From 839bd62f4f7f6516a0c43f81547fea1d1d8ad03c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 29 Mar 2022 12:55:37 +0000 Subject: [PATCH 01/13] chore(deps): update docker/build-push-action action to v2.10.0 --- .github/workflows/nodejs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index 3a8f5865..b2d03971 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -110,7 +110,7 @@ jobs: uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3.0.0 - name: Docker Build - uses: docker/build-push-action@7f9d37fa544684fb73bfe4835ed7214c255ce02b # tag=v2.9.0 + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a # tag=v2.10.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} From 7252c90df7377240b3475d9c85421e073871a557 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 29 Mar 2022 21:40:22 +0000 Subject: [PATCH 02/13] chore(deps): lock file maintenance --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 73cb1107..2c738c6f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1283,9 +1283,9 @@ } }, "electron-to-chromium": { - "version": "1.4.98", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.98.tgz", - "integrity": "sha512-1IdsuSAnIGVxoYT1LkcUFb9MfjRxdHhCU9qiaDzhl1XvYgK9c8E2O9aJOPgGMQ68CSI8NxmLwrYhjvGauT8yuw==", + "version": "1.4.99", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.99.tgz", + "integrity": "sha512-YXMzbvlo6pW12KWw0bj6cIGCJi1Moy8PLCuuzgRzg6WYIcHILK3szU+HHnHFx2b373qRv+cfmHhbmRbatyAbPA==", "dev": true }, "emoji-regex": { From cff9b3af14e91b45130dfd349b26a99e331e023f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 30 Mar 2022 16:01:42 +0000 Subject: [PATCH 03/13] chore(deps): update github/codeql-action action to v1.1.6 --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index c7205ae3..9ab43186 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -29,7 +29,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@883476649888a9e8e219d5b2e6b789dc024f690c # tag=v1.1.5 + uses: github/codeql-action/init@4c1021c5041fca6023824e45efb7f83178d52fe2 # tag=v1.1.6 # Override language selection by uncommenting this and choosing your languages # with: # languages: go, javascript, csharp, python, cpp, java @@ -37,7 +37,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@883476649888a9e8e219d5b2e6b789dc024f690c # tag=v1.1.5 + uses: github/codeql-action/autobuild@4c1021c5041fca6023824e45efb7f83178d52fe2 # tag=v1.1.6 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -51,4 +51,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@883476649888a9e8e219d5b2e6b789dc024f690c # tag=v1.1.5 + uses: github/codeql-action/analyze@4c1021c5041fca6023824e45efb7f83178d52fe2 # tag=v1.1.6 From 6fd9a404f4bfd9c06cd72b373a2af66373599d38 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 30 Mar 2022 18:21:36 +0000 Subject: [PATCH 04/13] fix(deps): update dependency snyk to v1.872.0 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2c738c6f..fe1d8890 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4422,9 +4422,9 @@ } }, "snyk": { - "version": "1.870.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.870.0.tgz", - "integrity": "sha512-nv1a/oQVXhWwidFYIrrgmdhJvixkv2rcE2i17pmymluJchc30SJ+NFzXsST9zUe+8ee6hiqS9gF+cslD7piOYA==" + "version": "1.872.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.872.0.tgz", + "integrity": "sha512-l6HV5xRqVFK/1owFo4kvgKfXAuZiFOp6SP6Z/FzkeRibmUTXyb6wX36hz8QcRJbsZEcfcqMiE7ZBIsF2ZzF6lw==" }, "source-map": { "version": "0.5.7", diff --git a/package.json b/package.json index c6398920..66f72280 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "app-store-scraper": "0.17.0", "google-play-scraper": "8.1.0", "prom-client": "11.5.3", - "snyk": "1.870.0", + "snyk": "1.872.0", "uuid": "3.4.0", "winston": "3.6.0" }, From 24accf28b4e07853dd9266686a1c95f3a2fb860a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 31 Mar 2022 09:39:50 +0000 Subject: [PATCH 05/13] fix(deps): update dependency snyk to v1.873.0 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index fe1d8890..f9c5057b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4422,9 +4422,9 @@ } }, "snyk": { - "version": "1.872.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.872.0.tgz", - "integrity": "sha512-l6HV5xRqVFK/1owFo4kvgKfXAuZiFOp6SP6Z/FzkeRibmUTXyb6wX36hz8QcRJbsZEcfcqMiE7ZBIsF2ZzF6lw==" + "version": "1.873.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.873.0.tgz", + "integrity": "sha512-xmBvD6z5yUavhd7Saebi5SgYhJgc2F6ncsRWTf9AgGjZhX41Sg4hUWoR37QQZqkapjcwQ1AigJakTu0+g1UYMQ==" }, "source-map": { "version": "0.5.7", diff --git a/package.json b/package.json index 66f72280..2ecd4a5b 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "app-store-scraper": "0.17.0", "google-play-scraper": "8.1.0", "prom-client": "11.5.3", - "snyk": "1.872.0", + "snyk": "1.873.0", "uuid": "3.4.0", "winston": "3.6.0" }, From e66ca666dfa3b735e560859fab77e0f3e69fadc8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 1 Apr 2022 10:56:22 +0000 Subject: [PATCH 06/13] fix(deps): update dependency snyk to v1.874.0 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index f9c5057b..2d354382 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4422,9 +4422,9 @@ } }, "snyk": { - "version": "1.873.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.873.0.tgz", - "integrity": "sha512-xmBvD6z5yUavhd7Saebi5SgYhJgc2F6ncsRWTf9AgGjZhX41Sg4hUWoR37QQZqkapjcwQ1AigJakTu0+g1UYMQ==" + "version": "1.874.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.874.0.tgz", + "integrity": "sha512-46BSe1dA2ivQTm1Wow/VlzkWjNGfEec0gDx3gEM0y+XDwasF4iuweEfnvgPV7jCVGR1sqFZK5wGwFgjkHrLy0g==" }, "source-map": { "version": "0.5.7", diff --git a/package.json b/package.json index 2ecd4a5b..251506f8 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "app-store-scraper": "0.17.0", "google-play-scraper": "8.1.0", "prom-client": "11.5.3", - "snyk": "1.873.0", + "snyk": "1.874.0", "uuid": "3.4.0", "winston": "3.6.0" }, From 4fdd7cac3bfcb592f531bc18255c9d346c344405 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 1 Apr 2022 13:54:45 +0000 Subject: [PATCH 07/13] chore(deps): update actions/setup-node digest to 5b52f09 --- .github/workflows/nodejs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index b2d03971..580dc763 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -17,7 +17,7 @@ jobs: uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3.0.0 - name: Setup Node.js ${{ matrix.node }} - uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # tag=v3 + uses: actions/setup-node@5b52f097d36d4b0b2f94ed6de710023fbb8b2236 # tag=v3 with: node-version: ${{ matrix.node }} check-latest: true From 2301508b77586f3d787e58310ca7efa6f343e8be Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 1 Apr 2022 16:21:56 +0000 Subject: [PATCH 08/13] fix(deps): update dependency snyk to v1.875.0 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2d354382..c21b413c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4422,9 +4422,9 @@ } }, "snyk": { - "version": "1.874.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.874.0.tgz", - "integrity": "sha512-46BSe1dA2ivQTm1Wow/VlzkWjNGfEec0gDx3gEM0y+XDwasF4iuweEfnvgPV7jCVGR1sqFZK5wGwFgjkHrLy0g==" + "version": "1.875.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.875.0.tgz", + "integrity": "sha512-md8qWPE4ZqMa8GSfeDt9KMYijz5Ib6WmcMqUSPVdmnYbfFVp0uUuoURWcBCdnAZ8FQ1JXhv3A4SrltNV2B498A==" }, "source-map": { "version": "0.5.7", diff --git a/package.json b/package.json index 251506f8..dd93ca43 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "app-store-scraper": "0.17.0", "google-play-scraper": "8.1.0", "prom-client": "11.5.3", - "snyk": "1.874.0", + "snyk": "1.875.0", "uuid": "3.4.0", "winston": "3.6.0" }, From 4a96f3a488736c0e3dcaf73c9d7164d002056fcb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 1 Apr 2022 20:00:16 +0000 Subject: [PATCH 09/13] chore(deps): update github/codeql-action action to v2 --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 9ab43186..31e1b842 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -29,7 +29,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@4c1021c5041fca6023824e45efb7f83178d52fe2 # tag=v1.1.6 + uses: github/codeql-action/init@28eead240834b314f7def40f6fcba65d100d99b1 # tag=v2.1.6 # Override language selection by uncommenting this and choosing your languages # with: # languages: go, javascript, csharp, python, cpp, java @@ -37,7 +37,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@4c1021c5041fca6023824e45efb7f83178d52fe2 # tag=v1.1.6 + uses: github/codeql-action/autobuild@28eead240834b314f7def40f6fcba65d100d99b1 # tag=v2.1.6 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -51,4 +51,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@4c1021c5041fca6023824e45efb7f83178d52fe2 # tag=v1.1.6 + uses: github/codeql-action/analyze@28eead240834b314f7def40f6fcba65d100d99b1 # tag=v2.1.6 From e653627c2ad2a7c7c93e819ea96beb0e5b34a3d0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 2 Apr 2022 12:51:11 +0000 Subject: [PATCH 10/13] fix(deps): update dependency snyk to v1.877.0 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index c21b413c..5819d040 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4422,9 +4422,9 @@ } }, "snyk": { - "version": "1.875.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.875.0.tgz", - "integrity": "sha512-md8qWPE4ZqMa8GSfeDt9KMYijz5Ib6WmcMqUSPVdmnYbfFVp0uUuoURWcBCdnAZ8FQ1JXhv3A4SrltNV2B498A==" + "version": "1.877.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.877.0.tgz", + "integrity": "sha512-q/LIn095/X8mjz0xtF1tAkmdg/GVuoLt7n7hpXMPOR/QSXQSGuk0NXpNi9i6b8TUgcA7gufVDJeLiA70InidHQ==" }, "source-map": { "version": "0.5.7", diff --git a/package.json b/package.json index dd93ca43..ab75464e 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "app-store-scraper": "0.17.0", "google-play-scraper": "8.1.0", "prom-client": "11.5.3", - "snyk": "1.875.0", + "snyk": "1.877.0", "uuid": "3.4.0", "winston": "3.6.0" }, From 2eff4d7b63c897516f1b5f52e62294c78e4abe8a Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Tue, 29 Mar 2022 13:09:08 +0000 Subject: [PATCH 11/13] chore(release): 0.4.10 [skip ci] ## [0.4.10](https://github.com/timoa/app-stores-prometheus-exporter/compare/v0.4.9...v0.4.10) (2022-03-29) ### Bug Fixes * **deps:** update dependency snyk to v1.868.0 ([dc89a5a](https://github.com/timoa/app-stores-prometheus-exporter/commit/dc89a5a8e4ff44671034d76c144bd74b87045f46)) * **deps:** update dependency snyk to v1.869.0 ([622d927](https://github.com/timoa/app-stores-prometheus-exporter/commit/622d9271c6d7de0deecbdd6f8e6789ea230dbf58)) * **deps:** update dependency snyk to v1.870.0 ([cc3171b](https://github.com/timoa/app-stores-prometheus-exporter/commit/cc3171b7ebe9c0e13ad4748593494a1567cd673f)) * **deps:** update dependency winston to v3.3.4 ([62daac3](https://github.com/timoa/app-stores-prometheus-exporter/commit/62daac32048c7187ef6b08c71eb0a780c9c663ee)) * **deps:** update dependency winston to v3.6.0 ([7255223](https://github.com/timoa/app-stores-prometheus-exporter/commit/7255223a5fbe300d54ab02206d72dddb5f21bce6)) --- CHANGELOG.md | 11 +++++++++++ package-lock.json | 2 +- package.json | 2 +- 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 92c96b4f..41f9e7a2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,14 @@ +## [0.4.10](https://github.com/timoa/app-stores-prometheus-exporter/compare/v0.4.9...v0.4.10) (2022-03-29) + + +### Bug Fixes + +* **deps:** update dependency snyk to v1.868.0 ([dc89a5a](https://github.com/timoa/app-stores-prometheus-exporter/commit/dc89a5a8e4ff44671034d76c144bd74b87045f46)) +* **deps:** update dependency snyk to v1.869.0 ([622d927](https://github.com/timoa/app-stores-prometheus-exporter/commit/622d9271c6d7de0deecbdd6f8e6789ea230dbf58)) +* **deps:** update dependency snyk to v1.870.0 ([cc3171b](https://github.com/timoa/app-stores-prometheus-exporter/commit/cc3171b7ebe9c0e13ad4748593494a1567cd673f)) +* **deps:** update dependency winston to v3.3.4 ([62daac3](https://github.com/timoa/app-stores-prometheus-exporter/commit/62daac32048c7187ef6b08c71eb0a780c9c663ee)) +* **deps:** update dependency winston to v3.6.0 ([7255223](https://github.com/timoa/app-stores-prometheus-exporter/commit/7255223a5fbe300d54ab02206d72dddb5f21bce6)) + ## [0.4.9](https://github.com/timoa/app-stores-prometheus-exporter/compare/v0.4.8...v0.4.9) (2022-03-27) diff --git a/package-lock.json b/package-lock.json index 5819d040..1397667d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "app-stores-prometheus-exporter", - "version": "0.4.9", + "version": "0.4.10", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index ab75464e..e29cd751 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "app-stores-prometheus-exporter", - "version": "0.4.9", + "version": "0.4.10", "description": "Prometheus exporter that exports metrics (score, ratings, reviews, app version, etc.) from Apple App Store and Google Play (and more in the future).", "private": true, "scripts": { From 5a700ec1c7e7061ffa7b84bc2500d879402ec2f6 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Tue, 29 Mar 2022 13:36:03 +0000 Subject: [PATCH 12/13] chore(release): 0.4.11 [skip ci] ## [0.4.11](https://github.com/timoa/app-stores-prometheus-exporter/compare/v0.4.10...v0.4.11) (2022-03-29) ### Bug Fixes * **cicd:** fix Docker build with latest GitHub Action ([9549390](https://github.com/timoa/app-stores-prometheus-exporter/commit/95493908f63edb0334437771effdbd5b148e4305)) --- CHANGELOG.md | 7 +++++++ package-lock.json | 2 +- package.json | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 41f9e7a2..3cd9bd50 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## [0.4.11](https://github.com/timoa/app-stores-prometheus-exporter/compare/v0.4.10...v0.4.11) (2022-03-29) + + +### Bug Fixes + +* **cicd:** fix Docker build with latest GitHub Action ([9549390](https://github.com/timoa/app-stores-prometheus-exporter/commit/95493908f63edb0334437771effdbd5b148e4305)) + ## [0.4.10](https://github.com/timoa/app-stores-prometheus-exporter/compare/v0.4.9...v0.4.10) (2022-03-29) diff --git a/package-lock.json b/package-lock.json index 1397667d..6bc016bb 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "app-stores-prometheus-exporter", - "version": "0.4.10", + "version": "0.4.11", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index e29cd751..8f5693b6 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "app-stores-prometheus-exporter", - "version": "0.4.10", + "version": "0.4.11", "description": "Prometheus exporter that exports metrics (score, ratings, reviews, app version, etc.) from Apple App Store and Google Play (and more in the future).", "private": true, "scripts": { From eada1a6be276708db1d49c02ac5cf68c15b11ae5 Mon Sep 17 00:00:00 2001 From: Damien Laureaux Date: Sat, 2 Apr 2022 23:24:44 +0200 Subject: [PATCH 13/13] chore(cicd): Replace SAST scan with ShiftLeft SCAN instead of Semgrep --- .github/workflows/nodejs.yml | 56 +++++++++++++++++++++++++++--------- 1 file changed, 42 insertions(+), 14 deletions(-) diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index 580dc763..5d608b58 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -17,7 +17,7 @@ jobs: uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3.0.0 - name: Setup Node.js ${{ matrix.node }} - uses: actions/setup-node@5b52f097d36d4b0b2f94ed6de710023fbb8b2236 # tag=v3 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # tag=v3 with: node-version: ${{ matrix.node }} check-latest: true @@ -63,7 +63,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - # -- SEMGREP ---------------------------------------------------------------- + # -- SAST SCAN -------------------------------------------------------------- code-security: runs-on: ubuntu-latest needs: tests @@ -74,13 +74,18 @@ jobs: - name: Checkout uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3 - - name: Semgrep SAST Scan - uses: returntocorp/semgrep-action@v1 + - name: Perform Scan + uses: ShiftLeftSecurity/scan-action@master + + env: + WORKSPACE: https://github.com/${{ github.repository }}/blob/${{ github.sha }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SCAN_ANNOTATE_PR: true + + - uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # tag=v3.0.0 with: - config: >- - p/security-audit - p/secrets - auditOn: push + name: reports + path: reports # -- RELEASE ---------------------------------------------------------------- release: @@ -109,12 +114,35 @@ jobs: - name: Checkout uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3.0.0 - - name: Docker Build - uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a # tag=v2.10.0 + - name: Docker meta + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ github.repository }} + tags: | + type=schedule + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }} + type=sha + + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to DockerHub + uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: timoa/app-stores-prometheus-exporter - tags: | - ${GITHUB_REF#refs/*/} - latest + - + name: Build and push + uses: docker/build-push-action@7f9d37fa544684fb73bfe4835ed7214c255ce02b # tag=v2.9.0 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }}