From 589d46afa2ba151035823000bf2422ae20f06112 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Apr 2024 09:37:45 +0000 Subject: [PATCH 1/8] chore(deps): bump docker/build-push-action from 5.0.0 to 5.3.0 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.0.0 to 5.3.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/0565240e2d4ab88bba5387d719585280857ece09...2cdde995de11925a030ce8070c3d77a52ffcf1c0) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build-docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml index 45c6241dff..149397a062 100644 --- a/.github/workflows/build-docker.yml +++ b/.github/workflows/build-docker.yml @@ -77,7 +77,7 @@ jobs: core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || ''); - name: Build and push centrifugeio/centrifuge-chain - uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 #v5.1.0 + uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 #v5.1.0 with: context: . file: ./docker/centrifuge-chain/Dockerfile From 4a34c8efa4a2fdd5c71109241e453084185e0214 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Apr 2024 09:37:48 +0000 Subject: [PATCH 2/8] chore(deps): bump actions/configure-pages from 4 to 5 Bumps [actions/configure-pages](https://github.com/actions/configure-pages) from 4 to 5. - [Release notes](https://github.com/actions/configure-pages/releases) - [Commits](https://github.com/actions/configure-pages/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/configure-pages dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/deploy-docs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy-docs.yml b/.github/workflows/deploy-docs.yml index 9b70e7b7ac..7d3dad762c 100644 --- a/.github/workflows/deploy-docs.yml +++ b/.github/workflows/deploy-docs.yml @@ -49,7 +49,7 @@ jobs: echo "" \ > ./target/doc/index.html - name: Setup Pages - uses: actions/configure-pages@v4 + uses: actions/configure-pages@v5 - name: Fix permissions run: | From 0b28e8c008ef325ce69a05b3cd2805cba715a018 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Apr 2024 09:37:52 +0000 Subject: [PATCH 3/8] chore(deps): bump rtCamp/action-slack-notify from 2.2.1 to 2.3.0 Bumps [rtCamp/action-slack-notify](https://github.com/rtcamp/action-slack-notify) from 2.2.1 to 2.3.0. - [Release notes](https://github.com/rtcamp/action-slack-notify/releases) - [Commits](https://github.com/rtcamp/action-slack-notify/compare/b24d75fe0e728a4bf9fc42ee217caa686d141ee8...4e5fb42d249be6a45a298f3c9543b111b02f7907) --- updated-dependencies: - dependency-name: rtCamp/action-slack-notify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/try-runtime.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/try-runtime.yml b/.github/workflows/try-runtime.yml index ee92b7f6f4..db72231f7b 100644 --- a/.github/workflows/try-runtime.yml +++ b/.github/workflows/try-runtime.yml @@ -84,7 +84,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Notify Slack - uses: rtCamp/action-slack-notify@b24d75fe0e728a4bf9fc42ee217caa686d141ee8 #v2.2.1 + uses: rtCamp/action-slack-notify@4e5fb42d249be6a45a298f3c9543b111b02f7907 #v2.3.0 env: SLACK_CHANNEL: eng-protocol-general SLACK_COLOR: '#FF0000' From b204211dfde0c70be89a33bac29ad02ba9b7db5c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Apr 2024 09:37:57 +0000 Subject: [PATCH 4/8] chore(deps): bump docker/login-action from 3.0.0 to 3.1.0 Bumps [docker/login-action](https://github.com/docker/login-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/343f7c4344506bcbf9b4de18042ae17996df046d...e92390c5fb421da1463c202d546fed0ec5c39f20) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build-docker.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml index 45c6241dff..6f53c601d9 100644 --- a/.github/workflows/build-docker.yml +++ b/.github/workflows/build-docker.yml @@ -35,13 +35,13 @@ jobs: uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c #v3.1.0 - name: DockerHub Registry Login - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d + uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Github Registry login - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d + uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 with: registry: ghcr.io username: ${{ github.actor }} From 0179c8fb609e2c532697290a952d34748032379b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Apr 2024 09:38:02 +0000 Subject: [PATCH 5/8] chore(deps): bump Swatinem/rust-cache from 2.7.1 to 2.7.3 Bumps [Swatinem/rust-cache](https://github.com/swatinem/rust-cache) from 2.7.1 to 2.7.3. - [Release notes](https://github.com/swatinem/rust-cache/releases) - [Changelog](https://github.com/Swatinem/rust-cache/blob/master/CHANGELOG.md) - [Commits](https://github.com/swatinem/rust-cache/compare/3cf7f8cc28d1b4e7d01e3783be10a97d55d483c8...23bce251a8cd2ffc3c1075eaa2367cf899916d84) --- updated-dependencies: - dependency-name: Swatinem/rust-cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/build-wasm.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-wasm.yml b/.github/workflows/build-wasm.yml index 92b5a632f0..e92cfa624f 100644 --- a/.github/workflows/build-wasm.yml +++ b/.github/workflows/build-wasm.yml @@ -33,7 +33,7 @@ jobs: uses: ./.github/actions/prep-ubuntu # sccache does not work inside the srtool container - - uses: Swatinem/rust-cache@3cf7f8cc28d1b4e7d01e3783be10a97d55d483c8 # 2.7 + - uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # 2.7 with: prefix-key: build shared-key: wasm From ce063106eb47c0d99e45564e0d28571897ba51fc Mon Sep 17 00:00:00 2001 From: Guillermo Perez Date: Wed, 17 Apr 2024 18:22:07 +0200 Subject: [PATCH 6/8] add gh actions upgrade script --- scripts/upgrade-github-actions.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 scripts/upgrade-github-actions.sh diff --git a/scripts/upgrade-github-actions.sh b/scripts/upgrade-github-actions.sh new file mode 100644 index 0000000000..79d0172998 --- /dev/null +++ b/scripts/upgrade-github-actions.sh @@ -0,0 +1,18 @@ +#!/bin/bash +# This script will use the open dependabot PRs to peform an upgrade of all GH actions + +# The target branch to merge all Dependabot PRs into +TARGET_BRANCH="upgrade-gh-actions" + +# Ensure the target branch exists and is checked out +git checkout -b $TARGET_BRANCH 2>/dev/null || git checkout $TARGET_BRANCH + +# Fetch all PRs from GitHub, filter for those opened by Dependabot, and extract their branch names +gh pr list --search "author:app/dependabot" --state open --json headRefName --jq '.[].headRefName' | while read branch; do + # Merge each Dependabot branch into the target branch + echo "Merging $branch into $TARGET_BRANCH..." + git merge origin/$branch --no-edit +done + +# After merging, you might want to push the changes +# git push origin $TARGET_BRANCH \ No newline at end of file From 22b8551cd096f6ba87068b3056680d985ea86923 Mon Sep 17 00:00:00 2001 From: Guillermo Perez Date: Wed, 8 May 2024 19:38:44 +0200 Subject: [PATCH 7/8] upgrade github actions --- .github/actions/sccache-gcloud/action.yml | 4 ++-- .github/workflows/sanity-checks.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/sccache-gcloud/action.yml b/.github/actions/sccache-gcloud/action.yml index cd9b0accfb..ee611db560 100644 --- a/.github/actions/sccache-gcloud/action.yml +++ b/.github/actions/sccache-gcloud/action.yml @@ -14,13 +14,13 @@ runs: - name: Auth gcloud id: gauth - uses: google-github-actions/auth@35b0e87d162680511bf346c299f71c9c5c379033 # @v1.1.1 + uses: google-github-actions/auth@55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c # @v2.1.2 with: workload_identity_provider: ${{ inputs.GWIP }} service_account: ${{ inputs.GSA }} - name: Run sccache-cache - uses: mozilla-actions/sccache-action@8417cffc2ec64127ad83077aceaa8631f7cdc83e #v0.0.3 + uses: mozilla-actions/sccache-action@2e7f9ec7921547d4b46598398ca573513895d0bd #v0.0.4 - name: set GCS bucket sccache variables shell: bash diff --git a/.github/workflows/sanity-checks.yml b/.github/workflows/sanity-checks.yml index bccfd8ab40..2725552cbf 100644 --- a/.github/workflows/sanity-checks.yml +++ b/.github/workflows/sanity-checks.yml @@ -17,7 +17,7 @@ jobs: lint-fmt, lint-clippy, cargo-build, docs-build, lint-taplo] steps: - name: Check out code - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #3.5.2 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b #4.1.4 - name: Prep build uses: ./.github/actions/prep-ubuntu From 959322d7ee52ab26cc3a8f3166363860889ad0f6 Mon Sep 17 00:00:00 2001 From: Guillermo Perez Date: Wed, 8 May 2024 19:43:54 +0200 Subject: [PATCH 8/8] upgrade all packages --- .github/workflows/build-docker.yml | 6 +++--- .github/workflows/build-wasm.yml | 2 +- .github/workflows/deploy-docs.yml | 2 +- .github/workflows/sanity-checks.yml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml index 7b453835ca..f3b624fe8d 100644 --- a/.github/workflows/build-docker.yml +++ b/.github/workflows/build-docker.yml @@ -35,13 +35,13 @@ jobs: uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c #v3.1.0 - name: DockerHub Registry Login - uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 + uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 #v3.1.0 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Github Registry login - uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 + uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 #v3.1.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -77,7 +77,7 @@ jobs: core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || ''); - name: Build and push centrifugeio/centrifuge-chain - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 #v5.1.0 + uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 #v5.3.0 with: context: . file: ./docker/centrifuge-chain/Dockerfile diff --git a/.github/workflows/build-wasm.yml b/.github/workflows/build-wasm.yml index e92cfa624f..ee19e6c085 100644 --- a/.github/workflows/build-wasm.yml +++ b/.github/workflows/build-wasm.yml @@ -27,7 +27,7 @@ jobs: steps: # PREP - name: Check out code - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #3.5.2 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b #4.1.4 - name: Prep build on Ubuntu uses: ./.github/actions/prep-ubuntu diff --git a/.github/workflows/deploy-docs.yml b/.github/workflows/deploy-docs.yml index 7d3dad762c..4b572a56c6 100644 --- a/.github/workflows/deploy-docs.yml +++ b/.github/workflows/deploy-docs.yml @@ -58,7 +58,7 @@ jobs: done - name: upload Docs files - uses: actions/upload-pages-artifact@0252fc4ba7626f0298f0cf00902a25c6afc77fa8 # v3.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0 with: path: ./target/doc diff --git a/.github/workflows/sanity-checks.yml b/.github/workflows/sanity-checks.yml index 2725552cbf..9eea1f6e69 100644 --- a/.github/workflows/sanity-checks.yml +++ b/.github/workflows/sanity-checks.yml @@ -41,7 +41,7 @@ jobs: runtime: [altair, centrifuge] steps: - name: Check out code - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #3.5.2 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b #4.1.4 - name: Prep build uses: ./.github/actions/prep-ubuntu