e5eb4d4a67
Bump github/codeql-action from 2.1.38 to 2.2.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.38 to 2.2.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/515828d97454b8354517688ddc5b48402b723750...3ebbd71c74ef574dbc558c82f70e52732c8b44fe )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-01-30 10:23:13 +00:00
f22222f71d
Bump goreleaser/goreleaser-action from 4.1.0 to 4.1.1
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/8f67e590f2d095516493f017008adc464e63adb1...9754a253a8673b0ea869c2e863b4e975497efd0c )
---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-01-30 01:03:33 +00:00
e7e05f870b
Bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 1cc9026f51d822442cb4b872d8d7ead8cc69a018 to e25b2e6f5658d1bb7a6671b113260f13134cc3af.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](https://github.com/snyk/actions/compare/1cc9026f51d822442cb4b872d8d7ead8cc69a018...e25b2e6f5658d1bb7a6671b113260f13134cc3af )
---
updated-dependencies:
- dependency-name: snyk/actions
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-01-16 13:43:09 +00:00
ece3a07567
Bump actions/cache from 3.2.2 to 3.2.3
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/4723a57e26efda3a62cbde1812113b730952852d...58c146cc91c5b9e778e71775dfe9bf1442ad9a12 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-01-16 09:07:24 +00:00
58b4ed586a
Bump github/codeql-action from 2.1.37 to 2.1.38
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.37 to 2.1.38.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/959cbb7472c4d4ad70cdfe6f4976053fe48ab394...515828d97454b8354517688ddc5b48402b723750 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-01-16 01:16:39 +00:00
1d80ff2b09
Bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/755da8c3cf115ac066823e79a1e1788f8940201b...ac593985615ec2ede58e132d2e21d2b1cbd6127c )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-01-09 00:57:58 +00:00
f5563de144
Bump actions/cache from 3.0.11 to 3.2.2
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.0.11 to 3.2.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7...4723a57e26efda3a62cbde1812113b730952852d )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-01-02 00:36:13 +00:00
21a943e6f9
e2e: Update Kubernetes to v1.23.13 on AMD64
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-12-21 13:49:13 +02:00
131c05d9c7
build: Revert sigstore/cosign-installer to v2.8.1
...
Dependabot should stick to tagged versions if the existing hash relates
to the tag made in the comment.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works >
2022-12-19 13:29:02 +00:00
c605f9a44f
Bump goreleaser/goreleaser-action from 3.2.0 to 4.1.0
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 3.2.0 to 4.1.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/b508e2e3ef3b19d4e4146d4f8fb3ba9db644a757...8f67e590f2d095516493f017008adc464e63adb1 )
---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-19 13:07:50 +00:00
0014bc4c43
Bump actions/checkout from 3.1.0 to 3.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8...755da8c3cf115ac066823e79a1e1788f8940201b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-19 12:32:31 +00:00
bd284ab28b
Bump actions/setup-go from 3.4.0 to 3.5.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/d0a58c1c4d2b25278816e339b944508c875f3613...6edd4406fa81c3da01a34fa6f6343087c207a568 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-19 12:14:24 +00:00
fdd3fd1d06
Bump github/codeql-action from 2.1.36 to 2.1.37
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.36 to 2.1.37.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/a669cc5936cc5e1b6a362ec1ff9e410dc570d190...959cbb7472c4d4ad70cdfe6f4976053fe48ab394 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-19 01:01:28 +00:00
a9a63b8423
Fix flux2-kustomize-helm-example test
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-12-14 12:20:18 +02:00
d5e5a26f5c
Update sigstore/cosign-installer requirement to b6757d8360bb6b9803c38b68e8cb7442baaf7eb5
...
Updates the requirements on [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) to permit the latest version.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/commits/b6757d8360bb6b9803c38b68e8cb7442baaf7eb5 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-12 10:27:54 +00:00
75b5b0fd3c
Bump github/codeql-action from 2.1.35 to 2.1.36
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.35 to 2.1.36.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/b2a92eb56d8cb930006a1c6ed86b0782dd8a4297...a669cc5936cc5e1b6a362ec1ff9e410dc570d190 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-12 00:29:53 +00:00
4eda5a7ccd
Bump peter-evans/create-pull-request from 4.2.2 to 4.2.3
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 4.2.2 to 4.2.3.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](https://github.com/peter-evans/create-pull-request/compare/331d02c7e2104af23ad5974d4d5cbc58a3e6dc77...2b011faafdcbc9ceb11414d64d0573f37c774b04 )
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-05 08:08:45 +00:00
882fb35601
Bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from a8dd587d8a94f5663fa3d67d51abd0cc66aff244 to 1cc9026f51d822442cb4b872d8d7ead8cc69a018.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](https://github.com/snyk/actions/compare/a8dd587d8a94f5663fa3d67d51abd0cc66aff244...1cc9026f51d822442cb4b872d8d7ead8cc69a018 )
---
updated-dependencies:
- dependency-name: snyk/actions
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-05 07:47:09 +00:00
2c35880cbf
Bump actions/setup-go from 3.3.1 to 3.4.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/c4a742cab115ed795e34d4513e2cf7d472deb55f...d0a58c1c4d2b25278816e339b944508c875f3613 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-05 06:46:50 +00:00
f89525f8bd
Bump github/codeql-action from 2.1.33 to 2.1.35
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.33 to 2.1.35.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/678fc3afe258fb2e0cdc165ccf77b85719de7b3c...b2a92eb56d8cb930006a1c6ed86b0782dd8a4297 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-05 00:43:23 +00:00
9db661ae63
Bump peter-evans/create-pull-request from 4.2.0 to 4.2.2
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 4.2.0 to 4.2.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](https://github.com/peter-evans/create-pull-request/compare/b4d51739f96fca8047ad065eccef63442d8e99f7...331d02c7e2104af23ad5974d4d5cbc58a3e6dc77 )
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-11-28 01:15:01 +00:00
3b7c40bbb3
e2e: Refactor Azure test suite to use go-git
...
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com >
2022-11-23 11:36:57 +02:00
d0e6fcad3f
build: Pin GitHub Actions
...
The main benefit of pinning GitHub actions is the determinism it brings
in terms of what version of a given action will be executed. This is
a step towards having hermetic builds.
Once pinned to a commit, dependabot will automatically issue PRs to update
to newer versions.
Pinned versions is the only security metric from OpenSSF scorecard that
this repository currently have a zero score.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works >
2022-11-17 15:33:59 +00:00
93382f65bb
Bump hashicorp/setup-terraform from 2.0.2 to 2.0.3
...
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform ) from 2.0.2 to 2.0.3.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases )
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/setup-terraform/compare/v2.0.2...v2.0.3 )
---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-11-09 13:33:14 +00:00
8bd13edc75
Add the monitoring stack to e2e tests
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-11-09 14:10:56 +02:00
78f9a6214c
Refactor ARM64 e2e test suite
...
- Migrate the GitHub runners to Equinix c3.large.arm64 instances
- Run the test suite on all supported Kubernetes versions
- Add multi-tenancy smoke test
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-11-04 14:14:37 +02:00
1a6b09afb4
Bump actions/setup-go from 2 to 3
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-31 00:45:59 +00:00
bb1078d610
ci: Refactor GitHub workflows
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-10-21 09:46:10 +03:00
73692df272
Additional workflow permissions tweaks
...
Signed-off-by: Eddie Knight <knight@linux.com >
2022-10-20 12:48:05 -05:00
2abf932ee4
Updated scan & update permissions
...
Signed-off-by: Eddie Knight <knight@linux.com >
2022-10-20 12:09:34 -05:00
939a75115c
Adjusted workflow permissions
...
Signed-off-by: Eddie Knight <knight@linux.com >
2022-10-20 11:04:49 -05:00
4a51b111e6
Bump peter-evans/create-pull-request from 3 to 4
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-19 13:48:54 +00:00
c31367909e
Bump hashicorp/setup-terraform from 1 to 2.0.2
...
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform ) from 1 to 2.0.2.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases )
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/setup-terraform/compare/v1...v2.0.2 )
---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-19 13:26:45 +00:00
09cbf348a7
Bump github/codeql-action from 1 to 2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-18 07:32:38 +00:00
65a2ceec5c
Only run e2e tests for Dependabot PRs
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-10-17 19:49:57 +03:00
4680abe951
Update libgit2 version in Azure e2e tests
...
Signed-off-by: Philip Laine <philip.laine@gmail.com >
2022-10-07 15:26:06 +02:00
d7dadb4425
e2e: Update bootstrap test to Kubernetes 1.25.2
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-09-28 23:54:08 +03:00
348408e16e
Build with Go 1.19
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-09-28 22:05:48 +03:00
491acf57ad
Setup CodeQL CI job with Go 1.18
...
Signed-off-by: Adrien Fillon <adrien.fillon@manomano.com >
2022-09-12 12:08:47 +02:00
bdc5ae4573
Publish install manifests to GHCR and DockerHub as OCI artifacts
...
Add workflow to build and push the install manifests to:
- ghcr.io/fluxcd/flux-manifests
- docker.io/fluxcd/flux-manifests
The OCI artifacts are signed with Cosign and GitHub OIDC (keyless).
The manifests pushed to GHCR have the container images set to ghcr.io/fluxcd/<controller-name> while the manifests pushed to DockerHub have the controller images set to docker.io/fluxcd/<controller-name>.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-09-09 14:49:58 +03:00
92e136ed54
Update packages in Azure e2e tests
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
Signed-off-by: Philip Laine <philip.laine@gmail.com >
2022-08-29 16:50:26 +02:00
8049634e4d
Add oci:// prefix
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-08-09 12:44:58 +03:00
30e5389d02
Run e2e tests for PRs against oci branch
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-08-09 12:44:57 +03:00
b6a78f42ea
Update SC with OCI semver support
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-08-09 12:44:57 +03:00
e4fb8e75f9
Add e2e tests for artifact commands
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-08-09 12:44:57 +03:00
2d8db4f20d
Implement OCIRepository commands
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-08-09 12:44:57 +03:00
0b9e3d24ef
Update GitHub actions
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-05-27 13:35:13 +03:00
b795e612f7
Update Go to v1.18
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-05-25 11:43:30 +03:00
775891fc88
build: ensure component update runs with make tidy
...
This to include the `-compat` flag.
Signed-off-by: Hidde Beydals <hello@hidde.co >
2022-03-23 21:32:00 +01:00
f154326391
Set minimum supported version to Kubernetes 1.20.6
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2022-01-26 11:21:32 +02:00
dependabot[bot]