⬆️ bump go version in pipelines (#210)

* bumped go vers etc * Trivy uploads result
Bankdata · Nov 14, 2023 · 2e9d6b9 · 2e9d6b9
1 parent 0b70a42
commit 2e9d6b9
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 18 deletions.
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
@@ -30,13 +30,17 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
+
+      - uses: actions/setup-go@v4
+        with:
+          go-version: '>=1.21.3' 
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
 
       - run: |
-          make build          
+          make build
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/tags.yaml b/.github/workflows/tags.yaml
@@ -28,7 +28,7 @@ jobs:
       contents: write
       packages: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - run: git fetch --force --tags
@@ -41,7 +41,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       - uses: actions/setup-go@v4
         with:
-          go-version: '>=1.19.0'
+          go-version: '>=1.21.3'
       - name: release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -26,8 +26,8 @@ jobs:
     name: Trivy scan
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/cache@v3
+      - uses: actions/checkout@v4
+      - uses: actions/cache@v4
         with:
           path: |
             ~/.cache/go-build
@@ -39,9 +39,9 @@ jobs:
         with:
           path: ./bin/
           key: ${{ runner.os }}-binaries-${{ hashFiles('**/go.sum') }}
-      - uses: actions/setup-go@v3
+      - uses: actions/setup-go@v4
         with:
-          go-version: '>=1.19.0'
+          go-version: '>=1.21.3'
       - name: build
         run: make docker-build
       - uses: aquasecurity/trivy-action@master
@@ -51,12 +51,10 @@ jobs:
           ignore-unfixed: true
           severity: 'CRITICAL,HIGH,MEDIUM,LOW'          
           exit-code: '1'
-          format: 'table'
-          #format: 'sarif'
-          #output: 'trivy-results-image.sarif'
-
-#      Enable upload when repo is public
-#      - name: Upload Trivy scan image results to GitHub Security tab
-#        uses: github/codeql-action/upload-sarif@v2
-#        with:
-#          sarif_file: 'trivy-results-image.sarif'
+          # format: 'table'
+          format: 'sarif'
+          output: 'trivy-results-image.sarif'
+      - name: Upload Trivy scan image results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: 'trivy-results-image.sarif'