From 9253c3dfa478787ceb1e320b3a22f7e3ff30c942 Mon Sep 17 00:00:00 2001
From: Senthilkumar Panneerselvam <senthilkumar.panneerselvam@scilifelab.se>
Date: Fri, 27 Sep 2024 10:43:00 +0200
Subject: [PATCH] Bump action methods version

---
 .github/workflows/docker.yml           | 8 ++++----
 .github/workflows/trivy-branch.yaml    | 4 ++--
 .github/workflows/trivy-scheduled.yaml | 6 ++----
 .gitignore                             | 3 +++
 4 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index d92f667..c3edd47 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -33,10 +33,10 @@ jobs:
       packages: write
     steps:
       - name: Check out the repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       # only needed when publishing to Github (ghcr.io)
       - name: Log in to Github Container Repository
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           # will run as the user who triggered the action, using its token
@@ -44,7 +44,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Docker Meta
         id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
           images: ${{ matrix.images }}
           tags: |
@@ -53,7 +53,7 @@ jobs:
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
       - name: Build and Publish
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
         with:
           file: ${{ matrix.dockerfile }}
           context: .
diff --git a/.github/workflows/trivy-branch.yaml b/.github/workflows/trivy-branch.yaml
index 2eb57b0..b53f464 100644
--- a/.github/workflows/trivy-branch.yaml
+++ b/.github/workflows/trivy-branch.yaml
@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@0.9.2
@@ -34,7 +34,7 @@ jobs:
           severity: 'CRITICAL,HIGH'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'trivy-results.sarif'
           category: trivy-branch
diff --git a/.github/workflows/trivy-scheduled.yaml b/.github/workflows/trivy-scheduled.yaml
index b4fb4ec..66b1039 100644
--- a/.github/workflows/trivy-scheduled.yaml
+++ b/.github/workflows/trivy-scheduled.yaml
@@ -10,8 +10,6 @@ name: Trivy - scheduled scan
 
 on:
   workflow_dispatch:
-    branches:
-      - master
   schedule:
     - cron: '30 8,12 * * *'
 
@@ -24,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Ensure lowercase name
         run: echo REPOSITORY_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]') >> $GITHUB_ENV
@@ -38,7 +36,7 @@ jobs:
           severity: 'CRITICAL,HIGH'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'trivy-results.sarif'
           category: trivy-cron
diff --git a/.gitignore b/.gitignore
index 43c3889..4878821 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,6 @@
+# Hugo default output directory
+/public
+
 # more Hugo stuff
 .hugo_build.lock