Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update/dependencies #1193

Merged
merged 8 commits into from
Aug 17, 2023
Merged

Update/dependencies #1193

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
d3aefd8
update: bump bridgecrewio/checkov-action from 12.2434.0 to 12.2463.0
dependabot[bot] Aug 17, 2023
4a3a3e2
update: update setuptools requirement from ~=68.0.0 to ~=68.1.0
dependabot[bot] Aug 16, 2023
04aa422
update: bump actions/dependency-review-action from 3.0.6 to 3.0.8
dependabot[bot] Aug 16, 2023
439f41d
update: bump github/codeql-action from 2.21.0 to 2.21.4
dependabot[bot] Aug 15, 2023
c7a21eb
update: update jsonschema requirement from ~=4.18.4 to ~=4.19.0
dependabot[bot] Aug 8, 2023
e27ec23
update: bump snok/container-retention-policy from 2.1.1 to 2.1.2
dependabot[bot] Aug 7, 2023
2bc8385
update: update mkdocs-material requirement from ~=9.1.19 to ~=9.1.21
dependabot[bot] Jul 28, 2023
c0042b3
update: update pylint requirement from ~=2.17.4 to ~=2.17.5
dependabot[bot] Jul 27, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions .github/workflows/.reusable-cleanup-registry.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Cleanup test images in 'connaisseur-test'
uses: snok/container-retention-policy@2ebfab771446f9cde79044dab61eec867ac1d62b # v2.1.1
uses: snok/container-retention-policy@04c70fd030033036d69c0057e0d125bf25820544 # v2.1.2
with:
image-names: connaisseur-test
cut-off: three weeks ago UTC+1
Expand All @@ -19,7 +19,7 @@ jobs:
org-name: sse-secure-systems
token: ${{ secrets.GHCR_PAT }}
- name: Cleanup dangling images without tag
uses: snok/container-retention-policy@2ebfab771446f9cde79044dab61eec867ac1d62b # v2.1.1
uses: snok/container-retention-policy@04c70fd030033036d69c0057e0d125bf25820544 # v2.1.2
with:
image-names: connaisseur*
untagged-only: true
Expand All @@ -29,7 +29,7 @@ jobs:
org-name: sse-secure-systems
token: ${{ secrets.GHCR_PAT }}
- name: Cleanup all connaisseur images
uses: snok/container-retention-policy@2ebfab771446f9cde79044dab61eec867ac1d62b # v2.1.1
uses: snok/container-retention-policy@04c70fd030033036d69c0057e0d125bf25820544 # v2.1.2
with:
image-names: connaisseur
skip-tags: master, develop, v*, sha256-*
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/.reusable-compliance.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
repo_token: ${{ secrets.SCORECARD_TOKEN }}
publish_results: ${{ github.ref_name == 'master' }}
- name: Upload
uses: github/codeql-action/upload-sarif@1813ca74c3faaa3a2da2070b9b8a0b3e7373a0d8 # v2.21.0
uses: github/codeql-action/upload-sarif@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4
with:
sarif_file: results.sarif

Expand All @@ -39,7 +39,7 @@ jobs:
- name: Checkout code
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Review
uses: actions/dependency-review-action@1360a344ccb0ab6e9475edef90ad2f46bf8003b1 # v3.0.6
uses: actions/dependency-review-action@f6fff72a3217f580d5afd49a46826795305b63c7 # v3.0.8

check-commit-message:
runs-on: ubuntu-latest
Expand Down
16 changes: 8 additions & 8 deletions .github/workflows/.reusable-sast.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,11 @@ jobs:
- name: Checkout repository
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Initialize CodeQL
uses: github/codeql-action/init@1813ca74c3faaa3a2da2070b9b8a0b3e7373a0d8 # v2.21.0
uses: github/codeql-action/init@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4
with:
languages: 'python'
- name: Analyze
uses: github/codeql-action/analyze@1813ca74c3faaa3a2da2070b9b8a0b3e7373a0d8 # v2.21.0
uses: github/codeql-action/analyze@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4

black:
runs-on: ubuntu-latest
Expand Down Expand Up @@ -61,7 +61,7 @@ jobs:
- name: Run Bandit
run: bandit -r -f sarif -o bandit-results.sarif connaisseur/ --exit-zero
- name: Upload
uses: github/codeql-action/upload-sarif@1813ca74c3faaa3a2da2070b9b8a0b3e7373a0d8 # v2.21.0
uses: github/codeql-action/upload-sarif@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4
with:
sarif_file: 'bandit-results.sarif'

Expand All @@ -80,7 +80,7 @@ jobs:
format: sarif
output-file: hadolint-results.sarif
- name: Upload
uses: github/codeql-action/upload-sarif@1813ca74c3faaa3a2da2070b9b8a0b3e7373a0d8 # v2.21.0
uses: github/codeql-action/upload-sarif@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4
with:
sarif_file: 'hadolint-results.sarif'

Expand All @@ -99,7 +99,7 @@ jobs:
format: sarif
output-file: kubelinter-results.sarif
- name: Upload
uses: github/codeql-action/upload-sarif@1813ca74c3faaa3a2da2070b9b8a0b3e7373a0d8 # v2.21.0
uses: github/codeql-action/upload-sarif@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4
with:
sarif_file: 'kubelinter-results.sarif'

Expand Down Expand Up @@ -128,13 +128,13 @@ jobs:
helm template helm > deployment/deployment.yaml
shell: bash
- name: Scan
uses: bridgecrewio/checkov-action@7476756db370d6692e054711745f07138397d119 # v12.2434.0
uses: bridgecrewio/checkov-action@789980e0ad12800af9c4456e91f6eb6bf41fbb5d # v12.2463.0
with:
soft_fail: true
output_format: cli,sarif
output_file_path: console,checkov-results.sarif
- name: Upload
uses: github/codeql-action/upload-sarif@1813ca74c3faaa3a2da2070b9b8a0b3e7373a0d8 # v2.21.0
uses: github/codeql-action/upload-sarif@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4
with:
sarif_file: checkov-results.sarif

Expand All @@ -151,6 +151,6 @@ jobs:
- name: Scan
run: semgrep ci --config=auto --suppress-errors --sarif --output=semgrep-results.sarif || exit 0
- name: Upload
uses: github/codeql-action/upload-sarif@1813ca74c3faaa3a2da2070b9b8a0b3e7373a0d8 # v2.21.0
uses: github/codeql-action/upload-sarif@a09933a12a80f87b87005513f0abb1494c27a716 # v2.21.4
with:
sarif_file: semgrep-results.sarif
2 changes: 1 addition & 1 deletion docs/requirements_docs.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
mkdocs-material~=9.1.19
mkdocs-material~=9.1.21
mike~=1.1.2
2 changes: 1 addition & 1 deletion requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ cheroot~=10.0.0
ecdsa~=0.18
Flask~=2.3.2
Jinja2~=3.1.2
jsonschema~=4.18.4
jsonschema~=4.19.0
parsedatetime~=2.6
prometheus-flask-exporter==0.22.4
python-dateutil~=2.8.2
Expand Down
4 changes: 2 additions & 2 deletions requirements_dev.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@
aioresponses~=0.7.4
freezegun~=1.2.2
parsedatetime~=2.6
pylint~=2.17.4
pylint~=2.17.5
pytest-asyncio~=0.21.1
pytest-cov~=4.1.0
pytest-mock~=3.11.1
pytest-subprocess~=1.5.0
requests-mock~=1.11.0
setuptools~=68.0.0
setuptools~=68.1.0
Loading