Skip to content

Commit 9f65ba3

Browse files
leandrodamascenaleandrodamascena
authored
Merge branch 'develop' into response
2 parents 69ca2c5 + eab4cfc commit 9f65ba3

File tree

79 files changed

+1044
-596
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

79 files changed

+1044
-596
lines changed

.github/workflows/bootstrap_region.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -96,7 +96,7 @@ jobs:
9696
mask-aws-account-id: true
9797
- id: go-setup
9898
name: Setup Go
99-
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
99+
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
100100
- id: go-env
101101
name: Go Env
102102
run: go env

.github/workflows/layer_govcloud.yml

+6-6
Original file line numberDiff line numberDiff line change
@@ -69,14 +69,14 @@ jobs:
6969
aws --region us-east-1 lambda get-layer-version-by-arn --arn arn:aws:lambda:us-east-1:017000801446:layer:${{ matrix.layer }}-${{ matrix.arch }}:${{ inputs.version }} --query 'Content.Location' | xargs curl -L -o ${{ matrix.layer }}_${{ matrix.arch }}.zip
7070
aws --region us-east-1 lambda get-layer-version-by-arn --arn arn:aws:lambda:us-east-1:017000801446:layer:${{ matrix.layer }}-${{ matrix.arch }}:${{ inputs.version }} > ${{ matrix.layer }}_${{ matrix.arch }}.json
7171
- name: Store Zip
72-
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
72+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
7373
with:
7474
name: ${{ matrix.layer }}_${{ matrix.arch }}.zip
7575
path: ${{ matrix.layer }}_${{ matrix.arch }}.zip
7676
retention-days: 1
7777
if-no-files-found: error
7878
- name: Store Metadata
79-
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
79+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
8080
with:
8181
name: ${{ matrix.layer }}_${{ matrix.arch }}.json
8282
path: ${{ matrix.layer }}_${{ matrix.arch }}.json
@@ -104,11 +104,11 @@ jobs:
104104
environment: GovCloud ${{ inputs.environment }} (East)
105105
steps:
106106
- name: Download Zip
107-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
107+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
108108
with:
109109
name: ${{ matrix.layer }}_${{ matrix.arch }}.zip
110110
- name: Download Metadata
111-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
111+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
112112
with:
113113
name: ${{ matrix.layer }}_${{ matrix.arch }}.json
114114
- name: Verify Layer Signature
@@ -173,11 +173,11 @@ jobs:
173173
name: GovCloud ${{ inputs.environment }} (West)
174174
steps:
175175
- name: Download Zip
176-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
176+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
177177
with:
178178
name: ${{ matrix.layer }}_${{ matrix.arch }}.zip
179179
- name: Download Metadata
180-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
180+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
181181
with:
182182
name: ${{ matrix.layer }}_${{ matrix.arch }}.json
183183
- name: Verify Layer Signature

.github/workflows/layer_govcloud_python313.yml

+6-6
Original file line numberDiff line numberDiff line change
@@ -65,14 +65,14 @@ jobs:
6565
aws --region us-east-1 lambda get-layer-version-by-arn --arn arn:aws:lambda:us-east-1:017000801446:layer:${{ matrix.layer }}-${{ matrix.arch }}:${{ inputs.version }} --query 'Content.Location' | xargs curl -L -o ${{ matrix.layer }}_${{ matrix.arch }}.zip
6666
aws --region us-east-1 lambda get-layer-version-by-arn --arn arn:aws:lambda:us-east-1:017000801446:layer:${{ matrix.layer }}-${{ matrix.arch }}:${{ inputs.version }} > ${{ matrix.layer }}_${{ matrix.arch }}.json
6767
- name: Store Zip
68-
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
68+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
6969
with:
7070
name: ${{ matrix.layer }}_${{ matrix.arch }}.zip
7171
path: ${{ matrix.layer }}_${{ matrix.arch }}.zip
7272
retention-days: 1
7373
if-no-files-found: error
7474
- name: Store Metadata
75-
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
75+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
7676
with:
7777
name: ${{ matrix.layer }}_${{ matrix.arch }}.json
7878
path: ${{ matrix.layer }}_${{ matrix.arch }}.json
@@ -96,11 +96,11 @@ jobs:
9696
environment: GovCloud ${{ inputs.environment }} (East)
9797
steps:
9898
- name: Download Zip
99-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
99+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
100100
with:
101101
name: ${{ matrix.layer }}_${{ matrix.arch }}.zip
102102
- name: Download Metadata
103-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
103+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
104104
with:
105105
name: ${{ matrix.layer }}_${{ matrix.arch }}.json
106106
- name: Verify Layer Signature
@@ -161,11 +161,11 @@ jobs:
161161
name: GovCloud ${{ inputs.environment }} (West)
162162
steps:
163163
- name: Download Zip
164-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
164+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
165165
with:
166166
name: ${{ matrix.layer }}_${{ matrix.arch }}.zip
167167
- name: Download Metadata
168-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
168+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
169169
with:
170170
name: ${{ matrix.layer }}_${{ matrix.arch }}.json
171171
- name: Verify Layer Signature

.github/workflows/ossf_scorecard.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ jobs:
3535
repo_token: ${{ secrets.SCORECARD_TOKEN }} # read-only fine-grained token to read branch protection settings
3636

3737
- name: "Upload results"
38-
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
38+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
3939
with:
4040
name: SARIF file
4141
path: results.sarif

.github/workflows/pre-release.yml

+3-3
Original file line numberDiff line numberDiff line change
@@ -126,7 +126,7 @@ jobs:
126126
- name: Install poetry
127127
run: pipx install git+https://github.com/python-poetry/poetry@bd500dd3bdfaec3de6894144c9cedb3a9358be84 # v2.0.1
128128
- name: Set up Python
129-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
129+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
130130
with:
131131
python-version: "3.12"
132132
cache: "poetry"
@@ -164,7 +164,7 @@ jobs:
164164
- name: Install poetry
165165
run: pipx install git+https://github.com/python-poetry/poetry@bd500dd3bdfaec3de6894144c9cedb3a9358be84 # v2.0.1
166166
- name: Set up Python
167-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
167+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
168168
with:
169169
python-version: "3.12"
170170
cache: "poetry"
@@ -255,7 +255,7 @@ jobs:
255255
artifact_name: ${{ needs.seal.outputs.artifact_name }}
256256

257257
- name: Download provenance
258-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
258+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
259259
with:
260260
name: ${{needs.provenance.outputs.provenance-name}}
261261

.github/workflows/publish_v2_layer.yml

+3-3
Original file line numberDiff line numberDiff line change
@@ -105,7 +105,7 @@ jobs:
105105
with:
106106
node-version: "16.12"
107107
- name: Setup python
108-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
108+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
109109
with:
110110
python-version: "3.12"
111111
cache: "pip"
@@ -146,7 +146,7 @@ jobs:
146146
- name: zip output
147147
run: zip -r cdk.out.zip cdk.out
148148
- name: Archive CDK artifacts
149-
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
149+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
150150
with:
151151
name: cdk-layer-artefact
152152
path: layer/cdk.out.zip
@@ -258,7 +258,7 @@ jobs:
258258
artifact_name: ${{ inputs.source_code_artifact_name }}
259259

260260
- name: Download CDK layer artifacts
261-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
261+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
262262
with:
263263
path: cdk-layer-stack
264264
pattern: cdk-layer-stack-* # merge all Layer artifacts created per region earlier (reusable_deploy_v2_layer_stack.yml; step "Save Layer ARN artifact")

.github/workflows/publish_v3_layer.yml

+2-2
Original file line numberDiff line numberDiff line change
@@ -127,7 +127,7 @@ jobs:
127127
with:
128128
node-version: "18.20.4"
129129
- name: Setup python
130-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
130+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
131131
with:
132132
python-version: ${{ matrix.python-version }}
133133
cache: "pip"
@@ -168,7 +168,7 @@ jobs:
168168
- name: zip output
169169
run: zip -r cdk.py${{ matrix.python-version }}.out.zip cdk.out
170170
- name: Archive CDK artifacts
171-
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
171+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
172172
with:
173173
name: cdk-layer-artifact-py${{ matrix.python-version }}
174174
path: layer_v3/cdk.py${{ matrix.python-version }}.out.zip

.github/workflows/quality_check.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@ jobs:
5656
- name: Install poetry
5757
run: pipx install poetry
5858
- name: Set up Python ${{ matrix.python-version }}
59-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
59+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
6060
with:
6161
python-version: ${{ matrix.python-version }}
6262
- name: Install dependencies

.github/workflows/quality_code_cdk_constructor.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ jobs:
4646
- name: Install poetry
4747
run: pipx install poetry
4848
- name: Set up Python ${{ matrix.python-version }}
49-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
49+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
5050
with:
5151
python-version: ${{ matrix.python-version }}
5252
cache: "poetry"

.github/workflows/record_pr.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ jobs:
5353
script: |
5454
const script = require('.github/scripts/save_pr_details.js')
5555
await script({github, context, core})
56-
- uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
56+
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
5757
with:
5858
name: pr
5959
path: pr.txt

.github/workflows/release-v3.yml

+2-2
Original file line numberDiff line numberDiff line change
@@ -140,7 +140,7 @@ jobs:
140140
- name: Install poetry
141141
run: pipx install git+https://github.com/python-poetry/poetry@bd500dd3bdfaec3de6894144c9cedb3a9358be84 # v2.0.1
142142
- name: Set up Python
143-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
143+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
144144
with:
145145
python-version: "3.12"
146146
cache: "poetry"
@@ -178,7 +178,7 @@ jobs:
178178
- name: Install poetry
179179
run: pipx install git+https://github.com/python-poetry/poetry@bd500dd3bdfaec3de6894144c9cedb3a9358be84 # v2.0.1
180180
- name: Set up Python
181-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
181+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
182182
with:
183183
python-version: "3.12"
184184
cache: "poetry"

.github/workflows/release.yml

+2-2
Original file line numberDiff line numberDiff line change
@@ -131,7 +131,7 @@ jobs:
131131
- name: Install poetry
132132
run: pipx install git+https://github.com/python-poetry/poetry@bd500dd3bdfaec3de6894144c9cedb3a9358be84 # v2.0.1
133133
- name: Set up Python
134-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
134+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
135135
with:
136136
python-version: "3.12"
137137
cache: "poetry"
@@ -169,7 +169,7 @@ jobs:
169169
- name: Install poetry
170170
run: pipx install git+https://github.com/python-poetry/poetry@bd500dd3bdfaec3de6894144c9cedb3a9358be84 # v2.0.1
171171
- name: Set up Python
172-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
172+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
173173
with:
174174
python-version: "3.12"
175175
cache: "poetry"

.github/workflows/reusable_deploy_v2_layer_stack.yml

+3-3
Original file line numberDiff line numberDiff line change
@@ -163,7 +163,7 @@ jobs:
163163
with:
164164
node-version: "16.12"
165165
- name: Setup python
166-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
166+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
167167
with:
168168
python-version: "3.12"
169169
cache: "pip"
@@ -181,7 +181,7 @@ jobs:
181181
- name: install deps
182182
run: poetry install
183183
- name: Download artifact
184-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
184+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
185185
with:
186186
name: ${{ inputs.artefact-name }}
187187
path: layer
@@ -198,7 +198,7 @@ jobs:
198198
cat cdk-layer-stack/${{ matrix.region }}-layer-version.txt
199199
- name: Save Layer ARN artifact
200200
if: ${{ inputs.stage == 'PROD' }}
201-
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
201+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
202202
with:
203203
name: cdk-layer-stack-${{ matrix.region }}
204204
path: ./layer/cdk-layer-stack/* # NOTE: upload-artifact does not inherit working-directory setting.

.github/workflows/reusable_deploy_v2_sar.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -117,7 +117,7 @@ jobs:
117117
with:
118118
node-version: ${{ env.NODE_VERSION }}
119119
- name: Download artifact
120-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
120+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
121121
with:
122122
name: ${{ inputs.artefact-name }}
123123
- name: Unzip artefact

.github/workflows/reusable_deploy_v3_layer_stack.yml

+3-3
Original file line numberDiff line numberDiff line change
@@ -171,7 +171,7 @@ jobs:
171171
with:
172172
node-version: "18.20.4"
173173
- name: Setup python
174-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
174+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
175175
with:
176176
python-version: ${{ matrix.python-version }}
177177
cache: "pip"
@@ -189,7 +189,7 @@ jobs:
189189
- name: install deps
190190
run: poetry install
191191
- name: Download artifact
192-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
192+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
193193
with:
194194
name: cdk-layer-artifact-py${{ matrix.python-version }}
195195
path: layer_v3
@@ -213,7 +213,7 @@ jobs:
213213
cat cdk-layer-stack/${{steps.constants.outputs.LAYER_VERSION}}
214214
- name: Save Layer ARN artifact
215215
if: ${{ inputs.stage == 'PROD' }}
216-
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
216+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
217217
with:
218218
name: cdk-layer-stack-${{ matrix.region }}-${{ matrix.python-version }}
219219
path: ./layer_v3/cdk-layer-stack/* # NOTE: upload-artifact does not inherit working-directory setting.

.github/workflows/reusable_deploy_v3_sar.yml

+3-3
Original file line numberDiff line numberDiff line change
@@ -113,7 +113,7 @@ jobs:
113113
with:
114114
node-version: ${{ env.NODE_VERSION }}
115115
- name: Download artifact
116-
uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4.2.0
116+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
117117
with:
118118
name: cdk-layer-artifact-py${{ matrix.python-version }}
119119
- name: Unzip artefact
@@ -182,7 +182,7 @@ jobs:
182182
echo "Creating canary stack"
183183
echo "Stack name: $TEST_STACK_NAME"
184184
aws serverlessrepo create-cloud-formation-change-set \
185-
--application-id arn:aws:serverlessrepo:${{ env.AWS_REGION }}:${{ steps.aws-credentials-sar-role.outputs.aws-account-id }}:applications/${{ env.SAR_NAME }} \
185+
--application-id arn:aws:serverlessrepo:${{ env.AWS_REGION }}:${{ secrets.AWS_SAR_V3_ACCOUNTID }}:applications/${{ env.SAR_NAME }} \
186186
--stack-name "${TEST_STACK_NAME/serverlessrepo-/}" \
187187
--capabilities CAPABILITY_NAMED_IAM
188188
@@ -207,5 +207,5 @@ jobs:
207207
sleep 15
208208
echo "Make SAR app public"
209209
aws serverlessrepo put-application-policy \
210-
--application-id arn:aws:serverlessrepo:${{ env.AWS_REGION }}:${{ steps.aws-credentials-sar-role.outputs.aws-account-id }}:applications/${{ env.SAR_NAME }} \
210+
--application-id arn:aws:serverlessrepo:${{ env.AWS_REGION }}:${{ secrets.AWS_SAR_V3_ACCOUNTID }}:applications/${{ env.SAR_NAME }} \
211211
--statements Principals='*',Actions=Deploy

.github/workflows/reusable_publish_docs.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,7 @@ jobs:
5151
- name: Install poetry
5252
run: pipx install poetry
5353
- name: Set up Python
54-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
54+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
5555
with:
5656
python-version: "3.12"
5757
cache: "poetry"

.github/workflows/run-e2e-tests.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@ jobs:
5656
- name: Install poetry
5757
run: pipx install poetry
5858
- name: "Use Python"
59-
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
59+
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
6060
with:
6161
python-version: ${{ matrix.version }}
6262
architecture: "x64"

0 commit comments

Comments
 (0)