reset branches and image scan

Author: dvvanessastoiber

.github/workflows/build-node-python.yml

@@ -74,7 +74,7 @@ env:
   PYPI_REGISTRY: "https://upload.pypi.org/legacy/"
   PYPI_USERNAME: "datavisyn"
   PYTHON_VERSION: "3.10"
-  WORKFLOW_BRANCH: "vstoiber-fix-secrets-inherit"
+  WORKFLOW_BRANCH: "new_deployment"
 
 permissions:
   contents: read

.github/workflows/build-node.yml

@@ -16,7 +16,7 @@ on:
 env:
   NPM_REGISTRY: "https://registry.npmjs.org/"
   NODE_VERSION: "20.9"
-  WORKFLOW_BRANCH: "vstoiber-fix-secrets-inherit"
+  WORKFLOW_BRANCH: "new_deployment"
 
 permissions:
   contents: read

.github/workflows/build-product.yml

@@ -24,7 +24,7 @@ env:
   TIME_ZONE: "Europe/Vienna"
   NODE_VERSION: "20.9"
   PYTHON_VERSION: "3.10"
-  WORKFLOW_BRANCH: "vstoiber-fix-secrets-inherit"
+  WORKFLOW_BRANCH: "new_deployment"
   PYTHON_BASE_IMAGE: "python:3.10.8-slim-bullseye"
   DATAVISYN_PYTHON_BASE_IMAGE: "188237246440.dkr.ecr.eu-central-1.amazonaws.com/datavisyn/base/python:main"
   DATAVISYN_NGINX_BASE_IMAGE: "188237246440.dkr.ecr.eu-central-1.amazonaws.com/datavisyn/base/nginx:main"
@@ -87,7 +87,7 @@ jobs:
       fail-fast: true
       matrix:
         component: ${{fromJson(needs.prepare-build.outputs.components)}}
-    uses: datavisyn/github-workflows/.github/workflows/build-single-product-part.yml@vstoiber-fix-secrets-inherit
+    uses: datavisyn/github-workflows/.github/workflows/build-single-product-part.yml@new_deployment
     with:
       component: ${{ matrix.component }}
       image_tag1: ${{ needs.prepare-build.outputs.image_tag1 }}
@@ -102,7 +102,7 @@ jobs:
       fail-fast: true
       matrix:
         component: ${{fromJson(needs.prepare-build.outputs.components)}}
-    uses: datavisyn/github-workflows/.github/workflows/build-workspace-product-part.yml@vstoiber-fix-secrets-inherit
+    uses: datavisyn/github-workflows/.github/workflows/build-workspace-product-part.yml@new_deployment
     with:
       component: ${{ matrix.component }}
       image_tag1: ${{ needs.prepare-build.outputs.image_tag1 }}

.github/workflows/build-push-docker.yml

@@ -28,7 +28,7 @@ permissions:
   contents: read
 
 env:
-  WORKFLOW_BRANCH: "vstoiber-fix-secrets-inherit"
+  WORKFLOW_BRANCH: "new_deployment"
 
 jobs:
   build:

.github/workflows/build-push-helm-chart.yml

@@ -22,7 +22,7 @@ permissions:
   contents: read
 
 env:
-  WORKFLOW_BRANCH: "vstoiber-fix-secrets-inherit"
+  WORKFLOW_BRANCH: "new_deployment"
 
 concurrency:
   group: '${{ github.workflow }}-${{ github.ref || github.head_ref }}'

.github/workflows/build-single-product-part.yml

@@ -42,7 +42,7 @@ env:
   TIME_ZONE: "Europe/Vienna"
   NODE_VERSION: "20.9"
   PYTHON_VERSION: "3.10"
-  WORKFLOW_BRANCH: "vstoiber-fix-secrets-inherit"
+  WORKFLOW_BRANCH: "new_deployment"
   PYTHON_BASE_IMAGE: "python:3.10.8-slim-bullseye"
   DATAVISYN_PYTHON_BASE_IMAGE: "188237246440.dkr.ecr.eu-central-1.amazonaws.com/datavisyn/base/python:main"
   DATAVISYN_NGINX_BASE_IMAGE: "188237246440.dkr.ecr.eu-central-1.amazonaws.com/datavisyn/base/nginx:main"
@@ -240,18 +240,18 @@ jobs:
             org.opencontainers.image.version=${{ inputs.image_tag2 }}
             org.opencontainers.image.created=${{ inputs.build_time }}
             org.opencontainers.image.revision=${{ github.sha }}
-      # - name: scan image
-      #   id: get-ecr-scan-result
-      #   uses: ./tmp/github-workflows/.github/actions/get-ecr-scan-result
-      #   with:
-      #     aws_role: ${{ vars.DV_AWS_ECR_ROLE }}
-      #     aws_region: ${{ vars.DV_AWS_REGION }}
-      #     ecr_registry: ${{ vars.DV_AWS_ECR_REGISTRY }}
-      #     ecr_repository: ${{ steps.get-parameters.outputs.ecr_repo }}
-      #     image_tag: ${{ inputs.image_tag1 }}
-      # - name: check scan results
-      #   run: |
-      #     if [ "${{ steps.get-ecr-scan-result.outputs.critical }}" != "null" ] || [ "${{ steps.get-ecr-scan-result.outputs.high }}" != "null" ]; then
-      #       echo "Docker image contains vulnerabilities at critical or high level"
-      #       exit 1  #exit execution due to docker image vulnerabilities
-      #     fi
+      - name: scan image
+        id: get-ecr-scan-result
+        uses: ./tmp/github-workflows/.github/actions/get-ecr-scan-result
+        with:
+          aws_role: ${{ vars.DV_AWS_ECR_ROLE }}
+          aws_region: ${{ vars.DV_AWS_REGION }}
+          ecr_registry: ${{ vars.DV_AWS_ECR_REGISTRY }}
+          ecr_repository: ${{ steps.get-parameters.outputs.ecr_repo }}
+          image_tag: ${{ inputs.image_tag1 }}
+      - name: check scan results
+        run: |
+          if [ "${{ steps.get-ecr-scan-result.outputs.critical }}" != "null" ] || [ "${{ steps.get-ecr-scan-result.outputs.high }}" != "null" ]; then
+            echo "Docker image contains vulnerabilities at critical or high level"
+            exit 1  #exit execution due to docker image vulnerabilities
+          fi

.github/workflows/build-workspace-product-part.yml

@@ -43,7 +43,7 @@ env:
   TIME_ZONE: "Europe/Vienna"
   NODE_VERSION: "20.9"
   PYTHON_VERSION: "3.10"
-  WORKFLOW_BRANCH: "vstoiber-fix-secrets-inherit"
+  WORKFLOW_BRANCH: "new_deployment"
   PYTHON_BASE_IMAGE: "python:3.10.8-slim-bullseye"
   DATAVISYN_PYTHON_BASE_IMAGE: "188237246440.dkr.ecr.eu-central-1.amazonaws.com/datavisyn/base/python:main"
   DATAVISYN_NGINX_BASE_IMAGE: "188237246440.dkr.ecr.eu-central-1.amazonaws.com/datavisyn/base/nginx:main"

.github/workflows/check-helm-chart-version.yml

@@ -23,7 +23,7 @@ permissions:
   contents: read
 
 env:
-  WORKFLOW_BRANCH: "vstoiber-fix-secrets-inherit"
+  WORKFLOW_BRANCH: "new_deployment"
 
 jobs:
   check-helm-chart-version:

.github/workflows/deploy-product.yml

@@ -38,7 +38,7 @@ concurrency:
 
 env:
   GA_VERSION: "main"
-  WORKFLOW_BRANCH: "vstoiber-fix-secrets-inherit"
+  WORKFLOW_BRANCH: "new_deployment"
 
 jobs:
   deploy:

.github/workflows/publish-node-python.yml

@@ -22,7 +22,7 @@ env:
   PYPI_REGISTRY: "https://upload.pypi.org/legacy/"
   PYPI_USERNAME: "datavisyn"
   PYTHON_VERSION: "3.10"
-  WORKFLOW_BRANCH: "vstoiber-fix-secrets-inherit"
+  WORKFLOW_BRANCH: "new_deployment"
 
 permissions:
   contents: read