From cb96d2d5e30c9653578f5b3118b0a815367f5882 Mon Sep 17 00:00:00 2001 From: Mary Milasheuskaya Date: Fri, 26 Jan 2024 15:29:04 -0800 Subject: [PATCH] updated GH actions, Blackduck scans (#498) --- .github/workflows/blackduck.yml | 16 ++++---- .github/workflows/blackduck_rapid.yml | 8 ++-- .github/workflows/deploy-on-demand-v2.yml | 10 ++--- .github/workflows/deploy-on-demand.yml | 10 ++--- .github/workflows/deploy.yml | 50 +++++++++++------------ .github/workflows/test.yml | 6 +-- 6 files changed, 50 insertions(+), 50 deletions(-) diff --git a/.github/workflows/blackduck.yml b/.github/workflows/blackduck.yml index f50e9a3..cba21a8 100644 --- a/.github/workflows/blackduck.yml +++ b/.github/workflows/blackduck.yml @@ -1,20 +1,20 @@ -name: Blackduck +name: Blackduck Intelligent Scan on: - push: - branches: - - CEC-4882-off-main + schedule: + # run scans twice a month + - cron: '0 2 1,15 * *' jobs: blackduck: runs-on: ubuntu-latest steps: - name: Checkout Code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 with: - node-version: '16' + node-version: '20' cache: npm - run: npm install @@ -22,7 +22,7 @@ jobs: - name: Run Synopsys Detect INTELLIGENT run: | - bash <(curl -s -L https://detect.synopsys.com/detect8.sh) \ + bash <(curl -s -L https://detect.synopsys.com/detect9.sh) \ --blackduck.url=${{ secrets.BLACKDUCK_URL }} \ --blackduck.api.token=${{ secrets.BLACKDUCK_API_KEY }} \ --blackduck.trust.cert=true \ diff --git a/.github/workflows/blackduck_rapid.yml b/.github/workflows/blackduck_rapid.yml index f80dc7f..2f0ca16 100644 --- a/.github/workflows/blackduck_rapid.yml +++ b/.github/workflows/blackduck_rapid.yml @@ -14,11 +14,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 with: - node-version: '16' + node-version: '20' cache: npm - run: npm install @@ -26,7 +26,7 @@ jobs: - name: Run Synopsys Detect RAPID run: | - bash <(curl -s -L https://detect.synopsys.com/detect8.sh) \ + bash <(curl -s -L https://detect.synopsys.com/detect9.sh) \ --blackduck.url=${{ secrets.BLACKDUCK_URL }} \ --blackduck.api.token=${{ secrets.BLACKDUCK_API_KEY }} \ --blackduck.trust.cert=true \ diff --git a/.github/workflows/deploy-on-demand-v2.yml b/.github/workflows/deploy-on-demand-v2.yml index ca42b10..abb7be3 100644 --- a/.github/workflows/deploy-on-demand-v2.yml +++ b/.github/workflows/deploy-on-demand-v2.yml @@ -31,7 +31,7 @@ jobs: uses: rtCamp/action-slack-notify@v2 - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Azure Login uses: azure/login@v1 @@ -39,7 +39,7 @@ jobs: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Login to ACR - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.AZURE_CLIENT_ID }} @@ -67,10 +67,10 @@ jobs: echo "ENVIRONMENT=${ENVIRONMENT}" >> $GITHUB_OUTPUT - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build and push - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . build-args: ENVIRONMENT=${{ env.ENVIRONMENT }} @@ -93,7 +93,7 @@ jobs: ENVIRONMENT: ${{ needs.build.outputs.build-env }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - uses: rtCamp/action-slack-notify@v2 env: diff --git a/.github/workflows/deploy-on-demand.yml b/.github/workflows/deploy-on-demand.yml index 52c23e2..92a9cc3 100644 --- a/.github/workflows/deploy-on-demand.yml +++ b/.github/workflows/deploy-on-demand.yml @@ -32,7 +32,7 @@ jobs: uses: rtCamp/action-slack-notify@v2 - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Azure Login uses: azure/login@v1 @@ -40,7 +40,7 @@ jobs: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Login to ACR - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.AZURE_CLIENT_ID }} @@ -65,10 +65,10 @@ jobs: echo "ENVIRONMENT=${ENVIRONMENT}" >> $GITHUB_OUTPUT - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build and push - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . build-args: ENVIRONMENT=${{ env.ENVIRONMENT }} @@ -84,7 +84,7 @@ jobs: ENVIRONMENT: ${{ needs.build.outputs.build-env }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - uses: rtCamp/action-slack-notify@v2 env: diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index a5fee31..931fe0f 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -24,7 +24,7 @@ jobs: uses: rtCamp/action-slack-notify@v2 - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Azure Login uses: azure/login@v1 @@ -32,17 +32,17 @@ jobs: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Login to ACR - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.AZURE_CLIENT_ID }} password: ${{ secrets.AZURE_CLIENT_SECRET }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build and push DEV - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . build-args: ENVIRONMENT=dev @@ -64,7 +64,7 @@ jobs: environment: dev steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - uses: rtCamp/action-slack-notify@v2 env: @@ -101,7 +101,7 @@ jobs: uses: rtCamp/action-slack-notify@v2 - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Azure Login uses: azure/login@v1 @@ -109,17 +109,17 @@ jobs: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Login to ACR - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.AZURE_CLIENT_ID }} password: ${{ secrets.AZURE_CLIENT_SECRET }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build and push STG - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . build-args: ENVIRONMENT=stg @@ -142,7 +142,7 @@ jobs: environment: stg steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - uses: rtCamp/action-slack-notify@v2 env: @@ -179,7 +179,7 @@ jobs: uses: rtCamp/action-slack-notify@v2 - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Azure Login uses: azure/login@v1 @@ -187,17 +187,17 @@ jobs: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Login to ACR - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.AZURE_CLIENT_ID }} password: ${{ secrets.AZURE_CLIENT_SECRET }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build and push PREPROD - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . build-args: ENVIRONMENT=prd @@ -219,7 +219,7 @@ jobs: environment: stg steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - uses: rtCamp/action-slack-notify@v2 env: @@ -256,7 +256,7 @@ jobs: uses: rtCamp/action-slack-notify@v2 - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Azure Login uses: azure/login@v1 @@ -264,17 +264,17 @@ jobs: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Login to ACR - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.AZURE_CLIENT_ID }} password: ${{ secrets.AZURE_CLIENT_SECRET }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build and push CEC-PRD - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . build-args: ENVIRONMENT=cec-prd @@ -296,7 +296,7 @@ jobs: environment: prd steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - uses: rtCamp/action-slack-notify@v2 env: @@ -333,7 +333,7 @@ jobs: uses: rtCamp/action-slack-notify@v2 - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Azure Login uses: azure/login@v1 @@ -341,17 +341,17 @@ jobs: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Login to ACR - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.AZURE_CLIENT_ID }} password: ${{ secrets.AZURE_CLIENT_SECRET }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build and push CEC-EUPRD - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . build-args: ENVIRONMENT=cec-euprd @@ -374,7 +374,7 @@ jobs: environment: prd steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - uses: rtCamp/action-slack-notify@v2 env: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index eaf2a35..f497538 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -13,14 +13,14 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: - node-version: "16" + node-version: "20" cache: "npm" - run: npm install - run: npm run build --if-present