Merge branch 'master' into dependabot/docker/kubernetes/nginx/nginx-1…

….25.2
yurake · Sep 15, 2024 · 15386b8 · 15386b8
2 parents c650844 + 9d75939
commit 15386b8
Show file tree

Hide file tree

Showing 141 changed files with 438 additions and 487 deletions.
diff --git a/.github/workflows/cancel-workflow.yml b/.github/workflows/cancel-workflow.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Cancel Previous Runs
-        uses: styfle/cancel-workflow-action@0.11.0
+        uses: styfle/cancel-workflow-action@0.12.1
         with:
           access_token: ${{ secrets.GITHUB_TOKEN }}
       - name: cancel running workflows

diff --git a/.github/workflows/check-for-update.yml b/.github/workflows/check-for-update.yml
@@ -9,7 +9,7 @@ jobs:
   minikube-version:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.5.3
+      - uses: actions/checkout@v3.6.0
       - name: check minikube version
         working-directory: ./.github/workflows
         run: |
@@ -55,7 +55,7 @@ jobs:
           sed -i -e "s/$SOURCE_DOC_VERSION/$TARGET_MINIKUBE_VERSION/g" ../../README.md
       - name: Add, commit, push, and create PR
         if: env.UNMATCH_VERSION == 'true' && env.BRANCH_IS_EXISTING == 'false'
-        uses: peter-evans/create-pull-request@v5.0.2
+        uses: peter-evans/create-pull-request@v5.0.3
         with:
           token: ${{ secrets.PAT_GITHUB_ACTION_WORKFLOW }}
           branch: actions/check-for-update-minikube
@@ -67,7 +67,7 @@ jobs:
   kubernetes-version:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.5.3
+      - uses: actions/checkout@v3.6.0
       - name: check kubernetes version
         working-directory: ./.github/workflows
         run: |
@@ -113,7 +113,7 @@ jobs:
           sed -i -e "s/$SOURCE_DOC_VERSION/$TARGET_KUBERNETES_VERSION/g" ../../README.md
       - name: Add, commit, push, and create PR
         if: env.UNMATCH_VERSION == 'true' && env.BRANCH_IS_EXISTING == 'false'
-        uses: peter-evans/create-pull-request@v5.0.2
+        uses: peter-evans/create-pull-request@v5.0.3
         with:
           token: ${{ secrets.PAT_GITHUB_ACTION_WORKFLOW }}
           branch: actions/check-for-update-kubernetes
@@ -125,7 +125,7 @@ jobs:
   chaos-mesh-version:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.5.3
+      - uses: actions/checkout@v3.6.0
       - name: check current chaos-mesh version
         working-directory: ./.github/workflows
         run: |
@@ -163,7 +163,7 @@ jobs:
           sed -i -e "s/$SOURCE_DOC_VERSION/$TARGET_VERSION/g" ../../README.md
       - name: Add, commit, push, and create PR
         if: env.UNMATCH_VERSION == 'true' && env.BRANCH_IS_EXISTING == 'false'
-        uses: peter-evans/create-pull-request@v5.0.2
+        uses: peter-evans/create-pull-request@v5.0.3
         with:
           token: ${{ secrets.PAT_GITHUB_ACTION_WORKFLOW }}
           branch: actions/check-for-update-chaos-mesh
@@ -175,7 +175,7 @@ jobs:
   quarkus-version:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.5.3
+      - uses: actions/checkout@v3.6.0
       - name: check current quarkus version
         run: |
           echo "SOURCE_VERSION=$(grep "Quarkus Version" README.md | cut -d '-' -f 2)" >> $GITHUB_ENV
@@ -208,7 +208,7 @@ jobs:
           sed -i -e "s/$SOURCE_VERSION/$TARGET_VERSION/g" README.md
       - name: Add, commit, push, and create PR
         if: env.UNMATCH_VERSION == 'true' && env.BRANCH_IS_EXISTING == 'false'
-        uses: peter-evans/create-pull-request@v5.0.2
+        uses: peter-evans/create-pull-request@v5.0.3
         with:
           token: ${{ secrets.PAT_GITHUB_ACTION_WORKFLOW }}
           branch: actions/check-for-update-quarkus

diff --git a/.github/workflows/cis-dockerfile-benchmark.yml b/.github/workflows/cis-dockerfile-benchmark.yml
@@ -11,7 +11,7 @@ jobs:
   validation:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.5.3
+      - uses: actions/checkout@v3.6.0
       - name: Sysdig CIS Dockerfile Benchmark
         uses: sysdiglabs/benchmark-dockerfile@v1.0.0
         with:

diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml
@@ -34,11 +34,11 @@ jobs:
     steps:
       # Checkout the repository to the GitHub Actions runner
       - name: Checkout code
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@v3.6.0
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@fde117cc9d692f9e6f9221272c7b65a2f659f064
+        uses: codacy/codacy-analysis-cli-action@09916000460adeeedc96b9704f86deba53e2ad5d
         with:
           # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
           # You can also omit the token and run the tools that support default configurations

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -40,7 +40,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@v3.6.0
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL

diff --git a/.github/workflows/cypress-ci.yml b/.github/workflows/cypress-ci.yml
@@ -10,11 +10,11 @@ on:
 
 jobs:
   cypress-run:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout
-        uses: actions/checkout@v3.5.3
-      - uses: bahmutov/npm-install@v1.8.34
+        uses: actions/checkout@v3.6.0
+      - uses: bahmutov/npm-install@v1.10.2
         with:
           working-directory: kubernetes/monitoring/test/cypress
       - name: Cypress run

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -15,6 +15,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout Repository'
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@v3.6.0
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v3.0.7
+        uses: actions/dependency-review-action@v4.3.4
diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml
@@ -14,17 +14,17 @@ on:
 jobs:
   lint:
     name: DevSkim
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     permissions:
       actions: read
       contents: read
       security-events: write
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@v3.6.0
 
       - name: Run DevSkim scanner
-        uses: microsoft/DevSkim-Action@v1.0.10
+        uses: microsoft/DevSkim-Action@v1.0.14
 
       - name: Upload DevSkim scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2

diff --git a/.github/workflows/docker-image-ci.yml b/.github/workflows/docker-image-ci.yml
@@ -21,13 +21,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@v3.6.0
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2.9.1
+        uses: docker/setup-buildx-action@v2.10.0
 
       - name: Cache Docker layers
-        uses: actions/cache@v3.3.1
+        uses: actions/cache@v4.0.2
         with:
           path: /tmp/.buildx-cache
           key: ${{ github.ref }}-${{ github.sha }}
@@ -59,7 +59,7 @@ jobs:
         run: docker login -u $DOCKERHUB_USER -p $DOCKERHUB_PASS
 
       - name: Build and push - nginx
-        uses: docker/build-push-action@v4.1.1
+        uses: docker/build-push-action@v4.2.1
         with:
           context: ./kubernetes/nginx
           push: ${{ env.PUSH }}
@@ -72,7 +72,7 @@ jobs:
 
       - name: Run Snyk to check Docker image for vulnerabilities - nginx
         continue-on-error: true
-        uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
+        uses: snyk/actions/docker@640e31719aac3e44867d239dc86c20c3e34c8e4f
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
@@ -82,7 +82,7 @@ jobs:
         run: mv snyk.sarif nginx.sarif
 
       - name: Build and push - mysql
-        uses: docker/build-push-action@v4.1.1
+        uses: docker/build-push-action@v4.2.1
         with:
           context: ./kubernetes/mysql
           push: ${{ env.PUSH }}
@@ -95,7 +95,7 @@ jobs:
 
       - name: Run Snyk to check Docker image for vulnerabilities - mysql
         continue-on-error: true
-        uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
+        uses: snyk/actions/docker@640e31719aac3e44867d239dc86c20c3e34c8e4f
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
@@ -105,7 +105,7 @@ jobs:
         run: mv snyk.sarif mysql.sarif
 
       - name: Build and push - postgres
-        uses: docker/build-push-action@v4.1.1
+        uses: docker/build-push-action@v4.2.1
         with:
           context: ./kubernetes/postgres
           push: ${{ env.PUSH }}
@@ -118,7 +118,7 @@ jobs:
 
       - name: Run Snyk to check Docker image for vulnerabilities - postgres
         continue-on-error: true
-        uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
+        uses: snyk/actions/docker@640e31719aac3e44867d239dc86c20c3e34c8e4f
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
@@ -128,7 +128,7 @@ jobs:
         run: mv snyk.sarif postgres.sarif
 
       - name: Build and push - mongodb
-        uses: docker/build-push-action@v4.1.1
+        uses: docker/build-push-action@v4.2.1
         with:
           context: ./kubernetes/mongodb
           push: ${{ env.PUSH }}
@@ -141,7 +141,7 @@ jobs:
 
       - name: Run Snyk to check Docker image for vulnerabilities - mongodb
         continue-on-error: true
-        uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
+        uses: snyk/actions/docker@640e31719aac3e44867d239dc86c20c3e34c8e4f
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
@@ -151,7 +151,7 @@ jobs:
         run: mv snyk.sarif mongodb.sarif
 
       - name: Build and push - cassandra
-        uses: docker/build-push-action@v4.1.1
+        uses: docker/build-push-action@v4.2.1
         with:
           context: ./kubernetes/cassandra
           push: ${{ env.PUSH }}
@@ -164,7 +164,7 @@ jobs:
 
       - name: Run Snyk to check Docker image for vulnerabilities - cassandra
         continue-on-error: true
-        uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
+        uses: snyk/actions/docker@640e31719aac3e44867d239dc86c20c3e34c8e4f
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
@@ -174,7 +174,7 @@ jobs:
         run: mv snyk.sarif cassandra.sarif
 
       - name: Build and push - rabbitmq
-        uses: docker/build-push-action@v4.1.1
+        uses: docker/build-push-action@v4.2.1
         with:
           context: ./kubernetes/rabbitmq
           push: ${{ env.PUSH }}
@@ -187,7 +187,7 @@ jobs:
 
       - name: Run Snyk to check Docker image for vulnerabilities - rabbitmq
         continue-on-error: true
-        uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
+        uses: snyk/actions/docker@640e31719aac3e44867d239dc86c20c3e34c8e4f
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
@@ -197,7 +197,7 @@ jobs:
         run: mv snyk.sarif rabbitmq.sarif
 
       - name: Build and push - jenkins
-        uses: docker/build-push-action@v4.1.1
+        uses: docker/build-push-action@v4.2.1
         with:
           context: ./kubernetes/monitoring/jenkins
           push: ${{ env.PUSH }}
@@ -209,7 +209,7 @@ jobs:
           cache-to: type=local,dest=/tmp/.buildx-cache
 
       - name: Build and push - ab
-        uses: docker/build-push-action@v4.1.1
+        uses: docker/build-push-action@v4.2.1
         with:
           context: ./kubernetes/monitoring/test/ab
           push: ${{ env.PUSH }}
@@ -222,7 +222,7 @@ jobs:
 
       - name: Run Snyk to check Docker image for vulnerabilities - ab
         continue-on-error: true
-        uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
+        uses: snyk/actions/docker@640e31719aac3e44867d239dc86c20c3e34c8e4f
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
@@ -232,7 +232,7 @@ jobs:
         run: mv snyk.sarif ab.sarif
 
       - name: Build and push - postmannewman-quarkus
-        uses: docker/build-push-action@v4.1.1
+        uses: docker/build-push-action@v4.2.1
         with:
           context: ./kubernetes/monitoring/test/postmannewman/quarkus
           push: ${{ env.PUSH }}
@@ -245,7 +245,7 @@ jobs:
 
       - name: Run Snyk to check Docker image for vulnerabilities - postmannewman-quarkus
         continue-on-error: true
-        uses: snyk/actions/docker@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8
+        uses: snyk/actions/docker@640e31719aac3e44867d239dc86c20c3e34c8e4f
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:

diff --git a/.github/workflows/dockerfile-lint.yml b/.github/workflows/dockerfile-lint.yml
@@ -22,7 +22,7 @@ jobs:
         dockerfile_default:
           [mysql, postgres, mongodb, rabbitmq, nginx, cassandra]
     steps:
-      - uses: actions/checkout@v3.5.3
+      - uses: actions/checkout@v3.6.0
       - name: lint ${{ matrix.dockerfile_default }}
         uses: hadolint/hadolint-action@v3.1.0
         with:
@@ -59,7 +59,7 @@ jobs:
             server-grpc-quarkus,
           ]
     steps:
-      - uses: actions/checkout@v3.5.3
+      - uses: actions/checkout@v3.6.0
       - name: lint ${{ matrix.dockerfile_application }}
         uses: hadolint/hadolint-action@v3.1.0
         with:
@@ -73,7 +73,7 @@ jobs:
       matrix:
         dockerfile_monitoring: [jenkins]
     steps:
-      - uses: actions/checkout@v3.5.3
+      - uses: actions/checkout@v3.6.0
       - name: lint ${{ matrix.dockerfile_monitoring }}
         uses: hadolint/hadolint-action@v3.1.0
         with:
@@ -86,7 +86,7 @@ jobs:
       matrix:
         dockerfile_ab: [ab]
     steps:
-      - uses: actions/checkout@v3.5.3
+      - uses: actions/checkout@v3.6.0
       - name: lint ${{ matrix.dockerfile_ab }}
         uses: hadolint/hadolint-action@v3.1.0
         with:
@@ -96,7 +96,7 @@ jobs:
   dockerfile_postmannewman:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.5.3
+      - uses: actions/checkout@v3.6.0
       - name: lint ${{ matrix.dockerfile_postmannewman }}
         uses: hadolint/hadolint-action@v3.1.0
         with:

diff --git a/.github/workflows/issue-label.yml b/.github/workflows/issue-label.yml
@@ -7,7 +7,7 @@ jobs:
   triage:
     runs-on: ubuntu-latest
     steps:
-      - uses: github/issue-labeler@v3.2
+      - uses: github/issue-labeler@v3.4
         with:
           repo-token: "${{ secrets.GITHUB_TOKEN }}"
           configuration-path: .github/issue-labeler.yml

diff --git a/.github/workflows/issue_opened.yml b/.github/workflows/issue_opened.yml
@@ -9,10 +9,11 @@ env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
 jobs:
-  assign:
+  add-to-project:
+    name: Add issue to project
     runs-on: ubuntu-latest
     steps:
-      - name: Assign issues to project
-        uses: srggrs/assign-one-project-github-action@1.3.1
+      - uses: actions/add-to-project@RELEASE_VERSION
         with:
-          project: 'https://github.com/yurake/k8s-3tier-webapp/projects/1'
+          project-url: https://github.com/users/yurake/projects/1/views/1
+          github-token: ${{ secrets.GITHUB_TOKEN }}