From c43a6b0a6080015f9d1f0bdc3a85fce60a9ef397 Mon Sep 17 00:00:00 2001
From: Phil Asmar <phil.asmar@gmail.com>
Date: Wed, 11 Dec 2024 20:23:41 -0500
Subject: [PATCH 1/2] chore: update lambda dockerfile workflow to support .NET
 9

---
 .github/workflows/update-Dockerfiles.yml | 62 ++++++++++++------------
 1 file changed, 31 insertions(+), 31 deletions(-)

diff --git a/.github/workflows/update-Dockerfiles.yml b/.github/workflows/update-Dockerfiles.yml
index 37297cbd6..f45d23a23 100644
--- a/.github/workflows/update-Dockerfiles.yml
+++ b/.github/workflows/update-Dockerfiles.yml
@@ -18,32 +18,32 @@ on:
         description: ".NET 6 Next Version"
         type: string
         required: true
-      NET_7_AMD64:
-        description: ".NET 7 AMD64"
+      NET_8_AMD64:
+        description: ".NET 8 AMD64"
         type: boolean
         required: true
         default: "true"
-      NET_7_ARM64:
-        description: ".NET 7 ARM64"
+      NET_8_ARM64:
+        description: ".NET 8 ARM64"
         type: boolean
         required: true
         default: "true"
-      NET_7_NEXT_VERSION:
-        description: ".NET 7 Next Version"
+      NET_8_NEXT_VERSION:
+        description: ".NET 8 Next Version"
         type: string
         required: true
-      NET_8_AMD64:
-        description: ".NET 8 AMD64"
+      NET_9_AMD64:
+        description: ".NET 9 AMD64"
         type: boolean
         required: true
         default: "true"
-      NET_8_ARM64:
-        description: ".NET 8 ARM64"
+      NET_9_ARM64:
+        description: ".NET 9 ARM64"
         type: boolean
         required: true
         default: "true"
-      NET_8_NEXT_VERSION:
-        description: ".NET 8 Next Version"
+      NET_9_NEXT_VERSION:
+        description: ".NET 9 Next Version"
         type: string
         required: true
 
@@ -53,10 +53,10 @@ jobs:
     env:
       NET_6_AMD64_Dockerfile: "LambdaRuntimeDockerfiles/Images/net6/amd64/Dockerfile"
       NET_6_ARM64_Dockerfile: "LambdaRuntimeDockerfiles/Images/net6/arm64/Dockerfile"
-      NET_7_AMD64_Dockerfile: "LambdaRuntimeDockerfiles/Images/net7/amd64/Dockerfile"
-      NET_7_ARM64_Dockerfile: "LambdaRuntimeDockerfiles/Images/net7/arm64/Dockerfile"
       NET_8_AMD64_Dockerfile: "LambdaRuntimeDockerfiles/Images/net8/amd64/Dockerfile"
       NET_8_ARM64_Dockerfile: "LambdaRuntimeDockerfiles/Images/net8/arm64/Dockerfile"
+      NET_9_AMD64_Dockerfile: "LambdaRuntimeDockerfiles/Images/net9/amd64/Dockerfile"
+      NET_9_ARM64_Dockerfile: "LambdaRuntimeDockerfiles/Images/net9/arm64/Dockerfile"
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
@@ -79,20 +79,6 @@ jobs:
           .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_6_ARM64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_6_NEXT_VERSION }}
         if: ${{ github.event.inputs.NET_6_ARM64 == 'true' }}
 
-      - name: Update .NET 7 AMD64
-        id: update-net7-amd64
-        shell: pwsh
-        run: |
-          .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_7_AMD64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_7_NEXT_VERSION }}
-        if: ${{ github.event.inputs.NET_7_AMD64 == 'true' }}
-
-      - name: Update .NET 7 ARM64
-        id: update-net7-arm64
-        shell: pwsh
-        run: |
-          .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_7_ARM64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_7_NEXT_VERSION }}
-        if: ${{ github.event.inputs.NET_7_ARM64 == 'true' }}
-
       - name: Update .NET 8 AMD64
         id: update-net8-amd64
         shell: pwsh
@@ -107,6 +93,20 @@ jobs:
           .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_8_ARM64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_8_NEXT_VERSION }}
         if: ${{ github.event.inputs.NET_8_ARM64 == 'true' }}
 
+      - name: Update .NET 9 AMD64
+        id: update-net9-amd64
+        shell: pwsh
+        run: |
+          .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_9_AMD64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_9_NEXT_VERSION }}
+        if: ${{ github.event.inputs.NET_9_AMD64 == 'true' }}
+
+      - name: Update .NET 9 ARM64
+        id: update-net9-arm64
+        shell: pwsh
+        run: |
+          .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_9_ARM64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_9_NEXT_VERSION }}
+        if: ${{ github.event.inputs.NET_9_ARM64 == 'true' }}
+
       # Update Dockerfiles if newer version of ASP.NET Core is available
       - name: Commit and Push
         id: commit-push
@@ -140,10 +140,10 @@ jobs:
                   '{0}\n{1}\n{2}\n{3}\n{4}\n{5}',
                   join(steps.update-net6-amd64.outputs.MESSAGE, '\n'),
                   join(steps.update-net6-arm64.outputs.MESSAGE, '\n'),
-                  join(steps.update-net7-amd64.outputs.MESSAGE, '\n'),
-                  join(steps.update-net7-arm64.outputs.MESSAGE, '\n'),
                   join(steps.update-net8-amd64.outputs.MESSAGE, '\n'),
-                  join(steps.update-net8-arm64.outputs.MESSAGE, '\n')
+                  join(steps.update-net8-arm64.outputs.MESSAGE, '\n'),
+                  join(steps.update-net9-amd64.outputs.MESSAGE, '\n'),
+                  join(steps.update-net9-arm64.outputs.MESSAGE, '\n')
                 )
             }}"
           github_token: ${{ secrets.GITHUB_TOKEN }}

From e1ac89ae0e7a45825e27a62c03ea76ebb42f55c7 Mon Sep 17 00:00:00 2001
From: Phil Asmar <phil.asmar@gmail.com>
Date: Thu, 19 Dec 2024 14:53:36 -0500
Subject: [PATCH 2/2] address semgrep finding

---
 .github/workflows/update-Dockerfiles.yml | 30 +++++++++++++++++++-----
 1 file changed, 24 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/update-Dockerfiles.yml b/.github/workflows/update-Dockerfiles.yml
index f45d23a23..c2533a836 100644
--- a/.github/workflows/update-Dockerfiles.yml
+++ b/.github/workflows/update-Dockerfiles.yml
@@ -68,43 +68,61 @@ jobs:
       - name: Update .NET 6 AMD64
         id: update-net6-amd64
         shell: pwsh
+        env:
+          DOCKERFILE_PATH: ${{ env.NET_6_AMD64_Dockerfile }}
+          NEXT_VERSION: ${{ github.event.inputs.NET_6_NEXT_VERSION }}
         run: |
-          .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_6_AMD64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_6_NEXT_VERSION }}
+          .\LambdaRuntimeDockerfiles\update-dockerfile.ps1 -DockerfilePath "$DOCKERFILE_PATH" -NextVersion "$NEXT_VERSION"
         if: ${{ github.event.inputs.NET_6_AMD64 == 'true' }}
 
       - name: Update .NET 6 ARM64
         id: update-net6-arm64
         shell: pwsh
+        env:
+          DOCKERFILE_PATH: ${{ env.NET_6_ARM64_Dockerfile }}
+          NEXT_VERSION: ${{ github.event.inputs.NET_6_NEXT_VERSION }}
         run: |
-          .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_6_ARM64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_6_NEXT_VERSION }}
+          .\LambdaRuntimeDockerfiles\update-dockerfile.ps1 -DockerfilePath "$DOCKERFILE_PATH" -NextVersion "$NEXT_VERSION"
         if: ${{ github.event.inputs.NET_6_ARM64 == 'true' }}
 
       - name: Update .NET 8 AMD64
         id: update-net8-amd64
         shell: pwsh
+        env:
+          DOCKERFILE_PATH: ${{ env.NET_8_AMD64_Dockerfile }}
+          NEXT_VERSION: ${{ github.event.inputs.NET_8_NEXT_VERSION }}
         run: |
-          .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_8_AMD64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_8_NEXT_VERSION }}
+          .\LambdaRuntimeDockerfiles\update-dockerfile.ps1 -DockerfilePath "$DOCKERFILE_PATH" -NextVersion "$NEXT_VERSION"
         if: ${{ github.event.inputs.NET_8_AMD64 == 'true' }}
 
       - name: Update .NET 8 ARM64
         id: update-net8-arm64
         shell: pwsh
+        env:
+          DOCKERFILE_PATH: ${{ env.NET_8_ARM64_Dockerfile }}
+          NEXT_VERSION: ${{ github.event.inputs.NET_8_NEXT_VERSION }}
         run: |
-          .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_8_ARM64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_8_NEXT_VERSION }}
+          .\LambdaRuntimeDockerfiles\update-dockerfile.ps1 -DockerfilePath "$DOCKERFILE_PATH" -NextVersion "$NEXT_VERSION"
         if: ${{ github.event.inputs.NET_8_ARM64 == 'true' }}
 
       - name: Update .NET 9 AMD64
         id: update-net9-amd64
         shell: pwsh
+        env:
+          DOCKERFILE_PATH: ${{ env.NET_9_AMD64_Dockerfile }}
+          NEXT_VERSION: ${{ github.event.inputs.NET_9_NEXT_VERSION }}
         run: |
-          .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_9_AMD64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_9_NEXT_VERSION }}
+          .\LambdaRuntimeDockerfiles\update-dockerfile.ps1 -DockerfilePath "$DOCKERFILE_PATH" -NextVersion "$NEXT_VERSION"
         if: ${{ github.event.inputs.NET_9_AMD64 == 'true' }}
 
       - name: Update .NET 9 ARM64
         id: update-net9-arm64
         shell: pwsh
+        env:
+          DOCKERFILE_PATH: ${{ env.NET_9_ARM64_Dockerfile }}
+          NEXT_VERSION: ${{ github.event.inputs.NET_9_NEXT_VERSION }}
         run: |
-          .\LambdaRuntimeDockerfiles/update-dockerfile.ps1 -DockerfilePath ${{ env.NET_9_ARM64_Dockerfile }} -NextVersion ${{ github.event.inputs.NET_9_NEXT_VERSION }}
+          .\LambdaRuntimeDockerfiles\update-dockerfile.ps1 -DockerfilePath "$DOCKERFILE_PATH" -NextVersion "$NEXT_VERSION"
         if: ${{ github.event.inputs.NET_9_ARM64 == 'true' }}
 
       # Update Dockerfiles if newer version of ASP.NET Core is available