Skip to content

Commit

Permalink
Merge branch 'main' into renovate/patch-golang-deps
Browse files Browse the repository at this point in the history
  • Loading branch information
jschoone authored Nov 29, 2024
2 parents b2142a7 + 1729306 commit 2277f5f
Show file tree
Hide file tree
Showing 12 changed files with 39 additions and 39 deletions.
2 changes: 1 addition & 1 deletion .github/actions/metadata/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ runs:
steps:
- name: Docker manager metadata
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
flavor: ${{ inputs.metadata_flavor }}
Expand Down
6 changes: 3 additions & 3 deletions .github/actions/setup-go/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ runs:
using: "composite"
steps:
- name: Install go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version: "1.22"
go-version-file: "go.mod"
Expand All @@ -16,14 +16,14 @@ runs:
echo "::set-output name=go-build::$(go env GOCACHE)"
echo "::set-output name=go-mod::$(go env GOMODCACHE)"
- name: Go Mod Cache
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4
with:
path: ${{ steps.go-cache-paths.outputs.go-mod }}
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-mod-
- name: Go Build Cache
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4
with:
path: ${{ steps.go-cache-paths.outputs.go-build }}
key: ${{ runner.os }}-go-build-${{ hashFiles('**/go.sum') }}
Expand Down
20 changes: 10 additions & 10 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,14 +28,14 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- uses: ./.github/actions/setup-go
- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3

- name: Generate metadata cso
id: metacso
Expand All @@ -47,14 +47,14 @@ jobs:
metadata_tags: ${{ env.metadata_tags }}

- name: Login to ghcr.io for CI
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Install Cosign
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0

- name: Setup Env
run: |
Expand All @@ -65,7 +65,7 @@ jobs:
# Load Golang cache build from GitHub
- name: Load cso Golang cache build from GitHub
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
id: cache
with:
path: /tmp/.cache/cso
Expand All @@ -83,7 +83,7 @@ jobs:
# Import GitHub's cache build to docker cache
- name: Copy cso Golang cache to docker cache
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
provenance: false
context: /tmp/.cache/cso
Expand All @@ -93,7 +93,7 @@ jobs:
target: import-cache

- name: Build and push cso image
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6
id: docker_build_release_cso
with:
provenance: false
Expand All @@ -120,7 +120,7 @@ jobs:
# Upload artifact digests
- name: Upload artifact digests
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: image-digest
path: image-digest
Expand All @@ -129,7 +129,7 @@ jobs:
# Store docker's golang's cache build locally only on the main branch
- name: Store cso Golang cache build locally
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
provenance: false
context: .
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/kubebuilder-markers-checker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
name: check for kubebuilder markers
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4

# go is required for building controller-gen
- uses: ./.github/actions/setup-go
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/pr-lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
password: ${{ secrets.github_token }}
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.event.pull_request.head.sha }}

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/pr-verify.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
github_token: ${{ secrets.GITHUB_TOKEN }}

- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.event.pull_request.head.sha }}

Expand Down
18 changes: 9 additions & 9 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,14 +18,14 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- uses: ./.github/actions/setup-go
- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3

- name: Generate metadata cso
id: metacso
Expand All @@ -37,14 +37,14 @@ jobs:
metadata_tags: ${{ env.metadata_tags }}

- name: Login to ghcr.io for CI
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Install Cosign
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0

- name: Install Bom
shell: bash
Expand All @@ -61,7 +61,7 @@ jobs:
echo 'EOF' >> $GITHUB_ENV
- name: Build and push cso image
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6
id: docker_build_release_cso
with:
provenance: false
Expand Down Expand Up @@ -106,7 +106,7 @@ jobs:
# Upload artifact digests
- name: Upload artifact digests
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: image-digest cso
path: image-digest
Expand Down Expand Up @@ -135,7 +135,7 @@ jobs:
run: echo "RELEASE_TAG=${GITHUB_REF:10}" >> $GITHUB_ENV

- name: checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0

Expand All @@ -155,7 +155,7 @@ jobs:
make release-notes
- name: Release
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2
uses: softprops/action-gh-release@e7a8f85e1c67a31e6ed99a94b41bd0b71bbee6b8 # v2
with:
draft: true
files: out/*
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/schedule-cache-cleaner-cso-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
steps:
# Load Golang cache build from GitHub
- name: Load cso Golang cache build from GitHub
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
id: cache
with:
path: /tmp/.cache/cso
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/schedule-scan-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
password: ${{ secrets.github_token }}
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Fixup git permissions
# https://github.com/actions/checkout/issues/766
shell: bash
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/schedule-update-bot.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,10 +30,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Generate Token
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1
id: generate-token
with:
app-id: ${{ secrets.SCS_APP_ID }}
Expand All @@ -45,7 +45,7 @@ jobs:
echo "LOG_LEVEL=${{ github.event.inputs.logLevel || env.LOG_LEVEL }}" >> "$GITHUB_ENV"
- name: Renovate
uses: renovatebot/github-action@21d88b0bf0183abcee15f990011cca090dfc47dd # v40.1.12
uses: renovatebot/github-action@0984fb80fc633b17e57f3e8b6c007fe0dc3e0d62 # v40.3.6
env:
RENOVATE_HOST_RULES: '[{"hostType": "docker", "matchHost": "ghcr.io", "username": "${{ github.actor }}", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '[".*"]'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
timeout-minutes: 10
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Coverage result name
id: name
run: |
Expand Down
14 changes: 7 additions & 7 deletions images/builder/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
# If you make changes to this Dockerfile run `make builder-image-push`.

# Install Lychee
FROM docker.io/library/alpine:3.20.2 AS lychee
FROM docker.io/library/alpine:3.20.3 AS lychee
# update: datasource=github-tags depName=lycheeverse/lychee versioning=semver
ENV LYCHEE_VERSION="v0.15.1"
# hadolint ignore=DL3018
Expand All @@ -34,7 +34,7 @@ FROM cgr.dev/chainguard/wolfi-base:latest AS wolfi
# update: datasource=github-tags depName=kubernetes-sigs/cluster-api
ARG CLUSTERCTL_VERSION="v1.8.1"
# update: datasource=github-tags depName=helm/helm
ENV HELM_VERSION="v3.14.1"
ENV HELM_VERSION="v3.16.3"
# update: datasource=github-tags depName=kubernetes-sigs/kind
ARG KIND_VERSION="v0.24.0"
# update: datasource=github-tags depName=kubernetes/kubernetes
Expand All @@ -58,24 +58,24 @@ RUN apk add -U --no-cache \
trivy=~${TRIVY_VERSION#v}

# Install Golang CI Lint
FROM docker.io/library/alpine:3.20.2 AS golangci
FROM docker.io/library/alpine:3.20.3 AS golangci
# update: datasource=github-tags depName=golangci/golangci-lint versioning=semver
ENV GOLANGCI_VERSION="v1.60.3"
ENV GOLANGCI_VERSION="v1.62.2"
WORKDIR /
# hadolint ignore=DL3018,DL4006
RUN apk add --no-cache curl && \
curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s ${GOLANGCI_VERSION}

# Install Hadolint
FROM docker.io/hadolint/hadolint:v2.12.0-alpine@sha256:7dba9a9f1a0350f6d021fb2f6f88900998a4fb0aaf8e4330aa8c38544f04db42 AS hadolint
FROM docker.io/hadolint/hadolint:v2.12.0-alpine@sha256:3c206a451cec6d486367e758645269fd7d696c5ccb6ff59d8b03b0e45268a199 AS hadolint

# Install Trivy
FROM docker.io/aquasec/trivy:0.54.1 AS trivy
FROM docker.io/aquasec/trivy:0.57.1 AS trivy

############################
# CSO Build Image Base #
############################
FROM docker.io/library/golang:1.23.0-bullseye
FROM docker.io/library/golang:1.23.3-bullseye

# update: datasource=github-tags depName=adrienverge/yamllint versioning=semver
ENV YAMLLINT_VERSION="v1.35.1"
Expand Down

0 comments on commit 2277f5f

Please sign in to comment.