From 8a7d1cc01ddac385139e0a21a67cd4de9a77a2fa Mon Sep 17 00:00:00 2001 From: Thomas Jespersen Date: Fri, 20 Mar 2026 22:24:35 +0100 Subject: [PATCH 1/2] Upgrade all GitHub Actions to latest versions ahead of Node 20 deprecation deadline --- .github/workflows/_deploy-container.yml | 4 ++-- .github/workflows/_deploy-infrastructure.yml | 4 ++-- .github/workflows/_migrate-database.yml | 18 +++++++++--------- .github/workflows/account.yml | 18 +++++++++--------- .github/workflows/app-gateway.yml | 14 +++++++------- .github/workflows/back-office.yml | 18 +++++++++--------- .github/workflows/main.yml | 18 +++++++++--------- .github/workflows/pull-request-conventions.yml | 2 +- 8 files changed, 48 insertions(+), 48 deletions(-) diff --git a/.github/workflows/_deploy-container.yml b/.github/workflows/_deploy-container.yml index eb8fbf2163..5b68bd0935 100644 --- a/.github/workflows/_deploy-container.yml +++ b/.github/workflows/_deploy-container.yml @@ -49,10 +49,10 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Download Artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: ${{ inputs.artifacts_name }} path: ${{ inputs.artifacts_path }} diff --git a/.github/workflows/_deploy-infrastructure.yml b/.github/workflows/_deploy-infrastructure.yml index 4d9eca41f9..29259770ad 100644 --- a/.github/workflows/_deploy-infrastructure.yml +++ b/.github/workflows/_deploy-infrastructure.yml @@ -57,7 +57,7 @@ jobs: fi echo "should_deploy=$should_deploy" >> $GITHUB_OUTPUT - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Install Bicep CLI run: | @@ -122,7 +122,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Install Bicep CLI run: | diff --git a/.github/workflows/_migrate-database.yml b/.github/workflows/_migrate-database.yml index c5de4d5ca3..29c5acac0a 100644 --- a/.github/workflows/_migrate-database.yml +++ b/.github/workflows/_migrate-database.yml @@ -57,10 +57,10 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup .NET Core SDK - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: global-json-file: application/global.json @@ -150,7 +150,7 @@ jobs: - name: Upload Migration Script if: steps.generate-migration-script.outputs.has_migrations_to_apply == 'true' - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: migration-script-${{ inputs.azure_environment }}-${{ inputs.cluster_location_acronym }} path: application/migration.sql @@ -158,7 +158,7 @@ jobs: - name: Generate Migration Information id: migration-info if: steps.generate-migration-script.outputs.has_migrations_to_apply == 'true' - uses: actions/github-script@v7 + uses: actions/github-script@v8 env: MIGRATION_JSON: ${{ steps.generate-migration-script.outputs.migration_json }} MIGRATION_SCRIPT: ${{ steps.generate-migration-script.outputs.migration_script }} @@ -185,7 +185,7 @@ jobs: - name: Add Migration Information to Pull Request if: github.event_name == 'pull_request' && steps.generate-migration-script.outputs.has_migrations_to_apply == 'true' - uses: actions/github-script@v7 + uses: actions/github-script@v8 env: MIGRATION_INFO: ${{ steps.migration-info.outputs.markdown }} with: @@ -221,7 +221,7 @@ jobs: - name: Add Migration Information to Summary if: steps.generate-migration-script.outputs.has_migrations_to_apply == 'true' && inputs.azure_environment == 'prod' - uses: actions/github-script@v7 + uses: actions/github-script@v8 env: MIGRATION_INFO: ${{ steps.migration-info.outputs.markdown }} with: @@ -245,7 +245,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Login to Azure uses: azure/login@v2 @@ -255,7 +255,7 @@ jobs: subscription-id: ${{ inputs.subscription_id }} - name: Download Migration Script - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: migration-script-${{ inputs.azure_environment }}-${{ inputs.cluster_location_acronym }} path: . @@ -280,7 +280,7 @@ jobs: echo "Migrations applied successfully!" - name: Display Migration Summary - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: core.summary.addRaw(`✅ Migrations successfully applied to \`${{ inputs.database_name }}\` database on \`${{ inputs.azure_environment }}\`.`).write(); diff --git a/.github/workflows/account.yml b/.github/workflows/account.yml index 5ff246c695..877d2c99f3 100644 --- a/.github/workflows/account.yml +++ b/.github/workflows/account.yml @@ -43,7 +43,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Generate Version id: generate_version @@ -64,7 +64,7 @@ jobs: echo "deploy_production=$deploy_production" >> $GITHUB_OUTPUT - name: Setup Node.js Environment - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 24 @@ -73,7 +73,7 @@ jobs: run: npm ci - name: Setup .NET Core SDK - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: global-json-file: application/global.json @@ -95,7 +95,7 @@ jobs: dotnet user-secrets set "authentication-token-signing-key" "$(openssl rand -base64 64)" --id $USER_SECRETS_ID - name: Setup Java JDK for SonarScanner - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "microsoft" java-version: "17" @@ -135,7 +135,7 @@ jobs: - name: Save API Artifacts if: ${{ steps.determine_deployment.outputs.deploy_staging == 'true' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: account-api path: application/account/Api/publish/**/* @@ -148,7 +148,7 @@ jobs: - name: Save Workers Artifacts if: ${{ steps.determine_deployment.outputs.deploy_staging == 'true' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: account-workers path: application/account/Workers/publish/**/* @@ -160,10 +160,10 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js Environment - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 24 @@ -172,7 +172,7 @@ jobs: run: npm ci - name: Setup .NET Core SDK - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: global-json-file: application/global.json diff --git a/.github/workflows/app-gateway.yml b/.github/workflows/app-gateway.yml index 6085a970d5..3afce4bb56 100644 --- a/.github/workflows/app-gateway.yml +++ b/.github/workflows/app-gateway.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Generate Version id: generate_version @@ -57,7 +57,7 @@ jobs: echo "deploy_production=$deploy_production" >> $GITHUB_OUTPUT - name: Setup Node.js Environment - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 24 @@ -66,7 +66,7 @@ jobs: run: npm ci - name: Setup .NET Core SDK - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: global-json-file: application/global.json @@ -92,7 +92,7 @@ jobs: - name: Save Artifacts if: ${{ steps.determine_deployment.outputs.deploy_staging == 'true' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: app-gateway path: application/AppGateway/publish/**/* @@ -104,10 +104,10 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js Environment - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 24 @@ -116,7 +116,7 @@ jobs: run: npm ci - name: Setup .NET Core SDK - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: global-json-file: application/global.json diff --git a/.github/workflows/back-office.yml b/.github/workflows/back-office.yml index cef8c1d149..83f0e86311 100644 --- a/.github/workflows/back-office.yml +++ b/.github/workflows/back-office.yml @@ -43,7 +43,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Generate Version id: generate_version @@ -64,7 +64,7 @@ jobs: echo "deploy_production=$deploy_production" >> $GITHUB_OUTPUT - name: Setup Node.js Environment - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 24 @@ -73,7 +73,7 @@ jobs: run: npm ci - name: Setup .NET Core SDK - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: global-json-file: application/global.json @@ -95,7 +95,7 @@ jobs: dotnet user-secrets set "authentication-token-signing-key" "$(openssl rand -base64 64)" --id $USER_SECRETS_ID - name: Setup Java JDK for SonarScanner - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "microsoft" java-version: "17" @@ -135,7 +135,7 @@ jobs: - name: Save API Artifacts if: ${{ steps.determine_deployment.outputs.deploy_staging == 'true' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: back-office-api path: application/back-office/Api/publish/**/* @@ -148,7 +148,7 @@ jobs: - name: Save Workers Artifacts if: ${{ steps.determine_deployment.outputs.deploy_staging == 'true' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: back-office-workers path: application/back-office/Workers/publish/**/* @@ -160,10 +160,10 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js Environment - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 24 @@ -172,7 +172,7 @@ jobs: run: npm ci - name: Setup .NET Core SDK - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: global-json-file: application/global.json diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d3d90080f9..db20448b44 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -43,7 +43,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Generate Version id: generate_version @@ -64,7 +64,7 @@ jobs: echo "deploy_production=$deploy_production" >> $GITHUB_OUTPUT - name: Setup Node.js Environment - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 24 @@ -73,7 +73,7 @@ jobs: run: npm ci - name: Setup .NET Core SDK - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: global-json-file: application/global.json @@ -95,7 +95,7 @@ jobs: dotnet user-secrets set "authentication-token-signing-key" "$(openssl rand -base64 64)" --id $USER_SECRETS_ID - name: Setup Java JDK for SonarScanner - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "microsoft" java-version: "17" @@ -135,7 +135,7 @@ jobs: - name: Save API Artifacts if: ${{ steps.determine_deployment.outputs.deploy_staging == 'true' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: main-api path: application/main/Api/publish/**/* @@ -148,7 +148,7 @@ jobs: - name: Save Workers Artifacts if: ${{ steps.determine_deployment.outputs.deploy_staging == 'true' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: main-workers path: application/main/Workers/publish/**/* @@ -160,10 +160,10 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js Environment - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 24 @@ -172,7 +172,7 @@ jobs: run: npm ci - name: Setup .NET Core SDK - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: global-json-file: application/global.json diff --git a/.github/workflows/pull-request-conventions.yml b/.github/workflows/pull-request-conventions.yml index 3918a8f54b..beff18c4e9 100644 --- a/.github/workflows/pull-request-conventions.yml +++ b/.github/workflows/pull-request-conventions.yml @@ -15,7 +15,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} From b49fbeb0274c2b9809eccd254242a1d96f252c2a Mon Sep 17 00:00:00 2001 From: Thomas Jespersen Date: Fri, 20 Mar 2026 22:57:56 +0100 Subject: [PATCH 2/2] Upgrade azure/login and docker/setup-buildx-action to latest major versions --- .github/workflows/_deploy-container.yml | 4 ++-- .github/workflows/_deploy-infrastructure.yml | 6 +++--- .github/workflows/_migrate-database.yml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/_deploy-container.yml b/.github/workflows/_deploy-container.yml index 5b68bd0935..975137947e 100644 --- a/.github/workflows/_deploy-container.yml +++ b/.github/workflows/_deploy-container.yml @@ -58,7 +58,7 @@ jobs: path: ${{ inputs.artifacts_path }} - name: Login to Azure - uses: azure/login@v2 + uses: azure/login@v3 with: client-id: ${{ env.SERVICE_PRINCIPAL_ID }} tenant-id: ${{ env.TENANT_ID }} @@ -83,7 +83,7 @@ jobs: # For staging, build and push the image - name: Setup Docker Buildx if: inputs.azure_environment == 'stage' - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Build and Push Container Image if: inputs.azure_environment == 'stage' diff --git a/.github/workflows/_deploy-infrastructure.yml b/.github/workflows/_deploy-infrastructure.yml index 29259770ad..660f9da494 100644 --- a/.github/workflows/_deploy-infrastructure.yml +++ b/.github/workflows/_deploy-infrastructure.yml @@ -67,7 +67,7 @@ jobs: bicep --version - name: Login to Azure - uses: azure/login@v2 + uses: azure/login@v3 with: client-id: ${{ inputs.service_principal_id }} tenant-id: ${{ inputs.tenant_id }} @@ -132,7 +132,7 @@ jobs: bicep --version - name: Login to Azure - uses: azure/login@v2 + uses: azure/login@v3 with: client-id: ${{ inputs.service_principal_id }} tenant-id: ${{ inputs.tenant_id }} @@ -152,7 +152,7 @@ jobs: run: bash ./cloud-infrastructure/cluster/deploy-cluster.sh ${{ inputs.unique_prefix }} ${{ inputs.azure_environment }} ${{ inputs.cluster_location }} ${{ inputs.cluster_location_acronym }} ${{ inputs.postgres_admin_object_id }} ${{ inputs.domain_name }} --apply - name: Refresh Azure Tokens # The previous step may take a while, so we refresh the token to avoid timeouts - uses: azure/login@v2 + uses: azure/login@v3 with: client-id: ${{ inputs.service_principal_id }} tenant-id: ${{ inputs.tenant_id }} diff --git a/.github/workflows/_migrate-database.yml b/.github/workflows/_migrate-database.yml index 29c5acac0a..cb354e20d6 100644 --- a/.github/workflows/_migrate-database.yml +++ b/.github/workflows/_migrate-database.yml @@ -73,7 +73,7 @@ jobs: run: dotnet build ${{ inputs.relative_startup_project }} - name: Login to Azure - uses: azure/login@v2 + uses: azure/login@v3 with: client-id: ${{ inputs.service_principal_id }} tenant-id: ${{ env.TENANT_ID }} @@ -248,7 +248,7 @@ jobs: uses: actions/checkout@v6 - name: Login to Azure - uses: azure/login@v2 + uses: azure/login@v3 with: client-id: ${{ inputs.service_principal_id }} tenant-id: ${{ env.TENANT_ID }}