diff --git a/.github/workflows/repository-openssf-scorecard.yml b/.github/workflows/repository-openssf-scorecard.yml index 6fe3bffae1..0ad371f7cc 100644 --- a/.github/workflows/repository-openssf-scorecard.yml +++ b/.github/workflows/repository-openssf-scorecard.yml @@ -35,7 +35,7 @@ jobs: - name: Upload SARIF results id: upload_sarif_results - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v3.1.0 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v3.1.0 with: name: SARIF results path: results.sarif diff --git a/.github/workflows/reusable-workflow-containers.yml b/.github/workflows/reusable-workflow-containers.yml index 484c8f269b..418b675184 100644 --- a/.github/workflows/reusable-workflow-containers.yml +++ b/.github/workflows/reusable-workflow-containers.yml @@ -182,7 +182,7 @@ jobs: - name: Scan Image id: scan_image - uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca # v0.16.1 + uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # v0.17.0 with: image-ref: ${{ needs.prepare-environment.outputs.name }}:${{ needs.prepare-environment.outputs.version }} exit-code: 1 @@ -194,7 +194,7 @@ jobs: - name: Scan Image (On SARIF Scan Failure) if: failure() && steps.scan_image.outcome == 'failure' id: scan_image_on_failure - uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca # v0.16.1 + uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # v0.17.0 with: image-ref: ${{ needs.prepare-environment.outputs.name }}:${{ needs.prepare-environment.outputs.version }} exit-code: 1 diff --git a/.github/workflows/reusable-workflow-terraform.yml b/.github/workflows/reusable-workflow-terraform.yml index ddb6cece2c..4066c20d3f 100644 --- a/.github/workflows/reusable-workflow-terraform.yml +++ b/.github/workflows/reusable-workflow-terraform.yml @@ -62,7 +62,7 @@ jobs: - name: Trivy if: github.ref != 'refs/heads/main' id: terraform_static_analysis_trivy - uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca # v0.16.1 + uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # v0.17.0 with: scan-type: config scan-ref: ${{ env.working-directory }} diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index ce82291457..eff716b720 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -24,7 +24,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: trivy id: terraform_static_analysis_trivy - uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca # v0.16.1 + uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # v0.17.0 with: scan-type: config ignore-unfixed: true diff --git a/terraform/aws/analytical-platform-data-engineering-production/10ds/.terraform.lock.hcl b/terraform/aws/analytical-platform-data-engineering-production/10ds/.terraform.lock.hcl index 5c58098fa9..4d4ea8e8de 100644 --- a/terraform/aws/analytical-platform-data-engineering-production/10ds/.terraform.lock.hcl +++ b/terraform/aws/analytical-platform-data-engineering-production/10ds/.terraform.lock.hcl @@ -2,25 +2,25 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.34.0" - constraints = ">= 3.29.0, >= 4.66.0, >= 5.20.0, 5.34.0" + version = "5.35.0" + constraints = ">= 3.29.0, >= 4.66.0, >= 5.20.0, 5.35.0" hashes = [ - "h1:1UEoNI8LGCKvrl0+60qYm0wY8uOoKmF0W+HnuAI1U4k=", - "h1:Tbq6dKE+XyXmkup6+7eQj2vH+eCJipk8R3VXhebVYi4=", - "zh:01bb20ae12b8c66f0cacec4f417a5d6741f018009f3a66077008e67cce127aa4", - "zh:3b0c9bdbbf846beef2c9573fc27898ceb71b69cf9d2f4b1dd2d0c2b539eab114", - "zh:5226ecb9c21c2f6fbf1d662ac82459ffcd4ad058a9ea9c6200750a21a80ca009", - "zh:6021b905d9b3cd3d7892eb04d405c6fa20112718de1d6ef7b9f1db0b0c97721a", + "h1:886w+yaOrX4MMsW62Jxk9/nFKWQTzQsCwtXrLqi2JIs=", + "h1:fggCACmhwwn6NOo3D6xY6WDyZfBSbMIb47X/MOC+zqE=", + "zh:3a2a6f40db82d30ea8c5e3e251ca5e16b08e520570336e7e342be823df67e945", + "zh:420a23b69b412438a15b8b2e2c9aac2cf2e4976f990f117e4bf8f630692d3949", + "zh:4d8b887f6a71b38cff77ad14af9279528433e279eed702d96b81ea48e16e779c", + "zh:4edd41f8e1c7d29931608a7b01a7ae3d89d6f95ef5502cf8200f228a27917c40", + "zh:6337544e2ded5cf37b55a70aa6ce81c07fd444a2644ff3c5aad1d34680051bdc", + "zh:668faa3faaf2e0758bf319ea40d2304340f4a2dc2cd24460ddfa6ab66f71b802", + "zh:79ddc6d7c90e59fdf4a51e6ea822ba9495b1873d6a9d70daf2eeaf6fc4eb6ff3", + "zh:885822027faf1aa57787f980ead7c26e7d0e55b4040d926b65709b764f804513", + "zh:8c50a8f397b871388ff2e048f5eb280af107faa2e8926694f1ffd9f32a7a7cdf", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:9e61b8e0ccf923979cd2dc1f1140dbcb02f92248578e10c1996f560b6306317c", - "zh:ad6bf62cdcf531f2f92f6416822918b7ba2af298e4a0065c6baf44991fda982d", - "zh:b698b041ef38837753bbe5265dddbc70b76e8b8b34c5c10876e6aab0eb5eaf63", - "zh:bb799843c534f6a3f072a99d93a3b53ff97c58a96742be15518adf8127706784", - "zh:cebee0d942c37cd3b21e9050457cceb26d0a6ea886b855dab64bb67d78f863d1", - "zh:e061fdd1cb99e7c81fb4485b41ae000c6792d38f73f9f50aed0d3d5c2ce6dcfb", - "zh:eeb4943f82734946362696928336357cd1d36164907ae5905da0316a67e275e1", - "zh:ef09b6ad475efa9300327a30cbbe4373d817261c8e41e5b7391750b16ef4547d", - "zh:f01aab3881cd90b3f56da7c2a75f83da37fd03cc615fc5600a44056a7e0f9af7", - "zh:fcd0f724ebc4b56a499eb6c0fc602de609af18a0d578befa2f7a8df155c55550", + "zh:a2f5d2553df5573a060641f18ee7585587047c25ba73fd80617f59b5893d22b4", + "zh:c43833ae2a152213ee92eb5be7653f9493779eddbe0ce403ea49b5f1d87fd766", + "zh:dab01527a3a55b4f0f958af6f46313d775e27f9ad9d10bedbbfea4a35a06dc5f", + "zh:ed49c65620ec42718d681a7fc00c166c295ff2795db6cede2c690b83f9fb3e65", + "zh:f0a358c0ae1087c466d0fbcc3b4da886f33f881a145c3836ec43149878b86a1a", ] } diff --git a/terraform/aws/analytical-platform-data-engineering-production/10ds/terraform.tf b/terraform/aws/analytical-platform-data-engineering-production/10ds/terraform.tf index 8ae2c87aea..071f8eacc3 100644 --- a/terraform/aws/analytical-platform-data-engineering-production/10ds/terraform.tf +++ b/terraform/aws/analytical-platform-data-engineering-production/10ds/terraform.tf @@ -10,7 +10,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "5.34.0" + version = "5.35.0" } } required_version = "~> 1.5" diff --git a/terraform/cloud-platform/live/data-platform-production/actions-runners/create-a-derived-table.tf b/terraform/cloud-platform/live/data-platform-production/actions-runners/create-a-derived-table.tf index 0295816497..c4ae96ac5c 100644 --- a/terraform/cloud-platform/live/data-platform-production/actions-runners/create-a-derived-table.tf +++ b/terraform/cloud-platform/live/data-platform-production/actions-runners/create-a-derived-table.tf @@ -17,6 +17,11 @@ resource "helm_release" "create_a_derived_table" { chart = "actions-runner" namespace = "data-platform-production" + set { + name = "replicaCount" + value = 2 + } + set { name = "github.organisation" value = "moj-analytical-services" diff --git a/terraform/dpat-eks/production/actions-runners/create-a-derived-table.tf b/terraform/dpat-eks/production/actions-runners/create-a-derived-table.tf index 02948f1038..fca24c146f 100644 --- a/terraform/dpat-eks/production/actions-runners/create-a-derived-table.tf +++ b/terraform/dpat-eks/production/actions-runners/create-a-derived-table.tf @@ -17,6 +17,11 @@ resource "helm_release" "create_a_derived_table" { chart = "actions-runner" namespace = "actions-runners" + set { + name = "replicaCount" + value = 2 + } + set { name = "github.organisation" value = "moj-analytical-services"