release: 3.5.1

ci: fix Trivy command after update
ci: use actionlint on GHA workflows
2025-08-08 08:33:56 +02:00 · 2022-02-17 10:09:17 +01:00 · 2022-02-17 10:06:51 +01:00 · 2022-02-16 00:05:40 +01:00 · 2022-02-11 01:29:46 +01:00 · 2022-02-03 09:03:08 +01:00
9 changed files with 47 additions and 10 deletions
--- a/.github/actionlint-matcher.json
+++ b/.github/actionlint-matcher.json
@@ -0,0 +1,17 @@
+{
+  "problemMatcher": [
+    {
+      "owner": "actionlint",
+      "pattern": [
+        {
+          "regexp": "^(?:\\x1b\\[\\d+m)?(.+?)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*: (?:\\x1b\\[\\d+m)*(.+?)(?:\\x1b\\[\\d+m)* \\[(.+?)\\]$",
+          "file": 1,
+          "line": 2,
+          "column": 3,
+          "message": 4,
+          "code": 5
+        }
+      ]
+    }
+  ]
+}
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -1,3 +1,4 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
 ---
 name: cd

@@ -14,7 +15,7 @@ jobs:

    - name: Extract dyndnsd version from tag name
      run: |
-        echo "DYNDNSD_VERSION=${GITHUB_REF#refs/*/v}" >> $GITHUB_ENV
+        echo "DYNDNSD_VERSION=${GITHUB_REF#refs/*/v}" >> "$GITHUB_ENV"

    - name: Wait for dyndnsd ${{ env.DYNDNSD_VERSION }} gem to be available
      run: |
@@ -22,6 +23,7 @@ jobs:
        for retry in $(seq 1 5); do
          echo "Checking if dyndnsd $DYNDNSD_VERSION gem is retrievable from rubygems.org (try #$retry)..."
          sudo gem install dyndnsd -v "$DYNDNSD_VERSION"
+          # shellcheck disable=SC2181
          if [ $? -eq 0 ]; then
            exit 0
          fi
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,3 +1,4 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
 ---
 name: ci

@@ -32,3 +33,13 @@ jobs:
    - name: Lint and Test
      run: |
        bundle exec rake ci
+
+  actionlint:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Check workflow files
+      run: |
+        echo "::add-matcher::.github/actionlint-matcher.json"
+        bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
+        ./actionlint
--- a/.github/workflows/dockerhub.yml
+++ b/.github/workflows/dockerhub.yml
@@ -1,3 +1,4 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
 ---
 name: dockerhub

--- a/.github/workflows/vulnscan.yml
+++ b/.github/workflows/vulnscan.yml
@@ -1,3 +1,4 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
 ---
 name: vulnscan

@@ -10,15 +11,14 @@ jobs:
  scan-released-dockerimages:
    runs-on: ubuntu-latest
    env:
-      TRIVY_LIGHT: 'true'
      TRIVY_IGNORE_UNFIXED: 'true'
      TRIVY_REMOVED_PKGS: 'true'
    steps:
    - name: Install Trivy
      run: |
-        mkdir -p $GITHUB_WORKSPACE/bin
+        mkdir -p "$GITHUB_WORKSPACE/bin"
        echo "$GITHUB_WORKSPACE/bin" >> "$GITHUB_PATH"
-        curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sh -s -- -b $GITHUB_WORKSPACE/bin
+        curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sh -s -- -b "$GITHUB_WORKSPACE/bin"
    - name: Download Trivy DB
      run: |
        trivy image --download-db-only
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,12 @@
 # Changelog

-## 3.5.0 (January 8, 2021)
+## 3.5.1 (February 17th, 2022)
+
+OTHER:
+
+- re-release 3.5.0 to rebuild Docker image with security vulnerabilities fixes
+
+## 3.5.0 (January 8th, 2022)

 IMPROVEMENTS:

--- a/4
+++ b/4
@@ -25,7 +25,7 @@ end
 hadolint_version = 'v2.8.0'

 # renovate: datasource=github-tags depName=aquasecurity/trivy
-trivy_version = 'v0.22.0'
+trivy_version = 'v0.23.0'

 namespace :docker do
  ci_image = 'cmur2/dyndnsd:ci'
@@ -47,7 +47,7 @@ namespace :docker do
  task :scan do
    ver = trivy_version.gsub('v', '')
    sh "if [ ! -e ./trivy ]; then wget -q -O - https://github.com/aquasecurity/trivy/releases/download/v#{ver}/trivy_#{ver}_Linux-64bit.tar.gz | tar -xzf - trivy; fi"
-    sh "./trivy #{ci_image}"
+    sh "./trivy image #{ci_image}"
  end

  desc 'End-to-end test the CI Docker image'
--- a/dyndnsd.gemspec
+++ b/dyndnsd.gemspec
@@ -41,8 +41,8 @@ Gem::Specification.new do |s|
  s.add_development_dependency 'rack-test'
  s.add_development_dependency 'rake'
  s.add_development_dependency 'rspec'
-  s.add_development_dependency 'rubocop', '~> 1.24.0'
+  s.add_development_dependency 'rubocop', '~> 1.25.0'
  s.add_development_dependency 'rubocop-rake', '~> 0.6.0'
-  s.add_development_dependency 'rubocop-rspec', '~> 2.7.0'
+  s.add_development_dependency 'rubocop-rspec', '~> 2.8.0'
  s.add_development_dependency 'solargraph', '~> 0.44.0'
 end
--- a/lib/dyndnsd/version.rb
+++ b/lib/dyndnsd/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true

 module Dyndnsd
-  VERSION = '3.5.0'
+  VERSION = '3.5.1'
 end
Author	SHA1	Message	Date
cn	558445af2e	release: 3.5.1	2022-02-17 10:09:17 +01:00
cn	3f784ccaa1	ci: fix Trivy command after update	2022-02-17 10:06:51 +01:00
cn	dbc61d72fb	ci: use actionlint on GHA workflows - https://github.com/rhysd/actionlint is cool	2022-02-16 00:05:40 +01:00
cn	2838ad9eae	ci: use JSON schema for GHA workflows	2022-02-11 01:29:46 +01:00
Christian Nicolai	84e513b4a2	ci: trivy 0.23.0 deprecated the light DB	2022-02-03 09:03:08 +01:00
Renovate Bot	0a4a052cc9	project: update aquasecurity/trivy to v0.23.0	2022-02-03 09:02:03 +01:00
depfu[bot]	b9f0a07aba	gems: update rubocop-rspec to version 2.8.0	2022-01-25 13:37:46 +01:00
depfu[bot]	cb9f6f7027	gems: update rubocop to version 1.25.0	2022-01-19 11:38:22 +01:00