Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions .github/actions/build-docs/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,24 +8,24 @@ runs:
using: "composite"
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: 18
- name: Install docs node dependencies
working-directory: ./docs
run: pnpm --ignore-workspace install --frozen-lockfile
shell: bash
- name: Setup Ruby
uses: ruby/setup-ruby@4eb9f110bac952a8b68ecf92e3b5c7a987594ba6 # v1.292.0
uses: ruby/setup-ruby@7372622e62b60b3cb750dcd2b9e32c247ffec26a # v1.302.0
with:
ruby-version: "3.2" # Not needed with a .ruby-version file
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
cache-version: 0 # Increment this number if you need to re-download cached gems
working-directory: "./docs"
- name: Setup Pages
id: pages
uses: actions/configure-pages@45bfe0192ca1faeb007ade9deae92b16b8254a0d # v6
uses: actions/configure-pages@45bfe0192ca1faeb007ade9deae92b16b8254a0d # v6.0.0
- name: Build with Jekyll
working-directory: ./docs
# Outputs to the './_site' directory by default
Expand All @@ -38,7 +38,7 @@ runs:
VERSION: ${{ inputs.version }}
- name: Upload artifact
# Automatically uploads an artifact from the './_site' directory by default
uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3
uses: actions/upload-pages-artifact@fc324d3547104276b827a68afc52ff2a11cc49c9 # v5.0.0
with:
path: "docs/_site/"
name: jekyll-docs-${{ inputs.version }}
2 changes: 1 addition & 1 deletion .github/workflows/cicd-1-pull-request.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
# skip_trivy_package: ${{ steps.skip_trivy.outputs.skip_trivy_package }}
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Set CI/CD variables"
id: variables
run: |
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/cicd-3-deploy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ jobs:
# tag: ${{ steps.variables.outputs.tag }}
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Set CI/CD variables"
id: variables
run: |
Expand Down Expand Up @@ -73,7 +73,7 @@ jobs:
needs: metadata
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Get version"
id: get-asset-version
shell: bash
Expand Down Expand Up @@ -108,13 +108,13 @@ jobs:
run: |
gh release download "$RELEASE_VERSION" -p jekyll-docs-*.tar --output artifact.tar

- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
- uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: jekyll-docs-${{steps.get-asset-version.outputs.release_version}}
path: artifact.tar

- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5
uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5.0.0
with:
artifact_name: jekyll-docs-${{steps.get-asset-version.outputs.release_version}}
2 changes: 1 addition & 1 deletion .github/workflows/cicd-4-pr-title-check.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: "Check PR title format"
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/check-pr-title-format@v4.0.3
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/check-pr-title-format@4.0.5
with:
title: ${{ github.event.pull_request.title }}
6 changes: 3 additions & 3 deletions .github/workflows/scheduled-repository-template-sync.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,9 @@ jobs:

steps:
- name: Check out the repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Check out external repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
repository: NHSDigital/nhs-notify-repository-template
path: nhs-notify-repository-template
Expand All @@ -31,7 +31,7 @@ jobs:

- name: Create Pull Request
if: ${{ !env.ACT }}
uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8.0.0
uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Drift from template
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/scorecard.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,12 +33,12 @@ jobs:

steps:
- name: "Checkout code"
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
with:
results_file: results.sarif
results_format: sarif
Expand All @@ -60,7 +60,7 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: SARIF file
path: results.sarif
Expand All @@ -69,6 +69,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard (optional).
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
uses: github/codeql-action/upload-sarif@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
with:
sarif_file: results.sarif
44 changes: 22 additions & 22 deletions .github/workflows/stage-1-commit.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,33 +48,33 @@ jobs:
timeout-minutes: 5
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Full history is needed to scan all commits
- name: "Scan secrets"
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/scan-secrets@v4.0.3
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/scan-secrets@4.0.5
check-file-format:
name: "Check file format"
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Full history is needed to compare branches
- name: "Check file format"
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/check-file-format@v4.0.3
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/check-file-format@4.0.5
check-markdown-format:
name: "Check Markdown format"
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Full history is needed to compare branches
- name: "Check Markdown format"
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/check-markdown-format@v4.0.3
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/check-markdown-format@4.0.5
terraform-docs:
name: "Run terraform-docs"
runs-on: ubuntu-latest
Expand All @@ -84,7 +84,7 @@ jobs:
contents: write
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Full history is needed to compare branches
- name: "Check to see if Terraform Docs are up-to-date"
Expand All @@ -105,30 +105,30 @@ jobs:
timeout-minutes: 5
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Full history is needed to compare branches
- name: "Check English usage"
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/check-english-usage@v4.0.3
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/check-english-usage@4.0.5
check-todo-usage:
name: "Check TODO usage"
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Full history is needed to compare branches
- name: "Check TODO usage"
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/check-todo-usage@v4.0.3
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/check-todo-usage@4.0.5
detect-terraform-changes:
name: "Detect Terraform Changes"
runs-on: ubuntu-latest
outputs:
terraform_changed: ${{ steps.check.outputs.terraform_changed }}
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

- name: "Check for Terraform changes"
id: check
Expand All @@ -152,11 +152,11 @@ jobs:
if: needs.detect-terraform-changes.outputs.terraform_changed == 'true'
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Setup ASDF"
uses: asdf-vm/actions/setup@b7bcd026f18772e44fe1026d729e1611cc435d47 # v4.0.1
- name: "Lint Terraform"
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/lint-terraform@v4.0.3
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/lint-terraform@4.0.5
#TODO - Re-visit Trivy usage https://nhsd-jira.digital.nhs.uk/browse/CCM-15549
# trivy-iac:
# name: "Trivy IaC Scan"
Expand All @@ -168,9 +168,9 @@ jobs:
# if: needs.detect-terraform-changes.outputs.terraform_changed == 'true'
# steps:
# - name: "Checkout code"
# uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
# uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
# - name: "Setup ASDF"
# uses: asdf-vm/actions/setup@1902764435ca0dd2f3388eea723a4f92a4eb8302
# uses: asdf-vm/actions/setup@1902764435ca0dd2f3388eea723a4f92a4eb8302 # v4.0.0
# - name: "Trivy IaC Scan"
# uses: NHSDigital/nhs-notify-shared-modules/.github/actions/trivy-iac@3.1.2
# trivy-package:
Expand All @@ -182,9 +182,9 @@ jobs:
# timeout-minutes: 10
# steps:
# - name: "Checkout code"
# uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
# uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
# - name: "Setup ASDF"
# uses: asdf-vm/actions/setup@1902764435ca0dd2f3388eea723a4f92a4eb8302
# uses: asdf-vm/actions/setup@1902764435ca0dd2f3388eea723a4f92a4eb8302 # v4.0.0
# - name: "Trivy Package Scan"
# uses: NHSDigital/nhs-notify-shared-modules/.github/actions/trivy-package@3.1.2
count-lines-of-code:
Expand All @@ -196,9 +196,9 @@ jobs:
timeout-minutes: 5
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Count lines of code"
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/create-lines-of-code-report@v4.0.3
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/create-lines-of-code-report@4.0.5
with:
build_datetime: "${{ inputs.build_datetime }}"
build_timestamp: "${{ inputs.build_timestamp }}"
Expand All @@ -215,9 +215,9 @@ jobs:
timeout-minutes: 5
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Scan dependencies"
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/scan-dependencies@v4.0.3
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/scan-dependencies@4.0.5
with:
build_datetime: "${{ inputs.build_datetime }}"
build_timestamp: "${{ inputs.build_timestamp }}"
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/stage-2-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -43,14 +43,14 @@ jobs:
timeout-minutes: 5
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Setup pnpm"
uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
uses: pnpm/action-setup@0e279bb959325dab635dd2c09392533439d90093 # v6.0.8
with:
version: "${{ inputs.pnpm_version }}"
cache: true
- name: "Use Node.js"
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version-file: '.tool-versions'
cache: 'pnpm'
Expand All @@ -69,7 +69,7 @@ jobs:
timeout-minutes: 5
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Run linting"
run: |
make test-lint
Expand All @@ -83,7 +83,7 @@ jobs:
timeout-minutes: 5
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Run test coverage check"
run: |
make test-coverage
Expand All @@ -100,15 +100,15 @@ jobs:
timeout-minutes: 5
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Full history is needed to improving relevancy of reporting
- name: "Download coverage report for SONAR"
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: code-coverage-report
- name: "Perform static analysis"
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/perform-static-analysis@v4.0.3
uses: NHSDigital/nhs-notify-shared-modules/.github/actions/perform-static-analysis@4.0.5
with:
sonar_organisation_key: "${{ vars.SONAR_ORGANISATION_KEY }}"
sonar_project_key: "${{ vars.SONAR_PROJECT_KEY }}"
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/stage-3-build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -43,9 +43,9 @@ jobs:
timeout-minutes: 3
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Setup pnpm"
uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
uses: pnpm/action-setup@0e279bb959325dab635dd2c09392533439d90093 # v6.0.8
with:
version: "${{ inputs.pnpm_version }}"
cache: true
Expand All @@ -59,7 +59,7 @@ jobs:
timeout-minutes: 3
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Build artefact 1"
run: |
echo "Building artefact 1 ..."
Expand All @@ -76,7 +76,7 @@ jobs:
timeout-minutes: 3
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Build artefact n"
run: |
echo "Building artefact n ..."
Expand Down
Loading