3b637a5125
tests/int: Separate ssh key names for Azure & GCP
...
- Also update IAM setup docs to include github terraform provider
configuration with github owner so that it can be used with a
repository under an organization.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
2 years ago
cdc1c98a11
add workflow for gcp
...
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
2 years ago
ab94c8064c
tests/int: Add IAM setup automation docs and misc fixes
...
Add instructions about how to create service accounts with IAM
permissions and populate the secrets and variables required in the CI.
Update the panic recovery code to ensure that the exit status surfaces
on panic along with a log message.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
2 years ago
f6b0c6e7ef
Add refactored e2e tests
...
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
2 years ago
29f77d2cb3
build(deps): bump the ci group with 2 updates
...
Bumps the ci group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ).
Updates `actions/checkout` from 3.5.3 to 3.6.0
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](c85c95e3d7...f43a0e5ff2https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.8.0...v1.9.0 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: ci
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: ci
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
c03a0b7f87
ci: disable fail-fast for ARM end-to-end
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2 years ago
0d457d6d11
build(deps): bump the ci group with 2 updates
...
Bumps the ci group with 2 updates: [korthout/backport-action](https://github.com/korthout/backport-action ) and [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ).
Updates `korthout/backport-action` from 1.3.1 to 1.4.0
- [Release notes](https://github.com/korthout/backport-action/releases )
- [Commits](bf5fdd624b...bd68141f07https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](336e29918d...3fa32b8bb5
2 years ago
1b5c4245df
e2e: Add Kubernetes v1.28.0 to conformance tests
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
7273059cb9
build(deps): bump the ci group with 2 updates
...
Bumps the ci group with 2 updates: [actions/setup-go](https://github.com/actions/setup-go ) and [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ).
Updates `actions/setup-go` from 4.0.1 to 4.1.0
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](fac708d667...93397bea11https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.8.0 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: ci
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: ci
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
d6cbfa39f8
ci: enable security-and-quality CodeQL query
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2 years ago
3fa7af12e0
disable e2e test
...
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
2 years ago
4d76ff4e6a
build(deps): bump the ci group with 2 updates
...
Bumps the ci group with 2 updates: [helm/kind-action](https://github.com/helm/kind-action ) and [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ).
Updates `helm/kind-action` from 1.7.0 to 1.8.0
- [Release notes](https://github.com/helm/kind-action/releases )
- [Commits](fa81e57adf...dda0770415https://github.com/docker/setup-buildx-action/releases )
- [Commits](16c0bc4a6e...4c0219f9ac
2 years ago
0a58b0cdad
ci: add workflow to test action
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2 years ago
36b39a50a4
ci: release: extract the image tag from GITHUB_REF
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
625d865625
ci: backport: set write permissions
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
506da2466b
ci: release: disable interpretation backslash esc
...
This ensures `jq` can properly parse the given `ARTIFACTS` JSON blob,
as it contains escaped newlines in for example the Brew formula.
This should address the issue with the generation of SLSA metadata.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2 years ago
5690b639cd
Run conformance tests for Kubernetes v1.27.3
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
5356436c94
ci: enable workflows for `release/**` branches
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
8ca8b92f92
ci: run backport under fluxcdbot account
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
b4efd15afd
build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](ecf95283f0...16c0bc4a6e
2 years ago
02b34f05c8
build(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](d13028333d...6e04d228eb
2 years ago
d2cc01169b
Declaratively define (and sync) labels
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
d8924cd8a9
Add backport GitHub Action workflow
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
cf7ee0081c
Add SLSA3 generators to release workflow
...
Generate SLSA level 3 provenance attestations for the release assets and for the multi-arch container images.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
b850f51ef5
build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551
2 years ago
0a2945e7f1
build(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](dd6b2e2b61...d13028333d
2 years ago
15a49334d8
build(deps): bump anchore/sbom-action from 0.14.2 to 0.14.3
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.14.2 to 0.14.3.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](4d571ad103...78fc58e266
2 years ago
c596c70d42
build(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](6a58db7e0d...ecf95283f0
2 years ago
f7e5101753
build(deps): bump peter-evans/create-pull-request from 5.0.1 to 5.0.2
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](284f54f989...153407881e
2 years ago
2b8385a874
build(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](f82d6c1c34...336e29918d
2 years ago
19137b8e8c
build(deps): bump docker/login-action from 2.1.0 to 2.2.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](f4ef78c080...465a07811f
2 years ago
55aa96a33a
build(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](e81a89b173...2b82ce82d5
2 years ago
0d1a68ecb4
build(deps): bump actions/checkout from 3.5.2 to 3.5.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
2 years ago
6d2dd076dc
build(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](4b4e9c3e2d...6a58db7e0d
2 years ago
9c81a74743
build(deps): bump github/codeql-action from 2.3.6 to 2.13.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.6 to 2.13.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](83f0fe6c49...cdcdbb5797
2 years ago
bbb3063cb2
build(deps): bump github/codeql-action from 2.3.5 to 2.3.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.5 to 2.3.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0225834cc5...83f0fe6c49
2 years ago
8d86637d3f
e2e: run e2e Azure tests for PRs to main if tests or wofklow changes
...
Run e2e Azure tests for PRs and commits to main if the `tests` directory
or the Azure workflow itself changes.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
2 years ago
860682e476
build(deps): bump github/codeql-action from 2.3.3 to 2.3.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.3 to 2.3.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](29b1f65c5e...0225834cc5
2 years ago
c07e33eff0
build(deps): bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 806182742461562b67788a64410098c9d9b96adb to b98d498629f1c368650224d6d212bf7dfa89e4bf.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](8061827424...b98d498629
2 years ago
0ce5117715
build(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.5
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.3 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](204a51a57a...dd6b2e2b61
2 years ago
9e422576b8
build(deps): bump actions/setup-go from 4.0.0 to 4.0.1
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](4d34df0c23...fac708d667
2 years ago
34ac124b6b
build(deps): bump helm/kind-action from 1.5.0 to 1.7.0
...
Bumps [helm/kind-action](https://github.com/helm/kind-action ) from 1.5.0 to 1.7.0.
- [Release notes](https://github.com/helm/kind-action/releases )
- [Commits](d8ccf8fb62...fa81e57adf
2 years ago
29b08fc306
Add OSSF Scorecard
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
847e78541a
build(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](422cb34a0f...4d571ad103
3 years ago
4d443d614b
build(deps): bump github/codeql-action from 2.3.2 to 2.3.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f3feb00acb...29b1f65c5e
3 years ago
38ada0b998
build(deps): bump peter-evans/create-pull-request from 5.0.0 to 5.0.1
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](5b4a9f6a9e...284f54f989
3 years ago
cd81362781
Run conformance tests for Kubernetes 1.27
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
86e542e524
build(deps): bump sigstore/cosign-installer from 3.0.2 to 3.0.3
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](9e9de2292d...204a51a57a
3 years ago
2538b6921f
build(deps): bump github/codeql-action from 2.3.0 to 2.3.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.0 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2c19fb9a2...f3feb00acb
3 years ago
f431f9858c
build(deps): bump github/codeql-action from 2.2.12 to 2.3.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.12 to 2.3.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7df0ce3489...b2c19fb9a2
3 years ago
ec6f341497
build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.11 to 2.2.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d186a2a36c...7df0ce3489
3 years ago
107894eccf
build(deps): bump actions/checkout from 3.5.0 to 3.5.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8f4b7f8486...8e5e7e5ab8
3 years ago
1435c71d9c
build(deps): bump sigstore/cosign-installer from 3.0.1 to 3.0.2
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](c3667d9942...9e9de2292d
3 years ago
48a1c0f5d4
build(deps): bump github/codeql-action from 2.2.9 to 2.2.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.2.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04df1262e6...d186a2a36c
3 years ago
2696a93ee0
build(deps): bump peter-evans/create-pull-request from 4.2.4 to 5.0.0
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 4.2.4 to 5.0.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](38e0b6e68b...5b4a9f6a9e
3 years ago
ccb7d62d95
ci: Run the e2e tests for the release branches
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
403ea39825
build(deps): bump anchore/sbom-action from 0.13.4 to 0.14.1
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.13.4 to 0.14.1.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](448520c4f1...422cb34a0f
3 years ago
7ee92db427
build(deps): bump github/codeql-action from 2.2.8 to 2.2.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.8 to 2.2.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](67a35a0858...04df1262e6
3 years ago
8240d19fbd
build(deps): bump anchore/sbom-action from 0.13.3 to 0.13.4
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.13.3 to 0.13.4.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](07978da4bd...448520c4f1
3 years ago
a30f77f8a4
build(deps): bump actions/checkout from 3.4.0 to 3.5.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](24cb908017...8f4b7f8486
3 years ago
dbfb4269cb
build(deps): bump github/codeql-action from 2.2.7 to 2.2.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.7 to 2.2.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](168b99b3c2...67a35a0858
3 years ago
ce405b6060
build: update `actions/setup-go` in workflows
...
- Update `actions/setup-go` to v4.0.0 in workflows.
- Remove separate caching steps in favor of built-in caching feature
in action (since >=v3.0.0).
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
3 years ago
519cf58d27
build(deps): bump peter-evans/create-pull-request from 4.2.3 to 4.2.4
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](2b011faafd...38e0b6e68b
3 years ago
1071f04e93
build(deps): bump actions/checkout from 3.3.0 to 3.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ac59398561...24cb908017
3 years ago
a452f15905
build(deps): bump github/codeql-action from 2.2.6 to 2.2.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.6 to 2.2.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](16964e90ba...168b99b3c2
3 years ago
ec978fc79f
build(deps): bump github/codeql-action from 2.2.5 to 2.2.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.5 to 2.2.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](32dc499307...16964e90ba
3 years ago
e1fca7f062
build(deps): bump docker/setup-buildx-action from 2.4.1 to 2.5.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](f03ac48505...4b4e9c3e2d
3 years ago
da06854e05
build(deps): bump actions/cache from 3.2.6 to 3.3.0
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.2.6 to 3.3.0.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](69d9d449ac...940f3d7cf1
3 years ago
59ca6548ea
ci: Use latest available images of kindest/node
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
26aafa1b6f
e2e: update podinfo to version with newer APIs
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
3 years ago
d29f1c062f
build: update Kubernetes versions in e2e workflows
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
3 years ago
879558fe20
build: update scan workflow
...
To include a (full) version number behind the actions with a SHA
reference, so Dependabot will continue to update them from now on.
Except for the `snyk/actions`, which follows `main`.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
3 years ago
940b5c4fb9
build: update update workflow
...
To include a version number behind the actions with a SHA reference, so
Dependabot will continue to update them from now on.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
3 years ago
5ab9c01378
build: update e2e{-*} workflows
...
To include a version number behind the actions with a SHA reference, so
Dependabot will continue to update them from now on.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
3 years ago
db67d2c4df
build: update release workflow
...
- sigstore/cosign-installer to v3.0.1
- Put (exact) version comment behind all action references, while taking note
this is an absolute insane way to manage versions.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
3 years ago
fe0baa4de9
build: update cache keys to reflect Go 1.20
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
3 years ago
18760acaa8
Update Go to 1.20
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
3 years ago
c16cca891f
build(deps): bump actions/cache from 3.2.5 to 3.2.6
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.2.5 to 3.2.6.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](6998d139dd...69d9d449ac
3 years ago
a5958b494d
build(deps): bump github/codeql-action from 2.2.4 to 2.2.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](17573ee1cc...32dc499307
3 years ago
7b731f7777
build(deps): bump fossa-contrib/fossa-action from 1.2.0 to 2.0.0
...
Bumps [fossa-contrib/fossa-action](https://github.com/fossa-contrib/fossa-action ) from 1.2.0 to 2.0.0.
- [Release notes](https://github.com/fossa-contrib/fossa-action/releases )
- [Changelog](https://github.com/fossa-contrib/fossa-action/blob/master/CHANGELOG.md )
- [Commits](6cffaa0641...6728dc6fe9
3 years ago
a59aaa4dfb
build: further solve issue release workflow
...
Signed-off-by: Hidde Beydals <hello@hidde.co>
3 years ago
2e1e4106fd
build: ensure newlines work with $GITHUB_OUTPUT
...
Signed-off-by: Hidde Beydals <hello@hidde.co>
3 years ago
bca26ebf0a
build: convert ::set-output to $GITHUB_OUTPUT
...
Signed-off-by: Hidde Beydals <hello@hidde.co>
3 years ago
b44a3d36ba
Remove deprecated flags
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
0f7b903ace
Update `push artifact`'s `--revision` to RFC-0005
...
Signed-off-by: Hidde Beydals <hello@hidde.co>
3 years ago
873950dc55
ci: Fix Snyk Go build VCS stamping error
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
f4acc0cfc9
build(deps): bump actions/cache from 3.2.4 to 3.2.5
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.2.4 to 3.2.5.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](627f0f41f6...6998d139dd
3 years ago
3c330b71aa
build(deps): bump github/codeql-action from 2.2.1 to 2.2.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.1 to 2.2.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3ebbd71c74...17573ee1cc
3 years ago
577d4e71af
build(deps): bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from e25b2e6f5658d1bb7a6671b113260f13134cc3af to 806182742461562b67788a64410098c9d9b96adb.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](e25b2e6f56...8061827424
3 years ago
e93b3d8d75
build(deps): bump docker/setup-buildx-action from 2.4.0 to 2.4.1
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](15c905b16b...f03ac48505
3 years ago
ae5294f010
build(deps): bump actions/cache from 3.2.3 to 3.2.4
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.2.3 to 3.2.4.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](58c146cc91...627f0f41f6
3 years ago
0cd0bf3b58
build(deps): bump goreleaser/goreleaser-action from 4.1.1 to 4.2.0
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.1.1 to 4.2.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](9754a253a8...f82d6c1c34
3 years ago
79f900b82e
ci: Replace engineerd/setup-kind with helm/kind-action
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
65481c223e
build(deps): bump docker/setup-buildx-action from 2.2.1 to 2.4.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.2.1 to 2.4.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](8c0edbc76e...15c905b16b
3 years ago
18924d29a7
Bump anchore/sbom-action from 0.13.1 to 0.13.3
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.13.1 to 0.13.3.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](06e109483e...07978da4bd
3 years ago
e5eb4d4a67
Bump github/codeql-action from 2.1.38 to 2.2.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.38 to 2.2.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](515828d974...3ebbd71c74
3 years ago
f22222f71d
Bump goreleaser/goreleaser-action from 4.1.0 to 4.1.1
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](8f67e590f2...9754a253a8
3 years ago
e7e05f870b
Bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 1cc9026f51d822442cb4b872d8d7ead8cc69a018 to e25b2e6f5658d1bb7a6671b113260f13134cc3af.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](1cc9026f51...e25b2e6f56
3 years ago
ece3a07567
Bump actions/cache from 3.2.2 to 3.2.3
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](4723a57e26...58c146cc91
3 years ago
58b4ed586a
Bump github/codeql-action from 2.1.37 to 2.1.38
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.37 to 2.1.38.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](959cbb7472...515828d974
3 years ago
1d80ff2b09
Bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561
3 years ago
f5563de144
Bump actions/cache from 3.0.11 to 3.2.2
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.0.11 to 3.2.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](9b0c1fce7a...4723a57e26
3 years ago
21a943e6f9
e2e: Update Kubernetes to v1.23.13 on AMD64
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
131c05d9c7
build: Revert sigstore/cosign-installer to v2.8.1
...
Dependabot should stick to tagged versions if the existing hash relates
to the tag made in the comment.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
3 years ago
c605f9a44f
Bump goreleaser/goreleaser-action from 3.2.0 to 4.1.0
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 3.2.0 to 4.1.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](b508e2e3ef...8f67e590f2
3 years ago
0014bc4c43
Bump actions/checkout from 3.1.0 to 3.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](93ea575cb5...755da8c3cf
3 years ago
bd284ab28b
Bump actions/setup-go from 3.4.0 to 3.5.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](d0a58c1c4d...6edd4406fa
3 years ago
fdd3fd1d06
Bump github/codeql-action from 2.1.36 to 2.1.37
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.36 to 2.1.37.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a669cc5936...959cbb7472
3 years ago
a9a63b8423
Fix flux2-kustomize-helm-example test
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
d5e5a26f5c
Update sigstore/cosign-installer requirement to b6757d8360bb6b9803c38b68e8cb7442baaf7eb5
...
Updates the requirements on [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) to permit the latest version.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](b6757d8360
3 years ago
75b5b0fd3c
Bump github/codeql-action from 2.1.35 to 2.1.36
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.35 to 2.1.36.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2a92eb56d...a669cc5936
3 years ago
4eda5a7ccd
Bump peter-evans/create-pull-request from 4.2.2 to 4.2.3
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 4.2.2 to 4.2.3.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](331d02c7e2...2b011faafd
3 years ago
882fb35601
Bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from a8dd587d8a94f5663fa3d67d51abd0cc66aff244 to 1cc9026f51d822442cb4b872d8d7ead8cc69a018.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](a8dd587d8a...1cc9026f51
3 years ago
2c35880cbf
Bump actions/setup-go from 3.3.1 to 3.4.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](c4a742cab1...d0a58c1c4d
3 years ago
f89525f8bd
Bump github/codeql-action from 2.1.33 to 2.1.35
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.33 to 2.1.35.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](678fc3afe2...b2a92eb56d
3 years ago
9db661ae63
Bump peter-evans/create-pull-request from 4.2.0 to 4.2.2
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 4.2.0 to 4.2.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](b4d51739f9...331d02c7e2
3 years ago
3b7c40bbb3
e2e: Refactor Azure test suite to use go-git
...
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
3 years ago
d0e6fcad3f
build: Pin GitHub Actions
...
The main benefit of pinning GitHub actions is the determinism it brings
in terms of what version of a given action will be executed. This is
a step towards having hermetic builds.
Once pinned to a commit, dependabot will automatically issue PRs to update
to newer versions.
Pinned versions is the only security metric from OpenSSF scorecard that
this repository currently have a zero score.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
3 years ago
93382f65bb
Bump hashicorp/setup-terraform from 2.0.2 to 2.0.3
...
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform ) from 2.0.2 to 2.0.3.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases )
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/setup-terraform/compare/v2.0.2...v2.0.3 )
---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
8bd13edc75
Add the monitoring stack to e2e tests
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
78f9a6214c
Refactor ARM64 e2e test suite
...
- Migrate the GitHub runners to Equinix c3.large.arm64 instances
- Run the test suite on all supported Kubernetes versions
- Add multi-tenancy smoke test
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
1a6b09afb4
Bump actions/setup-go from 2 to 3
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
bb1078d610
ci: Refactor GitHub workflows
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
73692df272
Additional workflow permissions tweaks
...
Signed-off-by: Eddie Knight <knight@linux.com>
3 years ago
2abf932ee4
Updated scan & update permissions
...
Signed-off-by: Eddie Knight <knight@linux.com>
3 years ago
939a75115c
Adjusted workflow permissions
...
Signed-off-by: Eddie Knight <knight@linux.com>
3 years ago
4a51b111e6
Bump peter-evans/create-pull-request from 3 to 4
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
c31367909e
Bump hashicorp/setup-terraform from 1 to 2.0.2
...
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform ) from 1 to 2.0.2.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases )
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/setup-terraform/compare/v1...v2.0.2 )
---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
09cbf348a7
Bump github/codeql-action from 1 to 2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
65a2ceec5c
Only run e2e tests for Dependabot PRs
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
4680abe951
Update libgit2 version in Azure e2e tests
...
Signed-off-by: Philip Laine <philip.laine@gmail.com>
3 years ago
d7dadb4425
e2e: Update bootstrap test to Kubernetes 1.25.2
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
348408e16e
Build with Go 1.19
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
491acf57ad
Setup CodeQL CI job with Go 1.18
...
Signed-off-by: Adrien Fillon <adrien.fillon@manomano.com>
3 years ago
bdc5ae4573
Publish install manifests to GHCR and DockerHub as OCI artifacts
...
Add workflow to build and push the install manifests to:
- ghcr.io/fluxcd/flux-manifests
- docker.io/fluxcd/flux-manifests
The OCI artifacts are signed with Cosign and GitHub OIDC (keyless).
The manifests pushed to GHCR have the container images set to ghcr.io/fluxcd/<controller-name> while the manifests pushed to DockerHub have the controller images set to docker.io/fluxcd/<controller-name>.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
92e136ed54
Update packages in Azure e2e tests
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Signed-off-by: Philip Laine <philip.laine@gmail.com>
3 years ago
8049634e4d
Add `oci://` prefix
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
30e5389d02
Run e2e tests for PRs against oci branch
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
b6a78f42ea
Update SC with OCI semver support
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
e4fb8e75f9
Add e2e tests for artifact commands
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
2d8db4f20d
Implement OCIRepository commands
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
0b9e3d24ef
Update GitHub actions
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
b795e612f7
Update Go to v1.18
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
775891fc88
build: ensure component update runs with make tidy
...
This to include the `-compat` flag.
Signed-off-by: Hidde Beydals <hello@hidde.co>
4 years ago
f154326391
Set minimum supported version to Kubernetes 1.20.6
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
4 years ago
e44a58cba0
ci: Fix release notes generator
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
4 years ago
a402461f9c
Sign the release artifacts checksums and images
...
- add the Flux manifests and API schemas to checksums
- sign the checksum.txt with Cosign and GitHub OIDC
- sign the flux-cli container images with Cosign and GitHub OIDC
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
4 years ago
11296cd94f
Publish Flux Software Bill of Materials (SBOM) in SPDX format
...
- generate SBOM for Flux Go modules with Syft
- publish the SBOM SPDX JSON files to GitHub releases with GoReleaser
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
4 years ago
62755b4b75
Wait 60s for image automation before failing the test
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
4 years ago
dcfb745b1f
Improve the bootstrap e2e cleanup
...
Delete the repository regardless of the bootstrap test exit code.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
4 years ago
Sunny
Somtochi Onyekwere
dependabot[bot]
Hidde Beydals
Stefan Prodan
Sanskar Jaiswal
Hidde Beydals
Paulo Gomes
Eddie Knight
Philip Laine
Adrien Fillon