From 1eb227ab3551c38a630b1e87923c3a067d812989 Mon Sep 17 00:00:00 2001
From: githubmamatha <106563495+githubmamatha@users.noreply.github.com>
Date: Mon, 4 Mar 2024 12:43:04 -0800
Subject: [PATCH 1/3] Update pom.xml
---
api/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/api/pom.xml b/api/pom.xml
index 93bbace0..51c04c13 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -6,7 +6,7 @@
ca.bc.gov.educ
educ-grad-student-api
- 1.8.54
+ 1.8.55
educ-grad-student-api
Student Demographics API for GRAD team
From 23dd5494b5d1792d3bfdbf58804070eac0787a3a Mon Sep 17 00:00:00 2001
From: Kamal Mohammed
Date: Fri, 8 Mar 2024 14:23:45 -0700
Subject: [PATCH 2/3] Update Trivy scan version to v2
---
.github/workflows/on.pr.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml
index a6fc8ac8..2eae9936 100644
--- a/.github/workflows/on.pr.yml
+++ b/.github/workflows/on.pr.yml
@@ -42,7 +42,7 @@ jobs:
severity: 'CRITICAL'
- name: Upload Trivy scan results to GitHub Security tab
- uses: github/codeql-action/upload-sarif@v1
+ uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results.sarif'
- name: Cache SonarCloud packages
From 7a4ccd1d5fc7c3e7c6d76ff301e7ed2913145596 Mon Sep 17 00:00:00 2001
From: Kamal Mohammed
Date: Tue, 23 Apr 2024 01:05:09 -0600
Subject: [PATCH 3/3] Upgrade ZAPSCAN to 0.7.0
---
.../workflows/build.from.developer.branch.deploy.to.dev.yml | 4 ++--
.github/workflows/build.from.main.branch.deploy.to.dev.yml | 4 ++--
.github/workflows/build.from.release.branch.deploy.to.dev.yml | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/.github/workflows/build.from.developer.branch.deploy.to.dev.yml b/.github/workflows/build.from.developer.branch.deploy.to.dev.yml
index b160e6da..5e8fb8be 100644
--- a/.github/workflows/build.from.developer.branch.deploy.to.dev.yml
+++ b/.github/workflows/build.from.developer.branch.deploy.to.dev.yml
@@ -155,6 +155,6 @@ jobs:
# now hit it with a zap scan
- name: ZAP Scan
- uses: zaproxy/action-api-scan@v0.1.0
+ uses: zaproxy/action-api-scan@v0.7.0
with:
- target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs'
+ target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.apps.silver.devops.gov.bc.ca/api/v1/api-docs'
diff --git a/.github/workflows/build.from.main.branch.deploy.to.dev.yml b/.github/workflows/build.from.main.branch.deploy.to.dev.yml
index fcace1b4..46dfc273 100644
--- a/.github/workflows/build.from.main.branch.deploy.to.dev.yml
+++ b/.github/workflows/build.from.main.branch.deploy.to.dev.yml
@@ -137,6 +137,6 @@ jobs:
# now hit it with a zap scan
- name: ZAP Scan
- uses: zaproxy/action-api-scan@v0.1.0
+ uses: zaproxy/action-api-scan@v0.7.0
with:
- target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs'
\ No newline at end of file
+ target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.apps.silver.devops.gov.bc.ca/api/v1/api-docs'
\ No newline at end of file
diff --git a/.github/workflows/build.from.release.branch.deploy.to.dev.yml b/.github/workflows/build.from.release.branch.deploy.to.dev.yml
index 6ca03dc6..63436ee9 100644
--- a/.github/workflows/build.from.release.branch.deploy.to.dev.yml
+++ b/.github/workflows/build.from.release.branch.deploy.to.dev.yml
@@ -144,6 +144,6 @@ jobs:
# now hit it with a zap scan
- name: ZAP Scan
- uses: zaproxy/action-api-scan@v0.1.0
+ uses: zaproxy/action-api-scan@v0.7.0
with:
- target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs'
\ No newline at end of file
+ target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.apps.silver.devops.gov.bc.ca/api/v1/api-docs'
\ No newline at end of file