From c04ff05aa48f9f4a385c74d0aabb37ff7017bf06 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 14:43:40 +0000 Subject: [PATCH] Bump the ci group across 1 directory with 4 updates Bumps the ci group with 4 updates in the / directory: [codecov/codecov-action](https://github.com/codecov/codecov-action), [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer), [docker/build-push-action](https://github.com/docker/build-push-action) and [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action). Updates `codecov/codecov-action` from 4 to 5 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v4...v5) Updates `sigstore/cosign-installer` from 3.5.0 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.5.0...v3.7.0) Updates `docker/build-push-action` from 5 to 6 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v5...v6) Updates `goreleaser/goreleaser-action` from 5 to 6 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](https://github.com/goreleaser/goreleaser-action/compare/v5...v6) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yaml | 2 +- .github/workflows/push-ld.yml | 4 ++-- .github/workflows/release.yml | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 97dd9b051..bdfeec71f 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -45,7 +45,7 @@ jobs: exit 1 fi - name: Upload coverage to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v5 with: file: ./coverage.txt - name: Build container image diff --git a/.github/workflows/push-ld.yml b/.github/workflows/push-ld.yml index bea33785d..3e8aab32d 100644 --- a/.github/workflows/push-ld.yml +++ b/.github/workflows/push-ld.yml @@ -17,7 +17,7 @@ jobs: packages: write steps: - uses: actions/checkout@v4 - - uses: sigstore/cosign-installer@v3.5.0 + - uses: sigstore/cosign-installer@v3.7.0 - name: Prepare id: prep run: | @@ -45,7 +45,7 @@ jobs: type=raw,value=${{ steps.prep.outputs.VERSION }} - name: Publish image id: build-push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: push: true builder: ${{ steps.buildx.outputs.name }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6b5762231..612a1b8fc 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -33,7 +33,7 @@ jobs: with: go-version: 1.23.x - uses: fluxcd/flux2/action@main - - uses: sigstore/cosign-installer@v3.5.0 + - uses: sigstore/cosign-installer@v3.7.0 - name: Prepare id: prep run: | @@ -67,7 +67,7 @@ jobs: type=raw,value=${{ steps.prep.outputs.VERSION }} - name: Publish image id: build-push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: sbom: true provenance: true @@ -121,7 +121,7 @@ jobs: - uses: anchore/sbom-action/download-syft@v0 - name: Create release and SBOM id: run-goreleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@v6 if: startsWith(github.ref, 'refs/tags/v') with: version: latest