diff --git a/.github/actions/e2e/action.yml b/.github/actions/e2e/action.yml index 2528188..7251419 100644 --- a/.github/actions/e2e/action.yml +++ b/.github/actions/e2e/action.yml @@ -92,7 +92,7 @@ runs: run: echo "tf_version=$(grep 'terraform ' .tool-versions)" >> $GITHUB_OUTPUT - name: Configure AWS Credentials for Commercial - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@v3 with: role-to-assume: ${{ inputs.role-to-assume }} role-session-name: ${{ github.event.client_payload.pull_request.head.sha || github.sha }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index b817345..d5170cb 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Init zarf cache uses: actions/cache@v3 @@ -38,10 +38,10 @@ jobs: uses: supplypike/setup-bin@v3 with: # renovate: zarf-uri datasource=github-tags depName=defenseunicorns/zarf - uri: 'https://github.com/defenseunicorns/zarf/releases/download/v0.29.1/zarf_v0.29.1_Linux_amd64' + uri: 'https://github.com/defenseunicorns/zarf/releases/download/v0.29.2/zarf_v0.29.2_Linux_amd64' name: 'zarf' # renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=semver - version: 'v0.29.1' + version: 'v0.29.2' - name: Login to GHCR uses: docker/login-action@v2 diff --git a/.github/workflows/test-command.yml b/.github/workflows/test-command.yml index e7561df..a54a493 100644 --- a/.github/workflows/test-command.yml +++ b/.github/workflows/test-command.yml @@ -28,7 +28,7 @@ jobs: run-e2e: ${{ steps.parse.outputs.run-e2e }} steps: - name: Checkout Repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.PAT }} repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }} @@ -43,7 +43,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.PAT }} repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }} @@ -60,7 +60,7 @@ jobs: if: needs.parse.outputs.run-ping == 'true' steps: - name: Checkout Repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.PAT }} repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }} @@ -77,7 +77,7 @@ jobs: if: needs.parse.outputs.run-e2e == 'true' steps: - name: Checkout Repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.PAT }} repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 797bfe3..4f84469 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -31,7 +31,7 @@ repos: hooks: - id: fix-smartquotes - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.24.1 + rev: 0.26.3 hooks: - id: check-jsonschema name: "Validate Zarf Configs Against Schema" @@ -44,10 +44,10 @@ repos: "--no-cache" ] - repo: https://github.com/golangci/golangci-lint - rev: v1.54.1 + rev: v1.54.2 hooks: - id: golangci-lint - repo: https://github.com/renovatebot/pre-commit-hooks - rev: 36.43.1 + rev: 36.89.0 hooks: - id: renovate-config-validator diff --git a/.tool-versions b/.tool-versions index ed5324b..80b6b9b 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1,7 +1,7 @@ -golang 1.21.0 -golangci-lint 1.54.1 -pre-commit 3.3.3 -terraform 1.5.5 -tflint 0.47.0 -tfsec 1.28.1 +golang 1.21.1 +golangci-lint 1.54.2 +pre-commit 3.4.0 +terraform 1.5.7 +tflint 0.48.0 +tfsec 1.28.2 sops 3.7.3 diff --git a/Makefile b/Makefile index ed61b7f..8ebc77f 100755 --- a/Makefile +++ b/Makefile @@ -1,12 +1,12 @@ # The version of Zarf to use. To keep this repo as portable as possible the Zarf binary will be downloaded and added to # the build folder. # renovate: datasource=github-tags depName=defenseunicorns/zarf -ZARF_VERSION := v0.29.1 +ZARF_VERSION := v0.29.2 # The version of the build harness container to use BUILD_HARNESS_REPO := ghcr.io/defenseunicorns/build-harness/build-harness # renovate: datasource=docker depName=ghcr.io/defenseunicorns/build-harness/build-harness -BUILD_HARNESS_VERSION := 1.10.2 +BUILD_HARNESS_VERSION := 1.10.4 # renovate: datasource=docker depName=ghcr.io/defenseunicorns/packages/dubbd-k3d extractVersion=^(?\d+\.\d+\.\d+) DUBBD_K3D_VERSION := 0.8.1 diff --git a/go.mod b/go.mod index f642bde..4973d03 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/defenseunicorns/uds-capability-sonarqube go 1.20 require ( - github.com/gruntwork-io/terratest v0.43.12 + github.com/gruntwork-io/terratest v0.43.13 github.com/stretchr/testify v1.8.4 ) diff --git a/go.sum b/go.sum index a2b2435..a75a90e 100644 --- a/go.sum +++ b/go.sum @@ -373,6 +373,8 @@ github.com/gruntwork-io/go-commons v0.8.0 h1:k/yypwrPqSeYHevLlEDmvmgQzcyTwrlZGRa github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwiQZze678hvDXof78= github.com/gruntwork-io/terratest v0.43.12 h1:e1SgJe/JF3zh1k/7BDMv7sF3wTKqkSYNx79UJT/74+o= github.com/gruntwork-io/terratest v0.43.12/go.mod h1:Tw+6/fcJFiBPpsx9NNSkLG5oHKIeaqiJHVLpQ+ORIfQ= +github.com/gruntwork-io/terratest v0.43.13 h1:/d0UeDj/FJM66VRP/3JA4mTw0z7BOm9ntHYfrTjIpY8= +github.com/gruntwork-io/terratest v0.43.13/go.mod h1:Tw+6/fcJFiBPpsx9NNSkLG5oHKIeaqiJHVLpQ+ORIfQ= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= diff --git a/sonarqube-flux-values.yaml b/sonarqube-flux-values.yaml index 9dbce3e..47ce6da 100644 --- a/sonarqube-flux-values.yaml +++ b/sonarqube-flux-values.yaml @@ -6,7 +6,7 @@ application: repository: https://repo1.dso.mil/big-bang/product/packages/sonarqube.git ref: # renovate: datasource=gitlab-tags depName=big-bang/product/packages/sonarqube versioning=loose registryUrl=https://repo1.dso.mil - tag: 8.0.1-bb.2 + tag: 9.6.3-bb.9 dependsOn: ###ZARF_VAR_SONARQUBE_DEPENDS_ON### baseValues: diff --git a/utils/k3d/k3d-config.yaml b/utils/k3d/k3d-config.yaml index e2b1f3e..8d80ca3 100644 --- a/utils/k3d/k3d-config.yaml +++ b/utils/k3d/k3d-config.yaml @@ -3,7 +3,7 @@ kind: Simple metadata: name: ci servers: 1 -image: rancher/k3s:v1.26.5-k3s1 +image: rancher/k3s:v1.28.1-k3s1 options: k3s: extraArgs: diff --git a/zarf.yaml b/zarf.yaml index 83b0239..40803f7 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -36,9 +36,9 @@ components: repos: - https://repo1.dso.mil/big-bang/product/packages/sonarqube.git images: - - "registry1.dso.mil/ironbank/big-bang/base:2.0.0" + - "registry1.dso.mil/ironbank/big-bang/base:8.4" - "registry1.dso.mil/ironbank/big-bang/sonarqube-9:9.9.1-community" - - "registry1.dso.mil/ironbank/opensource/postgres/postgresql12:12.15" + - "registry1.dso.mil/ironbank/opensource/postgres/postgresql12:12.16" actions: onDeploy: after: