Mirrors
/
flux2
mirror of https://github.com/fluxcd/flux2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,321 Commits
28 Branches
187 Tags
14 MiB
main
rfc-0008-implemented
dependabot/go_modules/github.com/go-git/go-git/v5-5.13.0
dependabot/go_modules/tests/integration/golang.org/x/net-0.33.0
dependabot/github_actions/ci-c96ae57a0b
dependabot/go_modules/tests/integration/github.com/golang-jwt/jwt/v4-4.5.1
release/v2.4.x
remove-notation-validation
release/v2.3.x
dependabot/go_modules/github.com/hashicorp/go-retryablehttp-0.7.7
dependabot/go_modules/github.com/Azure/azure-sdk-for-go/sdk/azidentity-1.6.0
rfc-flux-bootstrap-oci
release/v2.2.x
RFC
fix-commit-log
flux-audit
release/v2.1.x
context-ns
ksm-dashboard
rfc-passwordless-git-auth
release/v2.0.x
rfc-gating
release/v0.27.4
rfc-0003
rfc-0002
rfc-0001
prompt-for-tokens
encrypt-init-cmd
v2.4.0
v2.3.0
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
v2.0.1
v2.0.0
v2.0.0-rc.5
v2.0.0-rc.4
v2.0.0-rc.3
v2.0.0-rc.2
v2.0.0-rc.1
v0.41.2
v0.40.0
v0.39.0
v0.38.2
v0.38.1
v0.38.0
v0.37.0
v0.36.0
v0.35.0
v0.34.0
v0.33.0
v0.32.0
v0.31.3
v0.31.2
v0.31.1
v0.31.0
v0.30.1
v0.28.2
v0.27.2
v0.27.1
v0.27.0
v0.26.3
v0.26.2
v0.26.1
v0.26.0
v0.25.3
v0.0.1
v0.0.1-alpha.1
v0.0.1-beta.1
v0.0.1-beta.2
v0.0.1-beta.3
v0.0.1-beta.4
v0.0.10
v0.0.11
v0.0.12
v0.0.13
v0.0.14
v0.0.15
v0.0.16
v0.0.17
v0.0.18
v0.0.19
v0.0.2
v0.0.20
v0.0.21
v0.0.22
v0.0.23
v0.0.24
v0.0.25
v0.0.26
v0.0.27
v0.0.28
v0.0.3
v0.0.4
v0.0.5
v0.0.6
v0.0.7
v0.0.8
v0.0.9
v0.1.0
v0.1.1
v0.1.2
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.10.0
v0.11.0
v0.12.0
v0.12.1
v0.12.2
v0.12.3
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.13.4
v0.14.0
v0.14.1
v0.14.2
v0.15.0
v0.15.1
v0.15.2
v0.15.3
v0.16.0
v0.16.1
v0.16.2
v0.17.0
v0.17.1
v0.17.2
v0.18.0
v0.18.1
v0.18.2
v0.18.3
v0.19.0
v0.19.1
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.2.4
v0.2.5
v0.2.6
v0.20.0
v0.20.1
v0.21.0
v0.21.1
v0.22.0
v0.22.1
v0.23.0
v0.24.0
v0.24.1
v0.25.0
v0.25.1
v0.25.2
v0.27.3
v0.27.4
v0.28.0
v0.28.1
v0.28.3
v0.28.4
v0.28.5
v0.29.0
v0.29.1
v0.29.2
v0.29.3
v0.29.4
v0.29.5
v0.3.0
v0.30.0
v0.30.2
v0.31.4
v0.31.5
v0.38.3
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.40.1
v0.40.2
v0.41.0
v0.41.1
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.8.0
v0.8.1
v0.8.2
v0.9.0
v0.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd8e6199b2a'
${ noResults }
Commit Graph

53 Commits (d8e6199b2aaaea879c5d81a5c10d23486656c462)

Author SHA1 Message Date
dependabot[bot] 856ff67f34
build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 in the ci group 
Bumps the ci group with 1 update: [actions/setup-go](https://github.com/actions/setup-go).


Updates `actions/setup-go` from 5.0.0 to 5.0.1
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](0c52d547c9...cdcb360436)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 8 months ago
dependabot[bot] 86b3075535
build(deps): bump the ci group with 6 updates 
Bumps the ci group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4.1.3` | `4.1.4` |
| [helm/kind-action](https://github.com/helm/kind-action) | `1.9.0` | `1.10.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.2` | `4.3.3` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.15.10` | `0.15.11` |
| [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) | `1.10.0` | `2.0.0` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.0.4` | `6.0.5` |


Updates `actions/checkout` from 4.1.3 to 4.1.4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](1d96c772d1...0ad4b8fada)

Updates `helm/kind-action` from 1.9.0 to 1.10.0
- [Release notes](https://github.com/helm/kind-action/releases)
- [Commits](99576bfa6d...0025e74a8c)

Updates `actions/upload-artifact` from 4.3.2 to 4.3.3
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](1746f4ab65...65462800fd)

Updates `anchore/sbom-action` from 0.15.10 to 0.15.11
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](ab5d7b5f48...7ccf588e3c)

Updates `slsa-framework/slsa-github-generator` from 1.10.0 to 2.0.0
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.10.0...v2.0.0)

Updates `peter-evans/create-pull-request` from 6.0.4 to 6.0.5
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](9153d834b6...6d6857d369)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: helm/kind-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 9 months ago
Steven Wade d97221423f
Specifying go version in setup-go github action. 
Signed-off-by: Steven Wade <steven@stevenwade.co.uk>
 9 months ago
dependabot[bot] e17d429df2
build(deps): bump the ci group with 4 updates 
Bumps the ci group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [Azure/login](https://github.com/azure/login), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `actions/checkout` from 4.1.2 to 4.1.3
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](9bb56186c3...1d96c772d1)

Updates `Azure/login` from 2.0.0 to 2.1.0
- [Release notes](https://github.com/azure/login/releases)
- [Commits](8c334a195c...6b2456866f)

Updates `actions/upload-artifact` from 4.3.1 to 4.3.2
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](5d5d22a312...1746f4ab65)

Updates `peter-evans/create-pull-request` from 6.0.3 to 6.0.4
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](c55203cfde...9153d834b6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: Azure/login
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 9 months ago
dependabot[bot] 5b619d8001
build(deps): bump the ci group with 3 updates 
Bumps the ci group with 3 updates: [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action), [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `docker/setup-buildx-action` from 3.2.0 to 3.3.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](2b51285047...d70bba72b1)

Updates `sigstore/cosign-installer` from 3.4.0 to 3.5.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](e1523de757...59acb6260d)

Updates `peter-evans/create-pull-request` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](70a41aba78...c55203cfde)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 9 months ago
dependabot[bot] f63385a43f
build(deps): bump the ci group with 12 updates 
Bumps the ci group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `4.1.2` |
| [korthout/backport-action](https://github.com/korthout/backport-action) | `2.4.1` | `2.5.0` |
| [Azure/login](https://github.com/azure/login) | `1.6.1` | `2.0.0` |
| [helm/kind-action](https://github.com/helm/kind-action) | `1.8.0` | `1.9.0` |
| [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.1.0` | `2.1.2` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.0.0` | `3.2.0` |
| [docker/login-action](https://github.com/docker/login-action) | `3.0.0` | `3.1.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.0` | `4.3.1` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.15.8` | `0.15.10` |
| [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) | `1.9.0` | `1.10.0` |
| [EndBug/label-sync](https://github.com/endbug/label-sync) | `2.3.2` | `2.3.3` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.0.0` | `6.0.2` |


Updates `actions/checkout` from 4.1.1 to 4.1.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](b4ffde65f4...9bb56186c3)

Updates `korthout/backport-action` from 2.4.1 to 2.5.0
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](e8161d6a0d...ef20d86abc)

Updates `Azure/login` from 1.6.1 to 2.0.0
- [Release notes](https://github.com/azure/login/releases)
- [Commits](cb79c773a3...8c334a195c)

Updates `helm/kind-action` from 1.8.0 to 1.9.0
- [Release notes](https://github.com/helm/kind-action/releases)
- [Commits](dda0770415...99576bfa6d)

Updates `google-github-actions/auth` from 2.1.0 to 2.1.2
- [Release notes](https://github.com/google-github-actions/auth/releases)
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md)
- [Commits](5a50e58116...55bd3a7c6e)

Updates `docker/setup-buildx-action` from 3.0.0 to 3.2.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](f95db51fdd...2b51285047)

Updates `docker/login-action` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](343f7c4344...e92390c5fb)

Updates `actions/upload-artifact` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](26f96dfa69...5d5d22a312)

Updates `anchore/sbom-action` from 0.15.8 to 0.15.10
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](b6a39da807...ab5d7b5f48)

Updates `slsa-framework/slsa-github-generator` from 1.9.0 to 1.10.0
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.9.0...v1.10.0)

Updates `EndBug/label-sync` from 2.3.2 to 2.3.3
- [Release notes](https://github.com/endbug/label-sync/releases)
- [Commits](da00f2c11f...5207415819)

Updates `peter-evans/create-pull-request` from 6.0.0 to 6.0.2
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](b1ddad2c99...70a41aba78)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: Azure/login
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: helm/kind-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: google-github-actions/auth
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: EndBug/label-sync
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 10 months ago
Stefan Prodan 0dda09408c
Update dependencies to Go 1.22 and Kubernetes 1.29.3 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 10 months ago
dependabot[bot] 976f40b642
build(deps): bump the ci group with 3 updates 
Bumps the ci group with 3 updates: [anchore/sbom-action](https://github.com/anchore/sbom-action), [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `anchore/sbom-action` from 0.15.5 to 0.15.8
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](24b0d52385...b6a39da807)

Updates `sigstore/cosign-installer` from 3.3.0 to 3.4.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](9614fae9e5...e1523de757)

Updates `peter-evans/create-pull-request` from 5.0.2 to 6.0.0
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](153407881e...b1ddad2c99)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 11 months ago
dependabot[bot] 3abc829250
build(deps): bump the ci group with 4 updates 
Bumps the ci group with 4 updates: [korthout/backport-action](https://github.com/korthout/backport-action), [actions/setup-go](https://github.com/actions/setup-go), [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) and [anchore/sbom-action](https://github.com/anchore/sbom-action).


Updates `korthout/backport-action` from 2.1.1 to 2.2.0
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](08bafb375e...b982d297e3)

Updates `actions/setup-go` from 4.1.0 to 5.0.0
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](93397bea11...0c52d547c9)

Updates `google-github-actions/setup-gcloud` from 1.1.1 to 2.0.0
- [Release notes](https://github.com/google-github-actions/setup-gcloud/releases)
- [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/main/CHANGELOG.md)
- [Commits](e30db14379...825196879a)

Updates `anchore/sbom-action` from 0.15.0 to 0.15.1
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](fd74a6fb98...5ecf649a41)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: google-github-actions/setup-gcloud
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 1 year ago
dependabot[bot] 025fe9ced1
build(deps): bump the ci group with 1 update 
Bumps the ci group with 1 update: [actions/checkout](https://github.com/actions/checkout).

- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8ade135a41...b4ffde65f4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 1 year ago
dependabot[bot] 524a729f5d
build(deps): bump the ci group with 1 update 
Bumps the ci group with 1 update: [actions/checkout](https://github.com/actions/checkout).

- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](3df4ab11eb...8ade135a41)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 1 year ago
dependabot[bot] 8cd7d8c5d2
build(deps): bump the ci group with 3 updates 
Bumps the ci group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action).


Updates `actions/checkout` from 3.6.0 to 4.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](f43a0e5ff2...3df4ab11eb)

Updates `actions/upload-artifact` from 3.1.2 to 3.1.3
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](0b7f8abb15...a8a3f3ad30)

Updates `goreleaser/goreleaser-action` from 4.4.0 to 4.6.0
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](3fa32b8bb5...5fdedb94ab)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 1 year ago
dependabot[bot] 29f77d2cb3
build(deps): bump the ci group with 2 updates 
Bumps the ci group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator).


Updates `actions/checkout` from 3.5.3 to 3.6.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](c85c95e3d7...f43a0e5ff2)

Updates `slsa-framework/slsa-github-generator` from 1.8.0 to 1.9.0
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.8.0...v1.9.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 1 year ago
dependabot[bot] 7273059cb9
build(deps): bump the ci group with 2 updates 
Bumps the ci group with 2 updates: [actions/setup-go](https://github.com/actions/setup-go) and [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator).


Updates `actions/setup-go` from 4.0.1 to 4.1.0
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](fac708d667...93397bea11)

Updates `slsa-framework/slsa-github-generator` from 1.7.0 to 1.8.0
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.8.0)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 1 year ago
Stefan Prodan 5356436c94
ci: enable workflows for `release/**` branches 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2 years ago
dependabot[bot] f7e5101753
build(deps): bump peter-evans/create-pull-request from 5.0.1 to 5.0.2 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](284f54f989...153407881e)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 0d1a68ecb4
build(deps): bump actions/checkout from 3.5.2 to 3.5.3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8e5e7e5ab8...c85c95e3d7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 9e422576b8
build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](4d34df0c23...fac708d667)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 38ada0b998
build(deps): bump peter-evans/create-pull-request from 5.0.0 to 5.0.1 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](5b4a9f6a9e...284f54f989)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 107894eccf
build(deps): bump actions/checkout from 3.5.0 to 3.5.2 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8f4b7f8486...8e5e7e5ab8)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 2696a93ee0
build(deps): bump peter-evans/create-pull-request from 4.2.4 to 5.0.0 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4.2.4 to 5.0.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](38e0b6e68b...5b4a9f6a9e)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] a30f77f8a4
build(deps): bump actions/checkout from 3.4.0 to 3.5.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](24cb908017...8f4b7f8486)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Hidde Beydals ce405b6060
build: update `actions/setup-go` in workflows 
- Update `actions/setup-go` to v4.0.0 in workflows.
- Remove separate caching steps in favor of built-in caching feature
  in action (since >=v3.0.0).

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2 years ago
dependabot[bot] 519cf58d27 build(deps): bump peter-evans/create-pull-request from 4.2.3 to 4.2.4 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](2b011faafd...38e0b6e68b)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 1071f04e93
build(deps): bump actions/checkout from 3.3.0 to 3.4.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](ac59398561...24cb908017)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Hidde Beydals 940b5c4fb9
build: update update workflow 
To include a version number behind the actions with a SHA reference, so
Dependabot will continue to update them from now on.

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2 years ago
Hidde Beydals 18760acaa8
Update Go to 1.20 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2 years ago
Hidde Beydals a59aaa4dfb build: further solve issue release workflow 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2 years ago
Hidde Beydals 2e1e4106fd build: ensure newlines work with $GITHUB_OUTPUT 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2 years ago
Hidde Beydals bca26ebf0a build: convert ::set-output to $GITHUB_OUTPUT 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2 years ago
dependabot[bot] 1d80ff2b09
Bump actions/checkout from 3.2.0 to 3.3.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](755da8c3cf...ac59398561)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 0014bc4c43
Bump actions/checkout from 3.1.0 to 3.2.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](93ea575cb5...755da8c3cf)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] bd284ab28b
Bump actions/setup-go from 3.4.0 to 3.5.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](d0a58c1c4d...6edd4406fa)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 4eda5a7ccd
Bump peter-evans/create-pull-request from 4.2.2 to 4.2.3 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4.2.2 to 4.2.3.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](331d02c7e2...2b011faafd)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 2c35880cbf
Bump actions/setup-go from 3.3.1 to 3.4.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](c4a742cab1...d0a58c1c4d)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 9db661ae63
Bump peter-evans/create-pull-request from 4.2.0 to 4.2.2 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4.2.0 to 4.2.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](b4d51739f9...331d02c7e2)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Paulo Gomes d0e6fcad3f
build: Pin GitHub Actions 
The main benefit of pinning GitHub actions is the determinism it brings
in terms of what version of a given action will be executed. This is
a step towards having hermetic builds.

Once pinned to a commit, dependabot will automatically issue PRs to update
to newer versions.

Pinned versions is the only security metric from OpenSSF scorecard that
this repository currently have a zero score.

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
 2 years ago
Stefan Prodan bb1078d610
ci: Refactor GitHub workflows 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2 years ago
Eddie Knight 2abf932ee4 Updated scan & update permissions 
Signed-off-by: Eddie Knight <knight@linux.com>
 2 years ago
Eddie Knight 939a75115c Adjusted workflow permissions 
Signed-off-by: Eddie Knight <knight@linux.com>
 2 years ago
dependabot[bot] 4a51b111e6
Bump peter-evans/create-pull-request from 3 to 4 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Stefan Prodan 348408e16e
Build with Go 1.19 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2 years ago
Stefan Prodan 0b9e3d24ef
Update GitHub actions 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 3 years ago
Stefan Prodan b795e612f7
Update Go to v1.18 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 3 years ago
Hidde Beydals 775891fc88 build: ensure component update runs with make tidy 
This to include the `-compat` flag.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 3 years ago
Aurel Canciu f3d143e5ee
Update Go to v1.17 
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
 3 years ago
Hidde Beydals a56ce1f867 build: tidy after go mod edit 
To ensure the `go.sum` is always up-to-date when the following `go mod
edit` is executed.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 4 years ago
Hidde Beydals 1a904e138f Fix update automation and update CRDs 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 4 years ago
Hidde Beydals df6a0a3762 build: incl CRD version change in component update 
This includes updating the version in the `manifests/crds` directory
for the component thas has a newer latest version.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 4 years ago
Hidde Beydals 077860fff1 Fix updating of `go.mod` entries for components 
We noticed that some of our components had not received `go.mod` updates
while they did receive updates for the versions declared in the YAML
manifests.

Was able to trace this back to a behavior change in Go since `1.16.x`,
resulting in it no longer making automated changes to `go.mod` and
`go.sum`[1]. This is an issue for our updater script as it relies
on `go list -m all`, which now after the first `go mod edit` returns:

```console
$ go list -m all
go: github.com/fluxcd/notification-controller/api@v0.10.0: missing
go.sum entry; to add it:
        go mod download github.com/fluxcd/notification-controller/api
```

To work around the issue without having to repeatedly call `go mod
tidy`, I have opted to simply `grep` on the contents of `go.mod` as a
workaround.

[1]: https://blog.golang.org/go116-module-changes#TOC_3.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 4 years ago