Merge pull request #2019 from GSA-TTS/as/version-bump-actions

Checkout & Trivy Action Version Bumps
GSA-TTS · Sep 6, 2023 · bc23746 · bc23746
2 parents 59d3a4e + e79f39d
commit bc23746
Show file tree

Hide file tree

Showing 16 changed files with 27 additions and 23 deletions.
diff --git a/.github/workflows/add-bpmn-renders.yml b/.github/workflows/add-bpmn-renders.yml
@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup Node
         uses: actions/setup-node@v3

diff --git a/.github/workflows/build-docker-container.yml b/.github/workflows/build-docker-container.yml
@@ -58,7 +58,7 @@ jobs:
         run: echo "date=$(date +%Y%m%d)" >> $GITHUB_OUTPUT
 
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up Docker Buildx
         id: buildx

diff --git a/.github/workflows/create-pull-request-to-staging.yml b/.github/workflows/create-pull-request-to-staging.yml
@@ -14,7 +14,9 @@ jobs:
     outputs:
         should_run: ${{ steps.should_run.outputs.should_run }}
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout
+        uses: actions/checkout@v4
+
       - name: Print Latest Commit
         run: echo ${{ github.sha }}
 
@@ -38,7 +40,9 @@ jobs:
     outputs:
         pr_number: ${{ steps.pr-number.outputs.pull_request_number }}
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout
+        uses: actions/checkout@v4
+
       - name: Get Current Date
         id: date
         run: |

diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: prod
 

diff --git a/.github/workflows/deploy-application.yml b/.github/workflows/deploy-application.yml
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Restore npm cache
         uses: actions/cache@v3

diff --git a/.github/workflows/end-to-end-test.yml b/.github/workflows/end-to-end-test.yml
@@ -18,7 +18,7 @@ jobs:
       DISABLE_AUTH: False
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - uses: actions/setup-node@v3
         with:

diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml
@@ -11,7 +11,7 @@ jobs:
       SECRET_KEY: secrets.SECRET_KEY
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Restore npm cache
         uses: actions/cache@v3
@@ -71,7 +71,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Restore npm cache
         uses: actions/cache@v3

diff --git a/.github/workflows/pull-containers-and-push-to-ghcr.yml b/.github/workflows/pull-containers-and-push-to-ghcr.yml
@@ -24,7 +24,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up Docker Buildx
         id: buildx

diff --git a/.github/workflows/regression-tests.yml b/.github/workflows/regression-tests.yml
@@ -39,7 +39,7 @@ jobs:
       # DEBUG: cypress:*
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Create .env file
         run: touch .env

diff --git a/.github/workflows/terraform-apply-env.yml b/.github/workflows/terraform-apply-env.yml
@@ -32,7 +32,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Apply ( ${{ inputs.environment }} )
         uses: dflook/terraform-apply@v1

diff --git a/.github/workflows/terraform-lint.yml b/.github/workflows/terraform-lint.yml
@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Terraform Format
         uses: dflook/terraform-fmt-check@v1

diff --git a/.github/workflows/terraform-plan-env.yml b/.github/workflows/terraform-plan-env.yml
@@ -26,8 +26,8 @@ jobs:
       TF_VAR_clamav_image: 'ghcr.io/gsa-tts/fac/clamav:latest'
 
     steps:
-      - name: checkout
-        uses: actions/checkout@v3
+      - name: Checkout
+        uses: actions/checkout@v4
         # Plan output will be posted as a comment on the PR to aid with review.
         # The post includes a link to the workflow run where the plan was
         # generated, and the same comment will be updated each time a new commit

diff --git a/.github/workflows/testing-from-build.yml b/.github/workflows/testing-from-build.yml
@@ -18,7 +18,7 @@ jobs:
       DISABLE_AUTH: False
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - uses: actions/setup-node@v3
         with:
@@ -66,7 +66,7 @@ jobs:
       DISABLE_AUTH: True
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - uses: actions/setup-node@v3
         with:

diff --git a/.github/workflows/testing-from-ghcr.yml b/.github/workflows/testing-from-ghcr.yml
@@ -20,7 +20,7 @@ jobs:
       PGRST_JWT_SECRET: ${{ secrets.PGRST_JWT_SECRET }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - uses: actions/setup-node@v3
         with:
@@ -68,7 +68,7 @@ jobs:
       DISABLE_AUTH: True
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - uses: actions/setup-node@v3
         with:

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -26,7 +26,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Get Date
         shell: bash
@@ -39,7 +39,7 @@ jobs:
         run: docker build -t ${{ env.DOCKER_NAME }}:${{ steps.date.outputs.date }} .
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.11.2
+        uses: aquasecurity/trivy-action@0.12.0
         with:
           image-ref: '${{ env.DOCKER_NAME }}:${{ steps.date.outputs.date }}'
           scan-type: 'image'
@@ -74,7 +74,7 @@ jobs:
         run: docker pull ${{ matrix.image.name }}
 
       - name: Run Trivy vulnerability scanner on Third Party Images
-        uses: aquasecurity/trivy-action@0.11.2
+        uses: aquasecurity/trivy-action@0.12.0
         with:
           image-ref: '${{ matrix.image.name }}'
           scan-type: 'image'

diff --git a/.github/workflows/zap-scan.yml b/.github/workflows/zap-scan.yml
@@ -15,7 +15,7 @@ jobs:
       url: ${{ inputs.url }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: ZAP Scan of ${{ env.url }}
         uses: zaproxy/action-baseline@v0.9.0