diff --git a/.github/workflows/PR.yaml b/.github/workflows/PR.yaml index e3a2f617c..c4f02ef0a 100644 --- a/.github/workflows/PR.yaml +++ b/.github/workflows/PR.yaml @@ -27,10 +27,10 @@ jobs: testsNeeded: ${{ steps.testsNeeded.outputs.testsNeeded }} steps: - name: checkout source code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: setup id: setup - uses: hyperledger/indy-shared-gha/.github/actions/workflow-setup@v1 + uses: hyperledger/indy-shared-gha/.github/actions/workflow-setup@v2 - name: testsNeeded id: testsNeeded uses: dorny/paths-filter@v3 @@ -46,12 +46,12 @@ jobs: name: Lint needs: [workflow-setup] if: ${{ needs.workflow-setup.outputs.testsNeeded == 'true' }} - uses: hyperledger/indy-shared-gha/.github/workflows/lint.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/lint.yaml@v2 build-image: name: Create Builder Image needs: [workflow-setup, lint] - uses: hyperledger/indy-shared-gha/.github/workflows/buildimage.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/buildimage.yaml@v2 with: CACHE_KEY_BUILD: ${{ needs.workflow-setup.outputs.CACHE_KEY_BUILD }} DOCKER_IMAGE: ghcr.io/${{ needs.workflow-setup.outputs.GITHUB_REPOSITORY_NAME }}/node-build @@ -60,7 +60,7 @@ jobs: build_packages: name: Build Packages needs: [workflow-setup, build-image] - uses: hyperledger/indy-shared-gha/.github/workflows/buildpackages.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/buildpackages.yaml@v2 with: DOCKER_IMAGE: ghcr.io/${{ needs.workflow-setup.outputs.GITHUB_REPOSITORY_NAME }}/node-build:${{ needs.workflow-setup.outputs.UBUNTU_VERSION }} UBUNTU_VERSION: ${{ needs.workflow-setup.outputs.UBUNTU_VERSION }} diff --git a/.github/workflows/Push.yaml b/.github/workflows/Push.yaml index ba6d6c00d..97a444fcc 100644 --- a/.github/workflows/Push.yaml +++ b/.github/workflows/Push.yaml @@ -26,19 +26,19 @@ jobs: publish: ${{ steps.setup.outputs.publish }} steps: - name: checkout source code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: setup id: setup - uses: hyperledger/indy-shared-gha/.github/actions/workflow-setup@v1 + uses: hyperledger/indy-shared-gha/.github/actions/workflow-setup@v2 lint: name: Lint - uses: hyperledger/indy-shared-gha/.github/workflows/lint.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/lint.yaml@v2 build-image: name: Create Builder Image needs: [workflow-setup, lint] - uses: hyperledger/indy-shared-gha/.github/workflows/buildimage.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/buildimage.yaml@v2 with: CACHE_KEY_BUILD: ${{ needs.workflow-setup.outputs.CACHE_KEY_BUILD }} DOCKER_IMAGE: ghcr.io/${{ needs.workflow-setup.outputs.GITHUB_REPOSITORY_NAME }}/node-build @@ -47,7 +47,7 @@ jobs: build_packages: name: Build Packages needs: [workflow-setup, build-image] - uses: hyperledger/indy-shared-gha/.github/workflows/buildpackages.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/buildpackages.yaml@v2 with: DOCKER_IMAGE: ghcr.io/${{ needs.workflow-setup.outputs.GITHUB_REPOSITORY_NAME }}/node-build:${{ needs.workflow-setup.outputs.UBUNTU_VERSION }} UBUNTU_VERSION: ${{ needs.workflow-setup.outputs.UBUNTU_VERSION }} @@ -67,7 +67,7 @@ jobs: name: Publish Artifacts needs: [workflow-setup, indy_node_tests] if: needs.workflow-setup.outputs.publish == 'true' - uses: hyperledger/indy-shared-gha/.github/workflows/publish_artifacts.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/publish_artifacts.yaml@v2 with: COMPONENT: 'dev' UBUNTU_VERSION: ${{ needs.workflow-setup.outputs.UBUNTU_VERSION }} diff --git a/.github/workflows/publishRelease.yaml b/.github/workflows/publishRelease.yaml index 5b671bf7b..47b852d53 100644 --- a/.github/workflows/publishRelease.yaml +++ b/.github/workflows/publishRelease.yaml @@ -30,15 +30,15 @@ jobs: publish: ${{ steps.workflow-setup.outputs.publish }} steps: - name: checkout source code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: get-release-info id: get-release-info - uses: hyperledger/indy-shared-gha/.github/actions/get-release-info@v1 + uses: hyperledger/indy-shared-gha/.github/actions/get-release-info@v2 with: versionString: "${{ github.event.head_commit.message }}" - name: workflow-setup id: workflow-setup - uses: hyperledger/indy-shared-gha/.github/actions/workflow-setup@v1 + uses: hyperledger/indy-shared-gha/.github/actions/workflow-setup@v2 createRelease: name: Create Release @@ -47,10 +47,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Download Node deb Artifacts from Github Action Artifacts - uses: dawidd6/action-download-artifact@v6 + uses: dawidd6/action-download-artifact@v11 with: github_token: ${{ secrets.GITHUB_TOKEN }} workflow: releasepr.yaml @@ -58,7 +58,7 @@ jobs: name: indy_node-deb path: artifacts/indy_node-deb - name: Download Node python Artifacts from Github Action Artifacts - uses: dawidd6/action-download-artifact@v6 + uses: dawidd6/action-download-artifact@v11 with: github_token: ${{ secrets.GITHUB_TOKEN }} workflow: releasepr.yaml @@ -66,7 +66,7 @@ jobs: name: indy_node-python path: artifacts/indy_node-python - name: Download Node third party dependency Artifacts from Github Action Artifacts - uses: dawidd6/action-download-artifact@v6 + uses: dawidd6/action-download-artifact@v11 with: github_token: ${{ secrets.GITHUB_TOKEN }} workflow: releasepr.yaml @@ -110,7 +110,7 @@ jobs: name: Publish Artifacts needs: [release-infos, createRelease] if: needs.release-infos.outputs.isVersionBump == 'true' && needs.release-infos.outputs.publish == 'true' - uses: hyperledger/indy-shared-gha/.github/workflows/publish_artifacts.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/publish_artifacts.yaml@v2 with: COMPONENT: ${{ needs.release-infos.outputs.component }} UBUNTU_VERSION: ${{ needs.release-infos.outputs.UBUNTU_VERSION }} @@ -123,7 +123,7 @@ jobs: convertPyVersion: name: "Convert to python version flavour" needs: [release-infos, publish_artifacts] - uses: hyperledger/indy-shared-gha/.github/workflows/pyVersionConversion.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/pyVersionConversion.yaml@v2 with: VERSIONTAG: ${{ needs.release-infos.outputs.VERSIONTAG }} @@ -132,7 +132,7 @@ jobs: needs: [release-infos, publish_artifacts, convertPyVersion] steps: - name: Repository Dispatch - uses: peter-evans/repository-dispatch@v3 + uses: peter-evans/repository-dispatch@v4 with: token: ${{ secrets.BOT_PR_PAT }} repository: sovrin-foundation/sovrin @@ -144,7 +144,7 @@ jobs: needs: [release-infos, publish_artifacts, convertPyVersion] steps: - name: Repository Dispatch - uses: peter-evans/repository-dispatch@v3 + uses: peter-evans/repository-dispatch@v4 with: token: ${{ secrets.BOT_PR_PAT }} repository: sovrin-foundation/token-plugin diff --git a/.github/workflows/releasepr.yaml b/.github/workflows/releasepr.yaml index 80fc1ece5..bce03fa4c 100644 --- a/.github/workflows/releasepr.yaml +++ b/.github/workflows/releasepr.yaml @@ -23,27 +23,27 @@ jobs: distribution: ${{ steps.workflow-setup.outputs.distribution }} steps: - name: checkout source code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: get-release-info id: get-release-info - uses: hyperledger/indy-shared-gha/.github/actions/get-release-info@v1 + uses: hyperledger/indy-shared-gha/.github/actions/get-release-info@v2 with: versionString: "${{ github.event.pull_request.body }}" - name: workflow-setup id: workflow-setup - uses: hyperledger/indy-shared-gha/.github/actions/workflow-setup@v1 + uses: hyperledger/indy-shared-gha/.github/actions/workflow-setup@v2 lint: name: Lint needs: [release-infos] if: needs.release-infos.outputs.isVersionBump == 'true' - uses: hyperledger/indy-shared-gha/.github/workflows/lint.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/lint.yaml@v2 build-docker-image: name: Create Builder Image needs: [release-infos, lint] if: needs.release-infos.outputs.isVersionBump == 'true' - uses: hyperledger/indy-shared-gha/.github/workflows/buildimage.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/buildimage.yaml@v2 with: CACHE_KEY_BUILD: ${{ needs.release-infos.outputs.CACHE_KEY_BUILD }} DOCKER_IMAGE: ghcr.io/${{ needs.release-infos.outputs.GITHUB_REPOSITORY_NAME }}/node-build @@ -53,7 +53,7 @@ jobs: name: Build Packages needs: [release-infos, build-docker-image] if: needs.release-infos.outputs.isVersionBump == 'true' - uses: hyperledger/indy-shared-gha/.github/workflows/buildpackages.yaml@v1 + uses: hyperledger/indy-shared-gha/.github/workflows/buildpackages.yaml@v2 with: DOCKER_IMAGE: ghcr.io/${{ needs.release-infos.outputs.GITHUB_REPOSITORY_NAME }}/node-build:${{ needs.release-infos.outputs.UBUNTU_VERSION }} UBUNTU_VERSION: ${{ needs.release-infos.outputs.UBUNTU_VERSION }} diff --git a/.github/workflows/repoDispatchable_UpdatePlenumDependency.yaml b/.github/workflows/repoDispatchable_UpdatePlenumDependency.yaml index 9173c4796..3ca737207 100644 --- a/.github/workflows/repoDispatchable_UpdatePlenumDependency.yaml +++ b/.github/workflows/repoDispatchable_UpdatePlenumDependency.yaml @@ -8,13 +8,13 @@ jobs: update-setup: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Update indy-plenum to ${{ github.event.client_payload.pyVersion }} run: | sed -i "s/\(indy-plenum==\)[^ ]*/\1${{ github.event.client_payload.pyVersion }},/g" setup.py - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@v7 with: token: ${{ secrets.GITHUB_TOKEN }} author: ${{ github.actor }} <${{ github.event.pusher.email }}> diff --git a/.github/workflows/reuseable_test.yaml b/.github/workflows/reuseable_test.yaml index 59fd34fd3..af69d0eb9 100644 --- a/.github/workflows/reuseable_test.yaml +++ b/.github/workflows/reuseable_test.yaml @@ -29,7 +29,7 @@ jobs: fail-fast: false steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 # =============================================== # Caching cannot be used. @@ -47,7 +47,7 @@ jobs: # restore-keys: | # ${{ runner.os }}-indy-node-pip- - name: Download node deb - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 with: name: indy_node-deb diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7a46961d5..622eabc02 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -35,12 +35,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@v4 # was v4.1.1 - b4ffde65f46336ab88eb53be808477a3936bae11 + uses: actions/checkout@v5 # was v4.1.1 - b4ffde65f46336ab88eb53be808477a3936bae11 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@v2.4.0 # was v2.3.1 - 0864cf19026789058feabb7e87baa5f140aac736 + uses: ossf/scorecard-action@v2.4.3 # was v2.3.1 - 0864cf19026789058feabb7e87baa5f140aac736 with: results_file: results.sarif results_format: sarif @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v3 # was v3.24.9 - 1b1aada464948af03b950897e5eb522f92603cc2 + uses: github/codeql-action/upload-sarif@v4 # was v3.24.9 - 1b1aada464948af03b950897e5eb522f92603cc2 with: sarif_file: results.sarif diff --git a/.github/workflows/tag.yaml b/.github/workflows/tag.yaml index b30e3329e..38f2e1657 100644 --- a/.github/workflows/tag.yaml +++ b/.github/workflows/tag.yaml @@ -16,17 +16,17 @@ jobs: BASE: ${{ steps.get-branch.outputs.branch }} steps: - name: checkout source code - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 0 - name: extract branch id: get-branch - uses: hyperledger/indy-shared-gha/.github/actions/branch-from-tag@v1 + uses: hyperledger/indy-shared-gha/.github/actions/branch-from-tag@v2 with: tag: ${{ github.ref }} - name: get-release-info id: get-release-info - uses: hyperledger/indy-shared-gha/.github/actions/get-release-info@v1 + uses: hyperledger/indy-shared-gha/.github/actions/get-release-info@v2 with: versionString: "${{ github.ref }}" @@ -36,10 +36,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.8' @@ -68,7 +68,7 @@ jobs: ./bump_version.sh ${{ needs.taginfos.outputs.VERSION }} - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@v7 with: author: ${{ github.actor }} <${{ github.event.pusher.email }}> committer: ${{ github.actor }} <${{ github.event.pusher.email }}>