From 5e281552411ab6622619fa8e9f1e1cd5f9d9770c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 1 Oct 2024 00:33:19 +0000 Subject: [PATCH] build(deps): Bump the github-actions group with 2 updates Bumps the github-actions group with 2 updates: [docker/build-push-action](https://github.com/docker/build-push-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `docker/build-push-action` from 6.8.0 to 6.9.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/32945a339266b759abcbdc89316275140b0fc960...4f58ea79222b3b9dc2c8bbdd6debcef730109a75) Updates `github/codeql-action` from 3.26.9 to 3.26.10 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/461ef6c76dfe95d5c364de2f431ddbd31a417628...e2b3eafc8d227b0241d48be5f425d47c2d750a13) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/at_server.yaml | 18 +++++++++--------- .github/workflows/at_server_dev_deploy.yaml | 2 +- .github/workflows/at_server_prod_deploy.yaml | 2 +- .github/workflows/codeql.yml | 6 +++--- .github/workflows/promote_canary.yaml | 4 ++-- .github/workflows/scorecards.yml | 2 +- .github/workflows/ve_base.yaml | 2 +- .github/workflows/vip_rebuild.yaml | 4 ++-- 8 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/at_server.yaml b/.github/workflows/at_server.yaml index 787a0930b..f5d477ee7 100644 --- a/.github/workflows/at_server.yaml +++ b/.github/workflows/at_server.yaml @@ -223,7 +223,7 @@ jobs: ls -laR tools/build_virtual_environment/ve/* - name: Build docker image - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: file: tools/build_virtual_environment/ve/Dockerfile context: tools/build_virtual_environment/ve @@ -301,7 +301,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for x64 id: docker_build_secondary - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: push: true provenance: false @@ -660,7 +660,7 @@ jobs: # Builds and pushes the at_virtual_env to docker hub. - name: Build and push id: docker_build - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: file: tools/build_virtual_environment/ve/Dockerfile.vip context: . @@ -714,7 +714,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for amd64 and arm64 id: docker_build_secondary - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: push: true provenance: false @@ -769,7 +769,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for amd64 and arm64 id: docker_build_observable_secondary - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: push: true provenance: false @@ -826,7 +826,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for amd64 and arm64 id: docker_build_secondary - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: push: true provenance: false @@ -890,7 +890,7 @@ jobs: - name: Build and push id: docker_build - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: file: tools/build_virtual_environment/ve/Dockerfile.vip context: . @@ -956,7 +956,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for amd64 and arm64 id: docker_build_secondary - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: push: true provenance: false @@ -1010,7 +1010,7 @@ jobs: - name: Build and push id: docker_build - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: file: tools/build_virtual_environment/ve/Dockerfile.vip context: . diff --git a/.github/workflows/at_server_dev_deploy.yaml b/.github/workflows/at_server_dev_deploy.yaml index 0d2a0fddb..173a5c6bd 100644 --- a/.github/workflows/at_server_dev_deploy.yaml +++ b/.github/workflows/at_server_dev_deploy.yaml @@ -31,7 +31,7 @@ jobs: # Build the Docker image for Dev - name: Build and push - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: file: packages/at_root_server/Dockerfile context: packages/at_root_server diff --git a/.github/workflows/at_server_prod_deploy.yaml b/.github/workflows/at_server_prod_deploy.yaml index d0669d632..c28cc4548 100644 --- a/.github/workflows/at_server_prod_deploy.yaml +++ b/.github/workflows/at_server_prod_deploy.yaml @@ -37,7 +37,7 @@ jobs: # Build the Docker image for Dev - name: Build and push id: docker_build - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: file: packages/at_root_server/Dockerfile context: packages/at_root_server diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 3ad49cd32..9e6722d83 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 + uses: github/codeql-action/init@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 + uses: github/codeql-action/autobuild@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 + uses: github/codeql-action/analyze@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/promote_canary.yaml b/.github/workflows/promote_canary.yaml index d1ccbebf7..4a4cb5ed5 100644 --- a/.github/workflows/promote_canary.yaml +++ b/.github/workflows/promote_canary.yaml @@ -40,7 +40,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for amd64 and arm64 id: docker_build_canary_to_prod - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: push: true provenance: false @@ -101,7 +101,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push virtualenv image for amd64 and arm64 id: docker_build_canary_to_vip - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: push: true file: tools/build_virtual_environment/ve/Dockerfile.canary_to_vip diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 28cd740bc..ad0783887 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 + uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10 with: sarif_file: results.sarif diff --git a/.github/workflows/ve_base.yaml b/.github/workflows/ve_base.yaml index 2e670de3d..d7c007d72 100644 --- a/.github/workflows/ve_base.yaml +++ b/.github/workflows/ve_base.yaml @@ -25,7 +25,7 @@ jobs: - name: Build and push id: docker_build - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: file: tools/build_virtual_environment/ve_base/Dockerfile push: true diff --git a/.github/workflows/vip_rebuild.yaml b/.github/workflows/vip_rebuild.yaml index ead0c2cd7..4e55c2d07 100644 --- a/.github/workflows/vip_rebuild.yaml +++ b/.github/workflows/vip_rebuild.yaml @@ -33,7 +33,7 @@ jobs: - name: Build and push new VE base id: docker_build_base - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: file: tools/build_virtual_environment/ve_base/Dockerfile push: true @@ -84,7 +84,7 @@ jobs: - name: Build and push vip id: docker_build_vip - uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: file: tools/build_virtual_environment/ve/Dockerfile.vip context: .