diff --git a/.github/actions/devcontainer_run_command/action.yml b/.github/actions/devcontainer_run_command/action.yml index f403c60083..d39dada904 100644 --- a/.github/actions/devcontainer_run_command/action.yml +++ b/.github/actions/devcontainer_run_command/action.yml @@ -132,7 +132,7 @@ runs: echo "AZURE_ENVIRONMENT=$azure_env" >> $GITHUB_ENV - name: Azure Login - uses: azure/login@v1 + uses: azure/login@v2 if: contains(inputs.COMMAND, 'bootstrap') != true with: creds: ${{ inputs.AZURE_CREDENTIALS }} diff --git a/.github/workflows/build_docker_images.yml b/.github/workflows/build_docker_images.yml index 32511b64bc..f43117e608 100644 --- a/.github/workflows/build_docker_images.yml +++ b/.github/workflows/build_docker_images.yml @@ -21,18 +21,18 @@ jobs: steps: - name: Upload Event File # this step is required to publish test results from forks - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: Event File path: ${{ github.event_path }} - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false - name: Filter changes - uses: dorny/paths-filter@v2 + uses: dorny/paths-filter@v3 id: filter with: filters: | @@ -93,7 +93,7 @@ jobs: - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 # Unit Tests are executed by calling the 'test-results' target in the # Dockerfile's. Test runner exit codes must be swallowed (and kept) so we @@ -105,7 +105,7 @@ jobs: if: | (steps.filter.outputs.api == 'true' || github.event_name == 'workflow_dispatch') - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: ./api_app/ file: ./api_app/Dockerfile @@ -116,7 +116,7 @@ jobs: - name: "Check pytest failure file existence" id: check_api_test_result - uses: andstor/file-existence-action@v2 + uses: andstor/file-existence-action@v3 with: files: "test-results/pytest_api_unit_failed" @@ -125,7 +125,7 @@ jobs: (steps.filter.outputs.api == 'true' || github.event_name == 'workflow_dispatch') && steps.check_api_test_result.outputs.files_exists == 'false' - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: ./api_app/ file: ./api_app/Dockerfile @@ -136,7 +136,7 @@ jobs: if: | (steps.filter.outputs.resource_processor == 'true' || github.event_name == 'workflow_dispatch') - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: ./resource_processor file: ./resource_processor/vmss_porter/Dockerfile @@ -147,7 +147,7 @@ jobs: if: | (steps.filter.outputs.guacamole_server == 'true' || github.event_name == 'workflow_dispatch') - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: ./templates/workspace_services/guacamole/guacamole-server file: ./templates/workspace_services/guacamole/guacamole-server/docker/Dockerfile @@ -158,7 +158,7 @@ jobs: - name: "Check maven failure file existence" id: check_maven_test_result - uses: andstor/file-existence-action@v2 + uses: andstor/file-existence-action@v3 with: files: "test-results/guacamole_package_failed" @@ -167,7 +167,7 @@ jobs: (steps.filter.outputs.guacamole_server == 'true' || github.event_name == 'workflow_dispatch') && steps.check_maven_test_result.outputs.files_exists == 'false' - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: ./templates/workspace_services/guacamole/guacamole-server file: ./templates/workspace_services/guacamole/guacamole-server/docker/Dockerfile @@ -178,7 +178,7 @@ jobs: if: | (steps.filter.outputs.gitea == 'true' || github.event_name == 'workflow_dispatch') - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: ./templates/shared_services/gitea/docker file: ./templates/shared_services/gitea/docker/Dockerfile @@ -195,7 +195,7 @@ jobs: if: | (steps.filter.outputs.airlock_processor == 'true' || github.event_name == 'workflow_dispatch') - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: ./airlock_processor/ file: ./airlock_processor/Dockerfile @@ -206,7 +206,7 @@ jobs: - name: "Check pytest failure file existence" id: check_airlock_processor_test_result - uses: andstor/file-existence-action@v2 + uses: andstor/file-existence-action@v3 with: files: "test-results/pytest_airlock_processor_unit_failed" @@ -215,7 +215,7 @@ jobs: (steps.filter.outputs.airlock_processor == 'true' || github.event_name == 'workflow_dispatch') && steps.check_airlock_processor_test_result.outputs.files_exists == 'false' - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: ./airlock_processor/ file: ./airlock_processor/Dockerfile @@ -224,7 +224,7 @@ jobs: - name: Upload Unit Test Results if: always() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: test-results path: test-results diff --git a/.github/workflows/build_docs.yml b/.github/workflows/build_docs.yml index b41c381973..042f52ddf3 100644 --- a/.github/workflows/build_docs.yml +++ b/.github/workflows/build_docs.yml @@ -18,11 +18,11 @@ jobs: contents: write steps: - name: Checkout main - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 persist-credentials: true - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: 3.x - name: Install Dependencies diff --git a/.github/workflows/build_validation_develop.yml b/.github/workflows/build_validation_develop.yml index b1f1b563bc..cd93a8cd48 100644 --- a/.github/workflows/build_validation_develop.yml +++ b/.github/workflows/build_validation_develop.yml @@ -19,14 +19,14 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: # Full git history is needed to get a proper list of # changed files within `super-linter` fetch-depth: 0 persist-credentials: false - - uses: dorny/paths-filter@v2 + - uses: dorny/paths-filter@v3 id: filter with: filters: | diff --git a/.github/workflows/clean_validation_envs.yml b/.github/workflows/clean_validation_envs.yml index c027224cb7..e5d5a38700 100644 --- a/.github/workflows/clean_validation_envs.yml +++ b/.github/workflows/clean_validation_envs.yml @@ -14,14 +14,14 @@ jobs: environment: CICD timeout-minutes: 30 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: # This is CRITICAL since we're making decisions based on branch existence fetch-depth: 0 persist-credentials: false - name: Azure Login - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} environment: ${{ (secrets.AZURE_ENVIRONMENT != '' && secrets.AZURE_ENVIRONMENT) || 'AzureCloud' }} diff --git a/.github/workflows/cli-package.yml b/.github/workflows/cli-package.yml index 862057d824..ee05e2c9ba 100644 --- a/.github/workflows/cli-package.yml +++ b/.github/workflows/cli-package.yml @@ -21,7 +21,7 @@ jobs: steps: - name: Checkout (GitHub) - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Build and run dev container task uses: ./.github/actions/devcontainer_run_command @@ -50,7 +50,7 @@ jobs: AZURE_ENVIRONMENT: ${{ secrets.AZURE_ENVIRONMENT }} - name: Upload Wheel as artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: tre-cli path: dist/tre-*.whl diff --git a/.github/workflows/deploy_tre_reusable.yml b/.github/workflows/deploy_tre_reusable.yml index 31d9e03b39..9a2f986f97 100644 --- a/.github/workflows/deploy_tre_reusable.yml +++ b/.github/workflows/deploy_tre_reusable.yml @@ -185,7 +185,7 @@ jobs: details_url: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -193,10 +193,10 @@ jobs: ref: ${{ inputs.prRef }} - name: Set up Docker BuildKit - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Azure Login - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} environment: ${{ (vars.AZURE_ENVIRONMENT != '' && vars.AZURE_ENVIRONMENT) || 'AzureCloud' }} @@ -274,7 +274,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -298,7 +298,7 @@ jobs: environment: ${{ inputs.environmentName }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -322,7 +322,7 @@ jobs: environment: ${{ inputs.environmentName }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -408,7 +408,7 @@ jobs: environment: ${{ inputs.environmentName }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -454,7 +454,7 @@ jobs: environment: ${{ inputs.environmentName }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -500,7 +500,7 @@ jobs: environment: ${{ inputs.environmentName }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -560,7 +560,7 @@ jobs: environment: ${{ inputs.environmentName }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -609,7 +609,7 @@ jobs: environment: ${{ inputs.environmentName }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -643,7 +643,7 @@ jobs: environment: ${{ inputs.environmentName }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -692,7 +692,7 @@ jobs: environment: ${{ inputs.environmentName }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -723,7 +723,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -752,7 +752,7 @@ jobs: - name: Upload Test Results if: always() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: E2E Test (Smoke) Results path: "./e2e_tests/pytest_e2e_smoke.xml" @@ -766,7 +766,7 @@ jobs: timeout-minutes: 300 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # if the following values are missing (i.e. not triggered via comment workflow) @@ -796,7 +796,7 @@ jobs: - name: Upload Test Results if: always() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: E2E Test Results path: "./e2e_tests/pytest_e2e_custom.xml" @@ -811,8 +811,11 @@ jobs: if: always() environment: ${{ inputs.environmentName }} steps: - - uses: technote-space/workflow-conclusion-action@v3 - + # - uses: technote-space/workflow-conclusion-action@v3 (removed due to archived repo and deprecated node.js version) + - uses: im-open/workflow-conclusion@v2.2.2 + id: conclusion + with: + github-token: ${{ secrets.GITHUB_TOKEN }} # For PR builds triggered from comment builds, the GITHUB_REF is set to main # so the checks aren't automatically associated with the PR # If prHeadSha is specified then explicity mark the checks for that SHA @@ -845,12 +848,12 @@ jobs: timezone: Europe/Zurich - name: Download Artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: path: artifacts - name: Publish E2E Test Results - uses: EnricoMi/publish-unit-test-result-action@v2 + uses: EnricoMi/publish-unit-test-result-action@v2.16.1 with: junit_files: "artifacts/**/*.xml" check_name: "E2E Test Results" diff --git a/.github/workflows/flag_external_pr.yml b/.github/workflows/flag_external_pr.yml index 8e1ac68996..45206688ad 100644 --- a/.github/workflows/flag_external_pr.yml +++ b/.github/workflows/flag_external_pr.yml @@ -15,13 +15,13 @@ jobs: steps: # Ensure we have the script file for the github-script action to use - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false - id: check_command name: Check for a command using GitHub script - uses: actions/github-script@v6 + uses: actions/github-script@v7 with: result-encoding: string script: | diff --git a/.github/workflows/lets_encrypt.yml b/.github/workflows/lets_encrypt.yml index 768ca0619a..d0f00e1dd0 100644 --- a/.github/workflows/lets_encrypt.yml +++ b/.github/workflows/lets_encrypt.yml @@ -23,12 +23,12 @@ jobs: environment: CICD steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false - name: Install Terraform - uses: hashicorp/setup-terraform@v2 + uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.2.9 terraform_wrapper: false diff --git a/.github/workflows/pr_comment_bot.yml b/.github/workflows/pr_comment_bot.yml index 40457ed99e..cfc14dc739 100644 --- a/.github/workflows/pr_comment_bot.yml +++ b/.github/workflows/pr_comment_bot.yml @@ -32,14 +32,14 @@ jobs: steps: # Ensure we have the script file for the github-script action to use - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # Determine whether the comment is a command - id: check_command name: Check for a command using GitHub script - uses: actions/github-script@v6 + uses: actions/github-script@v7 with: script: | const script = require('./.github/scripts/build.js') @@ -79,13 +79,13 @@ jobs: steps: # Ensure we have the script files - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # Perform az login for destroy env script to be able to run - name: Azure Login - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} environment: ${{ (vars.AZURE_ENVIRONMENT != '' && vars.AZURE_ENVIRONMENT) || 'AzureCloud' }} @@ -115,13 +115,13 @@ jobs: steps: # Ensure we have the script files - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false # Perform az login for destroy env script to be able to run - name: Azure Login - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} environment: ${{ (vars.AZURE_ENVIRONMENT != '' && vars.AZURE_ENVIRONMENT) || 'AzureCloud' }}