dependabot[bot]
dbb9ea303d
build(deps): bump the ci group with 4 updates
...
Bumps the ci group with 4 updates: [actions/checkout](https://github.com/actions/checkout ), [actions/setup-go](https://github.com/actions/setup-go ), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) and [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ).
Updates `actions/checkout` from 3.4.0 to 3.6.0
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3.4.0...f43a0e5ff2bd294095638e18286ca9a3d1956744 )
Updates `actions/setup-go` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v4...93397bea11091df50f3d7e59dc26a7711a8bcfbe )
Updates `docker/setup-buildx-action` from 2.9.1 to 2.10.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](4c0219f9ac...885d1462b8https://github.com/sigstore/cosign-installer/releases )
- [Commits](6e04d228eb...11086d2504support@github.com >
2023-09-04 00:52:11 +00:00
Sunny
a9a67a27e7
workflows/e2e-azure: Disable new azure job
...
There's no azure subscription to run the tests against at present.
Signed-off-by: Sunny <darkowlzz@protonmail.com >
2023-08-31 21:39:39 +05:30
Sunny
c2e526ca57
workflows/e2e-gcp: Fix secret variable typo
...
Also update terraform config to add a description to the service
account and a note about github organization repo.
Signed-off-by: Sunny <darkowlzz@protonmail.com >
2023-08-31 21:39:14 +05:30
Sunny
3b637a5125
tests/int: Separate ssh key names for Azure & GCP
...
- Also update IAM setup docs to include github terraform provider
configuration with github owner so that it can be used with a
repository under an organization.
Signed-off-by: Sunny <darkowlzz@protonmail.com >
2023-08-29 17:43:59 +05:30
Somtochi Onyekwere
cdc1c98a11
add workflow for gcp
...
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com >
2023-08-29 17:43:59 +05:30
Sunny
ab94c8064c
tests/int: Add IAM setup automation docs and misc fixes
...
Add instructions about how to create service accounts with IAM
permissions and populate the secrets and variables required in the CI.
Update the panic recovery code to ensure that the exit status surfaces
on panic along with a log message.
Signed-off-by: Sunny <darkowlzz@protonmail.com >
2023-08-29 17:43:59 +05:30
Somtochi Onyekwere
f6b0c6e7ef
Add refactored e2e tests
...
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com >
2023-08-29 17:43:53 +05:30
dependabot[bot]
29f77d2cb3
build(deps): bump the ci group with 2 updates
...
Bumps the ci group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ).
Updates `actions/checkout` from 3.5.3 to 3.6.0
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](c85c95e3d7...f43a0e5ff2https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.8.0...v1.9.0 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: ci
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: ci
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-08-28 00:57:07 +00:00
Hidde Beydals
c03a0b7f87
ci: disable fail-fast for ARM end-to-end
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer >
2023-08-21 17:17:02 +02:00
dependabot[bot]
0d457d6d11
build(deps): bump the ci group with 2 updates
...
Bumps the ci group with 2 updates: [korthout/backport-action](https://github.com/korthout/backport-action ) and [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ).
Updates `korthout/backport-action` from 1.3.1 to 1.4.0
- [Release notes](https://github.com/korthout/backport-action/releases )
- [Commits](bf5fdd624b...bd68141f07https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](336e29918d...3fa32b8bb5support@github.com >
2023-08-17 09:50:14 +00:00
Stefan Prodan
1b5c4245df
e2e: Add Kubernetes v1.28.0 to conformance tests
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2023-08-17 11:45:36 +03:00
dependabot[bot]
7273059cb9
build(deps): bump the ci group with 2 updates
...
Bumps the ci group with 2 updates: [actions/setup-go](https://github.com/actions/setup-go ) and [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ).
Updates `actions/setup-go` from 4.0.1 to 4.1.0
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](fac708d667...93397bea11https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.8.0 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: ci
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: ci
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-08-09 16:35:22 +00:00
Hidde Beydals
d6cbfa39f8
ci: enable security-and-quality CodeQL query
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer >
2023-08-09 18:14:39 +02:00
Somtochi Onyekwere
3fa7af12e0
disable e2e test
...
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com >
2023-08-08 16:35:47 +01:00
dependabot[bot]
4d76ff4e6a
build(deps): bump the ci group with 2 updates
...
Bumps the ci group with 2 updates: [helm/kind-action](https://github.com/helm/kind-action ) and [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ).
Updates `helm/kind-action` from 1.7.0 to 1.8.0
- [Release notes](https://github.com/helm/kind-action/releases )
- [Commits](fa81e57adf...dda0770415https://github.com/docker/setup-buildx-action/releases )
- [Commits](16c0bc4a6e...4c0219f9acsupport@github.com >
2023-07-17 00:37:57 +00:00
Hidde Beydals
0a58b0cdad
ci: add workflow to test action
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer >
2023-07-07 11:56:00 +02:00
Stefan Prodan
36b39a50a4
ci: release: extract the image tag from GITHUB_REF
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2023-07-06 10:40:50 +03:00
Stefan Prodan
625d865625
ci: backport: set write permissions
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2023-07-06 10:21:16 +03:00
Hidde Beydals
506da2466b
ci: release: disable interpretation backslash esc
...
This ensures `jq` can properly parse the given `ARTIFACTS` JSON blob,
as it contains escaped newlines in for example the Brew formula.
This should address the issue with the generation of SLSA metadata.
Signed-off-by: Hidde Beydals <hidde@hhh.computer >
2023-07-05 17:07:03 +02:00
Stefan Prodan
5690b639cd
Run conformance tests for Kubernetes v1.27.3
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2023-07-04 14:46:43 +03:00
Stefan Prodan
5356436c94
ci: enable workflows for release/** branches
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2023-07-04 13:27:33 +03:00
Stefan Prodan
8ca8b92f92
ci: run backport under fluxcdbot account
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2023-07-04 12:21:22 +03:00
dependabot[bot]
b4efd15afd
build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](ecf95283f0...16c0bc4a6esupport@github.com >
2023-06-30 14:47:48 +00:00
dependabot[bot]
02b34f05c8
build(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](d13028333d...6e04d228ebsupport@github.com >
2023-06-30 14:29:43 +00:00
Stefan Prodan
d2cc01169b
Declaratively define (and sync) labels
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2023-06-30 17:04:12 +03:00
Stefan Prodan
d8924cd8a9
Add backport GitHub Action workflow
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2023-06-30 16:55:54 +03:00
Stefan Prodan
cf7ee0081c
Add SLSA3 generators to release workflow
...
Generate SLSA level 3 provenance attestations for the release assets and for the multi-arch container images.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2023-06-26 12:40:35 +03:00
dependabot[bot]
b850f51ef5
build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551support@github.com >
2023-06-26 08:40:29 +00:00
dependabot[bot]
0a2945e7f1
build(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](dd6b2e2b61...d13028333dsupport@github.com >
2023-06-26 08:27:20 +00:00
dependabot[bot]
15a49334d8
build(deps): bump anchore/sbom-action from 0.14.2 to 0.14.3
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.14.2 to 0.14.3.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](4d571ad103...78fc58e266support@github.com >
2023-06-26 01:16:48 +00:00
dependabot[bot]
c596c70d42
build(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](6a58db7e0d...ecf95283f0support@github.com >
2023-06-19 11:07:15 +00:00
dependabot[bot]
f7e5101753
build(deps): bump peter-evans/create-pull-request from 5.0.1 to 5.0.2
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](284f54f989...153407881esupport@github.com >
2023-06-19 10:37:22 +00:00
dependabot[bot]
2b8385a874
build(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](f82d6c1c34...336e29918dsupport@github.com >
2023-06-19 01:17:57 +00:00
dependabot[bot]
19137b8e8c
build(deps): bump docker/login-action from 2.1.0 to 2.2.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](f4ef78c080...465a07811fsupport@github.com >
2023-06-12 10:10:29 +00:00
dependabot[bot]
55aa96a33a
build(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](e81a89b173...2b82ce82d5support@github.com >
2023-06-12 09:53:46 +00:00
dependabot[bot]
0d1a68ecb4
build(deps): bump actions/checkout from 3.5.2 to 3.5.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7support@github.com >
2023-06-12 09:39:54 +00:00
dependabot[bot]
6d2dd076dc
build(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](4b4e9c3e2d...6a58db7e0dsupport@github.com >
2023-06-12 09:25:10 +00:00
dependabot[bot]
9c81a74743
build(deps): bump github/codeql-action from 2.3.6 to 2.13.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.6 to 2.13.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](83f0fe6c49...cdcdbb5797support@github.com >
2023-06-12 01:20:41 +00:00
dependabot[bot]
bbb3063cb2
build(deps): bump github/codeql-action from 2.3.5 to 2.3.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.5 to 2.3.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0225834cc5...83f0fe6c49support@github.com >
2023-06-05 01:19:20 +00:00
Sanskar Jaiswal
8d86637d3f
e2e: run e2e Azure tests for PRs to main if tests or wofklow changes
...
Run e2e Azure tests for PRs and commits to main if the `tests` directory
or the Azure workflow itself changes.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com >
2023-05-31 18:07:40 +05:30
dependabot[bot]
860682e476
build(deps): bump github/codeql-action from 2.3.3 to 2.3.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.3 to 2.3.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](29b1f65c5e...0225834cc5support@github.com >
2023-05-29 07:24:59 +00:00
dependabot[bot]
c07e33eff0
build(deps): bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 806182742461562b67788a64410098c9d9b96adb to b98d498629f1c368650224d6d212bf7dfa89e4bf.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](8061827424...b98d498629support@github.com >
2023-05-29 01:21:22 +00:00
dependabot[bot]
0ce5117715
build(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.5
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.3 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](204a51a57a...dd6b2e2b61support@github.com >
2023-05-22 07:17:20 +00:00
dependabot[bot]
9e422576b8
build(deps): bump actions/setup-go from 4.0.0 to 4.0.1
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](4d34df0c23...fac708d667support@github.com >
2023-05-22 07:06:34 +00:00
dependabot[bot]
34ac124b6b
build(deps): bump helm/kind-action from 1.5.0 to 1.7.0
...
Bumps [helm/kind-action](https://github.com/helm/kind-action ) from 1.5.0 to 1.7.0.
- [Release notes](https://github.com/helm/kind-action/releases )
- [Commits](d8ccf8fb62...fa81e57adfsupport@github.com >
2023-05-22 01:22:42 +00:00
Stefan Prodan
29b08fc306
Add OSSF Scorecard
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2023-05-12 10:42:46 +03:00
dependabot[bot]
847e78541a
build(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](422cb34a0f...4d571ad103support@github.com >
2023-05-08 13:06:08 +00:00
dependabot[bot]
4d443d614b
build(deps): bump github/codeql-action from 2.3.2 to 2.3.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f3feb00acb...29b1f65c5esupport@github.com >
2023-05-08 06:26:05 +00:00
dependabot[bot]
38ada0b998
build(deps): bump peter-evans/create-pull-request from 5.0.0 to 5.0.1
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](5b4a9f6a9e...284f54f989support@github.com >
2023-05-08 01:03:23 +00:00
Stefan Prodan
cd81362781
Run conformance tests for Kubernetes 1.27
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com >
2023-05-02 14:24:31 +03:00
