From 38d934cf6bab1dafeb3b4bee64527a5d41b66feb Mon Sep 17 00:00:00 2001 From: mamutmk5 <3045922+mamutmk5@users.noreply.github.com> Date: Fri, 8 Sep 2023 13:46:26 +0200 Subject: [PATCH 1/2] BC-5100 - pin docker/build-push-action to version 4.1.1 for push workflow --- .github/workflows/push.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index adced46..e88a54a 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -40,7 +40,7 @@ jobs: - name: Build and push ${{ github.repository }} if: ${{ env.IMAGE_EXISTS == 0 }} - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v4.1.1 with: context: . file: ./Dockerfile @@ -102,4 +102,4 @@ jobs: if: ${{ always() }} uses: github/codeql-action/upload-sarif@v2 with: - sarif_file: 'trivy-results.sarif' \ No newline at end of file + sarif_file: 'trivy-results.sarif' From 0881095e30e834f06c9d487fdd9b4fdf5f3b99c4 Mon Sep 17 00:00:00 2001 From: mamutmk5 <3045922+mamutmk5@users.noreply.github.com> Date: Fri, 8 Sep 2023 13:46:49 +0200 Subject: [PATCH 2/2] BC-5100 - pin docker/build-push-action to version 4.1.1 for tag workflow --- .github/workflows/tag.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml index d806157..c23c2e2 100644 --- a/.github/workflows/tag.yml +++ b/.github/workflows/tag.yml @@ -38,7 +38,7 @@ jobs: password: ${{ secrets.QUAY_TOKEN }} - name: Build and push ${{ github.repository }} - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v4.1.1 with: context: . file: ./Dockerfile