From 57a3f7663b7a3c20a2a059bdbee198a6feba5f2a Mon Sep 17 00:00:00 2001 From: adkumar1 Date: Tue, 14 May 2024 13:55:22 +0530 Subject: [PATCH 1/2] dependabot pr fix --- .github/workflows/chart-release.yaml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/dependencies.yml | 2 +- .github/workflows/sdfactorypipeline.yml | 4 ++-- .github/workflows/trivy.yml | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/chart-release.yaml b/.github/workflows/chart-release.yaml index 5bd5d89d..7cbfaaaa 100644 --- a/.github/workflows/chart-release.yaml +++ b/.github/workflows/chart-release.yaml @@ -53,6 +53,6 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.4.1 + uses: helm/chart-releaser-action@v1.6.0 env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 875f9fd0..32cb22a5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -69,7 +69,7 @@ jobs: #Setup Java 17 - name: Set up JDK 17 - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '17' distribution: 'adopt' diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml index 69f44dcc..6e9bf3c2 100644 --- a/.github/workflows/dependencies.yml +++ b/.github/workflows/dependencies.yml @@ -41,7 +41,7 @@ jobs: distribution: 'temurin' - name: Cache maven packages - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ~/.m2 key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} diff --git a/.github/workflows/sdfactorypipeline.yml b/.github/workflows/sdfactorypipeline.yml index 535dcb42..fc2cf2aa 100644 --- a/.github/workflows/sdfactorypipeline.yml +++ b/.github/workflows/sdfactorypipeline.yml @@ -74,7 +74,7 @@ jobs: - name: DockerHub login if: github.event_name != 'pull_request' - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: # Use existing DockerHub credentials present as secrets username: ${{ secrets.DOCKER_HUB_USER }} @@ -94,7 +94,7 @@ jobs: # Important step to push image description to DockerHub - name: Update Docker Hub description if: github.event_name != 'pull_request' - uses: peter-evans/dockerhub-description@v3 + uses: peter-evans/dockerhub-description@v4 with: # readme-filepath defaults to toplevel README.md, Only necessary if you have a dedicated file with your 'Notice for docker images' readme-filepath: ./DOCKER_NOTICE.md diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 89464197..9c13a32f 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.18.0 + uses: aquasecurity/trivy-action@0.20.0 with: image-ref: "tractusx/sdfactory:latest" # Pull image from Docker Hub and run Trivy vulnerability scanner format: "sarif" From 27f1a672f7c3ecd259e16b1b62934ecc198123e3 Mon Sep 17 00:00:00 2001 From: adkumar1 Date: Tue, 14 May 2024 13:59:52 +0530 Subject: [PATCH 2/2] update dates --- .github/workflows/chart-release.yaml | 4 ++-- .github/workflows/codeql.yml | 4 ++-- .github/workflows/dependencies.yml | 7 ++++--- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/.github/workflows/chart-release.yaml b/.github/workflows/chart-release.yaml index 7cbfaaaa..78a268de 100644 --- a/.github/workflows/chart-release.yaml +++ b/.github/workflows/chart-release.yaml @@ -1,6 +1,6 @@ ################################################################################# -# Copyright (c) 2022,2023 T-Systems International GmbH -# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation +# Copyright (c) 2022,2024 T-Systems International GmbH +# Copyright (c) 2022,2024 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional # information regarding copyright ownership. diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 32cb22a5..75d9969f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,6 +1,6 @@ ################################################################################# -# Copyright (c) 2024,2025 T-Systems International GmbH -# Copyright (c) 2024,2025 Contributors to the Eclipse Foundation +# Copyright (c) 2023,2024 T-Systems International GmbH +# Copyright (c) 2023,2024 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional # information regarding copyright ownership. diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml index 6e9bf3c2..c73c237e 100644 --- a/.github/workflows/dependencies.yml +++ b/.github/workflows/dependencies.yml @@ -1,5 +1,6 @@ -############################################################### -# Copyright (c) 2024 Contributors to the Eclipse Foundation +################################################################################# +# Copyright (c) 2022,2024 T-Systems International GmbH +# Copyright (c) 2022,2024 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional # information regarding copyright ownership. @@ -15,7 +16,7 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 -############################################################### +################################################################################ name: Check Dependencies