diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 579da9b..6a052c6 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -24,9 +24,9 @@ jobs:
persist-credentials: false
- name: Initialize CodeQL
- uses: github/codeql-action/init@v2
+ uses: github/codeql-action/init@v3
with:
languages: ruby
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v2
+ uses: github/codeql-action/analyze@v3
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index d2f22f7..1912348 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -50,7 +50,7 @@ jobs:
- name: Authenticate to Google Cloud
id: gcloud-auth
- uses: google-github-actions/auth@v1
+ uses: google-github-actions/auth@v2
with:
token_format: access_token
workload_identity_provider: projects/${{ secrets.GCP_PROJECT_NUM }}/locations/global/workloadIdentityPools/ci-orchestrator-deploy/providers/github-actions
@@ -69,7 +69,7 @@ jobs:
docker push "$IMAGE"
- name: Get GKE credentials
- uses: google-github-actions/get-gke-credentials@v1
+ uses: google-github-actions/get-gke-credentials@v2
with:
cluster_name: ci-orchestrator
location: us-central1-c
diff --git a/Gemfile b/Gemfile
index b69eaee..35b7b16 100644
--- a/Gemfile
+++ b/Gemfile
@@ -7,6 +7,7 @@ gem "jwt"
gem "octokit"
gem "orka_api_client", git: "https://github.com/Homebrew/orka_api_client"
gem "puma"
+gem "rackup"
gem "sinatra"
group :development, optional: true do
diff --git a/Gemfile.lock b/Gemfile.lock
index 9c48d0b..27acb98 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,79 +1,91 @@
GIT
remote: https://github.com/Homebrew/orka_api_client
- revision: 5a54675b3d83c0ba47cfc5431a3b3fca294a7ccd
+ revision: 56d765abde98d2646eab6e1aec79f1bf69f98259
specs:
- orka_api_client (0.1.0)
+ orka_api_client (0.2.0)
faraday (~> 2.0)
faraday-multipart (~> 1.0)
GEM
remote: https://rubygems.org/
specs:
- addressable (2.8.5)
+ addressable (2.8.6)
public_suffix (>= 2.0.2, < 6.0)
ast (2.4.2)
- base64 (0.1.1)
- faraday (2.7.11)
- base64
- faraday-net_http (>= 2.0, < 3.1)
- ruby2_keywords (>= 0.0.4)
+ base64 (0.2.0)
+ faraday (2.9.0)
+ faraday-net_http (>= 2.0, < 3.2)
faraday-multipart (1.0.4)
multipart-post (~> 2)
- faraday-net_http (3.0.2)
+ faraday-net_http (3.1.0)
+ net-http
faraday-retry (2.2.0)
faraday (~> 2.0)
- json (2.6.3)
- jwt (2.7.1)
+ json (2.7.1)
+ jwt (2.8.0)
+ base64
language_server-protocol (3.17.0.3)
- multipart-post (2.3.0)
+ multipart-post (2.4.0)
mustermann (3.0.0)
ruby2_keywords (~> 0.0.1)
+ net-http (0.4.1)
+ uri
nio4r (2.7.0)
- octokit (8.0.0)
+ octokit (8.1.0)
+ base64
faraday (>= 1, < 3)
sawyer (~> 0.9)
- parallel (1.23.0)
- parser (3.2.2.4)
+ parallel (1.24.0)
+ parser (3.3.0.5)
ast (~> 2.4.1)
racc
- public_suffix (5.0.3)
+ public_suffix (5.0.4)
puma (6.4.2)
nio4r (~> 2.0)
- racc (1.7.2)
- rack (2.2.8)
- rack-protection (3.1.0)
- rack (~> 2.2, >= 2.2.4)
+ racc (1.7.3)
+ rack (3.0.9.1)
+ rack-protection (4.0.0)
+ base64 (>= 0.1.0)
+ rack (>= 3.0.0, < 4)
+ rack-session (2.0.0)
+ rack (>= 3.0.0)
+ rackup (2.1.0)
+ rack (>= 3)
+ webrick (~> 1.8)
rainbow (3.1.1)
- regexp_parser (2.8.2)
+ regexp_parser (2.9.0)
rexml (3.2.6)
- rubocop (1.57.2)
+ rubocop (1.60.2)
json (~> 2.3)
language_server-protocol (>= 3.17.0)
parallel (~> 1.10)
- parser (>= 3.2.2.4)
+ parser (>= 3.3.0.2)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.8, < 3.0)
rexml (>= 3.2.5, < 4.0)
- rubocop-ast (>= 1.28.1, < 2.0)
+ rubocop-ast (>= 1.30.0, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 3.0)
rubocop-ast (1.30.0)
parser (>= 3.2.1.0)
- rubocop-performance (1.19.1)
- rubocop (>= 1.7.0, < 2.0)
- rubocop-ast (>= 0.4.0)
+ rubocop-performance (1.20.2)
+ rubocop (>= 1.48.1, < 2.0)
+ rubocop-ast (>= 1.30.0, < 2.0)
ruby-progressbar (1.13.0)
ruby2_keywords (0.0.5)
sawyer (0.9.2)
addressable (>= 2.3.5)
faraday (>= 0.17.3, < 3)
- sinatra (3.1.0)
+ sinatra (4.0.0)
mustermann (~> 3.0)
- rack (~> 2.2, >= 2.2.4)
- rack-protection (= 3.1.0)
+ rack (>= 3.0.0, < 4)
+ rack-protection (= 4.0.0)
+ rack-session (>= 2.0.0, < 3)
tilt (~> 2.0)
tilt (2.3.0)
unicode-display_width (2.5.0)
+ uri (0.13.0)
+ webrick (1.8.1)
PLATFORMS
ruby
@@ -84,9 +96,10 @@ DEPENDENCIES
octokit
orka_api_client!
puma
+ rackup
rubocop
rubocop-performance
sinatra
BUNDLED WITH
- 2.4.10
+ 2.5.5
diff --git a/src/server.rb b/src/server.rb
index 1b48bf1..2233f21 100644
--- a/src/server.rb
+++ b/src/server.rb
@@ -14,7 +14,7 @@ class CIOrchestratorApp < Sinatra::Base
configure do
set :sessions, expire_after: 28800, same_site: :lax, skip: true
set :session_store, Rack::Session::Pool
- set :protection, reaction: :deny, logger: Logger.new($stderr), except: :session_hijacking
+ set :protection, reaction: :deny, logger: Logger.new($stderr)
end
helpers ERB::Util
diff --git a/src/views/index.erb b/src/views/index.erb
index fed129d..5b48592 100644
--- a/src/views/index.erb
+++ b/src/views/index.erb
@@ -7,8 +7,8 @@
-
-
+
+