Bump urllib3 from 2.6.3 to 2.7.0 in the pip group across 1 directory #183
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and deploy | |
| on: | |
| workflow_dispatch: | |
| push: | |
| concurrency: | |
| group: cd-${{ github.ref }} | |
| jobs: | |
| test-node: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Run tests | |
| uses: ./.github/actions/node-tests | |
| test-python: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Run tests | |
| uses: ./.github/actions/python-tests | |
| check-formatting: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Run tests | |
| uses: ./.github/actions/check-formatting | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - test-node | |
| - test-python | |
| - check-formatting | |
| permissions: | |
| packages: write | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Generate version tag | |
| id: version-tag | |
| uses: nationalarchives/ds-docker-actions/.github/actions/get-version-tag@main # zizmor: ignore[unpinned-uses] Owned by The National Archives | |
| - name: Build Docker image | |
| uses: nationalarchives/ds-docker-actions/.github/actions/build@main # zizmor: ignore[unpinned-uses] Owned by The National Archives | |
| with: | |
| version: ${{ steps.version-tag.outputs.version-tag }} | |
| latest: ${{ github.ref == 'refs/heads/main' }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| docker-image-name: ${{ vars.DOCKER_IMAGE_NAME }} | |
| dockerfile-path: ./Dockerfile | |
| wiz-client-id: ${{ secrets.WIZ_CLIENT_ID }} | |
| wiz-client-secret: ${{ secrets.WIZ_CLIENT_SECRET }} | |
| wiz-project-id: ${{ secrets.WIZ_PROJECT_DIGITALSERVICES }} | |
| - name: Create tag | |
| if: github.ref == 'refs/heads/main' | |
| uses: actions/github-script@211cb3fefb35a799baa5156f9321bb774fe56294 # v5.2.0 | |
| with: | |
| script: | | |
| github.rest.git.createRef({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| ref: 'refs/tags/v${{ steps.version-tag.outputs.version-tag }}', | |
| sha: context.sha | |
| }) | |
| outputs: | |
| version: ${{ steps.version-tag.outputs.version-tag }} | |
| update-ds-infrastructure-web: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| needs: | |
| - build | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| repository: nationalarchives/ds-infrastructure-web | |
| ref: main | |
| token: ${{ secrets.ACTIONS_GITHUB_TOKEN }} | |
| - name: Set up git config | |
| run: | | |
| git config user.name "${{ github.triggering_actor }}" | |
| git config user.email "<>" | |
| - name: Install jq | |
| run: sudo apt-get install jq | |
| - name: Update config | |
| run: jq --indent 4 '(.services."search".version|="${{ needs.build.outputs.version }}")' config/develop.json > tmp.$$.json && mv tmp.$$.json config/develop.json | |
| - name: Push new version | |
| run: | | |
| git add config/develop.json | |
| COMMIT_MESSAGE_HEADER=$(git log -1 --pretty=%B | head -n 1) | |
| git commit -m "Update search to v${{ needs.build.outputs.version }}" -m "${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}" | |
| git push origin main |