Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ACS-8676 Deal with upcoming GitHub Actions deprecations #939

Merged
merged 1 commit into from
Sep 23, 2024
Merged

ACS-8676 Deal with upcoming GitHub Actions deprecations #939

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 21 additions & 20 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,10 +31,11 @@ jobs:
name: "Source Clear Scan (SCA)"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: actions/checkout@v4
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
continue-on-error: true
with:
srcclr-api-token: ${{ secrets.SRCCLR_API_TOKEN }}

Expand All @@ -46,21 +47,21 @@ jobs:
github.actor != 'dependabot[bot]' &&
!contains(github.event.head_commit.message, '[skip build]')
steps:
- uses: actions/checkout@v3
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v1.35.0
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v1.35.0
- uses: actions/checkout@v4
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.0.0
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.0.0
- name: "Login to Docker Hub"
uses: docker/login-action@v2.1.0
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: "Login to Quay.io"
uses: docker/login-action@v2.1.0
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
- uses: Alfresco/alfresco-build-tools/.github/actions/github-download-file@v5.6.0
- uses: Alfresco/alfresco-build-tools/.github/actions/github-download-file@v7.0.0
with:
token: ${{ secrets.BOT_GITHUB_TOKEN }}
repository: "Alfresco/veracode-baseline-archive"
Expand All @@ -71,7 +72,7 @@ jobs:
- name: Create zip
run: find gytheio*/gytheio*/target gytheio*/target -name '*.jar' -exec zip -y -r to-scan.zip {} +
- name: "Run SAST Scan"
uses: veracode/[email protected].10
uses: veracode/[email protected].16
with:
vid: ${{ secrets.VERACODE_API_ID }}
vkey: ${{ secrets.VERACODE_API_KEY }}
Expand All @@ -89,7 +90,7 @@ jobs:
run: zip readable_output.zip results.json
- name: Upload Artifact
if: success() || failure()
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: Veracode Pipeline-Scan Results (Human Readable)
path: readable_output.zip
Expand All @@ -98,9 +99,9 @@ jobs:
name: "Build"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v1.35.0
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v1.35.0
- uses: actions/checkout@v4
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.0.0
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.0.0
- name: "Remove SNAPSHOT artifacts"
run: find "${HOME}/.m2/repository/" -type d -name "*-SNAPSHOT*" | xargs -r -l rm -rf
- name: "Install ImageMagick to parse PDFs"
Expand All @@ -110,7 +111,7 @@ jobs:
# ImageMagick6's default security policy doesn't allow it to parse PDFs
sudo sed -i '/PDF/s/none/read|write/' /etc/ImageMagick-6/policy.xml
- name: "Configure AWS credentials"
uses: aws-actions/configure-aws-credentials@v1
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_S3_BUCKET_CREATE_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_S3_BUCKET_CREATE_SECRET_ACCESS_KEY }}
Expand All @@ -127,12 +128,12 @@ jobs:
github.event_name != 'pull_request' &&
(github.ref_name == 'master' || startsWith(github.ref_name, 'SP/') || startsWith(github.ref_name, 'HF/'))
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
persist-credentials: false
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v1.35.0
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v1.35.0
- uses: Alfresco/alfresco-build-tools/.github/actions/configure-git-author@v1.35.0
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.0.0
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.0.0
- uses: Alfresco/alfresco-build-tools/.github/actions/configure-git-author@v7.0.0
with:
username: ${{ secrets.BOT_GITHUB_USERNAME }}
email: ${{ secrets.BOT_GITHUB_EMAIL }}
Expand Down
Loading