From d91a18ea541dc18dc28ef76346af86a0f6bbfb53 Mon Sep 17 00:00:00 2001 From: Pavel Nakonechnyi Date: Wed, 22 Jan 2025 14:36:03 +0100 Subject: [PATCH] nca-build-docker-image: renovate github actions to build images and chart --- .github/workflows/nca-build-docker-image.yml | 27 ++++++++++++-------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/.github/workflows/nca-build-docker-image.yml b/.github/workflows/nca-build-docker-image.yml index df01390eef7..111d4195a2a 100644 --- a/.github/workflows/nca-build-docker-image.yml +++ b/.github/workflows/nca-build-docker-image.yml @@ -91,7 +91,9 @@ jobs: echo packaging Helm chart into ${{ env.NCA_HELM_BRANCH }} branch - name: checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + persist-credentials: false - name: Set 8.8.8.8 as dns server run: | @@ -101,7 +103,7 @@ jobs: sudo systemctl restart systemd-resolved - name: login to Docker repository - uses: docker/login-action@v3 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: ${{ env.DD_REGISTRY }} username: ${{ secrets.NCA_REPO_USERNAME }} @@ -109,10 +111,10 @@ jobs: - name: setup Docker buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: cache Docker layers - uses: actions/cache@v4 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 env: docker-image: ${{ matrix.docker-image }} with: @@ -128,8 +130,9 @@ jobs: run: echo "$AD_CERT" > docker/certs/ad-ca.crt - name: build and push image - uses: docker/build-push-action@v5 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 env: + DOCKER_BUILD_CHECKS_ANNOTATIONS: false docker-image: ${{ matrix.docker-image }} with: push: true @@ -175,14 +178,12 @@ jobs: echo packaging Helm chart into ${{ env.NCA_HELM_BRANCH }} branch - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - - name: install Helm - uses: azure/setup-helm@v3 - with: - version: v3.4.0 + - name: Set up Helm + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -204,7 +205,7 @@ jobs: - name: create a release id: create_release - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@e7a8f85e1c67a31e6ed99a94b41bd0b71bbee6b8 # v2.0.9 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_REPOSITORY: netceteragroup/django-DefectDojo @@ -218,6 +219,10 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: update Helm repository index + id: update-helm-repository-index + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_REPOSITORY: netceteragroup/django-DefectDojo run: | git config --global user.name "${{ env.GIT_USERNAME }}" git config --global user.email "${{ env.GIT_EMAIL }}"