mirror of
https://github.com/project-zot/zot.git
synced 2026-06-17 21:17:58 +08:00
chore: fix dependabot alerts (#3496)
* chore: fix dependabot alerts Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix: initialize logger in ut Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> --------- Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>
This commit is contained in:
Ramkumar Chinchani
committed by
GitHub
GitHub
parent
41e10d4fe9
commit
a0943eccfe
@@ -161,7 +161,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for push-pull tests
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: logs-push-pull-bolt
|
||||
@@ -203,7 +203,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for cidr tests
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-cidr-bolt
|
||||
@@ -238,7 +238,7 @@ jobs:
|
||||
zip logs-src-ips-bolt.zip /tmp/*.log -r
|
||||
|
||||
- name: Upload zot logs for src-ips tests
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-ips-bolt
|
||||
@@ -425,7 +425,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for push-pull tests
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: logs-push-pull-redis
|
||||
@@ -467,7 +467,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for cidr tests
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-cidr-redis
|
||||
@@ -502,7 +502,7 @@ jobs:
|
||||
zip logs-src-ips-redis.zip /tmp/*.log -r
|
||||
|
||||
- name: Upload zot logs for src-ips tests
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-ips-redis
|
||||
|
||||
@@ -53,7 +53,7 @@ jobs:
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v4.30.9
|
||||
uses: github/codeql-action/init@v4.31.0
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
# If you wish to specify custom queries, you can do so here or in a config file.
|
||||
@@ -64,7 +64,7 @@ jobs:
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
||||
# If this step fails, then you should remove it and run the build manually (see below)
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@v4.30.9
|
||||
uses: github/codeql-action/autobuild@v4.31.0
|
||||
|
||||
# ℹ️ Command-line programs to run using the OS shell.
|
||||
# 📚 https://git.io/JvXDl
|
||||
@@ -77,4 +77,4 @@ jobs:
|
||||
# make release
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v4.30.9
|
||||
uses: github/codeql-action/analyze@v4.31.0
|
||||
|
||||
@@ -105,7 +105,7 @@ jobs:
|
||||
run: |
|
||||
find /tmp/zot-ft-logs -name '*.log' -print0 | xargs -0 cat
|
||||
- name: Upload DynamoDB zot logs as build artifact
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-dynamodb-logs
|
||||
@@ -143,7 +143,7 @@ jobs:
|
||||
run: |
|
||||
find /tmp/zot-ft-logs/redis -name '*.log' -print0 | xargs -0 cat
|
||||
- name: Upload Redis zot logs as build artifact
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-redis-logs
|
||||
@@ -168,7 +168,7 @@ jobs:
|
||||
echo "Redis scale-out tests failed"
|
||||
exit 1
|
||||
- name: Upload zb test results zip as build artifact
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: zb-cloud-scale-out-functional-results-${{ github.sha }}
|
||||
|
||||
@@ -38,7 +38,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: gc-referrers-bench-local
|
||||
@@ -77,7 +77,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: gc-bench-local
|
||||
@@ -159,7 +159,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: gc-referrers-bench-s3
|
||||
@@ -243,7 +243,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: gc-bench-s3
|
||||
|
||||
@@ -250,7 +250,7 @@ jobs:
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
continue-on-error: true
|
||||
- name: Upload zot logs as build artifact
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-dynamodb-logs
|
||||
@@ -279,7 +279,7 @@ jobs:
|
||||
exit 1
|
||||
- name: Upload zb test results zip as build artifact
|
||||
if: steps.scale.outcome == 'success'
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
with:
|
||||
name: zb-cloud-scale-out-perf-results-${{ github.sha }}
|
||||
path: ./zb-results/
|
||||
@@ -336,7 +336,7 @@ jobs:
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
continue-on-error: true
|
||||
- name: Upload zot logs as build artifact
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-redis-logs
|
||||
@@ -365,7 +365,7 @@ jobs:
|
||||
exit 1
|
||||
- name: Upload zb test results zip as build artifact
|
||||
if: steps.scale.outcome == 'success'
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
with:
|
||||
name: zb-cloud-scale-out-redis-results-${{ github.sha }}
|
||||
path: ./zb-results/
|
||||
|
||||
@@ -59,7 +59,7 @@ jobs:
|
||||
- run: mkdir -p .out/ && mv {report.html,junit.xml} .out/
|
||||
if: always()
|
||||
- name: Upload test results zip as build artifact
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
with:
|
||||
name: oci-test-results-${{ github.sha }}
|
||||
path: .out/
|
||||
|
||||
@@ -253,7 +253,7 @@ jobs:
|
||||
TRIVY_USERNAME: ${{ github.actor }}
|
||||
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Upload Trivy scan results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@v4.30.9
|
||||
uses: github/codeql-action/upload-sarif@v4.31.0
|
||||
with:
|
||||
sarif_file: 'trivy-results.sarif'
|
||||
|
||||
@@ -290,7 +290,7 @@ jobs:
|
||||
TRIVY_USERNAME: ${{ github.actor }}
|
||||
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Upload Trivy scan results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@v4.30.9
|
||||
uses: github/codeql-action/upload-sarif@v4.31.0
|
||||
with:
|
||||
sarif_file: 'trivy-results.sarif'
|
||||
|
||||
|
||||
@@ -49,7 +49,7 @@ jobs:
|
||||
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
||||
# format to the repository Actions tab.
|
||||
- name: "Upload artifact"
|
||||
uses: actions/upload-artifact@v4 # v3.0.0
|
||||
uses: actions/upload-artifact@v5 # v3.0.0
|
||||
with:
|
||||
name: SARIF file
|
||||
path: results.sarif
|
||||
@@ -57,6 +57,6 @@ jobs:
|
||||
|
||||
# Upload the results to GitHub's code scanning dashboard.
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@v4.30.9
|
||||
uses: github/codeql-action/upload-sarif@v4.31.0
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
||||
@@ -47,7 +47,7 @@ jobs:
|
||||
AWS_ACCESS_KEY_ID: fake
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
- name: upload coverage
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
with:
|
||||
name: coverage-minimal
|
||||
path: coverage-minimal.txt
|
||||
@@ -86,7 +86,7 @@ jobs:
|
||||
AWS_ACCESS_KEY_ID: fake
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
- name: upload coverage
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
with:
|
||||
name: coverage-extended
|
||||
path: coverage-extended.txt
|
||||
@@ -119,7 +119,7 @@ jobs:
|
||||
- name: run zot privileged tests
|
||||
run: sudo env "PATH=$PATH" make privileged-test
|
||||
- name: upload coverage
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
with:
|
||||
name: coverage-devmode
|
||||
path: coverage-dev-*.txt
|
||||
@@ -135,7 +135,7 @@ jobs:
|
||||
cache: false
|
||||
go-version: 1.24.x
|
||||
- name: download all workflow coverage files
|
||||
uses: actions/download-artifact@v5
|
||||
uses: actions/download-artifact@v6
|
||||
- name: merge code coverage
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
|
||||
@@ -56,7 +56,7 @@ jobs:
|
||||
env:
|
||||
FLAVOR: ${{ matrix.flavor }}
|
||||
- name: ZAP Scan Rest API
|
||||
uses: zaproxy/action-baseline@v0.14.0
|
||||
uses: zaproxy/action-baseline@v0.15.0
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
|
||||
|
||||
Reference in New Issue
Block a user