Merge pull request #843 from iris-connect/release

Release 2022-04

.github/workflows/app-eps_develop.yml

@@ -30,22 +30,22 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v2
 
       - name: Create image tag
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
         with:
           images: inoeg/app-eps
 
       - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_PW }}
 
       - name: Build and push to docker.io
-        uses: docker/build-push-action@v2.10.0
+        uses: docker/build-push-action@v3.0.0
         with:
           context: ./infrastructure/docker/app-eps/
           tags: ${{ steps.meta.outputs.tags }}

.github/workflows/bff_develop.yml

@@ -30,15 +30,16 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Setup Java
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v3
         with:
           distribution: 'liberica'
           java-version: '17'
-          cache: 'maven'
+# There is an error since 12.04. when restoring the cache.
+#          cache: 'maven'
 
       - name: Create image tag
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
         with:
           images: inoeg/iris-client-bff
 
@@ -47,7 +48,7 @@ jobs:
           mvn -B clean verify spring-boot:build-image -am -pl iris-client-bff -Dspring-boot.build-image.publish=false -Dimage.tag=${{ steps.meta.outputs.tags }}
 
       - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_PW }}
@@ -62,7 +63,7 @@ jobs:
 
       - name: Upload Test Reports
         if: always()
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: test-reports
           path: |

.github/workflows/codeql-analysis.yml

@@ -28,22 +28,23 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Setup Java
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v3
         if: ${{ matrix.language == 'java' }} 
         with:
           distribution: 'liberica'
           java-version: '17'
-          cache: 'maven'
-
+# There is an error since 12.04. when restoring the cache.
+#          cache: 'maven'
+
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v1
+        uses: github/codeql-action/init@v2
         with:
           languages: ${{ matrix.language }}
           queries: security-and-quality
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v1
+        uses: github/codeql-action/autobuild@v2
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v1
+        uses: github/codeql-action/analyze@v2

.github/workflows/fe-e2e-test.yml

@@ -22,16 +22,16 @@ jobs:
 
       - name: Cypress run
         # Install NPM dependencies, cache them correctly and run all Cypress tests
-        uses: cypress-io/github-action@v3.0.2
+        uses: cypress-io/github-action@v4
         timeout-minutes: 20
         with:
           browser: chrome
-          headless: true
           working-directory: ./iris-client-fe
+          build: npm ci --legacy-peer-deps
           start: npm run serve -- --mode e2e_test
           wait-on: http://localhost:8080/
           wait-on-timeout: 300
-          config-file: cypress.json
+          config-file: cypress.config.ts
           spec: "tests/e2e/**/*"
         env:
           CYPRESS_baseUrl: http://localhost:8080/
@@ -44,15 +44,15 @@ jobs:
 
       # NOTE: screenshots will be generated only if E2E test failed thus we store screenshots only on failures
       - name: Store screenshots
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         if: failure()
         with:
           name: cypress-screenshots
           path: |
             **/tests/e2e/screenshots/**/*
       # Test run video was always captured, so this action uses "always()" condition
       - name: Store videos
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         if: always()
         with:
           name: cypress-videos

.github/workflows/fe_develop.yml

@@ -25,22 +25,22 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v2
 
       - name: Create image tag
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
         with:
           images: inoeg/iris-client-frontend
 
       - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_PW }}
 
       - name: Build and push to docker.io
-        uses: docker/build-push-action@v2.10.0
+        uses: docker/build-push-action@v3.0.0
         with:
           context: ./iris-client-fe/
           tags: ${{ steps.meta.outputs.tags }}

.github/workflows/iris-client-eps_develop.yml

@@ -30,22 +30,22 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v2
 
       - name: Create image tag
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
         with:
           images: inoeg/iris-client-eps
 
       - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_PW }}
 
       - name: Build and push to docker.io
-        uses: docker/build-push-action@v2.10.0
+        uses: docker/build-push-action@v3.0.0
         with:
           context: ./infrastructure/docker/iris-client-eps/
           tags: ${{ steps.meta.outputs.tags }}

.github/workflows/iris-client-proxy_develop.yml

@@ -30,22 +30,22 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v2
 
       - name: Create image tag
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
         with:
           images: inoeg/iris-client-proxy
 
       - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_PW }}
 
       - name: Build and push to docker.io
-        uses: docker/build-push-action@v2.10.0
+        uses: docker/build-push-action@v3.0.0
         with:
           context: ./infrastructure/docker/iris-client-proxy/
           tags: ${{ steps.meta.outputs.tags }}

.github/workflows/nginx_develop.yml

@@ -32,22 +32,22 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v2
 
       - name: Create image tag
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
         with:
           images: inoeg/iris-client-nginx
 
       - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_PW }}
 
       - name: Build and push to docker.io
-        uses: docker/build-push-action@v2.10.0
+        uses: docker/build-push-action@v3.0.0
         with:
           context: ./infrastructure/docker/nginx/
           tags: ${{ steps.meta.outputs.tags }}

.github/workflows/publish-test-results.yml

@@ -19,7 +19,7 @@ jobs:
 
     steps:
       - name: Download Artifact
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: ${{inputs.artifact}}
           path: reports

.github/workflows/release-gitflow.yml

@@ -29,14 +29,15 @@ jobs:
           persist-credentials: false
 
       - name: Setup Java
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v3
         with:
           distribution: 'liberica'
           java-version: '17'
-          cache: 'maven'
+# There is an error since 12.04. when restoring the cache.
+#          cache: 'maven'
 
       - name: Login to DockerHub
-        uses: docker/login-action@v1 
+        uses: docker/login-action@v2 
         with:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_PW }}
@@ -64,7 +65,7 @@ jobs:
 
       - name: Upload Test Reports
         if: always()
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: test-reports
           path: |

.github/workflows/trivy-config-scan.yml

@@ -20,16 +20,15 @@ jobs:
         uses: aquasecurity/trivy-action@master
         with:
           scan-type: 'config'
-          format: 'template'
-          template: '@/contrib/sarif.tpl'
+          format: 'sarif'
           output: 'trivy-results.sarif'
           severity: 'CRITICAL,HIGH,MEDIUM'
           hide-progress: false
           exit-code: '1'
 
 # The upload is currently not working, but I'm leaving it in in case a later update to the Trivy action fixes it.
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
         if: always()
         with:
           sarif_file: 'trivy-results.sarif'

.github/workflows/trivy-container-scan.yml

@@ -25,14 +25,13 @@ jobs:
         uses: aquasecurity/trivy-action@master
         with:
           image-ref: '${{ matrix.image-ref }}'
-          format: 'template'
-          template: '@/contrib/sarif.tpl'
+          format: 'sarif'
           output: 'trivy-results.sarif'
           ignore-unfixed: true
           severity: 'CRITICAL,HIGH,MEDIUM'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
         if: always()
         with:
           sarif_file: 'trivy-results.sarif'

.github/workflows/trivy-repo-scan.yml

@@ -21,14 +21,13 @@ jobs:
         with:
           scan-type: 'fs'
           ignore-unfixed: true
-          format: 'template'
-          template: '@/contrib/sarif.tpl'
+          format: 'sarif'
           output: 'trivy-results.sarif'
           severity: 'CRITICAL,HIGH,MEDIUM'
           exit-code: '1'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
         if: always()
         with:
           sarif_file: 'trivy-results.sarif'

.prepare-release.sh

@@ -134,7 +134,7 @@ mvn versions:set -DnewVersion=$VERSION$VERSION_SUFFIX -DoldVersion=$VERSION -Dpr
 
 printf "\n  Build FE ZIP  \n\n"
 cd ./iris-client-fe
-npm ci
+npm ci --legacy-peer-deps
 
 # Generate third-party dependencies for FE and move them to root
 # File will be uploaded to github by @semantic-release/github