Mirrors
/
flux2
mirror of https://github.com/fluxcd/flux2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,884 Commits
28 Branches
187 Tags
14 MiB
main
rfc-0008-implemented
dependabot/go_modules/github.com/go-git/go-git/v5-5.13.0
dependabot/go_modules/tests/integration/golang.org/x/net-0.33.0
dependabot/github_actions/ci-c96ae57a0b
dependabot/go_modules/tests/integration/github.com/golang-jwt/jwt/v4-4.5.1
release/v2.4.x
remove-notation-validation
release/v2.3.x
dependabot/go_modules/github.com/hashicorp/go-retryablehttp-0.7.7
dependabot/go_modules/github.com/Azure/azure-sdk-for-go/sdk/azidentity-1.6.0
rfc-flux-bootstrap-oci
release/v2.2.x
RFC
fix-commit-log
flux-audit
release/v2.1.x
context-ns
ksm-dashboard
rfc-passwordless-git-auth
release/v2.0.x
rfc-gating
release/v0.27.4
rfc-0003
rfc-0002
rfc-0001
prompt-for-tokens
encrypt-init-cmd
v2.4.0
v2.3.0
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
v2.0.1
v2.0.0
v2.0.0-rc.5
v2.0.0-rc.4
v2.0.0-rc.3
v2.0.0-rc.2
v2.0.0-rc.1
v0.41.2
v0.40.0
v0.39.0
v0.38.2
v0.38.1
v0.38.0
v0.37.0
v0.36.0
v0.35.0
v0.34.0
v0.33.0
v0.32.0
v0.31.3
v0.31.2
v0.31.1
v0.31.0
v0.30.1
v0.28.2
v0.27.2
v0.27.1
v0.27.0
v0.26.3
v0.26.2
v0.26.1
v0.26.0
v0.25.3
v0.0.1
v0.0.1-alpha.1
v0.0.1-beta.1
v0.0.1-beta.2
v0.0.1-beta.3
v0.0.1-beta.4
v0.0.10
v0.0.11
v0.0.12
v0.0.13
v0.0.14
v0.0.15
v0.0.16
v0.0.17
v0.0.18
v0.0.19
v0.0.2
v0.0.20
v0.0.21
v0.0.22
v0.0.23
v0.0.24
v0.0.25
v0.0.26
v0.0.27
v0.0.28
v0.0.3
v0.0.4
v0.0.5
v0.0.6
v0.0.7
v0.0.8
v0.0.9
v0.1.0
v0.1.1
v0.1.2
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.10.0
v0.11.0
v0.12.0
v0.12.1
v0.12.2
v0.12.3
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.13.4
v0.14.0
v0.14.1
v0.14.2
v0.15.0
v0.15.1
v0.15.2
v0.15.3
v0.16.0
v0.16.1
v0.16.2
v0.17.0
v0.17.1
v0.17.2
v0.18.0
v0.18.1
v0.18.2
v0.18.3
v0.19.0
v0.19.1
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.2.4
v0.2.5
v0.2.6
v0.20.0
v0.20.1
v0.21.0
v0.21.1
v0.22.0
v0.22.1
v0.23.0
v0.24.0
v0.24.1
v0.25.0
v0.25.1
v0.25.2
v0.27.3
v0.27.4
v0.28.0
v0.28.1
v0.28.3
v0.28.4
v0.28.5
v0.29.0
v0.29.1
v0.29.2
v0.29.3
v0.29.4
v0.29.5
v0.3.0
v0.30.0
v0.30.2
v0.31.4
v0.31.5
v0.38.3
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.40.1
v0.40.2
v0.41.0
v0.41.1
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.8.0
v0.8.1
v0.8.2
v0.9.0
v0.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ba5c7e4fc3'
${ noResults }
Commit Graph

70 Commits (ba5c7e4fc37a1bd699d82828b0891d526ab5ed31)

Author SHA1 Message Date
Stefan Prodan cf7ee0081c
Add SLSA3 generators to release workflow 
Generate SLSA level 3 provenance attestations for the release assets and for the multi-arch container images.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2 years ago
dependabot[bot] 0a2945e7f1
build(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](dd6b2e2b61...d13028333d)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 15a49334d8
build(deps): bump anchore/sbom-action from 0.14.2 to 0.14.3 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.14.2 to 0.14.3.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](4d571ad103...78fc58e266)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] c596c70d42
build(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](6a58db7e0d...ecf95283f0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 2b8385a874
build(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](f82d6c1c34...336e29918d)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 19137b8e8c
build(deps): bump docker/login-action from 2.1.0 to 2.2.0 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](f4ef78c080...465a07811f)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 55aa96a33a
build(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](e81a89b173...2b82ce82d5)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 0d1a68ecb4
build(deps): bump actions/checkout from 3.5.2 to 3.5.3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8e5e7e5ab8...c85c95e3d7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 6d2dd076dc
build(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](4b4e9c3e2d...6a58db7e0d)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 0ce5117715
build(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.5 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.3 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](204a51a57a...dd6b2e2b61)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 9e422576b8
build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](4d34df0c23...fac708d667)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 847e78541a
build(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](422cb34a0f...4d571ad103)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 86e542e524
build(deps): bump sigstore/cosign-installer from 3.0.2 to 3.0.3 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](9e9de2292d...204a51a57a)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 107894eccf
build(deps): bump actions/checkout from 3.5.0 to 3.5.2 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8f4b7f8486...8e5e7e5ab8)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 1435c71d9c
build(deps): bump sigstore/cosign-installer from 3.0.1 to 3.0.2 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](c3667d9942...9e9de2292d)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 403ea39825
build(deps): bump anchore/sbom-action from 0.13.4 to 0.14.1 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.13.4 to 0.14.1.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](448520c4f1...422cb34a0f)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 8240d19fbd
build(deps): bump anchore/sbom-action from 0.13.3 to 0.13.4 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.13.3 to 0.13.4.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](07978da4bd...448520c4f1)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] a30f77f8a4
build(deps): bump actions/checkout from 3.4.0 to 3.5.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](24cb908017...8f4b7f8486)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Hidde Beydals ce405b6060
build: update `actions/setup-go` in workflows 
- Update `actions/setup-go` to v4.0.0 in workflows.
- Remove separate caching steps in favor of built-in caching feature
  in action (since >=v3.0.0).

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2 years ago
dependabot[bot] 1071f04e93
build(deps): bump actions/checkout from 3.3.0 to 3.4.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](ac59398561...24cb908017)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] e1fca7f062
build(deps): bump docker/setup-buildx-action from 2.4.1 to 2.5.0 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](f03ac48505...4b4e9c3e2d)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Hidde Beydals db67d2c4df
build: update release workflow 
- sigstore/cosign-installer to v3.0.1
- Put (exact) version comment behind all action references, while taking note
  this is an absolute insane way to manage versions.

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2 years ago
Hidde Beydals 18760acaa8
Update Go to 1.20 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2 years ago
Hidde Beydals bca26ebf0a build: convert ::set-output to $GITHUB_OUTPUT 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2 years ago
Hidde Beydals 0f7b903ace Update `push artifact`'s `--revision` to RFC-0005 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2 years ago
dependabot[bot] e93b3d8d75
build(deps): bump docker/setup-buildx-action from 2.4.0 to 2.4.1 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](15c905b16b...f03ac48505)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 0cd0bf3b58
build(deps): bump goreleaser/goreleaser-action from 4.1.1 to 4.2.0 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4.1.1 to 4.2.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](9754a253a8...f82d6c1c34)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 65481c223e
build(deps): bump docker/setup-buildx-action from 2.2.1 to 2.4.0 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.2.1 to 2.4.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](8c0edbc76e...15c905b16b)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 18924d29a7
Bump anchore/sbom-action from 0.13.1 to 0.13.3 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.13.1 to 0.13.3.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](06e109483e...07978da4bd)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] f22222f71d
Bump goreleaser/goreleaser-action from 4.1.0 to 4.1.1 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](8f67e590f2...9754a253a8)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 1d80ff2b09
Bump actions/checkout from 3.2.0 to 3.3.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](755da8c3cf...ac59398561)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Paulo Gomes 131c05d9c7
build: Revert sigstore/cosign-installer to v2.8.1 
Dependabot should stick to tagged versions if the existing hash relates
to the tag made in the comment.

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
 2 years ago
dependabot[bot] c605f9a44f
Bump goreleaser/goreleaser-action from 3.2.0 to 4.1.0 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 3.2.0 to 4.1.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](b508e2e3ef...8f67e590f2)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 0014bc4c43
Bump actions/checkout from 3.1.0 to 3.2.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](93ea575cb5...755da8c3cf)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] bd284ab28b
Bump actions/setup-go from 3.4.0 to 3.5.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](d0a58c1c4d...6edd4406fa)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] d5e5a26f5c
Update sigstore/cosign-installer requirement to b6757d8360bb6b9803c38b68e8cb7442baaf7eb5 
Updates the requirements on [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) to permit the latest version.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](b6757d8360)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 2c35880cbf
Bump actions/setup-go from 3.3.1 to 3.4.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](c4a742cab1...d0a58c1c4d)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Paulo Gomes d0e6fcad3f
build: Pin GitHub Actions 
The main benefit of pinning GitHub actions is the determinism it brings
in terms of what version of a given action will be executed. This is
a step towards having hermetic builds.

Once pinned to a commit, dependabot will automatically issue PRs to update
to newer versions.

Pinned versions is the only security metric from OpenSSF scorecard that
this repository currently have a zero score.

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
 2 years ago
Stefan Prodan bb1078d610
ci: Refactor GitHub workflows 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2 years ago
Eddie Knight 73692df272 Additional workflow permissions tweaks 
Signed-off-by: Eddie Knight <knight@linux.com>
 2 years ago
Eddie Knight 939a75115c Adjusted workflow permissions 
Signed-off-by: Eddie Knight <knight@linux.com>
 2 years ago
Stefan Prodan 348408e16e
Build with Go 1.19 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2 years ago
Stefan Prodan 0b9e3d24ef
Update GitHub actions 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 3 years ago
Stefan Prodan b795e612f7
Update Go to v1.18 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 3 years ago
Stefan Prodan e44a58cba0
ci: Fix release notes generator 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 3 years ago
Stefan Prodan a402461f9c
Sign the release artifacts checksums and images 
- add the Flux manifests and API schemas to checksums
- sign the checksum.txt with Cosign and GitHub OIDC
- sign the flux-cli container images with Cosign and GitHub OIDC

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 3 years ago
Stefan Prodan 11296cd94f
Publish Flux Software Bill of Materials (SBOM) in SPDX format 
- generate SBOM for Flux Go modules with Syft
- publish the SBOM SPDX JSON files to GitHub releases with GoReleaser

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 3 years ago
Aurel Canciu f3d143e5ee
Update Go to v1.17 
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
 3 years ago
Hidde Beydals bb04ca36b2 Pin `crdjsonschema` action to commit 
Pinned to commit before https://github.com/fluxcd/pkg/pull/189 due to
introduction faulty behavior.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 3 years ago
Hidde Beydals fc94b1af7a Revert "Merge pull request #2107 from chanwit/json_schemas" 
This reverts commit 75a18b4548, reversing
changes made to e72214e266.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 3 years ago