diff --git a/.github/workflows/migrations.yml b/.github/workflows/migrations.yml index 2ac22d7b42e..4cbb6457ef8 100644 --- a/.github/workflows/migrations.yml +++ b/.github/workflows/migrations.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: mongodb setup - uses: supercharge/mongodb-github-action@1.10.0 + uses: supercharge/mongodb-github-action@1.12.0 - name: setup uses: actions/setup-node@v4 with: diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 1862d1e897b..b06d31a3d58 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -59,7 +59,7 @@ jobs: - name: Build and push ${{ github.repository }} if: ${{ env.IMAGE_EXISTS == 0 }} - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . file: ./Dockerfile @@ -90,7 +90,7 @@ jobs: - name: Build and push ${{ github.repository }} (file preview) if: ${{ env.IMAGE_EXISTS == 0 }} - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: build-args: | BASE_IMAGE=ghcr.io/${{ github.repository }}:${{ needs.branch_meta.outputs.sha }} @@ -172,7 +172,7 @@ jobs: security-events: write steps: - name: run trivy vulnerability scanner - uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 + uses: aquasecurity/trivy-action@0.29.0 with: image-ref: 'ghcr.io/${{ github.repository }}:${{ needs.branch_meta.outputs.sha }}' format: 'sarif' diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml index cf78afaff0e..80281cfbb41 100644 --- a/.github/workflows/tag.yml +++ b/.github/workflows/tag.yml @@ -39,7 +39,7 @@ jobs: password: ${{ secrets.QUAY_TOKEN }} - name: Build and push ${{ github.repository }} - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . file: ./Dockerfile @@ -60,7 +60,7 @@ jobs: labels: | org.opencontainers.image.title=schulcloud-file-storage - name: Build and push ${{ github.repository }} (file-storage) - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: build-args: | BASE_IMAGE=quay.io/schulcloudverbund/schulcloud-server:${{ github.ref_name }} @@ -81,14 +81,14 @@ jobs: contents: write steps: - name: create sbom - uses: aquasecurity/trivy-action@1f6384b6ceecbbc6673526f865b818a2a06b07c9 + uses: aquasecurity/trivy-action@0.29.0 with: scan-type: 'image' format: 'cyclonedx' image-ref: 'docker.io/schulcloud/schulcloud-server:${{ github.ref_name }}' output: 'dependency-results.sbom.json' - name: create release - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@v2 with: body: 'refer to the schulcloud-client release notes https://github.com/hpi-schul-cloud/schulcloud-client/releases/' files: dependency-results.sbom.json diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 602c75ad958..a5e3fc825f8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,7 +25,7 @@ jobs: with: node-version: ${{ env.NODE_VERSION }} - name: Start MongoDB - uses: supercharge/mongodb-github-action@1.10.0 + uses: supercharge/mongodb-github-action@1.12.0 with: mongodb-version: ${{ env.MONGODB_VERSION }} - name: environment setup @@ -53,7 +53,7 @@ jobs: with: node-version: ${{ env.NODE_VERSION }} - name: Start MongoDB - uses: supercharge/mongodb-github-action@1.10.0 + uses: supercharge/mongodb-github-action@1.12.0 with: mongodb-version: ${{ env.MONGODB_VERSION }} - name: npm ci @@ -90,7 +90,7 @@ jobs: distribution: 'temurin' java-version: '17' - name: SonarCloud upload coverage - uses: SonarSource/sonarcloud-github-action@v2.1.1 + uses: SonarSource/sonarcloud-github-action@v4.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}