - name: ECR login uses: CardoAI/composite/ecrlogin_with_role@main with: @@ -126,7 +126,7 @@ jobs: medium-threshold: 0 low-threshold: 0 other-threshold: 0 - + - name: Push Docker image id: push-image shell: bash diff --git a/.github/workflows/single-platform-docker-build.yaml b/.github/workflows/single-platform-docker-build.yaml index 0dbac27..02c643f 100644 --- a/.github/workflows/single-platform-docker-build.yaml +++ b/.github/workflows/single-platform-docker-build.yaml @@ -17,7 +17,7 @@ on: context: description: The Docker build context. type: string - default: '.' + default: "." repositories: description: The AWS ECR repositories to push the image to (JSON string list). type: string @@ -37,7 +37,7 @@ on: extra-args: description: The extra arguments to pass to the Docker build command. type: string - default: '' + default: "" base-image-aws-account-id: description: The AWS account ID where the base image is located. type: string @@ -48,18 +48,18 @@ on: default: eu-central-1 jobs: single-platform-docker-build: - name: '${{ inputs.tag }} - ${{ inputs.platform }}' + name: "${{ inputs.tag }} - ${{ inputs.platform }}" runs-on: ${{ inputs.github-runner }} steps: - name: Check out code - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 with: ref: ${{ inputs.sha }} fetch-depth: 0 - submodules: 'true' + submodules: "true" - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Login to ECR for base image if: ${{ (inputs.base-image-aws-region != '') && (inputs.base-image-aws-account-id != '') }} @@ -67,7 +67,7 @@ jobs: env: REGISTRY: ${{ inputs.base-image-aws-account-id }}.dkr.ecr.${{ inputs.base-image-aws-region }}.amazonaws.com run: | - set -e + set -e docker login --username AWS -p $(aws ecr get-login-password --region ${{ inputs.base-image-aws-region }}) "${REGISTRY}" - name: Build Docker image diff --git a/acrlogin/action.yaml b/acrlogin/action.yaml index 3f8b6ab..ca726aa 100644 --- a/acrlogin/action.yaml +++ b/acrlogin/action.yaml @@ -1,25 +1,25 @@ -name: 'Login ACR' -description: 'Login to ACR' +name: "Login ACR" +description: "Login to ACR" inputs: aws-access-key-id: required: true - description: 'key-id' + description: "key-id" aws-secret-access-key: required: true - description: 'key-id' + description: "key-id" aws-region: required: true - description: 'key-id' + description: "key-id" runs: using: composite steps: - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@v6.0.0 with: aws-access-key-id: ${{ inputs.aws-access-key-id }} aws-secret-access-key: ${{ inputs.aws-secret-access-key }} aws-region: ${{ inputs.aws-region}} - name: Login to Amazon ECR id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 + uses: aws-actions/amazon-ecr-login@v2.1.0 diff --git a/build_image_sha/action.yaml b/build_image_sha/action.yaml index f6198e4..dafa9cb 100644 --- a/build_image_sha/action.yaml +++ b/build_image_sha/action.yaml @@ -18,14 +18,14 @@ runs: using: composite steps: - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 - + uses: docker/setup-buildx-action@v4 + - name: Build and tag image id: build-image shell: bash run: | echo "${{ inputs.arguments }}" - DOCKER_BUILDKIT=1 docker buildx build -f ${{ inputs.location }} . --cache-from ${{ inputs.ECR_REGISTRY }}/${{ inputs.service }}:${GITHUB_REF#refs/heads/} -t ${{ inputs.ECR_REGISTRY }}/${{ inputs.service }}:${GITHUB_REF#refs/heads/} ${{ inputs.arguments }} --build-arg BUILDKIT_INLINE_CACHE=1 --load + DOCKER_BUILDKIT=1 docker buildx build -f ${{ inputs.location }} . --cache-from ${{ inputs.ECR_REGISTRY }}/${{ inputs.service }}:${GITHUB_REF#refs/heads/} -t ${{ inputs.ECR_REGISTRY }}/${{ inputs.service }}:${GITHUB_REF#refs/heads/} ${{ inputs.arguments }} --build-arg BUILDKIT_INLINE_CACHE=1 --load image_tag="${{ inputs.ECR_REGISTRY }}/${{ inputs.service }}:${GITHUB_REF#refs/heads/}" echo "image-tag=$image_tag" >> $GITHUB_ENV echo "image-tag=$image_tag" >> $GITHUB_OUTPUT diff --git a/create_multi_arch_manifest/action.yaml b/create_multi_arch_manifest/action.yaml index 806f91d..d5a28f5 100644 --- a/create_multi_arch_manifest/action.yaml +++ b/create_multi_arch_manifest/action.yaml @@ -22,19 +22,19 @@ runs: run: | echo "Registry: ${{ inputs.registry }}" echo "Image: ${{ inputs.image }}" - echo "Tag: ${{ inputs.tag }}" + echo "Tag: ${{ inputs.tag }}" echo "Tag Suffixes: ${{ inputs.tag-suffixes }}" - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 - + uses: docker/setup-buildx-action@v4 + - name: Create and push manifest shell: bash run: | #! /bin/bash # Enable docker manifest command export DOCKER_CLI_EXPERIMENTAL=enabled - + IFS=',' read -ra suffixes <<< "${{ inputs.tag-suffixes }}" # Build manifest create command @@ -45,6 +45,6 @@ runs: suffix="${suffixes[$i]}" manifest_cmd+=" ${{ inputs.registry }}/${{ inputs.image }}:${{ inputs.tag }}-${suffix}" done - + echo "Running manifest command: $manifest_cmd" - $manifest_cmd \ No newline at end of file + $manifest_cmd diff --git a/lint_test/action.yaml b/lint_test/action.yaml index ef835c5..9027dc8 100644 --- a/lint_test/action.yaml +++ b/lint_test/action.yaml @@ -1,22 +1,22 @@ -name: 'lint and test' -description: 'This action will lint and test the code' +name: "lint and test" +description: "This action will lint and test the code" inputs: requirements: required: true - description: 'requirements namefile' + description: "requirements namefile" virtualenv: required: true - description: 'virtualenv name' + description: "virtualenv name" lint: - description: 'lint condition' + description: "lint condition" test: - description: 'test condition' + description: "test condition" runs: using: composite steps: - uses: actions/checkout@v6 # - name: Set up Python 3.10 - # uses: actions/setup-python@v4 + # uses: actions/setup-python@v6.2.0 # with: # python-version: '3.10' - name: Lint and Test diff --git a/lint_test_python/action.yaml b/lint_test_python/action.yaml index 664e6f0..f16dc73 100644 --- a/lint_test_python/action.yaml +++ b/lint_test_python/action.yaml @@ -22,7 +22,7 @@ runs: steps: - uses: actions/checkout@v6 - name: Set up Python Version - uses: actions/setup-python@v4 + uses: actions/setup-python@v6.2.0 with: python-version: ${{ inputs.python-version }} - name: Lint and Test diff --git a/multi-platform-manifest/action.yaml b/multi-platform-manifest/action.yaml index e7f36e5..9b08be3 100644 --- a/multi-platform-manifest/action.yaml +++ b/multi-platform-manifest/action.yaml @@ -19,7 +19,7 @@ runs: using: composite steps: - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Login to ECR shell: bash @@ -41,5 +41,5 @@ runs: for suffix in $(echo "${TAG_SUFFIXES}" | jq -r '.[]'); do TAGS_TO_MERGE+=" ${FINAL_TAG}-${suffix}" done - + docker buildx imagetools create -t ${FINAL_TAG} ${TAGS_TO_MERGE} diff --git a/single-platform-docker-build-v2/action.yaml b/single-platform-docker-build-v2/action.yaml index da481a9..0c70605 100644 --- a/single-platform-docker-build-v2/action.yaml +++ b/single-platform-docker-build-v2/action.yaml @@ -12,7 +12,7 @@ inputs: context: description: The Docker build context. type: string - default: '.' + default: "." repositories: description: The AWS ECR repositories to push the image to (JSON string list). type: string @@ -32,11 +32,11 @@ inputs: extra-args: description: The extra arguments to pass to the Docker build command. type: string - default: '' + default: "" docker-driver: description: The Docker driver to use for building the image. type: string - default: 'docker-container' + default: "docker-container" base-image-aws-account-id: description: The AWS account ID where the base image is located. type: string @@ -54,10 +54,10 @@ runs: with: ref: ${{ inputs.sha }} fetch-depth: 0 - submodules: 'true' + submodules: "true" - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 with: driver: ${{ inputs.docker-driver }} @@ -95,17 +95,17 @@ runs: run: | #! /bin/bash echo "Building image ${{ inputs.tag }}" - + # Get the first repository for caching FIRST_REPO=$(echo "${REPOSITORIES}" | jq -c '.[0]') NAME=$(echo "${FIRST_REPO}" | jq -r '.name') ACCOUNT_ID=$(echo "${FIRST_REPO}" | jq -r '.account_id') REGION=$(echo "${FIRST_REPO}" | jq -r '.region') REGISTRY="${ACCOUNT_ID}.dkr.ecr.${REGION}.amazonaws.com" - + # Cache reference CACHE_REF="${REGISTRY}/${NAME}:cache-${{ inputs.tag }}" - + # Cache args if not using Docker driver CACHE_ARGS="" if [[ "${{ inputs.docker-driver }}" != "docker" ]]; then diff --git a/single-platform-docker-build-v3/action.yaml b/single-platform-docker-build-v3/action.yaml index 585975f..8eb0a91 100644 --- a/single-platform-docker-build-v3/action.yaml +++ b/single-platform-docker-build-v3/action.yaml @@ -52,7 +52,7 @@ runs: submodules: "true" - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 with: driver: ${{ inputs.docker-driver }} diff --git a/single-platform-docker-build-v4/action.yaml b/single-platform-docker-build-v4/action.yaml index 3803303..9256074 100644 --- a/single-platform-docker-build-v4/action.yaml +++ b/single-platform-docker-build-v4/action.yaml @@ -52,7 +52,7 @@ runs: submodules: "true" - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 with: driver: ${{ inputs.docker-driver }} diff --git a/single-platform-docker-build-v5/action.yaml b/single-platform-docker-build-v5/action.yaml index 372e32b..a2ad79d 100644 --- a/single-platform-docker-build-v5/action.yaml +++ b/single-platform-docker-build-v5/action.yaml @@ -52,7 +52,7 @@ runs: submodules: "true" - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 with: driver: ${{ inputs.docker-driver }} diff --git a/single-platform-docker-build/action.yaml b/single-platform-docker-build/action.yaml index 7a970b7..7b57c67 100644 --- a/single-platform-docker-build/action.yaml +++ b/single-platform-docker-build/action.yaml @@ -12,7 +12,7 @@ inputs: context: description: The Docker build context. type: string - default: '.' + default: "." repositories: description: The AWS ECR repositories to push the image to (JSON string list). type: string @@ -32,7 +32,7 @@ inputs: extra-args: description: The extra arguments to pass to the Docker build command. type: string - default: '' + default: "" base-image-aws-account-id: description: The AWS account ID where the base image is located. type: string @@ -50,10 +50,10 @@ runs: with: ref: ${{ inputs.sha }} fetch-depth: 0 - submodules: 'true' + submodules: "true" - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Login to ECR for base image if: ${{ (inputs.base-image-aws-region != '') && (inputs.base-image-aws-account-id != '') }} diff --git a/sonarqube-dotnet/action.yaml b/sonarqube-dotnet/action.yaml index 35df0f1..39444a9 100644 --- a/sonarqube-dotnet/action.yaml +++ b/sonarqube-dotnet/action.yaml @@ -36,24 +36,24 @@ runs: # Disabling shallow clones is recommended for improving the relevancy of reporting fetch-depth: 0 - name: Set up JDK 17 - uses: actions/setup-java@v4 + uses: actions/setup-java@v5.2.0 with: java-version: 17 - distribution: 'zulu' # Alternative distribution options are available. + distribution: "zulu" # Alternative distribution options are available. - name: Expose baked-in .NET globally shell: bash run: | sudo ln -sf /home/runner/.dotnet/dotnet /usr/bin/dotnet echo "DOTNET_ROOT=/home/runner/.dotnet" >> $GITHUB_ENV - name: Cache SonarQube packages - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~\.sonar\cache key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar - name: Cache SonarQube scanner id: cache-sonar-scanner - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: .\.sonar\scanner key: ${{ runner.os }}-sonar-scanner diff --git a/sonarqube/action.yaml b/sonarqube/action.yaml index 406a05e..5f69eff 100644 --- a/sonarqube/action.yaml +++ b/sonarqube/action.yaml @@ -20,9 +20,9 @@ runs: # Disabling shallow clones is recommended for improving the relevancy of reporting fetch-depth: 0 - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6.3.0 with: - node-version: 22 + node-version: 24 - name: Get SonarQube Project Info id: project-info shell: bash @@ -30,7 +30,7 @@ runs: echo "project_name=${GITHUB_REPOSITORY#*/}" >> "$GITHUB_OUTPUT" echo "project_key=repository_id:${{ github.repository_id }}" >> "$GITHUB_OUTPUT" - name: SonarQube Scan - uses: SonarSource/sonarqube-scan-action@v6.0.0 + uses: SonarSource/sonarqube-scan-action@v7.0.0 env: SONAR_TOKEN: ${{ inputs.sonar-token }} SONAR_HOST_URL: ${{ inputs.sonar-host-url }} @@ -38,4 +38,4 @@ runs: args: >- -Dsonar.projectName=${{ steps.project-info.outputs.project_name }} -Dsonar.projectKey=${{ steps.project-info.outputs.project_key }} - ${{ inputs.sonar-additional-args }} \ No newline at end of file + ${{ inputs.sonar-additional-args }}