From 278cd41a917dc229d141d5765fdaae3d8bb3eabc Mon Sep 17 00:00:00 2001 From: Markus Petke Date: Thu, 1 Feb 2024 08:18:40 +0100 Subject: [PATCH] update all actions (#222) * update all actions * sync * fix licenses * sync * fix tag --- .github/actions/pre-commit-action/action.yml | 4 +- .github/dependabot.yml | 2 +- .github/scripts/deploy_image_from_artifact.sh | 2 +- .github/workflows/build-docker-image.yml | 28 ++++++------- .github/workflows/build-multiarch-image.yml | 4 +- .github/workflows/check-devcontainer.yml | 7 ++-- .github/workflows/check-licenses.yml | 11 ++--- .github/workflows/ci.yml | 42 ++++++++++++------- .github/workflows/ensure-lifecycle.yml | 4 +- .github/workflows/gen-desired-state.yml | 8 ++-- .github/workflows/release.yml | 20 ++++----- .velocitas.json | 2 +- NOTICE-3RD-PARTY-CONTENT.md | 26 ++++++------ 13 files changed, 85 insertions(+), 75 deletions(-) diff --git a/.github/actions/pre-commit-action/action.yml b/.github/actions/pre-commit-action/action.yml index e91e5b17..fd991354 100644 --- a/.github/actions/pre-commit-action/action.yml +++ b/.github/actions/pre-commit-action/action.yml @@ -1,5 +1,5 @@ # This file is maintained by velocitas CLI, do not modify manually. Change settings in .velocitas.json -# Copyright (c) 2022 Robert Bosch GmbH and Microsoft Corporation +# Copyright (c) 2022-2024 Contributors to the Eclipse Foundation # # This program and the accompanying materials are made available under the # terms of the Apache License, Version 2.0 which is available at @@ -27,7 +27,7 @@ runs: shell: bash - run: python -m pip freeze --local shell: bash - - uses: actions/cache@v3 + - uses: actions/cache@v4 with: path: ~/.cache/pre-commit key: pre-commit-3|${{ env.pythonLocation }}|${{ hashFiles('.pre-commit-config.yaml') }} diff --git a/.github/dependabot.yml b/.github/dependabot.yml index fe7638c8..67168bff 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,5 +1,5 @@ # This file is maintained by velocitas CLI, do not modify manually. Change settings in .velocitas.json -# Copyright (c) 2022 Robert Bosch GmbH and Microsoft Corporation +# Copyright (c) 2022-2024 Contributors to the Eclipse Foundation # # This program and the accompanying materials are made available under the # terms of the Apache License, Version 2.0 which is available at diff --git a/.github/scripts/deploy_image_from_artifact.sh b/.github/scripts/deploy_image_from_artifact.sh index 4475ae5b..43298ac2 100755 --- a/.github/scripts/deploy_image_from_artifact.sh +++ b/.github/scripts/deploy_image_from_artifact.sh @@ -1,6 +1,6 @@ #!/bin/bash # This file is maintained by velocitas CLI, do not modify manually. Change settings in .velocitas.json -# Copyright (c) 2022 Robert Bosch GmbH and Microsoft Corporation +# Copyright (c) 2022-2024 Contributors to the Eclipse Foundation # # This program and the accompanying materials are made available under the # terms of the Apache License, Version 2.0 which is available at diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 46070869..c59d0f41 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -1,5 +1,5 @@ # This file is maintained by velocitas CLI, do not modify manually. Change settings in .velocitas.json -# Copyright (c) 2022 Robert Bosch GmbH and Microsoft Corporation +# Copyright (c) 2022-2024 Contributors to the Eclipse Foundation # # This program and the accompanying materials are made available under the # terms of the Apache License, Version 2.0 which is available at @@ -35,25 +35,25 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: submodules: "recursive" - name: Clone Release Documentation Action repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: repository: eclipse-velocitas/release-documentation-action path: "./.github/actions" - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - id: github-repository-name-case-adjusted name: Prepare repository name in lower case for docker upload. This supports repository names in mixed case - uses: ASzc/change-string-case-action@v5 + uses: ASzc/change-string-case-action@v6 with: string: ${{ github.repository }} @@ -87,7 +87,7 @@ jobs: - name: "${{ env.APP_NAME }} -- Build image" id: image_build - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: provenance: false pull: true @@ -140,14 +140,14 @@ jobs: - name: "${{ env.APP_NAME }} -- Upload trivy report as artifacts" if: ${{ always() && steps.image_build.outcome == 'success' }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: - name: test-results + name: test-results-trivy path: | results/Documentation/renderer/* - name: "${{ env.APP_NAME }} -- Publish Trivy Scan Results" - uses: mikepenz/action-junit-report@v3 + uses: mikepenz/action-junit-report@v4 if: ${{ always() && steps.image_build.outcome == 'success' }} with: check_name: Trivy Scan Results (${{ env.APP_NAME }}) @@ -158,7 +158,7 @@ jobs: - name: "${{ env.APP_NAME }} -- Upload image to artifacts" if: ${{ steps.image_build.outcome == 'success' }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 env: VAPP_IMAGE: ${{ env.APP_NAME }}-${{ inputs.platform }} with: @@ -168,7 +168,7 @@ jobs: - name: "${{ env.APP_NAME }} -- Upload AppManifest.json to artifacts" if: ${{ steps.image_build.outcome == 'success' }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: AppManifest path: ./app/AppManifest.json @@ -180,7 +180,7 @@ jobs: - name: "${{ env.APP_NAME }} -- Upload generated podspec.yaml" if: ${{ steps.image_build.outcome == 'success' }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: Podspec path: ./podspec.yaml @@ -192,7 +192,7 @@ jobs: - name: "${{ env.APP_NAME }} -- Upload generated helm chart" if: ${{ steps.image_build.outcome == 'success' }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: HelmChart path: ./helm diff --git a/.github/workflows/build-multiarch-image.yml b/.github/workflows/build-multiarch-image.yml index b23b8326..0cdd8e42 100644 --- a/.github/workflows/build-multiarch-image.yml +++ b/.github/workflows/build-multiarch-image.yml @@ -1,5 +1,5 @@ # This file is maintained by velocitas CLI, do not modify manually. Change settings in .velocitas.json -# Copyright (c) 2022 Robert Bosch GmbH and Microsoft Corporation +# Copyright (c) 2022-2024 Contributors to the Eclipse Foundation # # This program and the accompanying materials are made available under the # terms of the Apache License, Version 2.0 which is available at @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Get app-name id: export-app-name diff --git a/.github/workflows/check-devcontainer.yml b/.github/workflows/check-devcontainer.yml index 23491f0e..280a8568 100644 --- a/.github/workflows/check-devcontainer.yml +++ b/.github/workflows/check-devcontainer.yml @@ -1,5 +1,5 @@ # This file is maintained by velocitas CLI, do not modify manually. Change settings in .velocitas.json -# Copyright (c) 2023 Robert Bosch GmbH +# Copyright (c) 2023-2024 Contributors to the Eclipse Foundation # # This program and the accompanying materials are made available under the # terms of the Apache License, Version 2.0 which is available at @@ -27,14 +27,13 @@ on: schedule: - cron: "0 4 * * *" - jobs: automated-tests: runs-on: ubuntu-22.04 steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Build devcontainer and run automated tests uses: devcontainers/ci@v0.3 @@ -44,7 +43,7 @@ jobs: pytest -sx .devcontainer/tests - name: Upload logs - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 if: always() with: name: logs diff --git a/.github/workflows/check-licenses.yml b/.github/workflows/check-licenses.yml index a0e849a5..f218af9e 100644 --- a/.github/workflows/check-licenses.yml +++ b/.github/workflows/check-licenses.yml @@ -1,5 +1,5 @@ # This file is maintained by velocitas CLI, do not modify manually. Change settings in .velocitas.json -# Copyright (c) 2022-2023 Robert Bosch GmbH +# Copyright (c) 2022-2024 Contributors to the Eclipse Foundation # # This program and the accompanying materials are made available under the # terms of the Apache License, Version 2.0 which is available at @@ -34,10 +34,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Clone License Check Repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: repository: eclipse-velocitas/license-check ref: v1.2.3 @@ -52,8 +52,9 @@ jobs: generate-dash: true - name: Setup Java JDK - uses: actions/setup-java@v1.4.4 + uses: actions/setup-java@v4 with: + distribution: 'temurin' java-version: 11.0.19 - name: Run dash @@ -64,7 +65,7 @@ jobs: java -jar dash.jar clearlydefined.input -summary DEPENDENCIES - name: Upload dash input/output as artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 if: always() with: name: "dash-artifacts" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 333e3b81..5e4717d3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,5 +1,5 @@ # This file is maintained by velocitas CLI, do not modify manually. Change settings in .velocitas.json -# Copyright (c) 2022 Robert Bosch GmbH and Microsoft Corporation +# Copyright (c) 2022-2024 Contributors to the Eclipse Foundation # # This program and the accompanying materials are made available under the # terms of the Apache License, Version 2.0 which is available at @@ -37,7 +37,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - uses: de-vri-es/setup-git-credentials@v2 with: @@ -62,7 +62,7 @@ jobs: uses: ./.github/actions/pre-commit-action - name: Clone Release Documentation Action repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: repository: eclipse-velocitas/release-documentation-action path: "./.github/release-documentation/actions" @@ -78,7 +78,7 @@ jobs: --cov-branch ./app/tests/unit - name: Publish Test Report - uses: mikepenz/action-junit-report@v3 + uses: mikepenz/action-junit-report@v4 if: always() with: report_paths: ./results/UnitTest/junit.xml @@ -117,10 +117,10 @@ jobs: packagePath: results/Documentation/renderer - name: Upload test results as artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 if: always() with: - name: "test-results" + name: "test-results-unit-tests" path: | results/Documentation/renderer/* @@ -132,7 +132,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Get app-name id: export-app-name @@ -155,9 +155,9 @@ jobs: APP_NAME: ${{ needs.get-app-name.outputs.app_name }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: "3.10" @@ -172,7 +172,7 @@ jobs: velocitas init - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} @@ -195,12 +195,12 @@ jobs: - id: github-repository-name-case-adjusted name: Prepare repository name in lower case for docker upload. This supports repository names in mixed case - uses: ASzc/change-string-case-action@v5 + uses: ASzc/change-string-case-action@v6 with: string: ${{ github.repository }} - name: Download stored image from artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 env: VAPP_IMAGE: ${{ env.APP_NAME }}-amd64 with: @@ -221,7 +221,7 @@ jobs: pytest ./app/tests/integration --override-ini junit_family=xunit1 --junit-xml=./results/IntTest/junit.xml - name: Publish Test Report - uses: mikepenz/action-junit-report@v3 + uses: mikepenz/action-junit-report@v4 if: always() with: report_paths: ./results/IntTest/junit.xml @@ -230,7 +230,7 @@ jobs: annotate_only: true - name: Clone release documentation action repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: repository: eclipse-velocitas/release-documentation-action path: "./.github/actions" @@ -245,9 +245,19 @@ jobs: packagePath: ./results/Documentation/renderer - name: Upload integration test results as artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 if: always() with: - name: "test-results" + name: "test-results-integration-tests" path: | results/Documentation/renderer/* + +merge-test-results: + runs-on: ubuntu-latest + needs: run-integration-tests + steps: + - name: Merge Artifacts + uses: actions/upload-artifact/merge@v4 + with: + name: test-results + pattern: test-results-* diff --git a/.github/workflows/ensure-lifecycle.yml b/.github/workflows/ensure-lifecycle.yml index 7af8200e..86d2fc10 100644 --- a/.github/workflows/ensure-lifecycle.yml +++ b/.github/workflows/ensure-lifecycle.yml @@ -1,5 +1,5 @@ # This file is maintained by velocitas CLI, do not modify manually. Change settings in .velocitas.json -# Copyright (c) 2023 Robert Bosch GmbH +# Copyright (c) 2023-2024 Contributors to the Eclipse Foundation # # This program and the accompanying materials are made available under the # terms of the Apache License, Version 2.0 which is available at @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run CLI run: | diff --git a/.github/workflows/gen-desired-state.yml b/.github/workflows/gen-desired-state.yml index bd6e4f6f..eac7bbdf 100644 --- a/.github/workflows/gen-desired-state.yml +++ b/.github/workflows/gen-desired-state.yml @@ -1,5 +1,5 @@ # This file is maintained by velocitas CLI, do not modify manually. Change settings in .velocitas.json -# Copyright (c) 2023 Robert Bosch GmbH +# Copyright (c) 2023-2024 Contributors to the Eclipse Foundation # # This program and the accompanying materials are made available under the # terms of the Apache License, Version 2.0 which is available at @@ -29,9 +29,9 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: "3.10" @@ -46,7 +46,7 @@ jobs: - id: github-repository-name-case-adjusted name: Prepare repository name in lower case for docker upload. - uses: ASzc/change-string-case-action@v5 + uses: ASzc/change-string-case-action@v6 with: string: ${{ github.repository }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5266c345..3eb899ef 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,5 +1,5 @@ # This file is maintained by velocitas CLI, do not modify manually. Change settings in .velocitas.json -# Copyright (c) 2022 Robert Bosch GmbH and Microsoft Corporation +# Copyright (c) 2022-2024 Contributors to the Eclipse Foundation # # This program and the accompanying materials are made available under the # terms of the Apache License, Version 2.0 which is available at @@ -29,7 +29,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Get app-name id: export-app-name @@ -52,7 +52,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - id: get_version uses: battila7/get-version-action@v2 @@ -60,7 +60,7 @@ jobs: - run: echo "Using VehicleApp version ${{ steps.get_version.outputs.version-without-v }} from tag" - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} @@ -68,7 +68,7 @@ jobs: - id: github-repository-name-case-adjusted name: Prepare repository name in lower case for docker upload. - uses: ASzc/change-string-case-action@v5 + uses: ASzc/change-string-case-action@v6 with: string: ${{ github.repository }} @@ -81,7 +81,7 @@ jobs: intervalSeconds: 20 - name: Download builds from Build multiarch image workflow artifacts - uses: dawidd6/action-download-artifact@v2 + uses: dawidd6/action-download-artifact@v3 with: github_token: ${{secrets.GITHUB_TOKEN}} workflow: build-multiarch-image.yml @@ -123,15 +123,15 @@ jobs: APP_NAME: ${{ needs.get-app-name.outputs.app_name }} TEST_RESULT_FOLDER_NAME: test-results steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Clone Release Documentation Action repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: repository: eclipse-velocitas/release-documentation-action path: "./.github/actions" - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 with: node-version: "18" check-latest: true @@ -153,7 +153,7 @@ jobs: intervalSeconds: 10 - name: Download artifact from CI workflow - uses: dawidd6/action-download-artifact@v2 + uses: dawidd6/action-download-artifact@v3 with: workflow: ci.yml workflow_conclusion: success diff --git a/.velocitas.json b/.velocitas.json index f47a7573..451a0b3d 100644 --- a/.velocitas.json +++ b/.velocitas.json @@ -6,7 +6,7 @@ }, { "name": "devenv-github-workflows", - "version": "v4.1.2" + "version": "v4.1.3" }, { "name": "devenv-github-templates", diff --git a/NOTICE-3RD-PARTY-CONTENT.md b/NOTICE-3RD-PARTY-CONTENT.md index 5a79f83e..59003577 100644 --- a/NOTICE-3RD-PARTY-CONTENT.md +++ b/NOTICE-3RD-PARTY-CONTENT.md @@ -54,27 +54,27 @@ ## Workflows | Dependency | Version | License | |:-----------|:-------:|--------:| -|actions/checkout|v3|MIT License| -|actions/download-artifact|v3|MIT License| -|actions/setup-java|v1.4.4|MIT License| -|actions/setup-node|v3|MIT License| -|actions/setup-python|v4|MIT License| -|actions/upload-artifact|v3|MIT License| +|actions/checkout|v4|MIT License| +|actions/download-artifact|v4|MIT License| +|actions/setup-java|v4|MIT License| +|actions/setup-node|v4|MIT License| +|actions/setup-python|v5|MIT License| +|actions/upload-artifact|v4|MIT License| |aquasecurity/trivy-action|0.11.2|Apache License 2.0| -|ASzc/change-string-case-action|v5|ISC License| +|ASzc/change-string-case-action|v6|ISC License| |battila7/get-version-action|v2|MIT License| -|dawidd6/action-download-artifact|v2|MIT License| +|dawidd6/action-download-artifact|v3|MIT License| |de-vri-es/setup-git-credentials|v2|BSD 2-Clause "Simplified" License| |devcontainers/ci|v0.3|MIT License| -|docker/build-push-action|v4|Apache License 2.0| -|docker/login-action|v2|Apache License 2.0| -|docker/setup-buildx-action|v2|Apache License 2.0| -|docker/setup-qemu-action|v2|Apache License 2.0| +|docker/build-push-action|v5|Apache License 2.0| +|docker/login-action|v3|Apache License 2.0| +|docker/setup-buildx-action|v3|Apache License 2.0| +|docker/setup-qemu-action|v3|Apache License 2.0| |fountainhead/action-wait-for-check|v1.1.0|MIT License| |haya14busa/action-cond|v1|MIT License| |Homebrew/actions|master|BSD 2-Clause "Simplified" License| |irongut/CodeCoverageSummary|v1.3.0|MIT License| -|mikepenz/action-junit-report|v3|Apache License 2.0| +|mikepenz/action-junit-report|v4|Apache License 2.0| |peaceiris/actions-gh-pages|v3|MIT License| |peaceiris/actions-hugo|v2|MIT License| |softprops/action-gh-release|v1|MIT License|