actions/gha-workflows
5
1
Fork 0
Code Issues Pull Requests Actions Packages Releases Activity

Compare commits

base: actions:main
Branches Tags
actions:main
..
compare: actions:89548cba4190bcf094f25504027e43e1aebffc66
Branches Tags
actions:main

1 Commits
main ... 89548cba41

Author SHA1 Message Date
Renovate [BOT]
89548cba41 chore(deps): update actions/checkout action to v5 2025-09-09 13:11:34 +00:00
20 changed files with 63 additions and 66 deletions
Expand all files Collapse all files

2
.gitea/workflows/build-push-docker.yml
View File

@@ -43,7 +43,7 @@ jobs:
REPO: ${{ gitea.repository }} REPO: ${{ gitea.repository }}
- name: Check out repository - name: Check out repository
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
ref: ${{ inputs.release }} ref: ${{ inputs.release }}

2
.gitea/workflows/changelog.yaml
View File

@@ -19,7 +19,7 @@ jobs:
clean_changelog: ${{ steps.get_next_version.outputs.clean_changelog }} clean_changelog: ${{ steps.get_next_version.outputs.clean_changelog }}
steps: steps:
- name: Check out repository - name: Check out repository
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0

6
.gitea/workflows/ci-docker.yml
View File

@@ -12,11 +12,11 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out repository code - name: Check out repository code
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
- uses: hadolint/hadolint-action@v3.3.0 - uses: hadolint/hadolint-action@v3.2.0
with: with:
dockerfile: Dockerfile dockerfile: Dockerfile
output-file: hadolint.out output-file: hadolint.out
@@ -24,7 +24,7 @@ jobs:
no-fail: true no-fail: true
- name: SonarQube Cloud Scan - name: SonarQube Cloud Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0 uses: SonarSource/sonarqube-scan-action@v5.3.1
env: env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

10
.gitea/workflows/ci-python-poetry-with-docker.yml
View File

@@ -20,11 +20,11 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out repository code - name: Check out repository code
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
- uses: hadolint/hadolint-action@v3.3.0 - uses: hadolint/hadolint-action@v3.2.0
with: with:
dockerfile: Dockerfile dockerfile: Dockerfile
output-file: hadolint.out output-file: hadolint.out
@@ -32,7 +32,7 @@ jobs:
no-fail: true no-fail: true
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v6 uses: actions/setup-python@v5
with: with:
python-version: "${{ inputs.python-version }}" python-version: "${{ inputs.python-version }}"
@@ -44,7 +44,7 @@ jobs:
poetry config virtualenvs.create true --local poetry config virtualenvs.create true --local
poetry config virtualenvs.in-project true --local poetry config virtualenvs.in-project true --local
- uses: actions/cache@v5 - uses: actions/cache@v4
name: Define cache for dependencies name: Define cache for dependencies
with: with:
path: ./.venv path: ./.venv
@@ -66,7 +66,7 @@ jobs:
sed -i 's@${{ gitea.workspace }}@/github/workspace@g' coverage.xml sed -i 's@${{ gitea.workspace }}@/github/workspace@g' coverage.xml
- name: SonarQube Cloud Scan - name: SonarQube Cloud Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0 uses: SonarSource/sonarqube-scan-action@v5.3.1
env: env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

8
.gitea/workflows/ci-python-poetry.yml
View File

@@ -20,12 +20,12 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out repository code - name: Check out repository code
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v6 uses: actions/setup-python@v5
with: with:
python-version: "${{ inputs.python-version }}" python-version: "${{ inputs.python-version }}"
@@ -37,7 +37,7 @@ jobs:
poetry config virtualenvs.create true --local poetry config virtualenvs.create true --local
poetry config virtualenvs.in-project true --local poetry config virtualenvs.in-project true --local
- uses: actions/cache@v5 - uses: actions/cache@v4
name: Define cache for dependencies name: Define cache for dependencies
with: with:
path: ./.venv path: ./.venv
@@ -57,7 +57,7 @@ jobs:
sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
- name: SonarQube Cloud Scan - name: SonarQube Cloud Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0 uses: SonarSource/sonarqube-scan-action@v5.3.1
env: env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

10
.gitea/workflows/ci-python-uv-with-docker.yml
View File

@@ -19,12 +19,12 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out repository code - name: Check out repository code
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Run Hadolint - name: Run Hadolint
uses: hadolint/hadolint-action@v3.3.0 uses: hadolint/hadolint-action@v3.2.0
with: with:
dockerfile: Dockerfile dockerfile: Dockerfile
output-file: hadolint.out output-file: hadolint.out
@@ -32,12 +32,12 @@ jobs:
no-fail: true no-fail: true
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v6 uses: actions/setup-python@v5
with: with:
python-version: "${{ vars.PYTHON_VERSION }}" python-version: "${{ vars.PYTHON_VERSION }}"
- name: uv cache - name: uv cache
uses: actions/cache@v5 uses: actions/cache@v4
with: with:
path: /tmp/.uv-cache path: /tmp/.uv-cache
key: uv-${{ runner.os }}-${{ hashFiles('uv.lock') }} key: uv-${{ runner.os }}-${{ hashFiles('uv.lock') }}
@@ -63,7 +63,7 @@ jobs:
run: uv cache prune --ci run: uv cache prune --ci
- name: SonarQube Scan - name: SonarQube Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0 uses: SonarSource/sonarqube-scan-action@v5.3.1
env: env:
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

10
.gitea/workflows/ci-python-with-docker.yml
View File

@@ -17,11 +17,11 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out repository code - name: Check out repository code
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
- uses: hadolint/hadolint-action@v3.3.0 - uses: hadolint/hadolint-action@v3.2.0
with: with:
dockerfile: Dockerfile dockerfile: Dockerfile
output-file: hadolint.out output-file: hadolint.out
@@ -29,14 +29,14 @@ jobs:
no-fail: true no-fail: true
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v6 uses: actions/setup-python@v5
with: with:
python-version: "${{ inputs.python-version }}" python-version: "${{ inputs.python-version }}"
- name: Update Pip - name: Update Pip
run: pip install -U pip run: pip install -U pip
- uses: actions/cache@v5 - uses: actions/cache@v4
name: Define cache for dependencies name: Define cache for dependencies
with: with:
path: . path: .
@@ -58,7 +58,7 @@ jobs:
sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
- name: SonarQube Cloud Scan - name: SonarQube Cloud Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0 uses: SonarSource/sonarqube-scan-action@v5.3.1
env: env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

8
.gitea/workflows/ci-python.yml
View File

@@ -17,19 +17,19 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out repository code - name: Check out repository code
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v6 uses: actions/setup-python@v5
with: with:
python-version: "${{ inputs.python-version }}" python-version: "${{ inputs.python-version }}"
- name: Update Pip - name: Update Pip
run: pip install -U pip run: pip install -U pip
- uses: actions/cache@v5 - uses: actions/cache@v4
name: Define cache for dependencies name: Define cache for dependencies
with: with:
path: . path: .
@@ -51,7 +51,7 @@ jobs:
sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
- name: SonarQube Cloud Scan - name: SonarQube Cloud Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0 uses: SonarSource/sonarqube-scan-action@v5.3.1
env: env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

4
.gitea/workflows/create-release.yml
View File

@@ -19,7 +19,7 @@ jobs:
clean_changelog: ${{ steps.get_next_version.outputs.clean_changelog }} clean_changelog: ${{ steps.get_next_version.outputs.clean_changelog }}
steps: steps:
- name: Check out repository - name: Check out repository
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
@@ -72,7 +72,7 @@ jobs:
needs: get_next_release needs: get_next_release
steps: steps:
- name: Check out repository - name: Check out repository
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0

10
.gitea/workflows/docker-compose-deploy.yml
View File

@@ -24,7 +24,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: "[ON RUNNER] Notify Build Start" - name: "[ON RUNNER] Notify Build Start"
uses: https://git.tainton.uk/actions/pushover-action@v1.1.4 uses: https://git.tainton.uk/actions/pushover-action@v1.1.3
env: env:
PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }} PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }}
PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }} PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }}
@@ -35,7 +35,7 @@ jobs:
url_title: 'View Logs' url_title: 'View Logs'
- name: "[ON RUNNER] Checkout the repo" - name: "[ON RUNNER] Checkout the repo"
uses: actions/checkout@v6 uses: actions/checkout@v5
- name: "[ON RUNNER] Set project variables" - name: "[ON RUNNER] Set project variables"
run: | run: |
@@ -54,7 +54,7 @@ jobs:
ALLSECRETS: ${{ toJSON(secrets) }} ALLSECRETS: ${{ toJSON(secrets) }}
- name: "[ON HOST] Make directory if not exists" - name: "[ON HOST] Make directory if not exists"
uses: appleboy/ssh-action@v1.2.4 uses: appleboy/ssh-action@v1.2.2
with: with:
host: ${{ secrets.DEPLOY_HOST }} host: ${{ secrets.DEPLOY_HOST }}
username: ${{ secrets.DEPLOY_USERNAME }} username: ${{ secrets.DEPLOY_USERNAME }}
@@ -74,7 +74,7 @@ jobs:
target: "${{ env.project_folder }}/" target: "${{ env.project_folder }}/"
- name: "[ON HOST] Deploy Stack" - name: "[ON HOST] Deploy Stack"
uses: appleboy/ssh-action@v1.2.4 uses: appleboy/ssh-action@v1.2.2
with: with:
host: ${{ secrets.DEPLOY_HOST }} host: ${{ secrets.DEPLOY_HOST }}
username: ${{ secrets.DEPLOY_USERNAME }} username: ${{ secrets.DEPLOY_USERNAME }}
@@ -85,7 +85,7 @@ jobs:
docker compose --env-file .env up --detach docker compose --env-file .env up --detach
- name: "[ON RUNNER] Notify Build End" - name: "[ON RUNNER] Notify Build End"
uses: https://git.tainton.uk/actions/pushover-action@v1.1.4 uses: https://git.tainton.uk/actions/pushover-action@v1.1.3
env: env:
PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }} PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }}
PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }} PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }}

6
.gitea/workflows/docker-compose-remove.yml
View File

@@ -24,7 +24,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: "[ON RUNNER] Notify Build Start" - name: "[ON RUNNER] Notify Build Start"
uses: https://git.tainton.uk/actions/pushover-action@v1.1.4 uses: https://git.tainton.uk/actions/pushover-action@v1.1.3
env: env:
PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }} PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }}
PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }} PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }}
@@ -41,7 +41,7 @@ jobs:
echo "project_folder=/home/${{ secrets.DEPLOY_USERNAME }}/$projectname" >> $GITEA_ENV echo "project_folder=/home/${{ secrets.DEPLOY_USERNAME }}/$projectname" >> $GITEA_ENV
- name: "[ON HOST] Remove Stack" - name: "[ON HOST] Remove Stack"
uses: appleboy/ssh-action@v1.2.4 uses: appleboy/ssh-action@v1.2.2
with: with:
host: ${{ secrets.DEPLOY_HOST }} host: ${{ secrets.DEPLOY_HOST }}
username: ${{ secrets.DEPLOY_USERNAME }} username: ${{ secrets.DEPLOY_USERNAME }}
@@ -54,7 +54,7 @@ jobs:
rm -rf ${{ env.project_folder }} rm -rf ${{ env.project_folder }}
- name: "[ON RUNNER] Notify Build End" - name: "[ON RUNNER] Notify Build End"
uses: https://git.tainton.uk/actions/pushover-action@v1.1.4 uses: https://git.tainton.uk/actions/pushover-action@v1.1.3
env: env:
PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }} PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }}
PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }} PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }}

2
.gitea/workflows/release-with-tag.yaml
View File

@@ -19,7 +19,7 @@ jobs:
clean_changelog: ${{ steps.get_next_version.outputs.clean_changelog }} clean_changelog: ${{ steps.get_next_version.outputs.clean_changelog }}
steps: steps:
- name: Check out repository - name: Check out repository
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0

2
.github/workflows/build-push-attest-docker.yml vendored
View File

@@ -24,7 +24,7 @@ jobs:
success: ${{ steps.set_flag.outputs.success }} success: ${{ steps.set_flag.outputs.success }}
steps: steps:
- name: Check out the repo - name: Check out the repo
uses: actions/checkout@v6 uses: actions/checkout@v5
with: with:
ref: ${{ inputs.release }} ref: ${{ inputs.release }}

8
.github/workflows/ci-docker.yml vendored
View File

@@ -12,17 +12,17 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out repository code - name: Check out repository code
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
- uses: hadolint/hadolint-action@v3.3.0 - uses: hadolint/hadolint-action@v3.2.0
with: with:
dockerfile: Dockerfile dockerfile: Dockerfile
output-file: hadolint.out output-file: hadolint.out
format: sonarqube format: sonarqube
no-fail: true no-fail: true
- name: SonarQube Cloud Scan - name: SonarQube Cloud Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0 uses: SonarSource/sonarqube-scan-action@v5.3.1
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
@@ -34,7 +34,7 @@ jobs:
with: with:
args: --sarif-file-output=snyk.sarif --all-projects args: --sarif-file-output=snyk.sarif --all-projects
- name: Upload result to GitHub Code Scanning - name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v4 uses: github/codeql-action/upload-sarif@v3
with: with:
sarif_file: snyk.sarif sarif_file: snyk.sarif

10
.github/workflows/ci-python-poetry-with-docker.yml vendored
View File

@@ -22,17 +22,17 @@ jobs:
PYTHON_VERSION=${{ inputs.python-version }} PYTHON_VERSION=${{ inputs.python-version }}
echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT
- name: Check out repository code - name: Check out repository code
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
- uses: hadolint/hadolint-action@v3.3.0 - uses: hadolint/hadolint-action@v3.2.0
with: with:
dockerfile: Dockerfile dockerfile: Dockerfile
output-file: hadolint.out output-file: hadolint.out
format: sonarqube format: sonarqube
no-fail: true no-fail: true
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v6 uses: actions/setup-python@v5
with: with:
python-version: "${{ steps.python-version.outputs.value }}" python-version: "${{ steps.python-version.outputs.value }}"
- name: Setup Poetry - name: Setup Poetry
@@ -49,7 +49,7 @@ jobs:
poetry run coverage xml poetry run coverage xml
sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
- name: SonarQube Cloud Scan - name: SonarQube Cloud Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0 uses: SonarSource/sonarqube-scan-action@v5.3.1
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
@@ -61,6 +61,6 @@ jobs:
with: with:
args: --sarif-file-output=snyk.sarif --all-projects args: --sarif-file-output=snyk.sarif --all-projects
- name: Upload result to GitHub Code Scanning - name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v4 uses: github/codeql-action/upload-sarif@v3
with: with:
sarif_file: snyk.sarif sarif_file: snyk.sarif

8
.github/workflows/ci-python-poetry.yml vendored
View File

@@ -22,11 +22,11 @@ jobs:
PYTHON_VERSION=${{ inputs.python-version }} PYTHON_VERSION=${{ inputs.python-version }}
echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT
- name: Check out repository code - name: Check out repository code
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v6 uses: actions/setup-python@v5
with: with:
python-version: "${{ steps.python-version.outputs.value }}" python-version: "${{ steps.python-version.outputs.value }}"
- name: Setup Poetry - name: Setup Poetry
@@ -41,7 +41,7 @@ jobs:
poetry run coverage xml poetry run coverage xml
sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
- name: SonarQube Cloud Scan - name: SonarQube Cloud Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0 uses: SonarSource/sonarqube-scan-action@v5.3.1
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
@@ -53,6 +53,6 @@ jobs:
with: with:
args: --sarif-file-output=snyk.sarif --all-projects args: --sarif-file-output=snyk.sarif --all-projects
- name: Upload result to GitHub Code Scanning - name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v4 uses: github/codeql-action/upload-sarif@v3
with: with:
sarif_file: snyk.sarif sarif_file: snyk.sarif

10
.github/workflows/ci-python-with-docker.yml vendored
View File

@@ -22,17 +22,17 @@ jobs:
PYTHON_VERSION=${{ inputs.python-version }} PYTHON_VERSION=${{ inputs.python-version }}
echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT
- name: Check out repository code - name: Check out repository code
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
- uses: hadolint/hadolint-action@v3.3.0 - uses: hadolint/hadolint-action@v3.2.0
with: with:
dockerfile: Dockerfile dockerfile: Dockerfile
output-file: hadolint.out output-file: hadolint.out
format: sonarqube format: sonarqube
no-fail: true no-fail: true
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v6 uses: actions/setup-python@v5
with: with:
python-version: "${{ steps.python-version.outputs.value }}" python-version: "${{ steps.python-version.outputs.value }}"
- name: Update Pip - name: Update Pip
@@ -50,7 +50,7 @@ jobs:
coverage xml coverage xml
sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
- name: SonarQube Cloud Scan - name: SonarQube Cloud Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0 uses: SonarSource/sonarqube-scan-action@v5.3.1
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
@@ -62,6 +62,6 @@ jobs:
with: with:
args: --sarif-file-output=snyk.sarif --all-projects args: --sarif-file-output=snyk.sarif --all-projects
- name: Upload result to GitHub Code Scanning - name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v4 uses: github/codeql-action/upload-sarif@v3
with: with:
sarif_file: snyk.sarif sarif_file: snyk.sarif

8
.github/workflows/ci-python.yml vendored
View File

@@ -22,11 +22,11 @@ jobs:
PYTHON_VERSION=${{ inputs.python-version }} PYTHON_VERSION=${{ inputs.python-version }}
echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT
- name: Check out repository code - name: Check out repository code
uses: actions/checkout@v6.0.1 uses: actions/checkout@v5.0.0
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v6 uses: actions/setup-python@v5
with: with:
python-version: "${{ steps.python-version.outputs.value }}" python-version: "${{ steps.python-version.outputs.value }}"
- name: Update Pip - name: Update Pip
@@ -44,7 +44,7 @@ jobs:
coverage xml coverage xml
sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
- name: SonarQube Cloud Scan - name: SonarQube Cloud Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0 uses: SonarSource/sonarqube-scan-action@v5.3.1
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
@@ -56,6 +56,6 @@ jobs:
with: with:
args: --sarif-file-output=snyk.sarif --all-projects args: --sarif-file-output=snyk.sarif --all-projects
- name: Upload result to GitHub Code Scanning - name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v4 uses: github/codeql-action/upload-sarif@v3
with: with:
sarif_file: snyk.sarif sarif_file: snyk.sarif

2
.github/workflows/create-release.yml vendored
View File

@@ -17,7 +17,7 @@ jobs:
release_name: ${{ steps.tag_version.outputs.new_tag }} release_name: ${{ steps.tag_version.outputs.new_tag }}
success: ${{ steps.set_flag.outputs.success }} success: ${{ steps.set_flag.outputs.success }}
steps: steps:
- uses: actions/checkout@v6 - uses: actions/checkout@v5
with: with:
fetch-depth: 0 fetch-depth: 0

3
renovate.json
View File

@@ -11,9 +11,6 @@
"assigneesFromCodeOwners": false, "assigneesFromCodeOwners": false,
"rebaseWhen": "behind-base-branch", "rebaseWhen": "behind-base-branch",
"rollbackPrs": true, "rollbackPrs": true,
"semanticCommits": "enabled",
"semanticCommitScope": "deps",
"semanticCommitType": "feat",
"labels": [ "labels": [
"type/dependencies" "type/dependencies"
], ],