diff --git a/.github/workflows/benchmarks.yaml b/.github/workflows/benchmarks.yaml
index 09cc5ad..5e9f7cb 100644
--- a/.github/workflows/benchmarks.yaml
+++ b/.github/workflows/benchmarks.yaml
@@ -24,12 +24,12 @@ jobs:
pull-requests: write
steps:
- name: Checkout
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Install .NET
- uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0
+ uses: actions/setup-dotnet@6bd8b7f7774af54e05809fcc5431931b3eb1ddee # v4.0.1
with:
dotnet-version: "8.0.x"
diff --git a/.github/workflows/buf.yaml b/.github/workflows/buf.yaml
index 75cff13..78faeb8 100644
--- a/.github/workflows/buf.yaml
+++ b/.github/workflows/buf.yaml
@@ -15,9 +15,9 @@ jobs:
contents: read
pull-requests: write
steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- - uses: bufbuild/buf-setup-action@dde0b9351db90fbf78e345f41a57de8514bf1091 # v1.32.2
+ - uses: bufbuild/buf-setup-action@35c243d7f2a909b1d4e40399b348a7fdab27d78d # v1.34.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/build-grpc-utils-image.yaml b/.github/workflows/build-grpc-utils-image.yaml
index d134dc1..8067e25 100644
--- a/.github/workflows/build-grpc-utils-image.yaml
+++ b/.github/workflows/build-grpc-utils-image.yaml
@@ -20,7 +20,7 @@ jobs:
contents: read
steps:
- name: Checkout
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Container meta for the gRPC utils image
id: container_grpc_utils_meta
@@ -30,10 +30,10 @@ jobs:
ghcr.io/${{ github.repository }}-grpc-utils
- name: Set up QEMU
- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3
+ uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee # v3
- name: Set up Docker Buildx
- uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
+ uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3
- name: Login to GitHub Container Registry
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
@@ -44,7 +44,7 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push gRPC utils image
- uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5
+ uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5
with:
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.container_grpc_utils_meta.outputs.tags }}
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 3c183f7..c4f20a5 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -13,7 +13,7 @@ permissions: read-all
jobs:
build:
- uses: miracum/.github/.github/workflows/standard-build.yaml@614627d88ea531acb0b0f321f507b2c7c91a721d # v1.9.1
+ uses: miracum/.github/.github/workflows/standard-build.yaml@028aedc2d5806bb362562560f5e871d9364902cd # v1.11.2
permissions:
contents: read
id-token: write
@@ -24,6 +24,9 @@ jobs:
with:
enable-build-test-layer: true
enable-upload-test-image: true
+ platforms: |
+ linux/amd64
+ linux/arm64
secrets:
github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -35,8 +38,20 @@ jobs:
# for add Coverage PR Comment
pull-requests: write
steps:
+ #
+ # via
+ - name: Set up containerd image store
+ shell: bash
+ run: |
+ jq '. | .+{"features": {"containerd-snapshotter": true}}' /etc/docker/daemon.json > /tmp/docker-daemon-with-containerd.json
+ sudo mv /tmp/docker-daemon-with-containerd.json /etc/docker/daemon.json
+ cat /etc/docker/daemon.json
+ sudo systemctl restart docker
+
+ docker info -f '{{ .DriverStatus }}'
+
- name: Download test image
- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+ uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: ${{ needs.build.outputs.image-slug }}-test
path: /tmp
@@ -83,12 +98,24 @@ jobs:
contents: read
pull-requests: write
steps:
+ #
+ # via
+ - name: Set up containerd image store
+ shell: bash
+ run: |
+ jq '. | .+{"features": {"containerd-snapshotter": true}}' /etc/docker/daemon.json > /tmp/docker-daemon-with-containerd.json
+ sudo mv /tmp/docker-daemon-with-containerd.json /etc/docker/daemon.json
+ cat /etc/docker/daemon.json
+ sudo systemctl restart docker
+
+ docker info -f '{{ .DriverStatus }}'
+
- name: Checkout
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Download container image
if: ${{ github.event_name == 'pull_request' }}
- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+ uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: ${{ needs.build.outputs.image-slug }}
path: /tmp
@@ -184,12 +211,24 @@ jobs:
needs:
- build
steps:
+ #
+ # via
+ - name: Set up containerd image store
+ shell: bash
+ run: |
+ jq '. | .+{"features": {"containerd-snapshotter": true}}' /etc/docker/daemon.json > /tmp/docker-daemon-with-containerd.json
+ sudo mv /tmp/docker-daemon-with-containerd.json /etc/docker/daemon.json
+ cat /etc/docker/daemon.json
+ sudo systemctl restart docker
+
+ docker info -f '{{ .DriverStatus }}'
+
- name: Checkout
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Download container image
if: ${{ github.event_name == 'pull_request' }}
- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+ uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: ${{ needs.build.outputs.image-slug }}
path: /tmp
@@ -202,7 +241,7 @@ jobs:
docker image ls -a
- name: Install .NET
- uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # tag=v4.0.0
+ uses: actions/setup-dotnet@6bd8b7f7774af54e05809fcc5431931b3eb1ddee # v4.0.1
with:
dotnet-version: "8.0.x"
@@ -221,8 +260,20 @@ jobs:
contents: read
pull-requests: write
steps:
+ #
+ # via
+ - name: Set up containerd image store
+ shell: bash
+ run: |
+ jq '. | .+{"features": {"containerd-snapshotter": true}}' /etc/docker/daemon.json > /tmp/docker-daemon-with-containerd.json
+ sudo mv /tmp/docker-daemon-with-containerd.json /etc/docker/daemon.json
+ cat /etc/docker/daemon.json
+ sudo systemctl restart docker
+
+ docker info -f '{{ .DriverStatus }}'
+
- name: Checkout
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: install iter8 cli
env:
@@ -240,7 +291,7 @@ jobs:
- name: Download container image
if: ${{ github.event_name == 'pull_request' }}
- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+ uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: ${{ needs.build.outputs.image-slug }}
path: /tmp
@@ -299,7 +350,7 @@ jobs:
- name: Upload report
if: always()
- uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+ uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: iter8-report.html
path: |
@@ -313,14 +364,14 @@ jobs:
- name: Upload cluster dump
if: always()
- uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+ uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: kind-cluster-dump.txt
path: |
kind-cluster-dump.txt
lint:
- uses: miracum/.github/.github/workflows/standard-lint.yaml@614627d88ea531acb0b0f321f507b2c7c91a721d # v1.9.1
+ uses: miracum/.github/.github/workflows/standard-lint.yaml@028aedc2d5806bb362562560f5e871d9364902cd # v1.11.2
permissions:
contents: read
pull-requests: write
diff --git a/.github/workflows/lint-pr-title.yaml b/.github/workflows/lint-pr-title.yaml
index 293ea09..0081e0b 100644
--- a/.github/workflows/lint-pr-title.yaml
+++ b/.github/workflows/lint-pr-title.yaml
@@ -14,7 +14,7 @@ jobs:
name: Lint PR title
runs-on: ubuntu-22.04
steps:
- - uses: amannn/action-semantic-pull-request@cfb60706e18bc85e8aec535e3c577abe8f70378e # v5.5.2
+ - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
diff --git a/.github/workflows/nightly-chaos.yaml b/.github/workflows/nightly-chaos.yaml
index c8a4713..b3691e4 100644
--- a/.github/workflows/nightly-chaos.yaml
+++ b/.github/workflows/nightly-chaos.yaml
@@ -15,12 +15,12 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Set up Docker Buildx
- uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
+ uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3
- name: Install Task
uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v2.0.0
@@ -38,7 +38,7 @@ jobs:
- name: Upload cluster dump
if: always()
- uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+ uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: kind-cluster-dump.txt
path: |
diff --git a/.github/workflows/schedule.yaml b/.github/workflows/schedule.yaml
index ab083e1..6b89ebe 100644
--- a/.github/workflows/schedule.yaml
+++ b/.github/workflows/schedule.yaml
@@ -10,7 +10,7 @@ permissions: read-all
jobs:
schedule:
- uses: miracum/.github/.github/workflows/standard-schedule.yaml@614627d88ea531acb0b0f321f507b2c7c91a721d # v1.9.1
+ uses: miracum/.github/.github/workflows/standard-schedule.yaml@028aedc2d5806bb362562560f5e871d9364902cd # v1.11.2
permissions:
contents: read
issues: write
diff --git a/.github/workflows/scorecards.yaml b/.github/workflows/scorecards.yaml
index 96b29b7..ba68236 100644
--- a/.github/workflows/scorecards.yaml
+++ b/.github/workflows/scorecards.yaml
@@ -33,7 +33,7 @@ jobs:
steps:
- name: "Checkout code"
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
@@ -60,7 +60,7 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
- uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+ uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: SARIF file
path: results.sarif
@@ -68,6 +68,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8
+ uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
with:
sarif_file: results.sarif
diff --git a/Dockerfile b/Dockerfile
index a35dc1e..de1c9db 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,6 @@
# kics false positive "Missing User Instruction":
# kics-scan ignore-line
-FROM mcr.microsoft.com/dotnet/aspnet:8.0.6-noble-chiseled@sha256:a98351b1fca42174a66da5fdc188c4c50aeade36a36478a3f5a8a9e6baf26ae6 AS runtime
+FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/aspnet:8.0.6-noble-chiseled@sha256:a98351b1fca42174a66da5fdc188c4c50aeade36a36478a3f5a8a9e6baf26ae6 AS runtime
WORKDIR /opt/vfps
EXPOSE 8080/tcp 8081/tcp 8082/tcp
USER 65534:65534
@@ -10,7 +10,7 @@ ENV DOTNET_ENVIRONMENT="Production" \
ASPNETCORE_URLS="" \
DOTNET_BUNDLE_EXTRACT_BASE_DIR=/tmp
-FROM mcr.microsoft.com/dotnet/sdk:8.0.301-noble@sha256:daeec618239ba57630b19d572bbd55b4af66940fa564058355550fc93d86153f AS build
+FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0.301-noble@sha256:daeec618239ba57630b19d572bbd55b4af66940fa564058355550fc93d86153f AS build
WORKDIR /build
ENV DOTNET_CLI_TELEMETRY_OPTOUT=1 \
PATH="/root/.dotnet/tools:${PATH}"