From ad9d092b34e3ab65982ca705528c7567841cfb96 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 Mar 2024 21:31:53 +0000 Subject: [PATCH] build(deps): bump the ci group with 8 updates Bumps the ci group with 8 updates: | Package | From | To | | --- | --- | --- | | [Azure/login](https://github.com/azure/login) | `1.6.1` | `2.0.0` | | [helm/kind-action](https://github.com/helm/kind-action) | `1.8.0` | `1.9.0` | | [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.1.0` | `2.1.2` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.0.0` | `3.1.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.0` | `4.3.1` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.15.8` | `0.15.9` | | [EndBug/label-sync](https://github.com/endbug/label-sync) | `2.3.2` | `2.3.3` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.0.0` | `6.0.1` | Updates `Azure/login` from 1.6.1 to 2.0.0 - [Release notes](https://github.com/azure/login/releases) - [Commits](https://github.com/azure/login/compare/cb79c773a3cfa27f31f25eb3f677781210c9ce3d...8c334a195cbb38e46038007b304988d888bf676a) Updates `helm/kind-action` from 1.8.0 to 1.9.0 - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/dda0770415bac9fc20092cacbc54aa298604d140...99576bfa6ddf9a8e612d83b513da5a75875caced) Updates `google-github-actions/auth` from 2.1.0 to 2.1.2 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](https://github.com/google-github-actions/auth/compare/5a50e581162a13f4baa8916d01180d2acbc04363...55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c) Updates `docker/setup-buildx-action` from 3.0.0 to 3.1.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/f95db51fddba0c2d1ec667646a06c2ce06100226...0d103c3126aa41d772a8362f6aa67afac040f80c) Updates `actions/upload-artifact` from 4.3.0 to 4.3.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/26f96dfa697d77e81fd5907df203aa23a56210a8...5d5d22a31266ced268874388b861e4b58bb5c2f3) Updates `anchore/sbom-action` from 0.15.8 to 0.15.9 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](https://github.com/anchore/sbom-action/compare/b6a39da80722a2cb0ef5d197531764a89b5d48c3...9fece9e20048ca9590af301449208b2b8861333b) Updates `EndBug/label-sync` from 2.3.2 to 2.3.3 - [Release notes](https://github.com/endbug/label-sync/releases) - [Commits](https://github.com/endbug/label-sync/compare/da00f2c11fdb78e4fae44adac2fdd713778ea3e8...52074158190acb45f3077f9099fea818aa43f97a) Updates `peter-evans/create-pull-request` from 6.0.0 to 6.0.1 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/b1ddad2c994a25fbc81a28b3ec0e368bb2021c50...a4f52f8033a6168103c2538976c07b467e8163bc) --- updated-dependencies: - dependency-name: Azure/login dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: google-github-actions/auth dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: EndBug/label-sync dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci ... Signed-off-by: dependabot[bot] --- .github/workflows/e2e-azure.yaml | 2 +- .github/workflows/e2e-bootstrap.yaml | 2 +- .github/workflows/e2e-gcp.yaml | 4 ++-- .github/workflows/e2e.yaml | 2 +- .github/workflows/ossf.yaml | 2 +- .github/workflows/release.yaml | 4 ++-- .github/workflows/sync-labels.yaml | 2 +- .github/workflows/update.yaml | 2 +- 8 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/e2e-azure.yaml b/.github/workflows/e2e-azure.yaml index c05d39c87c..2e6fef2ac6 100644 --- a/.github/workflows/e2e-azure.yaml +++ b/.github/workflows/e2e-azure.yaml @@ -47,7 +47,7 @@ jobs: env: SOPS_VER: 3.7.1 - name: Authenticate to Azure - uses: Azure/login@cb79c773a3cfa27f31f25eb3f677781210c9ce3d # v1.4.6 + uses: Azure/login@8c334a195cbb38e46038007b304988d888bf676a # v1.4.6 with: creds: '{"clientId":"${{ secrets.AZ_ARM_CLIENT_ID }}","clientSecret":"${{ secrets.AZ_ARM_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZ_ARM_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZ_ARM_TENANT_ID }}"}' - name: Set dynamic variables in .env diff --git a/.github/workflows/e2e-bootstrap.yaml b/.github/workflows/e2e-bootstrap.yaml index 0d010405c7..823f8117af 100644 --- a/.github/workflows/e2e-bootstrap.yaml +++ b/.github/workflows/e2e-bootstrap.yaml @@ -26,7 +26,7 @@ jobs: **/go.sum **/go.mod - name: Setup Kubernetes - uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 + uses: helm/kind-action@99576bfa6ddf9a8e612d83b513da5a75875caced # v1.9.0 with: version: v0.20.0 cluster_name: kind diff --git a/.github/workflows/e2e-gcp.yaml b/.github/workflows/e2e-gcp.yaml index 902a24c258..277c24ff62 100644 --- a/.github/workflows/e2e-gcp.yaml +++ b/.github/workflows/e2e-gcp.yaml @@ -46,7 +46,7 @@ jobs: env: SOPS_VER: 3.7.1 - name: Authenticate to Google Cloud - uses: google-github-actions/auth@5a50e581162a13f4baa8916d01180d2acbc04363 # v2.1.0 + uses: google-github-actions/auth@55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c # v2.1.2 id: 'auth' with: credentials_json: '${{ secrets.FLUX2_E2E_GOOGLE_CREDENTIALS }}' @@ -56,7 +56,7 @@ jobs: - name: Setup QEMU uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Setup Docker Buildx - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0 - name: Log into us-central1-docker.pkg.dev uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index de08bc7fd1..f759a45095 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -30,7 +30,7 @@ jobs: **/go.sum **/go.mod - name: Setup Kubernetes - uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 + uses: helm/kind-action@99576bfa6ddf9a8e612d83b513da5a75875caced # v1.9.0 with: version: v0.20.0 cluster_name: kind diff --git a/.github/workflows/ossf.yaml b/.github/workflows/ossf.yaml index d5dee948fa..655dd5553c 100644 --- a/.github/workflows/ossf.yaml +++ b/.github/workflows/ossf.yaml @@ -28,7 +28,7 @@ jobs: repo_token: ${{ secrets.GITHUB_TOKEN }} publish_results: true - name: Upload artifact - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f7953b27e2..871eb6eafb 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -32,9 +32,9 @@ jobs: uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Setup Docker Buildx id: buildx - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0 - name: Setup Syft - uses: anchore/sbom-action/download-syft@b6a39da80722a2cb0ef5d197531764a89b5d48c3 # v0.15.8 + uses: anchore/sbom-action/download-syft@9fece9e20048ca9590af301449208b2b8861333b # v0.15.9 - name: Setup Cosign uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 - name: Setup Kustomize diff --git a/.github/workflows/sync-labels.yaml b/.github/workflows/sync-labels.yaml index e112ee5f95..6e41b8c713 100644 --- a/.github/workflows/sync-labels.yaml +++ b/.github/workflows/sync-labels.yaml @@ -18,7 +18,7 @@ jobs: issues: write steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: EndBug/label-sync@da00f2c11fdb78e4fae44adac2fdd713778ea3e8 # v2.3.2 + - uses: EndBug/label-sync@52074158190acb45f3077f9099fea818aa43f97a # v2.3.3 with: # Configuration file config-file: | diff --git a/.github/workflows/update.yaml b/.github/workflows/update.yaml index a3da9736de..0478c67de7 100644 --- a/.github/workflows/update.yaml +++ b/.github/workflows/update.yaml @@ -84,7 +84,7 @@ jobs: - name: Create Pull Request id: cpr - uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0 + uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc # v6.0.1 with: token: ${{ secrets.BOT_GITHUB_TOKEN }} commit-message: |