From 306201322becc27835f0b200f270f4877ea30401 Mon Sep 17 00:00:00 2001 From: Madhavan Sridharan Date: Fri, 22 Jul 2022 12:20:40 -0400 Subject: [PATCH 1/2] Upgrade CodeQL from v1 to v2 and setup depandabot for gh-action updates for future --- .github/workflows/codeql-analysis.yml | 4 ++-- .github/workflows/dependabot.yml | 10 ++++++++++ 2 files changed, 12 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/dependabot.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index b358d255a..2546c6d51 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -58,7 +58,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v1 + uses: github/codeql-action/autobuild@v2 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -72,4 +72,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml new file mode 100644 index 000000000..dfd0e3086 --- /dev/null +++ b/.github/workflows/dependabot.yml @@ -0,0 +1,10 @@ +# Set update schedule for GitHub Actions + +version: 2 +updates: + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + # Check for updates to GitHub Actions every week + interval: "weekly" From c397379f8cbfe530f2e4146c35708b772feaa298 Mon Sep 17 00:00:00 2001 From: Madhavan Sridharan Date: Fri, 22 Jul 2022 12:33:43 -0400 Subject: [PATCH 2/2] Upgrade checkout and setup-java actions from v2 to v3 --- .github/workflows/build.yml | 5 +++-- .github/workflows/codeql-analysis.yml | 9 +++++---- .github/workflows/release.yml | 5 +++-- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index eb6c66c6a..0fc441a39 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,14 +8,15 @@ jobs: build: runs-on: ubuntu-18.04 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 name: checkout nosqlbench - - uses: actions/setup-java@v1 + - uses: actions/setup-java@v3 name: setup java with: java-version: '17' java-package: jdk architecture: x64 + distribution: 'temurin' - name: Cache Maven packages uses: actions/cache@v1 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 2546c6d51..be3570828 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -38,16 +38,17 @@ jobs: steps: - - uses: actions/setup-java@v1 + - uses: actions/setup-java@v3 with: - java-version: 17 + distribution: 'temurin' + java-version: '17' - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b7157981d..b9c1d815c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,11 +13,12 @@ jobs: steps: - name: checkout repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: setup java - uses: actions/setup-java@v1 + uses: actions/setup-java@v3 with: + distribution: 'temurin' java-version: '17' java-package: jdk architecture: x64