From 4c8571b7990fa6c53dd37e8df3d1d45dcb272a88 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 30 May 2024 13:19:36 +0000
Subject: [PATCH 1/2] Bump senzing-factory/build-resources from 1 to 2

Bumps [senzing-factory/build-resources](https://github.com/senzing-factory/build-resources) from 1 to 2.
- [Release notes](https://github.com/senzing-factory/build-resources/releases)
- [Changelog](https://github.com/senzing-factory/build-resources/blob/main/CHANGELOG.md)
- [Commits](https://github.com/senzing-factory/build-resources/compare/v1...v2)

---
updated-dependencies:
- dependency-name: senzing-factory/build-resources
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/add-labels-standardized.yaml           | 2 +-
 .github/workflows/add-to-project-factory-dependabot.yaml | 2 +-
 .github/workflows/add-to-project-factory.yaml            | 2 +-
 .github/workflows/lint-repo.yaml                         | 2 +-
 .github/workflows/move-pr-to-done-dependabot.yaml        | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/add-labels-standardized.yaml b/.github/workflows/add-labels-standardized.yaml
index 50687a5..01aa8a1 100644
--- a/.github/workflows/add-labels-standardized.yaml
+++ b/.github/workflows/add-labels-standardized.yaml
@@ -14,4 +14,4 @@ jobs:
     secrets:
       ORG_MEMBERSHIP_TOKEN: ${{ secrets.ORG_MEMBERSHIP_TOKEN }}
       SENZING_MEMBERS: ${{ secrets.SENZING_MEMBERS }}
-    uses: senzing-factory/build-resources/.github/workflows/add-labels-to-issue.yaml@v1
+    uses: senzing-factory/build-resources/.github/workflows/add-labels-to-issue.yaml@v2
diff --git a/.github/workflows/add-to-project-factory-dependabot.yaml b/.github/workflows/add-to-project-factory-dependabot.yaml
index 56f1cf4..e993c85 100644
--- a/.github/workflows/add-to-project-factory-dependabot.yaml
+++ b/.github/workflows/add-to-project-factory-dependabot.yaml
@@ -8,6 +8,6 @@ jobs:
   add-to-project-dependabot:
     secrets:
       SENZING_GITHUB_PROJECT_RW_TOKEN: ${{ secrets.SENZING_GITHUB_PROJECT_RW_TOKEN }}
-    uses: senzing-factory/build-resources/.github/workflows/add-to-project-dependabot.yaml@v1
+    uses: senzing-factory/build-resources/.github/workflows/add-to-project-dependabot.yaml@v2
     with:
       project: ${{ vars.SENZING_PROJECT_FACTORY }}
diff --git a/.github/workflows/add-to-project-factory.yaml b/.github/workflows/add-to-project-factory.yaml
index ea5505b..04e3299 100644
--- a/.github/workflows/add-to-project-factory.yaml
+++ b/.github/workflows/add-to-project-factory.yaml
@@ -13,7 +13,7 @@ jobs:
   add-to-project:
     secrets:
       SENZING_GITHUB_PROJECT_RW_TOKEN: ${{ secrets.SENZING_GITHUB_PROJECT_RW_TOKEN }}
-    uses: senzing-factory/build-resources/.github/workflows/add-to-project.yaml@v1
+    uses: senzing-factory/build-resources/.github/workflows/add-to-project.yaml@v2
     with:
       classic: false
       project-number: ${{ vars.SENZING_PROJECT_FACTORY }}
diff --git a/.github/workflows/lint-repo.yaml b/.github/workflows/lint-repo.yaml
index fbfb108..4ca640a 100644
--- a/.github/workflows/lint-repo.yaml
+++ b/.github/workflows/lint-repo.yaml
@@ -8,4 +8,4 @@ on:
 
 jobs:
   lint-code-base:
-    uses: senzing-factory/build-resources/.github/workflows/linter.yaml@v1
+    uses: senzing-factory/build-resources/.github/workflows/linter.yaml@v2
diff --git a/.github/workflows/move-pr-to-done-dependabot.yaml b/.github/workflows/move-pr-to-done-dependabot.yaml
index 603d08c..10f4f17 100644
--- a/.github/workflows/move-pr-to-done-dependabot.yaml
+++ b/.github/workflows/move-pr-to-done-dependabot.yaml
@@ -12,6 +12,6 @@ jobs:
   move-pr-to-done-dependabot:
     secrets:
       SENZING_GITHUB_PROJECT_RW_TOKEN: ${{ secrets.SENZING_GITHUB_PROJECT_RW_TOKEN }}
-    uses: senzing-factory/build-resources/.github/workflows/move-pr-to-done-dependabot.yaml@v1
+    uses: senzing-factory/build-resources/.github/workflows/move-pr-to-done-dependabot.yaml@v2
     with:
       project: ${{ vars.SENZING_PROJECT_FACTORY }}

From c4430b0f5b89d908094202287c8f4825ff088ac3 Mon Sep 17 00:00:00 2001
From: Sam <109683132+kernelsam@users.noreply.github.com>
Date: Thu, 6 Jun 2024 11:10:45 -0700
Subject: [PATCH 2/2] fix linting

---
 .../add-to-project-factory-dependabot.yaml     |  3 +++
 .github/workflows/docker-build-container.yaml  |  3 +++
 .github/workflows/lint-repo.yaml               |  6 ++++++
 build/docker/Dockerfile                        | 18 +++++++++++-------
 4 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/add-to-project-factory-dependabot.yaml b/.github/workflows/add-to-project-factory-dependabot.yaml
index e993c85..72c301a 100644
--- a/.github/workflows/add-to-project-factory-dependabot.yaml
+++ b/.github/workflows/add-to-project-factory-dependabot.yaml
@@ -4,6 +4,9 @@ on:
   pull_request:
     branches: [main]
 
+permissions:
+  repository-projects: write
+
 jobs:
   add-to-project-dependabot:
     secrets:
diff --git a/.github/workflows/docker-build-container.yaml b/.github/workflows/docker-build-container.yaml
index 1b510b8..788d0d9 100644
--- a/.github/workflows/docker-build-container.yaml
+++ b/.github/workflows/docker-build-container.yaml
@@ -2,6 +2,9 @@ name: docker build container
 
 on: [push]
 
+permissions:
+  contents: read
+
 jobs:
   docker-build-container:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/lint-repo.yaml b/.github/workflows/lint-repo.yaml
index 4ca640a..9fd1e90 100644
--- a/.github/workflows/lint-repo.yaml
+++ b/.github/workflows/lint-repo.yaml
@@ -6,6 +6,12 @@ on:
   pull_request:
     branches: [main]
 
+permissions:
+  contents: read
+  packages: read
+  pull-requests: read
+  statuses: write
+
 jobs:
   lint-code-base:
     uses: senzing-factory/build-resources/.github/workflows/linter.yaml@v2
diff --git a/build/docker/Dockerfile b/build/docker/Dockerfile
index de8eb04..8866222 100644
--- a/build/docker/Dockerfile
+++ b/build/docker/Dockerfile
@@ -8,10 +8,10 @@ ARG GITHUB_EVENT_NAME="push"
 
 # Add github
 RUN apk update && \
-    apk upgrade && \
-    apk add --no-cache \
-        git \
-        make
+  apk upgrade && \
+  apk add --no-cache \
+  git \
+  make
 
 WORKDIR /go/src
 
@@ -21,9 +21,9 @@ RUN git clone https://github.com/senzing/git-action-slack-notification.git
 # merging master into branch.
 WORKDIR /go/src/git-action-slack-notification
 RUN git checkout ${GITHUB_HEAD_REF}; \
-    if [[ "${GITHUB_HEAD_REF}" != "master" && ${GITHUB_EVENT_NAME} == "pull_request" ]]; then \
-        git merge master; \
-    fi
+  if [[ "${GITHUB_HEAD_REF}" != "master" && ${GITHUB_EVENT_NAME} == "pull_request" ]]; then \
+  git merge master; \
+  fi
 
 # Building go app
 RUN make build
@@ -42,4 +42,8 @@ COPY --from=BUILD /go/bin/git-action-slack-notification /usr/bin
 COPY --from=BUILD /go/src/git-action-slack-notification/LICENSE /
 COPY --from=BUILD /go/src/git-action-slack-notification/README.md /
 
+HEALTHCHECK CMD git --version || exit 1
+
+USER 1001
+
 ENTRYPOINT ["git-action-slack-notification"]