1395e4682f
Bump ossf/scorecard-action from 1.0.4 to 1.1.1 ( #2116 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.0.4 to 1.1.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](c1aec4ac82...3e15ea8318
2022-06-01 13:59:46 -04:00
c7841d7653
Bump actions/setup-go from 3.0.0 to 3.2.0 ( #2112 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.0.0 to 3.2.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](f6164bd8c8...b22fbbc292
2022-06-01 13:13:59 -04:00
6b6795e4a7
Fix release tagging workflow ( #2034 )
...
In Bash, "-eq" compares integers, and "==" compares strings, so "debug
-eq latest" always evaulated to true.
$ if [[ "debug" -eq "latest" ]]; then echo latest; else echo debug; fi
latest
$ if [[ "debug" == "latest" ]]; then echo latest; else echo debug; fi
debug
2022-05-16 12:19:39 -07:00
9019b7667c
Bump docker/setup-buildx-action from 1.6.0 to 2 ( #2081 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1.6.0 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](94ab11c41e...dc7b9719a9
2022-05-16 12:14:10 -07:00
a5d96682ac
Bump sigstore/cosign-installer from b4f55743d10d066fee1de1cf0fa26069700c0195 to 2.2.0 ( #2044 )
...
* Bump sigstore/cosign-installer
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from b4f55743d10d066fee1de1cf0fa26069700c0195 to 2.2.0. This release includes the previously tagged commit.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](b4f55743d1...d6a3abf1bd
2022-04-11 13:10:39 -04:00
d849b0bfdc
Bump github/codeql-action from 2.1.6 to 2.1.8 ( #2043 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.6 to 2.1.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28eead2408...1ed1437484
2022-04-11 10:26:45 -04:00
6c7d03a5ea
Bump github/codeql-action from 1.1.5 to 2.1.6 ( #2031 )
...
* Bump github/codeql-action from 1.1.5 to 2.1.6
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.5 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8834766498...28eead2408
2022-04-04 11:22:15 -04:00
8651c0604a
Bump github/codeql-action from 1.1.3 to 1.1.5 ( #2000 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.3 to 1.1.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](75f07e7ab2...8834766498
2022-03-21 09:32:16 -04:00
f38043ff59
Fix image tags in release workflow ( #1977 )
...
Two bugs:
- fix typo in debug release_tag (should be release-tag)
- only tag :latest images as :v1.X.Y; tag non-:latest images as
:v1.X.Y-debug etc.
2022-03-10 15:30:18 -05:00
aca3b966a3
Bump actions/setup-go from 2.2.0 to 3 ( #1970 )
...
* Bump actions/setup-go from 2.2.0 to 3
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2.2.0 to 3.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](bfdd3570ce...f6164bd8c8
2022-03-07 14:14:29 -05:00
5bf2b70e1d
Bump google-github-actions/setup-gcloud from 0.5.0 to 0.5.1 ( #1950 )
...
* Bump google-github-actions/setup-gcloud from 0.5.0 to 0.5.1
Bumps [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud ) from 0.5.0 to 0.5.1.
- [Release notes](https://github.com/google-github-actions/setup-gcloud/releases )
- [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google-github-actions/setup-gcloud/compare/v0.5.0...v0.5.1 )
---
updated-dependencies:
- dependency-name: google-github-actions/setup-gcloud
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update .github/workflows/images.yaml
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jason Hall <jasonhall@redhat.com>
2022-03-07 14:09:51 -05:00
493ce4f949
Update dependabot settings to get updates for docker ( #1969 )
...
- Update dependabot settings to get updates for docker
2022-03-07 14:09:44 -05:00
20e18132b0
Pinned GitHub actions by SHA ( #1963 )
...
- Pinned GitHub actions by SHA
https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies
2022-03-07 13:34:23 -05:00
3296225513
Bump actions/upload-artifact from 2.3.1 to 3 ( #1968 )
...
* Bump actions/upload-artifact from 2.3.1 to 3
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2.3.1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](82c141cc51...6673cd052c
2022-03-07 10:35:33 -05:00
1b6f81a255
Bump actions/checkout from 2 to 3 ( #1967 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-07 09:23:29 -05:00
cfe7c92eef
Bump github/codeql-action from 1.1.2 to 1.1.3 ( #1958 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d39d5d5c97...75f07e7ab2
2022-02-28 10:20:29 -05:00
64ded88307
Bump github/codeql-action from 1.1.0 to 1.1.2 ( #1951 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.0 to 1.1.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](474bbf07f9...d39d5d5c97
2022-02-22 01:40:45 +05:30
01d9f40d35
Bump ossf/scorecard-action from 1.0.3 to 1.0.4 ( #1952 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Commits](b614d455ee...c1aec4ac82
2022-02-22 01:40:36 +05:30
deb583b161
Bump github/codeql-action from 1.0.31 to 1.1.0 ( #1938 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.31 to 1.1.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1a927e9307...474bbf07f9
2022-02-13 21:23:53 -05:00
c8445c1db2
Bump ossf/scorecard-action from 1.0.2 to 1.0.3 ( #1926 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.0.2 to 1.0.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Commits](c8416b0b2b...b614d455ee
2022-02-06 22:21:37 -05:00
331e077a12
Bump google-github-actions/setup-gcloud from 0.4.0 to 0.5.0 ( #1925 )
...
Bumps [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/google-github-actions/setup-gcloud/releases )
- [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google-github-actions/setup-gcloud/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: google-github-actions/setup-gcloud
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-06 22:21:27 -05:00
bd5f95859a
Bump github/codeql-action from 1.0.30 to 1.0.31 ( #1927 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.30 to 1.0.31.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8b37404d56...1a927e9307
2022-02-06 21:15:51 -05:00
ddd1485df7
adding ppc64le support for execitor and warmer image ( #1908 )
...
Signed-off-by: Aaruni Aggarwal <aaruniagg@gmail.com>
2022-02-02 16:24:19 -05:00
7d8e500413
Bump ossf/scorecard-action ( #1899 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 5da1b6b2680a229f2e66131f5c6a692bcd80b246 to 1.0.2. This release includes the previously tagged commit.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Commits](5da1b6b268...c8416b0b2b
2022-01-31 04:04:17 -05:00
71642e9f9b
Bump google-github-actions/setup-gcloud from 0.3.0 to 0.4.0 ( #1900 )
...
Bumps [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/google-github-actions/setup-gcloud/releases )
- [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google-github-actions/setup-gcloud/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: google-github-actions/setup-gcloud
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-31 04:04:05 -05:00
794e9d1834
Bump github/codeql-action from 1.0.26 to 1.0.30 ( #1901 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.26 to 1.0.30.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5f53256358...8b37404d56
2022-01-31 04:03:53 -05:00
e3a4ea4174
Enable dependabot for Go and GitHub Actions dependencies ( #1884 )
2022-01-30 22:40:10 -05:00
d587122a9d
Run GitHub Actions on pushes and PRs to main, not master ( #1883 )
...
* Run GitHub Actions on pushes and PRs to main, not master
* fix go install ecr-login, bump to latest v0.6.0
* master -> main in some integration tests
* skip no-ref integration test
2022-01-14 14:54:12 -05:00
986121553b
Pin to more recent version of scorecard ( #1878 )
2022-01-11 10:42:21 -08:00
ae2c269cc0
Add scorecard analysis to kaniko ( #1874 )
2022-01-11 10:24:55 -08:00
dac411f7d6
Attempt to fix erroneous build cancellation ( #1867 )
2022-01-06 14:21:58 -05:00
ccaa38d31f
Add s390x support to docker images ( #1749 )
...
* Add s390x support to docker images
1. add s390x support to docker images `executor`, `executor(slim)`,
`executor(debug)` and `warmer`. Fixes #1462 and #1665 .
2. Address the building issue of dependency `docker-credential-gcr`
in Dockerfiles. This issue was introduced when recent commits
in `docker-credential-gcr` removed the Makefile.
Signed-off-by: Kun-Lu <kun.lu@ibm.com>
* Add s390x support to all images except debug image
* Add s390x support to images.yaml
* Fix ld64.so.1 not found issue on s390x
* Add a comment for copying /lib from busybox container on s390x
2022-01-06 11:19:26 -05:00
7207dca03a
Remove GitHub Actions concurrency limits ( #1858 )
2021-12-27 15:08:05 -05:00
17f5e55530
Use setup-gcloud@v0.3.0 instead of @master ( #1854 )
2021-12-22 20:04:49 -05:00
59c2d2d08f
Collapse integration test workflows into one config ( #1855 )
...
* Collapse integration test workflows into one config
Remove last traces of Travis, including env vars and `make travis-setup`
and badges in README
* fix lint
* make integration tests pass on PRs
2021-12-22 20:04:40 -05:00
b1b6962726
Share the Go build cache when building in Dockerfiles ( #1853 )
...
On my machine this makes image rebuilds go from ~5m to 1.5s.
This also required setting DOCKER_BUILDKIT=1 in integration test image
builds.
I also took the opportunity to bump the Go version used in those tests
to Go 1.17 to match the image build processes, and tidied up the
workflow files a bit too (renaming for consistency, typos, whitespace,
etc.)
2021-12-22 12:43:12 -05:00
710650da73
Call cosign sign --key ( #1849 )
2021-12-21 12:40:06 -05:00
6e500ecad9
Consolidate PR and real release workflows ( #1845 )
...
* WIP: consolidate PR and real release workflows
- push and sign an image tagged for every push to the repo (e.g., merged PRs)
- push and sign for tag pushes, with release tags
- build but don't push for opened PRs
WIP because I need to test more with the tag flow, but pushes worked in
my fork.
* apply release tags, uncomment kms stuff
* Tag images correctly during releases
* review feedback
2021-12-20 22:02:12 -05:00
0fd1058782
Attempt to speed up PR image builds by sharing a cache ( #1844 )
...
docker/setup-buildx-action actually provides first-class support for
the GitHub Actions cache (though experimental). This should make builds
much faster. Previous configuration wasn't properly configuring caching,
as far as I can tell.
This also takes advantage of GitHub Actions matrix support to more
concisely express the build parameters then execute the same steps on
them, which makes it clearer that the builds are all fundamentally doing
the same thing.
2021-12-17 22:17:05 -05:00
c87f8efd07
Start keyless signing kaniko releases ( #1841 )
2021-12-17 19:52:51 -05:00
22f76bb65d
Sign digests not tags. ( #1840 )
...
The logic that was in here was signing the tags we publish, which has a race. Also since what cosign signs is actually the digest, this was signing 3x where we really only need one call.
2021-12-17 18:43:15 -05:00
2e8a13943f
Bump the cosign version (a lot) ( #1839 )
...
The cosign version being used was ancient. This catches us up to 1.4.1 (latest).
I was also eyeballing the very redundant jobs in `release.yaml` for a subsequent refactoring to make this a matrix job, so there are a couple of trivial cleanups related to this.
2021-12-17 17:51:28 -05:00
49f0154b3f
Fix the e2e K8s test ( #1842 )
...
* Debugging the integration testing.
It seems to be consistently failing (also fix a typo in the file/leg name).
I'm disabling `-v` for `go test` because it interleaves the test output in ways that make it painful to read a single failing test's output when `t.Parallel` is involved.
* Try swapping registry:2 for the registry add-on
* Drop logf and make Logger private
2021-12-17 14:43:38 -05:00
78808c9070
Fix syntax error in release.yaml ( #1800 )
2021-12-02 13:50:05 -05:00
ee31dc93b6
Revert "Support mirror registries with path component ( #1707 )" ( #1794 )
...
* Revert "Support mirror registries with path component (#1707 )"
This reverts commit 4e218f2162
2021-10-20 19:13:24 -07:00
3b42fe45ea
chore: add release workflow on pr ( #1785 )
...
* chore: add release workflow on pr
* remove linux/s390x
* use keys
* set up platforms
* cancel
* update keys
* add secrets to env
* All platforms added for kaniko
Co-authored-by: Kun-Lu <kun.lu@ibm.com>
* echi
* add mt 1300, remove push
* Remove
* final change
* break executor and executor-slim
Co-authored-by: Kun-Lu <kun.lu@ibm.com>
2021-10-19 18:58:02 -07:00
b873088c4a
remove ppc64le ( #1784 )
2021-10-19 13:10:55 -07:00
4e8aae7c06
Revert ppce4 and other unintentional changes ( #1781 )
...
* Revert "fix dockefiles for deploy"
This reverts commit 63613adb82
2021-10-19 12:40:14 -07:00
779d224697
fix dockefiles for deploy ( #1775 )
2021-10-19 02:01:53 -07:00
32923d109f
Update release.yaml
2021-10-19 01:02:20 -07:00
dependabot[bot]
Jason Hall
Naveen
Aaruni Aggarwal
priyawadhwa
Kun Lu
Matt Moore
Tejal Desai