Stefan Prodan
5356436c94
ci: enable workflows for release/** branches
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2023-07-04 13:27:33 +03:00
dependabot[bot]
0d1a68ecb4
build(deps): bump actions/checkout from 3.5.2 to 3.5.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
2023-06-12 09:39:54 +00:00
dependabot[bot]
9c81a74743
build(deps): bump github/codeql-action from 2.3.6 to 2.13.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.6 to 2.13.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](83f0fe6c49...cdcdbb5797
2023-06-12 01:20:41 +00:00
dependabot[bot]
bbb3063cb2
build(deps): bump github/codeql-action from 2.3.5 to 2.3.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.5 to 2.3.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0225834cc5...83f0fe6c49
2023-06-05 01:19:20 +00:00
dependabot[bot]
860682e476
build(deps): bump github/codeql-action from 2.3.3 to 2.3.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.3 to 2.3.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](29b1f65c5e...0225834cc5
2023-05-29 07:24:59 +00:00
dependabot[bot]
c07e33eff0
build(deps): bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 806182742461562b67788a64410098c9d9b96adb to b98d498629f1c368650224d6d212bf7dfa89e4bf.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](8061827424...b98d498629
2023-05-29 01:21:22 +00:00
dependabot[bot]
9e422576b8
build(deps): bump actions/setup-go from 4.0.0 to 4.0.1
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](4d34df0c23...fac708d667
2023-05-22 07:06:34 +00:00
dependabot[bot]
4d443d614b
build(deps): bump github/codeql-action from 2.3.2 to 2.3.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f3feb00acb...29b1f65c5e
2023-05-08 06:26:05 +00:00
dependabot[bot]
2538b6921f
build(deps): bump github/codeql-action from 2.3.0 to 2.3.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.0 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2c19fb9a2...f3feb00acb
2023-05-01 01:09:35 +00:00
dependabot[bot]
f431f9858c
build(deps): bump github/codeql-action from 2.2.12 to 2.3.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.12 to 2.3.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7df0ce3489...b2c19fb9a2
2023-04-24 01:13:50 +00:00
dependabot[bot]
ec6f341497
build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.11 to 2.2.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d186a2a36c...7df0ce3489
2023-04-17 08:17:17 +00:00
dependabot[bot]
107894eccf
build(deps): bump actions/checkout from 3.5.0 to 3.5.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8f4b7f8486...8e5e7e5ab8
2023-04-17 01:10:39 +00:00
dependabot[bot]
48a1c0f5d4
build(deps): bump github/codeql-action from 2.2.9 to 2.2.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.2.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04df1262e6...d186a2a36c
2023-04-10 07:52:00 +00:00
dependabot[bot]
7ee92db427
build(deps): bump github/codeql-action from 2.2.8 to 2.2.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.8 to 2.2.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](67a35a0858...04df1262e6
2023-04-03 01:35:22 +00:00
dependabot[bot]
a30f77f8a4
build(deps): bump actions/checkout from 3.4.0 to 3.5.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](24cb908017...8f4b7f8486
2023-03-27 06:12:24 +00:00
dependabot[bot]
dbfb4269cb
build(deps): bump github/codeql-action from 2.2.7 to 2.2.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.7 to 2.2.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](168b99b3c2...67a35a0858
2023-03-27 01:27:08 +00:00
Hidde Beydals
ce405b6060
build: update actions/setup-go in workflows
...
- Update `actions/setup-go` to v4.0.0 in workflows.
- Remove separate caching steps in favor of built-in caching feature
in action (since >=v3.0.0).
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2023-03-20 12:19:42 +01:00
dependabot[bot]
1071f04e93
build(deps): bump actions/checkout from 3.3.0 to 3.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ac59398561...24cb908017
2023-03-20 10:13:50 +00:00
dependabot[bot]
a452f15905
build(deps): bump github/codeql-action from 2.2.6 to 2.2.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.6 to 2.2.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](16964e90ba...168b99b3c2
2023-03-20 01:27:33 +00:00
dependabot[bot]
ec978fc79f
build(deps): bump github/codeql-action from 2.2.5 to 2.2.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.5 to 2.2.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](32dc499307...16964e90ba
2023-03-13 10:25:14 +00:00
Hidde Beydals
879558fe20
build: update scan workflow
...
To include a (full) version number behind the actions with a SHA
reference, so Dependabot will continue to update them from now on.
Except for the `snyk/actions`, which follows `main`.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2023-03-09 09:41:23 +01:00
Hidde Beydals
18760acaa8
Update Go to 1.20
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2023-03-09 09:26:51 +01:00
dependabot[bot]
a5958b494d
build(deps): bump github/codeql-action from 2.2.4 to 2.2.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](17573ee1cc...32dc499307
2023-02-27 01:57:43 +00:00
dependabot[bot]
7b731f7777
build(deps): bump fossa-contrib/fossa-action from 1.2.0 to 2.0.0
...
Bumps [fossa-contrib/fossa-action](https://github.com/fossa-contrib/fossa-action ) from 1.2.0 to 2.0.0.
- [Release notes](https://github.com/fossa-contrib/fossa-action/releases )
- [Changelog](https://github.com/fossa-contrib/fossa-action/blob/master/CHANGELOG.md )
- [Commits](6cffaa0641...6728dc6fe9
2023-02-20 02:05:21 +00:00
Stefan Prodan
873950dc55
ci: Fix Snyk Go build VCS stamping error
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2023-02-17 12:04:14 +02:00
dependabot[bot]
3c330b71aa
build(deps): bump github/codeql-action from 2.2.1 to 2.2.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.1 to 2.2.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3ebbd71c74...17573ee1cc
2023-02-13 13:37:02 +00:00
dependabot[bot]
577d4e71af
build(deps): bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from e25b2e6f5658d1bb7a6671b113260f13134cc3af to 806182742461562b67788a64410098c9d9b96adb.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](e25b2e6f56...8061827424
2023-02-13 11:40:21 +00:00
dependabot[bot]
e5eb4d4a67
Bump github/codeql-action from 2.1.38 to 2.2.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.38 to 2.2.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](515828d974...3ebbd71c74
2023-01-30 10:23:13 +00:00
dependabot[bot]
e7e05f870b
Bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 1cc9026f51d822442cb4b872d8d7ead8cc69a018 to e25b2e6f5658d1bb7a6671b113260f13134cc3af.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](1cc9026f51...e25b2e6f56
2023-01-16 13:43:09 +00:00
dependabot[bot]
58b4ed586a
Bump github/codeql-action from 2.1.37 to 2.1.38
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.37 to 2.1.38.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](959cbb7472...515828d974
2023-01-16 01:16:39 +00:00
dependabot[bot]
1d80ff2b09
Bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561
2023-01-09 00:57:58 +00:00
dependabot[bot]
0014bc4c43
Bump actions/checkout from 3.1.0 to 3.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](93ea575cb5...755da8c3cf
2022-12-19 12:32:31 +00:00
dependabot[bot]
bd284ab28b
Bump actions/setup-go from 3.4.0 to 3.5.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](d0a58c1c4d...6edd4406fa
2022-12-19 12:14:24 +00:00
dependabot[bot]
fdd3fd1d06
Bump github/codeql-action from 2.1.36 to 2.1.37
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.36 to 2.1.37.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a669cc5936...959cbb7472
2022-12-19 01:01:28 +00:00
dependabot[bot]
75b5b0fd3c
Bump github/codeql-action from 2.1.35 to 2.1.36
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.35 to 2.1.36.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2a92eb56d...a669cc5936
2022-12-12 00:29:53 +00:00
dependabot[bot]
882fb35601
Bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from a8dd587d8a94f5663fa3d67d51abd0cc66aff244 to 1cc9026f51d822442cb4b872d8d7ead8cc69a018.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](a8dd587d8a...1cc9026f51
2022-12-05 07:47:09 +00:00
dependabot[bot]
2c35880cbf
Bump actions/setup-go from 3.3.1 to 3.4.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](c4a742cab1...d0a58c1c4d
2022-12-05 06:46:50 +00:00
dependabot[bot]
f89525f8bd
Bump github/codeql-action from 2.1.33 to 2.1.35
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.33 to 2.1.35.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](678fc3afe2...b2a92eb56d
2022-12-05 00:43:23 +00:00
Paulo Gomes
d0e6fcad3f
build: Pin GitHub Actions
...
The main benefit of pinning GitHub actions is the determinism it brings
in terms of what version of a given action will be executed. This is
a step towards having hermetic builds.
Once pinned to a commit, dependabot will automatically issue PRs to update
to newer versions.
Pinned versions is the only security metric from OpenSSF scorecard that
this repository currently have a zero score.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
2022-11-17 15:33:59 +00:00
dependabot[bot]
1a6b09afb4
Bump actions/setup-go from 2 to 3
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 00:45:59 +00:00
Stefan Prodan
bb1078d610
ci: Refactor GitHub workflows
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-10-21 09:46:10 +03:00
Eddie Knight
73692df272
Additional workflow permissions tweaks
...
Signed-off-by: Eddie Knight <knight@linux.com>
2022-10-20 12:48:05 -05:00
Eddie Knight
2abf932ee4
Updated scan & update permissions
...
Signed-off-by: Eddie Knight <knight@linux.com>
2022-10-20 12:09:34 -05:00
Eddie Knight
939a75115c
Adjusted workflow permissions
...
Signed-off-by: Eddie Knight <knight@linux.com>
2022-10-20 11:04:49 -05:00
dependabot[bot]
09cbf348a7
Bump github/codeql-action from 1 to 2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-18 07:32:38 +00:00
Stefan Prodan
65a2ceec5c
Only run e2e tests for Dependabot PRs
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-10-17 19:49:57 +03:00
Stefan Prodan
348408e16e
Build with Go 1.19
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-09-28 22:05:48 +03:00
Adrien Fillon
491acf57ad
Setup CodeQL CI job with Go 1.18
...
Signed-off-by: Adrien Fillon <adrien.fillon@manomano.com>
2022-09-12 12:08:47 +02:00
Stefan Prodan
0b9e3d24ef
Update GitHub actions
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-05-27 13:35:13 +03:00
Michael Bridgen
7ae4f28920
Use a file to record successful manifests build
...
Using the directory cmd/flux/manifests as a prerequisite causes a
problem: if the script that creates the files within fails, the next
invocation of make will see the directory and assume it
succeeded. Since the executable expects certain files to be present,
but they are not explicit prerequisites of the recipe for building the
binary, this results in a successful build but a broken `flux`
executable.
Instead, depend on a file that's explicitly updated when the script
has succeeded, and which itself depends on the inputs.
A couple of the CI workflows run
make cmd/flux/manifests
before doing other things, presumably as a way to avoid running the
whole test suite in a CI pipeline for some purpose other than testing,
so these needed changing as well.
Signed-off-by: Michael Bridgen <michael@weave.works>
2021-09-16 14:03:13 +01:00
