Skip to content

Commit 9071592

Browse files
shahar-bironshahar-biron
authored
Merge pull request #1670 from FalkorDB/staging
Staging
2 parents fc84462 + 7f9e90e commit 9071592

107 files changed

Lines changed: 4495 additions & 2579 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/workflows/helm-chart.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -235,7 +235,7 @@ jobs:
235235
cat installation-instructions.txt
236236
237237
- name: Upload package as artifact
238-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
238+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
239239
with:
240240
name: helm-chart
241241
path: .helm-charts/*.tgz

.github/workflows/nextjs.yml

Lines changed: 24 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@ jobs:
4343
cache: npm
4444

4545
- name: Restore cache
46-
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
46+
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
4747
with:
4848
path: |
4949
.next/cache
@@ -73,7 +73,7 @@ jobs:
7373
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4
7474

7575
- name: Build Docker image
76-
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7
76+
uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7
7777
with:
7878
context: .
7979
file: ./Dockerfile
@@ -111,7 +111,7 @@ jobs:
111111
fi
112112
113113
- name: Upload Trivy results to GitHub Security tab
114-
uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4
114+
uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4
115115
if: always()
116116
with:
117117
sarif_file: 'trivy-results.sarif'
@@ -132,7 +132,7 @@ jobs:
132132

133133
- name: Comment PR with Trivy results
134134
if: github.event_name == 'pull_request'
135-
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
135+
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
136136
with:
137137
script: |
138138
const fs = require('fs');
@@ -157,22 +157,26 @@ jobs:
157157
comment.body.includes('🔒 Trivy Security Scan Results')
158158
);
159159
160-
if (botComment) {
161-
// Update existing comment
162-
await github.rest.issues.updateComment({
163-
owner: context.repo.owner,
164-
repo: context.repo.repo,
165-
comment_id: botComment.id,
166-
body: comment
167-
});
168-
} else {
169-
// Create new comment
170-
await github.rest.issues.createComment({
171-
owner: context.repo.owner,
172-
repo: context.repo.repo,
173-
issue_number: context.issue.number,
174-
body: comment
175-
});
160+
try {
161+
if (botComment) {
162+
// Update existing comment
163+
await github.rest.issues.updateComment({
164+
owner: context.repo.owner,
165+
repo: context.repo.repo,
166+
comment_id: botComment.id,
167+
body: comment
168+
});
169+
} else {
170+
// Create new comment
171+
await github.rest.issues.createComment({
172+
owner: context.repo.owner,
173+
repo: context.repo.repo,
174+
issue_number: context.issue.number,
175+
body: comment
176+
});
177+
}
178+
} catch (error) {
179+
console.error('Error posting comment:', error);
176180
}
177181
178182
- name: Enforce HIGH/CRITICAL vulnerability threshold

.github/workflows/playwright.yml

Lines changed: 17 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ jobs:
4141
cache: 'npm'
4242
- name: Cache node modules
4343
id: cache-npm
44-
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
44+
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
4545
with:
4646
path: |
4747
~/.npm
@@ -87,7 +87,7 @@ jobs:
8787
- name: Build application
8888
run: npm run build
8989
- name: Upload build output
90-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
90+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
9191
with:
9292
name: nextjs-build-${{ github.run_id }}
9393
path: .next/
@@ -122,7 +122,7 @@ jobs:
122122
node-version: 24
123123
cache: 'npm'
124124
- name: Restore dependencies cache
125-
uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
125+
uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
126126
with:
127127
path: |
128128
~/.npm
@@ -164,23 +164,23 @@ jobs:
164164
--reporter=dot,list
165165
- name: Upload test results
166166
if: always()
167-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
167+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
168168
with:
169169
name: playwright-results-shard-${{ matrix.shard }}-${{ github.run_id }}
170170
path: test-results/
171171
retention-days: 3
172172
if-no-files-found: ignore
173173
- name: Upload HTML report
174174
if: always()
175-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
175+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
176176
with:
177177
name: playwright-report-shard-${{ matrix.shard }}-${{ github.run_id }}
178178
path: playwright-report/
179179
retention-days: 30
180180
if-no-files-found: ignore
181181
- name: Upload server logs
182182
if: always()
183-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
183+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
184184
with:
185185
name: nextjs-logs-shard-${{ matrix.shard }}-${{ github.run_id }}
186186
path: nextjs.log
@@ -200,7 +200,7 @@ jobs:
200200
node-version: 24
201201
cache: 'npm'
202202
- name: Restore dependencies cache
203-
uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
203+
uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
204204
with:
205205
path: |
206206
~/.npm
@@ -287,8 +287,10 @@ jobs:
287287
exit 1
288288
fi
289289
- name: Run TLS tests
290+
env:
291+
SKIP_SERVER_IDENTITY_CHECK: "true"
290292
run: |
291-
NEXTAUTH_SECRET=SECRET npm start > nextjs.log 2>&1 &
293+
NEXTAUTH_SECRET=SECRET SKIP_SERVER_IDENTITY_CHECK=true npm start > nextjs.log 2>&1 &
292294
timeout 60s bash -c 'while !</dev/tcp/localhost/3000; do sleep 1; done'
293295
npx playwright test --workers=1 --reporter=dot,list --project="[TLS - Chromium]" --project="[TLS - Firefox]"
294296
- name: Cleanup TLS certificates
@@ -301,23 +303,23 @@ jobs:
301303
run: docker stop falkordb-tls || true
302304
- name: Upload test results
303305
if: always()
304-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
306+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
305307
with:
306308
name: playwright-results-tls-${{ github.run_id }}
307309
path: test-results/
308310
retention-days: 3
309311
if-no-files-found: ignore
310312
- name: Upload HTML report
311313
if: always()
312-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
314+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
313315
with:
314316
name: playwright-report-tls-${{ github.run_id }}
315317
path: playwright-report/
316318
retention-days: 30
317319
if-no-files-found: ignore
318320
- name: Upload server logs
319321
if: always()
320-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
322+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
321323
with:
322324
name: nextjs-logs-tls-${{ github.run_id }}
323325
path: nextjs.log
@@ -337,7 +339,7 @@ jobs:
337339
node-version: 24
338340
cache: 'npm'
339341
- name: Restore dependencies cache
340-
uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
342+
uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
341343
with:
342344
path: |
343345
~/.npm
@@ -438,23 +440,23 @@ jobs:
438440
done
439441
- name: Upload test results
440442
if: always()
441-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
443+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
442444
with:
443445
name: playwright-results-cluster-${{ github.run_id }}
444446
path: test-results/
445447
retention-days: 3
446448
if-no-files-found: ignore
447449
- name: Upload HTML report
448450
if: always()
449-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
451+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
450452
with:
451453
name: playwright-report-cluster-${{ github.run_id }}
452454
path: playwright-report/
453455
retention-days: 30
454456
if-no-files-found: ignore
455457
- name: Upload server logs
456458
if: always()
457-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
459+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
458460
with:
459461
name: nextjs-logs-cluster-${{ github.run_id }}
460462
path: nextjs.log

.github/workflows/release-image.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ jobs:
7575
password: ${{ secrets.DOCKER_PASSWORD }}
7676

7777
- name: Build and push image
78-
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
78+
uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
7979
with:
8080
context: .
8181
file: ./Dockerfile

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
ARG CYPHER_VERSION=latest
22

3-
FROM node:24-alpine3.22 AS base
3+
FROM node:24-alpine3.23 AS base
44

55
# Update all Alpine packages to fix security vulnerabilities
66
RUN apk upgrade --no-cache --available

0 commit comments

Comments
 (0)