actions/fluxcd-flux2
3
0
Fork 0
mirror of https://github.com/fluxcd/flux2.git synced 2026-02-09 17:27:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
2613 commits 28 branches 200 tags 15 MiB
Commit graph

45 commits

Author SHA1 Message Date
dependabot[bot]
e93b3d8d75
build(deps): bump docker/setup-buildx-action from 2.4.0 to 2.4.1 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](15c905b16b...f03ac48505)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-13 02:06:09 +00:00
dependabot[bot]
0cd0bf3b58
build(deps): bump goreleaser/goreleaser-action from 4.1.1 to 4.2.0 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4.1.1 to 4.2.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](9754a253a8...f82d6c1c34)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-06 01:05:36 +00:00
dependabot[bot]
65481c223e
build(deps): bump docker/setup-buildx-action from 2.2.1 to 2.4.0 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.2.1 to 2.4.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](8c0edbc76e...15c905b16b)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 12:12:38 +00:00
dependabot[bot]
18924d29a7
Bump anchore/sbom-action from 0.13.1 to 0.13.3 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.13.1 to 0.13.3.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](06e109483e...07978da4bd)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 11:38:26 +00:00
dependabot[bot]
f22222f71d
Bump goreleaser/goreleaser-action from 4.1.0 to 4.1.1 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](8f67e590f2...9754a253a8)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 01:03:33 +00:00
dependabot[bot]
1d80ff2b09
Bump actions/checkout from 3.2.0 to 3.3.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](755da8c3cf...ac59398561)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-09 00:57:58 +00:00
Paulo Gomes
131c05d9c7
build: Revert sigstore/cosign-installer to v2.8.1 
Dependabot should stick to tagged versions if the existing hash relates
to the tag made in the comment.

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
 2022-12-19 13:29:02 +00:00
dependabot[bot]
c605f9a44f
Bump goreleaser/goreleaser-action from 3.2.0 to 4.1.0 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 3.2.0 to 4.1.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](b508e2e3ef...8f67e590f2)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-19 13:07:50 +00:00
dependabot[bot]
0014bc4c43
Bump actions/checkout from 3.1.0 to 3.2.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](93ea575cb5...755da8c3cf)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-19 12:32:31 +00:00
dependabot[bot]
bd284ab28b
Bump actions/setup-go from 3.4.0 to 3.5.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](d0a58c1c4d...6edd4406fa)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-19 12:14:24 +00:00
dependabot[bot]
d5e5a26f5c
Update sigstore/cosign-installer requirement to b6757d8360bb6b9803c38b68e8cb7442baaf7eb5 
Updates the requirements on [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) to permit the latest version.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](b6757d8360)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-12 10:27:54 +00:00
dependabot[bot]
2c35880cbf
Bump actions/setup-go from 3.3.1 to 3.4.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](c4a742cab1...d0a58c1c4d)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-05 06:46:50 +00:00
Paulo Gomes
d0e6fcad3f
build: Pin GitHub Actions 
The main benefit of pinning GitHub actions is the determinism it brings
in terms of what version of a given action will be executed. This is
a step towards having hermetic builds.

Once pinned to a commit, dependabot will automatically issue PRs to update
to newer versions.

Pinned versions is the only security metric from OpenSSF scorecard that
this repository currently have a zero score.

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
 2022-11-17 15:33:59 +00:00
Stefan Prodan
bb1078d610
ci: Refactor GitHub workflows 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2022-10-21 09:46:10 +03:00
Eddie Knight
73692df272 Additional workflow permissions tweaks 
Signed-off-by: Eddie Knight <knight@linux.com>
 2022-10-20 12:48:05 -05:00
Eddie Knight
939a75115c Adjusted workflow permissions 
Signed-off-by: Eddie Knight <knight@linux.com>
 2022-10-20 11:04:49 -05:00
Stefan Prodan
348408e16e
Build with Go 1.19 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2022-09-28 22:05:48 +03:00
Stefan Prodan
0b9e3d24ef
Update GitHub actions 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2022-05-27 13:35:13 +03:00
Stefan Prodan
b795e612f7
Update Go to v1.18 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2022-05-25 11:43:30 +03:00
Stefan Prodan
e44a58cba0
ci: Fix release notes generator 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2022-01-18 18:13:59 +02:00
Stefan Prodan
a402461f9c
Sign the release artifacts checksums and images 
- add the Flux manifests and API schemas to checksums
- sign the checksum.txt with Cosign and GitHub OIDC
- sign the flux-cli container images with Cosign and GitHub OIDC

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2022-01-18 14:31:37 +02:00
Stefan Prodan
11296cd94f
Publish Flux Software Bill of Materials (SBOM) in SPDX format 
- generate SBOM for Flux Go modules with Syft
- publish the SBOM SPDX JSON files to GitHub releases with GoReleaser

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2022-01-14 16:36:49 +02:00
Aurel Canciu
f3d143e5ee
Update Go to v1.17 
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
 2022-01-10 16:30:38 +01:00
Hidde Beydals
bb04ca36b2 Pin crdjsonschema action to commit 
Pinned to commit before https://github.com/fluxcd/pkg/pull/189 due to
introduction faulty behavior.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-11-24 11:37:01 +01:00
Hidde Beydals
fc94b1af7a Revert "Merge pull request #2107 from chanwit/json_schemas" 
This reverts commit 75a18b4548, reversing
changes made to e72214e266.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-11-24 11:36:53 +01:00
Chanwit Kaewkasi
716b41e91b publish json schemas as a single URL 
Signed-off-by: Chanwit Kaewkasi <chanwit@gmail.com>

This change publishes the auto-generated JSON schemas as a single URL,
so that it is consumable by a tool like VS Code.

The CRD generator creates 2 files, a tar.gz for Kubeval,
and another one is a JSON file. The JSON file is a combination of
all schemas, put under the "oneOf" operator.
 2021-11-22 18:32:54 +07:00
Michael Bridgen
9d9fff5796 Update Makefile target in release workflow 
There's another location which uses the "manifests directory" target
directly, but isn't run when testing a PR: the release workflow.

Signed-off-by: Michael Bridgen <michael@weave.works>
 2021-09-20 16:06:01 +01:00
Stefan Prodan
68046067c5
Generate OpenAPI schema in CI 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-04-13 13:17:36 +03:00
Hidde Beydals
d0403038ed Enable QEMU and Docker Buildx in release action 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-03-30 11:22:31 +02:00
Hidde Beydals
ba6da23323 Make manifests dir bundle.sh configurable 
There was an assumption in this script that it is always executed in Git
repository/directory, this is however not always true, for example when
one downloads the `.tar.gz` that is made available for every release
by GitHub (and used in one of our AUR packages).

This commit changes this, and makes the first argument of `bundle.sh`
configurable, so a custom manifests directory can always be defined
_without_ relying on Git.

Omitting it, or passing an empty string, will still fall back to the
previous behavior of using `git rev-parse --show-toplevel`.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-03-08 18:45:05 +01:00
Hidde Beydals
2b7a0f3fd4 Improve build process embedded manifests 
This commit changes the way the build of manifests is triggered by
making smarter use of the capabilities of Make. The result should be
that the manifests are only regenerated if:

1. There is no `cmd/flux/manifests/` directory.
2. There have been made changes to the YAML files in the `manifests/`
   directory that are newer than the files in `cmd/flux/manifests/`.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-03-08 16:06:44 +01:00
Stefan Prodan
6003d11156
Embed the install manifests in flux binary 
- add make target for generating the install manifests using kustomize
- embed the generated manifests in flux binary
- the install and bootstrap commands default to using the embedded manifests
- download the install manifests from GitHub only if the install/bootstrap version arg is set

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-02-25 12:53:04 +02:00
Stefan Prodan
2fe55bcdde
Update Go to v1.16 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-02-24 23:05:42 +02:00
Hidde Beydals
1b5db157b1 Align formatting and extensions workflows 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-02-18 15:41:32 +01:00
Aurel Canciu
093a91c7fc
Fix syntax error introduced earlier 
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
 2020-12-04 19:36:01 +02:00
Stefan Prodan
32e949598e
Publish install manifest to GitHub releases 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-12-04 18:33:26 +02:00
Aurel Canciu
5eecf03af6
Add AUR_BOT_SSH_PRIVATE_KEY env var for goreleaser 
The AUR_BOT_SSH_PRIVATE_KEY environment variable needs to be set in
goreleaser so publishing the packages to AUR can work.

Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
 2020-12-04 17:49:25 +02:00
stefanprodan
a5a5908fb5 Use GitHub actions from fluxcd/pkg@main 2020-10-06 10:50:02 +03:00
stefanprodan
4ab67aaf90 Update Go to v1.15 2020-10-01 23:38:25 +03:00
stefanprodan
ca1f84d22b Publish Homebrew formula 2020-09-07 11:41:06 +03:00
stefanprodan
31d4b62bf3 Include author in changelog 
Replace kustomize action with fluxcd/pkg/actions
 2020-08-21 17:55:11 +03:00
stefanprodan
422724bd2d Publish manifests as release assets 2020-07-17 12:00:15 +03:00
stefanprodan
83843bf373 Restore release notes 2020-05-06 14:32:59 +03:00
stefanprodan
d6d29ea8f4 Init release notes 2020-05-06 14:28:59 +03:00
stefanprodan
70072f300a Add release workflow to CI 2020-04-25 19:28:51 +03:00