diff --git a/.github/actions/save-logs/action.yaml b/.github/actions/save-logs/action.yaml index fbb3bfce..963bb79f 100644 --- a/.github/actions/save-logs/action.yaml +++ b/.github/actions/save-logs/action.yaml @@ -10,7 +10,7 @@ runs: sudo chown $USER /tmp/uds-*.log || echo "" shell: bash - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: debug-log path: | diff --git a/.github/actions/setup/action.yaml b/.github/actions/setup/action.yaml index cdf5bb4d..e0ab0c71 100644 --- a/.github/actions/setup/action.yaml +++ b/.github/actions/setup/action.yaml @@ -17,7 +17,7 @@ runs: uses: defenseunicorns/setup-zarf@main with: # renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=semver - version: v0.32.1 + version: v0.32.5 download-init-package: ${{ inputs.download-init-package }} - name: Install k3d @@ -31,4 +31,4 @@ runs: - name: Install UDS CLI shell: bash # renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=semver - run: brew install defenseunicorns/tap/uds@0.6.1 + run: brew install defenseunicorns/tap/uds@0.9.3 diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index 09fadf87..d28f3813 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -19,7 +19,7 @@ jobs: fetch-depth: 0 - name: Setup Node.js - uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 - name: Install commitlint run: npm install --save-dev @commitlint/{config-conventional,cli} diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index f9307bf7..752c1562 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -37,7 +37,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: SARIF file path: results.sarif @@ -45,6 +45,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@012739e5082ff0c22ca6d6ab32e07c36df03c4a4 # v3.22.12 + uses: github/codeql-action/upload-sarif@3ab4101902695724f9365a384f86c1074d94e18c # v3.24.7 with: sarif_file: results.sarif diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml index 98797345..5f1b613c 100644 --- a/.github/workflows/tag-and-release.yaml +++ b/.github/workflows/tag-and-release.yaml @@ -15,7 +15,7 @@ jobs: steps: - name: Create release tag id: tag - uses: google-github-actions/release-please-action@v4.0.1 + uses: google-github-actions/release-please-action@v4.1.0 - id: release-flag run: echo "release_created=${{ steps.tag.outputs.release_created || false }}" >> $GITHUB_OUTPUT diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 797bfe32..4bb2d720 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.4.0 + rev: v4.5.0 hooks: - id: check-added-large-files args: ["--maxkb=1024"] @@ -31,7 +31,7 @@ repos: hooks: - id: fix-smartquotes - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.24.1 + rev: 0.28.0 hooks: - id: check-jsonschema name: "Validate Zarf Configs Against Schema" @@ -40,14 +40,14 @@ repos: args: [ "--schemafile", - "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.29.1/zarf.schema.json", + "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.32.5/zarf.schema.json", "--no-cache" ] - repo: https://github.com/golangci/golangci-lint - rev: v1.54.1 + rev: v1.56.2 hooks: - id: golangci-lint - repo: https://github.com/renovatebot/pre-commit-hooks - rev: 36.43.1 + rev: 37.244.0 hooks: - id: renovate-config-validator diff --git a/bundle/uds-bundle.yaml b/bundle/uds-bundle.yaml index 72f7be15..9b62d439 100644 --- a/bundle/uds-bundle.yaml +++ b/bundle/uds-bundle.yaml @@ -9,7 +9,7 @@ metadata: packages: - name: dev-postgres repository: ghcr.io/defenseunicorns/packages/uds/dev-postgres - ref: 0.0.1 + ref: 0.0.2 - name: dev-secrets path: ../ diff --git a/zarf.yaml b/zarf.yaml index 56f92850..348e4efc 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -55,7 +55,7 @@ components: namespace: sonarqube url: https://repo1.dso.mil/big-bang/product/packages/sonarqube.git gitPath: chart - version: "8.0.3-bb.0" + version: "9.6.3-bb.9" valuesFiles: - values/sonarqube-values.yaml images: @@ -76,7 +76,7 @@ components: - name: sonarqube #helm repo add sonarqube https://SonarSource.github.io/helm-chart-sonarqube #helm search repo sonarqube/sonarqube -l - version: 8.0.3+2010 + version: 10.4.1+2389 namespace: sonarqube url: https://SonarSource.github.io/helm-chart-sonarqube repoName: sonarqube @@ -86,8 +86,8 @@ components: - values/upstream.yaml images: - "sonarqube:9.9.3-community" - - "curlimages/curl:7.76.1" - - "busybox:1.32" + - "curlimages/curl:8.6.0" + - "busybox:1.36.1" # Note: upstream-oci flavor is fake - name: sonarqube @@ -101,7 +101,7 @@ components: version: 0.1.0 localPath: chart - name: sonarqube - version: 4.4.2 + version: 4.7.0 namespace: sonarqube url: oci://registry-1.docker.io/bitnamicharts/sonarqube releaseName: sonarqube @@ -110,5 +110,5 @@ components: - values/upstream.yaml images: - "sonarqube:9.9.3-community" - - "curlimages/curl:7.76.1" - - "busybox:1.32" + - "curlimages/curl:8.6.0" + - "busybox:1.36.1"