From 770dc965e95e6dcbd6ad94456c70ca774c8cce0f Mon Sep 17 00:00:00 2001 From: Bart Koelman <104792814+bart-vmware@users.noreply.github.com> Date: Fri, 22 May 2026 15:10:57 +0200 Subject: [PATCH 1/3] Update GHA versions --- .github/workflows/build-and-stage.yml | 16 ++++++++-------- .github/workflows/pr-cleanup.yml | 6 +++--- .github/workflows/stage-prod-swap.yml | 2 +- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build-and-stage.yml b/.github/workflows/build-and-stage.yml index 5261c39..befe3ec 100644 --- a/.github/workflows/build-and-stage.yml +++ b/.github/workflows/build-and-stage.yml @@ -26,17 +26,17 @@ jobs: ASPNETCORE_ENVIRONMENT: Staging runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 # avoid shallow clone so nbgv can do its work. - name: Set up .NET Core - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: ${{ env.DOTNET_VERSION }} - name: Set up dependency caching for faster builds - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.nuget/packages key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} @@ -52,7 +52,7 @@ jobs: run: dotnet test --logger trx --results-directory "${{ runner.temp }}" --no-build - name: dotnet test - uses: NasAmin/trx-parser@v0.6.0 + uses: NasAmin/trx-parser@v0.8.1 with: TRX_PATH: "${{ runner.temp }}" REPO_TOKEN: "${{ secrets.GITHUB_TOKEN }}" @@ -61,7 +61,7 @@ jobs: run: dotnet publish src/InitializrService/Steeltoe.InitializrService.csproj -o publish - name: Upload artifact for deployment job - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: published-app path: publish @@ -78,12 +78,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Download artifact from build job - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: published-app - name: Login to Azure - uses: azure/login@v2 + uses: azure/login@v3 with: creds: ${{ secrets.AZURE_CREDENTIALS }} @@ -102,7 +102,7 @@ jobs: - name: If PR, comment with the preview link if: ${{ github.event_name == 'pull_request' }} - uses: mshick/add-pr-comment@v2 + uses: mshick/add-pr-comment@v3 with: message: | ## Preview link: https://${{ vars.AZURE_WEBAPP_NAME }}-${{ env.SLOT_NAME }}.azurewebsites.net diff --git a/.github/workflows/pr-cleanup.yml b/.github/workflows/pr-cleanup.yml index 62d6344..d7df504 100644 --- a/.github/workflows/pr-cleanup.yml +++ b/.github/workflows/pr-cleanup.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Log into Azure CLI with service principal - uses: azure/login@v2 + uses: azure/login@v3 with: creds: ${{ secrets.AZURE_CREDENTIALS }} @@ -47,13 +47,13 @@ jobs: steps: - name: Generate GitHub App Token id: app-token - uses: actions/create-github-app-token@v1 + uses: actions/create-github-app-token@v3 with: app-id: ${{ secrets.ENV_CLEANUP_APP_ID }} private-key: ${{ secrets.ENV_CLEANUP_APP_PRIVATE_KEY }} - name: Delete Deployment Environment - uses: strumwolf/delete-deployment-environment@v3 + uses: strumwolf/delete-deployment-environment@v4 with: environment: "pr-${{ github.event.number }}" token: ${{ steps.app-token.outputs.token }} diff --git a/.github/workflows/stage-prod-swap.yml b/.github/workflows/stage-prod-swap.yml index b0c1f38..5211ced 100644 --- a/.github/workflows/stage-prod-swap.yml +++ b/.github/workflows/stage-prod-swap.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Log into Azure CLI with service principal - uses: azure/login@v2 + uses: azure/login@v3 with: creds: ${{ secrets.AZURE_CREDENTIALS }} From c4e4806988afc106ed1145ca34ca6a32c0c4d166 Mon Sep 17 00:00:00 2001 From: Bart Koelman <104792814+bart-vmware@users.noreply.github.com> Date: Fri, 22 May 2026 16:42:41 +0200 Subject: [PATCH 2/3] Fix error from NasAmin/trx-parser@v0.8.1 Error: Security: Path traversal attempt detected. Path /home/runner/work/_temp is outside working directory /home/runner/work/InitializrService/InitializrService --- .github/workflows/build-and-stage.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-stage.yml b/.github/workflows/build-and-stage.yml index befe3ec..05e820d 100644 --- a/.github/workflows/build-and-stage.yml +++ b/.github/workflows/build-and-stage.yml @@ -49,12 +49,12 @@ jobs: run: dotnet build --no-restore /p:TreatWarningsAsErrors=True - name: dotnet test - run: dotnet test --logger trx --results-directory "${{ runner.temp }}" --no-build + run: dotnet test --logger trx --results-directory ${{ github.workspace }}/TestOutput --no-build - name: dotnet test uses: NasAmin/trx-parser@v0.8.1 with: - TRX_PATH: "${{ runner.temp }}" + TRX_PATH: "${{ github.workspace }}/TestOutput" REPO_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - name: dotnet publish From 5606b58f3aa4b8008eb127177a9224d4f6001066 Mon Sep 17 00:00:00 2001 From: Bart Koelman <104792814+bart-vmware@users.noreply.github.com> Date: Fri, 22 May 2026 16:56:21 +0200 Subject: [PATCH 3/3] Fix step names --- .github/workflows/build-and-stage.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-stage.yml b/.github/workflows/build-and-stage.yml index 05e820d..c3ab78d 100644 --- a/.github/workflows/build-and-stage.yml +++ b/.github/workflows/build-and-stage.yml @@ -30,7 +30,7 @@ jobs: with: fetch-depth: 0 # avoid shallow clone so nbgv can do its work. - - name: Set up .NET Core + - name: Setup .NET uses: actions/setup-dotnet@v5 with: dotnet-version: ${{ env.DOTNET_VERSION }} @@ -51,7 +51,7 @@ jobs: - name: dotnet test run: dotnet test --logger trx --results-directory ${{ github.workspace }}/TestOutput --no-build - - name: dotnet test + - name: generate test report uses: NasAmin/trx-parser@v0.8.1 with: TRX_PATH: "${{ github.workspace }}/TestOutput"