Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: update cid github actions workflow from 0.0.14 to 0.0.16 #207

Merged
merged 1 commit into from
Apr 24, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 19 additions & 6 deletions .github/workflows/cid-ossf.yml
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
# cid-workflow-version: 0.0.14
# cid-workflow-version: 0.0.16

# This file is generated by the CID Workflow GitHub App.
# DO NOT EDIT!

# name
name: OSSF Scorecard
name: CID - OSSF Scorecard
on:
# For Branch-Protection check. Only the default branch is supported. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
Expand All @@ -13,8 +13,8 @@ on:
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
schedule:
- cron: '40 23 * * 5'
push:
branches: [ 'main' ]
# Allow manual triggering of the workflow
workflow_dispatch:

# Read Permissions. See
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
Expand Down Expand Up @@ -42,11 +42,24 @@ jobs:
egress-policy: block
allowed-endpoints: >-
api.github.com:443
cdn01.quay.io:443
cdn02.quay.io:443
cdn03.quay.io:443
codeload.github.com:443
downloads.gradle.org:443
github.com:443
jcenter.bintray.com:443
kotlinlang.org:443
objects.githubusercontent.com:443
plugins-artifacts.gradle.org:443
plugins.gradle.org:443
quay.io:443
raw.githubusercontent.com:443
repo.maven.apache.org:443
repo1.maven.org:443
services.gradle.org:443
uploads.github.com:443
api.osv.dev:443
codeload.github.com:443
www.bestpractices.dev:443
oss-fuzz-build-logs.storage.googleapis.com:443
rekor.sigstore.dev:443
Expand All @@ -68,4 +81,4 @@ jobs:
with:
name: SARIF file
path: results.sarif
retention-days: 5
retention-days: 5
26 changes: 13 additions & 13 deletions .github/workflows/cid-pullrequest.yml
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
# cid-workflow-version: 0.0.14
# cid-workflow-version: 0.0.16

# This file is generated by the CID Workflow GitHub App.
# DO NOT EDIT!

# name
name: cid-pullrequest
name: CID - PullRequest

# triggers
on:
Expand All @@ -26,7 +26,6 @@ on:
paths-ignore:
- README.md
- LICENSE
- .github/**
- .gitignore
- .editorconfig
- renovate.json
Expand Down Expand Up @@ -63,6 +62,7 @@ env:
cdn01.quay.io:443
cdn02.quay.io:443
cdn03.quay.io:443
codeload.github.com:443
downloads.gradle.org:443
github.com:443
jcenter.bintray.com:443
Expand Down Expand Up @@ -108,7 +108,7 @@ jobs:
with:
version: ${{ env.CID_VERSION }}
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
- name: info
Expand Down Expand Up @@ -140,7 +140,7 @@ jobs:
with:
version: ${{ env.CID_VERSION }}
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
- name: build
Expand All @@ -150,13 +150,13 @@ jobs:
run: |
cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage build
- name: upload artifacts
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: build-${{ github.run_id }}
path: .dist
retention-days: 1
if-no-files-found: ignore

# test
test:
name: Test
Expand All @@ -174,7 +174,7 @@ jobs:
with:
version: ${{ env.CID_VERSION }}
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
- name: test
Expand All @@ -184,7 +184,7 @@ jobs:
run: |
cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage test
- name: upload artifacts
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: test-${{ github.run_id }}
path: .dist
Expand All @@ -210,17 +210,17 @@ jobs:
with:
version: ${{ env.CID_VERSION }}
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
- name: download artifacts > build
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: build-${{ github.run_id }}
path: .dist
continue-on-error: true
- name: download artifacts > test
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: test-${{ github.run_id }}
path: .dist
Expand All @@ -235,4 +235,4 @@ jobs:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_ORGANIZATION: ${{ secrets.SONAR_ORGANIZATION }}
run: |
cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage scan
cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage scan
36 changes: 18 additions & 18 deletions .github/workflows/cid.yml
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
# cid-workflow-version: 0.0.14
# cid-workflow-version: 0.0.16

# This file is generated by the CID Workflow GitHub App.
# DO NOT EDIT!

# name
name: cid-main
name: CID - DefaultBranch

# triggers
on:
Expand All @@ -28,7 +28,6 @@ on:
paths-ignore:
- README.md
- LICENSE
- .github/**
- .gitignore
- .editorconfig
- renovate.json
Expand Down Expand Up @@ -65,6 +64,7 @@ env:
cdn01.quay.io:443
cdn02.quay.io:443
cdn03.quay.io:443
codeload.github.com:443
downloads.gradle.org:443
github.com:443
jcenter.bintray.com:443
Expand Down Expand Up @@ -110,7 +110,7 @@ jobs:
with:
version: ${{ env.CID_VERSION }}
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
- name: info
Expand Down Expand Up @@ -142,7 +142,7 @@ jobs:
with:
version: ${{ env.CID_VERSION }}
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
- name: build
Expand All @@ -152,13 +152,13 @@ jobs:
run: |
cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage build
- name: upload artifacts
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: build-${{ github.run_id }}
path: .dist
retention-days: 1
if-no-files-found: ignore

# test
test:
name: Test
Expand All @@ -176,7 +176,7 @@ jobs:
with:
version: ${{ env.CID_VERSION }}
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
- name: test
Expand All @@ -186,7 +186,7 @@ jobs:
run: |
cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage test
- name: upload artifacts
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: test-${{ github.run_id }}
path: .dist
Expand All @@ -212,17 +212,17 @@ jobs:
with:
version: ${{ env.CID_VERSION }}
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
- name: download artifacts > build
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: build-${{ github.run_id }}
path: .dist
continue-on-error: true
- name: download artifacts > test
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: test-${{ github.run_id }}
path: .dist
Expand Down Expand Up @@ -258,11 +258,11 @@ jobs:
with:
version: ${{ env.CID_VERSION }}
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
- name: download artifacts > build
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: build-${{ github.run_id }}
path: .dist
Expand All @@ -274,7 +274,7 @@ jobs:
run: |
cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage package
- name: upload artifacts
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: package-${{ github.run_id }}
path: .dist
Expand Down Expand Up @@ -304,11 +304,11 @@ jobs:
with:
version: ${{ env.CID_VERSION }}
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
- name: download artifacts > package
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: package-${{ github.run_id }}
path: .dist
Expand All @@ -325,4 +325,4 @@ jobs:
MAVEN_GPG_SIGN_PASSWORD: ${{ secrets.MAVEN_GPG_SIGN_PASSWORD }}
MAVEN_GPG_SIGN_KEYID: ${{ secrets.MAVEN_GPG_SIGN_KEYID }}
run: |
cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage publish
cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage publish