From 00df56bc50c8a6248f681d98cde8c6602e29c688 Mon Sep 17 00:00:00 2001 From: Nicolas Vuillamy Date: Fri, 7 Apr 2023 19:40:14 +0200 Subject: [PATCH] Upgrade GitHub Actions (#2536) * Bump peter-evans/create-pull-request from 4 to 5 Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4 to 5. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v4...v5) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * Bump peter-evans/create-or-update-comment from 2 to 3 Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) from 2 to 3. - [Release notes](https://github.com/peter-evans/create-or-update-comment/releases) - [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v2...v3) --- updated-dependencies: - dependency-name: peter-evans/create-or-update-comment dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * Upgrade GitHub Actions - Upgrade create-pull-request and create-or-update-comment GitHub Actions - Increase auto-update-linters GitHub Action timeout --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/auto-update-linters.yml | 4 ++-- .github/workflows/build-command.yml | 10 +++++----- .github/workflows/help-command.yml | 2 +- .github/workflows/mega-linter-for-runner.yml | 2 +- .github/workflows/mega-linter.yml | 2 +- .github/workflows/slash-command-dispatch.yml | 2 +- CHANGELOG.md | 2 ++ README.md | 2 +- TEMPLATES/mega-linter.yml | 2 +- docs/installation.md | 2 +- .../generators/mega-linter/templates/mega-linter.yml | 2 +- 11 files changed, 17 insertions(+), 15 deletions(-) diff --git a/.github/workflows/auto-update-linters.yml b/.github/workflows/auto-update-linters.yml index 04bf2ea845e..3f37a8669bd 100644 --- a/.github/workflows/auto-update-linters.yml +++ b/.github/workflows/auto-update-linters.yml @@ -81,7 +81,7 @@ jobs: id: compute_versions shell: bash run: docker run -e UPGRADE_LINTERS_VERSION=true -e GITHUB_SHA=${{ github.sha }} -e GITHUB_TOKEN=${GITHUB_TOKEN} -e PAT="${{ secrets.PAT }}" -e GITHUB_OUTPUT="${GITHUB_OUTPUT}" -e MEGALINTER_VOLUME_ROOT="${GITHUB_WORKSPACE}" -v "/var/run/docker.sock:/var/run/docker.sock:rw" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v ${GITHUB_WORKSPACE}:/tmp/lint oxsecurity/megalinter:auto_update_${{ github.sha }} - timeout-minutes: 20 + timeout-minutes: 30 # Format markdown tables - name: Format Markdown tables @@ -102,7 +102,7 @@ jobs: - name: Create Pull Request id: cpr if: steps.compute_versions.outputs.has_updated_versions == 1 - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@v5 with: token: ${{ secrets.PAT }} author: "Nicolas Vuillamy " diff --git a/.github/workflows/build-command.yml b/.github/workflows/build-command.yml index 16b8ebf4af6..13d3f415b35 100644 --- a/.github/workflows/build-command.yml +++ b/.github/workflows/build-command.yml @@ -28,7 +28,7 @@ jobs: id: vars run: echo "run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> $GITHUB_OUTPUT - name: Create comment - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@v3 with: ## Use token if we want to use a PAT instead of GITHUB_TOKEN, GITHUB_TOKEN acts as github-actions[bot] # token: ${{ secrets.PAT }} @@ -62,7 +62,7 @@ jobs: cache: pip # optional - run: pip install -r requirements.dev.txt - name: Create comment starting build.sh - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@v3 with: ## Use token if we want to use a PAT instead of GITHUB_TOKEN, GITHUB_TOKEN acts as github-actions[bot] # token: ${{ secrets.PAT }} @@ -80,7 +80,7 @@ jobs: commit_user_name: megalinter-bot commit_user_email: nicolas.vuillamy@ox.security - name: Add reaction - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@v3 with: ## Use token if we want to use a PAT instead of GITHUB_TOKEN, GITHUB_TOKEN acts as github-actions[bot] # token: ${{ secrets.PAT }} @@ -90,7 +90,7 @@ jobs: reaction-type: hooray - name: Create final comment updated files if: steps.auto-commit-action.outputs.changes_detected == 'true' - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@v3 with: ## Use token if we want to use a PAT instead of GITHUB_TOKEN, GITHUB_TOKEN acts as github-actions[bot] # token: ${{ secrets.PAT }} @@ -101,7 +101,7 @@ jobs: > Build command workflow completed updating files. - name: Create final comment no updated files if: steps.auto-commit-action.outputs.changes_detected == 'false' - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@v3 with: ## Use token if we want to use a PAT instead of GITHUB_TOKEN, GITHUB_TOKEN acts as github-actions[bot] # token: ${{ secrets.PAT }} diff --git a/.github/workflows/help-command.yml b/.github/workflows/help-command.yml index 1d25a110f7a..2b320460d23 100644 --- a/.github/workflows/help-command.yml +++ b/.github/workflows/help-command.yml @@ -25,7 +25,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Update comment - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@v3 with: ## Use token if we want to use a PAT instead of GITHUB_TOKEN, GITHUB_TOKEN acts as github-actions[bot] # token: ${{ secrets.PAT }} diff --git a/.github/workflows/mega-linter-for-runner.yml b/.github/workflows/mega-linter-for-runner.yml index 3b3150bd926..8cc4c4da6d0 100644 --- a/.github/workflows/mega-linter-for-runner.yml +++ b/.github/workflows/mega-linter-for-runner.yml @@ -60,7 +60,7 @@ jobs: - name: Create Pull Request with applied fixes id: cpr if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix') - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@v5 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} commit-message: "[MegaLinter] Apply linters automatic fixes" diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 657d0759b1e..552e7c547c3 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -60,7 +60,7 @@ jobs: - name: Create Pull Request with applied fixes id: cpr if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix') - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@v5 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} commit-message: "[MegaLinter] Apply linters automatic fixes" diff --git a/.github/workflows/slash-command-dispatch.yml b/.github/workflows/slash-command-dispatch.yml index aefa04f2f34..0ca16a3d3de 100644 --- a/.github/workflows/slash-command-dispatch.yml +++ b/.github/workflows/slash-command-dispatch.yml @@ -23,7 +23,7 @@ jobs: actor=${{ github.actor }} - name: Edit comment with error message if: steps.scd.outputs.error-message - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@v3 with: comment-id: ${{ github.event.comment.id }} body: | diff --git a/CHANGELOG.md b/CHANGELOG.md index 55544f2ad5f..a39b5dde09f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,8 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - Core - Fix issue preventing plugins to work with flavors + - Upgrade create-pull-request and create-or-update-comment GitHub Actions + - Increase auto-update-linters GitHub Action timeout - Upgrade base Docker image to python:3.11.3-alpine3.17 - Documentation diff --git a/README.md b/README.md index d0b9c0c62af..c5fd9cb9625 100644 --- a/README.md +++ b/README.md @@ -451,7 +451,7 @@ jobs: - name: Create Pull Request with applied fixes id: cpr if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix') - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@v5 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} commit-message: "[MegaLinter] Apply linters automatic fixes" diff --git a/TEMPLATES/mega-linter.yml b/TEMPLATES/mega-linter.yml index 5dd1387d927..f71c38f3d0d 100644 --- a/TEMPLATES/mega-linter.yml +++ b/TEMPLATES/mega-linter.yml @@ -59,7 +59,7 @@ jobs: - name: Create Pull Request with applied fixes id: cpr if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@v5 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} commit-message: "[MegaLinter] Apply linters automatic fixes" diff --git a/docs/installation.md b/docs/installation.md index 9da7c3dbd6b..d6206392551 100644 --- a/docs/installation.md +++ b/docs/installation.md @@ -112,7 +112,7 @@ jobs: - name: Create Pull Request with applied fixes id: cpr if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix') - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@v5 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} commit-message: "[MegaLinter] Apply linters automatic fixes" diff --git a/mega-linter-runner/generators/mega-linter/templates/mega-linter.yml b/mega-linter-runner/generators/mega-linter/templates/mega-linter.yml index 5376f9f51c4..91431761a94 100644 --- a/mega-linter-runner/generators/mega-linter/templates/mega-linter.yml +++ b/mega-linter-runner/generators/mega-linter/templates/mega-linter.yml @@ -58,7 +58,7 @@ jobs: - name: Create Pull Request with applied fixes id: cpr if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix') - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@v5 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} commit-message: "[MegaLinter] Apply linters automatic fixes"