mirror of
https://github.com/project-zot/zot.git
synced 2026-06-18 21:48:04 +08:00
chore: fix dependabot alerts (#3657)
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>
This commit is contained in:
Ramkumar Chinchani
committed by
GitHub
GitHub
parent
ed40bfd689
commit
3a349dccec
@@ -24,7 +24,7 @@ jobs:
|
||||
run: make BENCH_OUTPUT=ci-cd run-bench
|
||||
# Download previous benchmark result from cache (if exists)
|
||||
- name: Download previous benchmark data
|
||||
uses: actions/cache@v4
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: ./cache
|
||||
key: ${{ runner.os }}-gen1-benchmark
|
||||
|
||||
@@ -33,7 +33,7 @@ jobs:
|
||||
go-version: 1.25.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@v4
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
@@ -42,7 +42,7 @@ jobs:
|
||||
${{ runner.os }}-go-mod-
|
||||
- name: Cache go build output
|
||||
id: cache-go-build
|
||||
uses: actions/cache@v4
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: |
|
||||
~/.cache/go-build
|
||||
|
||||
@@ -161,7 +161,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for push-pull tests
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: logs-push-pull-bolt
|
||||
@@ -203,7 +203,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for cidr tests
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-cidr-bolt
|
||||
@@ -238,7 +238,7 @@ jobs:
|
||||
zip logs-src-ips-bolt.zip /tmp/*.log -r
|
||||
|
||||
- name: Upload zot logs for src-ips tests
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-ips-bolt
|
||||
@@ -247,7 +247,7 @@ jobs:
|
||||
|
||||
# Download previous benchmark result from cache (if exists)
|
||||
- name: Download previous benchmark data
|
||||
uses: actions/cache@v4
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: ./cache
|
||||
key: ${{ runner.os }}-gen1-benchmark-stateless-cluster
|
||||
@@ -425,7 +425,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for push-pull tests
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: logs-push-pull-redis
|
||||
@@ -467,7 +467,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for cidr tests
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-cidr-redis
|
||||
@@ -502,7 +502,7 @@ jobs:
|
||||
zip logs-src-ips-redis.zip /tmp/*.log -r
|
||||
|
||||
- name: Upload zot logs for src-ips tests
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-ips-redis
|
||||
@@ -511,7 +511,7 @@ jobs:
|
||||
|
||||
# Download previous benchmark result from cache (if exists)
|
||||
- name: Download previous benchmark data
|
||||
uses: actions/cache@v4
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: ./cache
|
||||
key: ${{ runner.os }}-gen1-benchmark-stateless-cluster-redis
|
||||
|
||||
@@ -54,7 +54,7 @@ jobs:
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v4.31.7
|
||||
uses: github/codeql-action/init@v4.31.8
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
# If you wish to specify custom queries, you can do so here or in a config file.
|
||||
@@ -65,7 +65,7 @@ jobs:
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
||||
# If this step fails, then you should remove it and run the build manually (see below)
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@v4.31.7
|
||||
uses: github/codeql-action/autobuild@v4.31.8
|
||||
|
||||
# ℹ️ Command-line programs to run using the OS shell.
|
||||
# 📚 https://git.io/JvXDl
|
||||
@@ -78,4 +78,4 @@ jobs:
|
||||
# make release
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v4.31.7
|
||||
uses: github/codeql-action/analyze@v4.31.8
|
||||
|
||||
@@ -109,7 +109,7 @@ jobs:
|
||||
run: |
|
||||
find /tmp/zot-ft-logs -name '*.log' -print0 | xargs -0 cat
|
||||
- name: Upload DynamoDB zot logs as build artifact
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-dynamodb-logs
|
||||
@@ -147,7 +147,7 @@ jobs:
|
||||
run: |
|
||||
find /tmp/zot-ft-logs/redis -name '*.log' -print0 | xargs -0 cat
|
||||
- name: Upload Redis zot logs as build artifact
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-redis-logs
|
||||
@@ -172,7 +172,7 @@ jobs:
|
||||
echo "Redis scale-out tests failed"
|
||||
exit 1
|
||||
- name: Upload zb test results zip as build artifact
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: zb-cloud-scale-out-functional-results-${{ github.sha }}
|
||||
|
||||
@@ -38,7 +38,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: gc-referrers-bench-local
|
||||
@@ -77,7 +77,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: gc-bench-local
|
||||
@@ -159,7 +159,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: gc-referrers-bench-s3
|
||||
@@ -243,7 +243,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: gc-bench-s3
|
||||
|
||||
@@ -250,7 +250,7 @@ jobs:
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
continue-on-error: true
|
||||
- name: Upload zot logs as build artifact
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-dynamodb-logs
|
||||
@@ -279,7 +279,7 @@ jobs:
|
||||
exit 1
|
||||
- name: Upload zb test results zip as build artifact
|
||||
if: steps.scale.outcome == 'success'
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
with:
|
||||
name: zb-cloud-scale-out-perf-results-${{ github.sha }}
|
||||
path: ./zb-results/
|
||||
@@ -336,7 +336,7 @@ jobs:
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
continue-on-error: true
|
||||
- name: Upload zot logs as build artifact
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-redis-logs
|
||||
@@ -365,7 +365,7 @@ jobs:
|
||||
exit 1
|
||||
- name: Upload zb test results zip as build artifact
|
||||
if: steps.scale.outcome == 'success'
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
with:
|
||||
name: zb-cloud-scale-out-redis-results-${{ github.sha }}
|
||||
path: ./zb-results/
|
||||
|
||||
@@ -59,7 +59,7 @@ jobs:
|
||||
- run: mkdir -p .out/ && mv {report.html,junit.xml} .out/
|
||||
if: always()
|
||||
- name: Upload test results zip as build artifact
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
with:
|
||||
name: oci-test-results-${{ github.sha }}
|
||||
path: .out/
|
||||
|
||||
@@ -253,7 +253,7 @@ jobs:
|
||||
TRIVY_USERNAME: ${{ github.actor }}
|
||||
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Upload Trivy scan results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@v4.31.7
|
||||
uses: github/codeql-action/upload-sarif@v4.31.8
|
||||
with:
|
||||
sarif_file: 'trivy-results.sarif'
|
||||
|
||||
@@ -290,7 +290,7 @@ jobs:
|
||||
TRIVY_USERNAME: ${{ github.actor }}
|
||||
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Upload Trivy scan results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@v4.31.7
|
||||
uses: github/codeql-action/upload-sarif@v4.31.8
|
||||
with:
|
||||
sarif_file: 'trivy-results.sarif'
|
||||
|
||||
|
||||
@@ -49,7 +49,7 @@ jobs:
|
||||
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
||||
# format to the repository Actions tab.
|
||||
- name: "Upload artifact"
|
||||
uses: actions/upload-artifact@v5 # v3.0.0
|
||||
uses: actions/upload-artifact@v6 # v3.0.0
|
||||
with:
|
||||
name: SARIF file
|
||||
path: results.sarif
|
||||
@@ -57,6 +57,6 @@ jobs:
|
||||
|
||||
# Upload the results to GitHub's code scanning dashboard.
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@v4.31.7
|
||||
uses: github/codeql-action/upload-sarif@v4.31.8
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
||||
+10
-10
@@ -24,7 +24,7 @@ jobs:
|
||||
go-version: 1.25.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@v4
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
@@ -47,7 +47,7 @@ jobs:
|
||||
AWS_ACCESS_KEY_ID: fake
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
- name: upload coverage
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
with:
|
||||
name: coverage-minimal
|
||||
path: coverage-minimal.txt
|
||||
@@ -63,7 +63,7 @@ jobs:
|
||||
go-version: 1.25.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@v4
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
@@ -86,7 +86,7 @@ jobs:
|
||||
AWS_ACCESS_KEY_ID: fake
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
- name: upload coverage
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
with:
|
||||
name: coverage-extended
|
||||
path: coverage-extended.txt
|
||||
@@ -102,7 +102,7 @@ jobs:
|
||||
go-version: 1.25.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@v4
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
@@ -117,7 +117,7 @@ jobs:
|
||||
- name: run zot development-mode unit tests (possibly using failure injection)
|
||||
run: make test-devmode
|
||||
- name: upload coverage
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
with:
|
||||
name: coverage-devmode
|
||||
path: coverage-dev-*.txt
|
||||
@@ -132,7 +132,7 @@ jobs:
|
||||
go-version: 1.25.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@v4
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
@@ -147,7 +147,7 @@ jobs:
|
||||
- name: run zot privileged tests
|
||||
run: sudo env "PATH=$PATH" make privileged-test
|
||||
- name: upload coverage
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
with:
|
||||
name: coverage-needprivileges
|
||||
path: coverage-needprivileges.txt
|
||||
@@ -163,7 +163,7 @@ jobs:
|
||||
cache: false
|
||||
go-version: 1.25.x
|
||||
- name: download all workflow coverage files
|
||||
uses: actions/download-artifact@v6
|
||||
uses: actions/download-artifact@v7
|
||||
- name: merge code coverage
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
@@ -175,7 +175,7 @@ jobs:
|
||||
mkdir unified-coverage
|
||||
cp coverage.txt coverage.html unified-coverage/
|
||||
- name: upload unified-coverage as build artifact
|
||||
uses: actions/upload-artifact@v5
|
||||
uses: actions/upload-artifact@v6
|
||||
with:
|
||||
name: unified-coverage
|
||||
path: unified-coverage/*
|
||||
|
||||
@@ -27,7 +27,7 @@ jobs:
|
||||
go-version: 1.25.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@v4
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
|
||||
Reference in New Issue
Block a user