chore(deps): update sonarsource/sonarqube-scan-action action to v5

.gitea/workflows/ci.yml

@@ -16,27 +16,18 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Run Hadolint
+      - uses: hadolint/hadolint-action@v3.1.0
-        uses: hadolint/hadolint-action@v3.1.0
         with:
           dockerfile: Dockerfile
           output-file: hadolint.out
           format: sonarqube
           no-fail: true
 
-      # - name: SonarQube Scan
+      - name: SonarQube Scan
-      #   uses: SonarSource/sonarqube-scan-action@v5.2.0
+        uses: SonarSource/sonarqube-scan-action@v5.0.0
-      #   env:
+        env:
-      #     SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
+          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
-      #     SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
-
-      # - name: Snyk SAST Scan
-      #   uses: snyk/actions/python@master
-      #   env:
-      #     SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-      #   with:
-      #     # command: snyk
-      #     args: snyk code test --all-projects --exclude=.archive
 
       - name: Snyk Vulnerability Scan
         uses: snyk/actions/python@master

.gitea/workflows/release.yml

@@ -3,30 +3,32 @@ on:
   workflow_dispatch:
   push:
     branches:
+      - master
       - main
-  # schedule:
-  #   - cron: '0 9 * * 0'
 
 jobs:
-
+  # test:
-  tag:
+  #   name: Test
-    name: Tag release
+  #   uses: ./.gitea/workflows/ci.yml@main
-    uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/release-with-tag.yaml@main
 
   create_release:
     name: Create Release
-    needs: tag
+    # needs: test
-    uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/create-release-preexisting-tag.yaml@main
+    uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/create-release.yml@main
-    with:
-      tag: ${{ needs.tag.outputs.tag_name }}
-      body: ${{ needs.tag.outputs.changelog }}
     secrets:
       ACTIONS_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
 
-  create_docker:
+  print_release:
+    name: Print Release
+    runs-on: ubuntu-latest
+    needs: create_release
+    steps:
+      - run: echo "Created release ${{ needs.create_release.outputs.release_name }}."
+
+  publish:
     name: Publish Docker Images
     runs-on: ubuntu-latest
-    needs: [tag, create_release]
+    needs: create_release
     steps:
       - name: Update Docker configuration
         continue-on-error: true
@@ -48,7 +50,7 @@ jobs:
         uses: actions/checkout@v4.2.2
         with:
           fetch-depth: 0
-          ref: ${{ needs.tag.outputs.tag_name }}
+          ref: ${{ needs.create_release.outputs.release_name }}
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
@@ -71,7 +73,7 @@ jobs:
         id: meta
         uses: docker/metadata-action@v5
         with:
-          tags: type=semver,pattern=v{{version}},value=${{ needs.tag.outputs.tag_name }}
+          tags: type=semver,pattern=v{{version}},value=${{ needs.create_release.outputs.release_name }}
           images: |
             ghcr.io/${{ vars.GHCR_USERNAME }}/${{ steps.split.outputs.repo }}
             ${{ vars.PACKAGES_REGISTRY_URL }}/${{ gitea.repository }}

Dockerfile

@@ -1,4 +1,4 @@
-FROM alpine:3.22 AS build
+FROM alpine:3.21 AS build
 LABEL maintainer="Luke Tainton <luke@tainton.uk>"
 
 FROM build AS webproc
@@ -9,7 +9,7 @@ RUN apk add --no-cache curl && \
     chmod +x /usr/local/bin/webproc
 
 FROM build AS dnsmasq
-RUN apk --no-cache add dnsmasq=2.91-r0
+RUN apk --no-cache add dnsmasq=2.90-r3
 COPY --from=webproc /usr/local/bin/webproc /usr/local/bin/webproc
 ENTRYPOINT ["webproc","-o","restart","-c","/etc/dnsmasq.conf","-c","/etc/hosts","-c","/etc/resolv.conf","--","dnsmasq","-k","--log-facility=-"]
 EXPOSE 53/udp 8080/tcp