458789f852
fix: resolve issue with integration tests where lack of disk space caused k3s issues ( #2804 )
2023-10-17 18:02:30 -07:00
f43985e151
chore(deps): bump docker/setup-buildx-action from 2.10.0 to 3.0.0 ( #2743 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.10.0 to 3.0.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](885d1462b8...f95db51fdd
2023-09-12 10:40:48 -07:00
11801d83cb
chore(deps): bump docker/setup-qemu-action from 2.2.0 to 3.0.0 ( #2744 )
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 2.2.0 to 3.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](2b82ce82d5...68827325e0
2023-09-12 10:20:11 -07:00
2c6a0a5c02
chore(deps): bump docker/build-push-action from 4.2.1 to 5.0.0 ( #2742 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4.2.1 to 5.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](0a97817b6a...0565240e2d
2023-09-12 10:19:31 -07:00
272e598e83
chore(deps): bump docker/build-push-action from 4.1.1 to 4.2.1 ( #2739 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4.1.1 to 4.2.1.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](2eb1c1961a...0a97817b6a
2023-09-12 09:59:59 -07:00
621802f98b
chore(deps): bump sigstore/cosign-installer from 3.1.1 to 3.1.2 ( #2727 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](6e04d228eb...11086d2504
2023-09-05 15:55:45 -07:00
eef17f6aac
chore(deps): bump docker/setup-buildx-action from 2.9.1 to 2.10.0 ( #2726 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.9.1 to 2.10.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](4c0219f9ac...885d1462b8
2023-09-05 15:54:49 -07:00
2005f9aeb7
chore(deps): bump actions/setup-go from 4.0.1 to 4.1.0 ( #2672 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4.0.1 to 4.1.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](fac708d667...93397bea11
2023-08-08 10:16:49 -07:00
694ccff543
fix: resolve issue where CI env was failing due to dependency change ( #2668 )
2023-08-08 09:32:32 -07:00
3e5b6eb971
chore(deps): bump docker/setup-buildx-action from 2.8.0 to 2.9.1 ( #2626 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.8.0 to 2.9.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](16c0bc4a6e...4c0219f9ac
2023-07-17 10:18:25 -07:00
d7a4c04439
chore(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 ( #2606 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](ecf95283f0...16c0bc4a6e
2023-07-04 12:01:07 -07:00
31ddc1aef9
chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 ( #2607 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](d13028333d...6e04d228eb
2023-07-04 12:00:43 -07:00
494bec75b8
chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 ( #2595 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](dd6b2e2b61...d13028333d
2023-06-25 20:59:10 -07:00
b1cd355c38
chore(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0 ( #2579 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](6a58db7e0d...ecf95283f0
2023-06-18 23:14:23 -07:00
ef551f4219
chore(deps): bump docker/build-push-action from 4.1.0 to 4.1.1 ( #2580 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](44ea916f6c...2eb1c1961a
2023-06-18 20:56:11 -07:00
e01e67074a
chore(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 ( #2555 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](4b4e9c3e2d...6a58db7e0d
2023-06-13 01:09:10 -07:00
9aa22dc0e1
chore(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0 ( #2556 )
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](e81a89b173...2b82ce82d5
2023-06-13 00:20:12 -07:00
e12012c53d
chore(deps): bump docker/build-push-action from 4.0.0 to 4.1.0 ( #2557 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](3b5e8027fc...44ea916f6c
2023-06-13 00:19:56 -07:00
c1436d4c70
Update google-github-actions/setup-gcloud ( #2548 )
...
On the latest `google-github-actions/setup-gcloud` versions, the auth mechanism has been removed and `google-github-actions/auth` needs to be used instead.
Closes #2525
Signed-off-by: Ferran Vidal <ferran.vidal.p@gmail.com>
2023-06-06 19:28:20 -07:00
507fe00b42
Use a multistage image to remove all redundancies on Dockerfiles ( #2547 )
...
As all Kaniko variants should be upgraded at once, all following the same specifications, it is easier for maintainers to bump Go or other image dependencies in a single place.
On top of that, there were an issue building `ppc64le` images because of a semantic error on the if condition that checks the arch used.
Signed-off-by: Ferran Vidal <ferran.vidal.p@gmail.com>
2023-06-05 09:20:40 -07:00
971b9f48a0
only build for linux/amd64 on PRs ( #2460 )
2023-05-30 15:30:58 -07:00
47eab89261
chore(deps): bump actions/setup-go from 3.2.0 to 4.0.1 ( #2517 )
...
* chore(deps): bump actions/setup-go from 3.2.0 to 4.0.1
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.2.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](b22fbbc292...fac708d667
2023-05-29 13:47:09 -07:00
83311d7a8f
chore(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.5 ( #2518 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.3 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](204a51a57a...dd6b2e2b61
2023-05-29 01:44:06 -07:00
c555bbb54d
chore(deps): bump docker/setup-buildx-action from 2.0.0 to 2.5.0 ( #2519 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.0.0 to 2.5.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](dc7b9719a9...4b4e9c3e2d
2023-05-29 01:39:54 -07:00
b4f3885a92
chore: Revert "chore(deps): bump google-github-actions/setup-gcloud from 0.5.1 to 1.1.1 ( #2502 )" ( #2524 )
...
This reverts commit 4db5ca9ffa
2023-05-23 11:13:07 -07:00
8d975f346f
chore(deps): bump imjasonh/setup-crane from 0.1 to 0.3 ( #2401 )
...
Bumps [imjasonh/setup-crane](https://github.com/imjasonh/setup-crane ) from 0.1 to 0.3.
- [Release notes](https://github.com/imjasonh/setup-crane/releases )
- [Commits](5146f708a8...00c9e93efa
2023-05-18 15:59:36 -07:00
73c50bfff4
chore(deps): bump docker/setup-qemu-action from 1.2.0 to 2.1.0 ( #2287 )
...
* chore(deps): bump docker/setup-qemu-action from 1.2.0 to 2.1.0
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 1.2.0 to 2.1.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](27d0a4f181...e81a89b173
2023-05-18 13:31:04 -07:00
dc053ff3a9
Delete scorecards-analysis.yml ( #2510 )
2023-05-18 13:30:19 -07:00
f77610360e
chore(deps): bump docker/build-push-action from 3.2.0 to 4.0.0 ( #2505 )
...
* chore(deps): bump docker/build-push-action from 3.2.0 to 4.0.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3.2.0 to 4.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](c56af95754...3b5e8027fc
2023-05-17 16:06:04 -07:00
7f718c262e
chore(deps): bump ossf/scorecard-action from 1.1.1 to 2.1.3 ( #2506 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.1.1 to 2.1.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](3e15ea8318...80e868c13c
2023-05-16 00:43:44 -07:00
4db5ca9ffa
chore(deps): bump google-github-actions/setup-gcloud from 0.5.1 to 1.1.1 ( #2502 )
...
Bumps [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud ) from 0.5.1 to 1.1.1.
- [Release notes](https://github.com/google-github-actions/setup-gcloud/releases )
- [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/main/CHANGELOG.md )
- [Commits](04141d8a7e...e30db14379
2023-05-11 09:46:17 -07:00
123ad4a529
chore(deps): bump sigstore/cosign-installer from 3.0.1 to 3.0.3 ( #2495 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.1 to 3.0.3.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](c3667d9942...204a51a57a
2023-05-10 22:51:57 -07:00
eb817932b4
chore(deps): bump github/codeql-action from 2.1.8 to 2.3.2 ( #2487 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.8 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1ed1437484...f3feb00acb
2023-05-05 15:51:18 -07:00
6ca4c4b55b
bump cosign version used to sign images ( #2437 )
...
Signed-off-by: Jason Hall <jason@chainguard.dev>
2023-03-21 18:26:41 -04:00
14ea7c4071
Fix Integration tests ( #2425 )
...
* fix(ci): Bump golangci-lint to 1.51.1
* chore(lint): fix gofmt and goimport issues
* chore(lint): fix linter issues
- Adapted error comparison according to linter recommendation
- Disabled noctx linting for http request where canceling makes no sense
- Disabled nilerror linting where nil error is returned on purpose
- Disabled makezero linter where slice is explicitly deepcopied
* chore(ci): Update go version in tests workflows
* fix(ci): Allow boilerplate years from 2000-2099
Previously the regex only allowed the copyright notice to contain the
years 2018,2019,2020,2021, or 2022. This commit widens to regex to
20\d\d allowing any year in the range [2000-2099]
* feat(ci): Replace minikube with k3s for intregration tests
The existing setup for minikube is very complicated, replicating most of
the setup steps for a full kubernetes cluster in an only partially
supported minikube configuration (driver=none). Furthermore the existing
setup has been broken for sometime, likely, at least in part due to the
changes to CNI and CRI in recent kubernetes versions.
Since what we actually need is only a running Kubernetes cluster on the
node and access to a registry on localhost:5000, we can switch the
extremely complicated minikube setup for a lightweight cluster using
k3s. Minikube came with a default addon for running a registry on every
node, but the same is not the case for k3s, instead we make use of the
package helm controller and its HelmChart CR to deploy twuni/docker-registry.helm
and expose it on localhost using the integrated LoadBalancer controller.
* fix(test-684): pin base container version
The dockerfile for the regression test connected to issue 684 used a
rolling tag as base image, making it flaky and fail since it was
introduced.
This commit pins the base image to the digest of bionic-20200219, which,
based on the date of the commit that introduced to the dockerfile would
be the most newest ubuntu build and likely what the "rolling" tag
resolved to back then. Since this also an image from the pre-oci days of
ubuntu, this circumvents a bug in container-diff as well
(https://github.com/GoogleContainerTools/container-diff/issues/389 )
2023-03-21 12:30:54 -04:00
ce00d2cd63
ci: don't cache certs stage ( #2296 )
2022-11-01 08:36:30 -04:00
06866c0b4c
bump cosign version so it can sign ( #2224 )
2022-08-25 14:23:40 -04:00
1395e4682f
Bump ossf/scorecard-action from 1.0.4 to 1.1.1 ( #2116 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.0.4 to 1.1.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](c1aec4ac82...3e15ea8318
2022-06-01 13:59:46 -04:00
c7841d7653
Bump actions/setup-go from 3.0.0 to 3.2.0 ( #2112 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.0.0 to 3.2.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](f6164bd8c8...b22fbbc292
2022-06-01 13:13:59 -04:00
6b6795e4a7
Fix release tagging workflow ( #2034 )
...
In Bash, "-eq" compares integers, and "==" compares strings, so "debug
-eq latest" always evaulated to true.
$ if [[ "debug" -eq "latest" ]]; then echo latest; else echo debug; fi
latest
$ if [[ "debug" == "latest" ]]; then echo latest; else echo debug; fi
debug
2022-05-16 12:19:39 -07:00
9019b7667c
Bump docker/setup-buildx-action from 1.6.0 to 2 ( #2081 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1.6.0 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](94ab11c41e...dc7b9719a9
2022-05-16 12:14:10 -07:00
a5d96682ac
Bump sigstore/cosign-installer from b4f55743d10d066fee1de1cf0fa26069700c0195 to 2.2.0 ( #2044 )
...
* Bump sigstore/cosign-installer
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from b4f55743d10d066fee1de1cf0fa26069700c0195 to 2.2.0. This release includes the previously tagged commit.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](b4f55743d1...d6a3abf1bd
2022-04-11 13:10:39 -04:00
d849b0bfdc
Bump github/codeql-action from 2.1.6 to 2.1.8 ( #2043 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.6 to 2.1.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28eead2408...1ed1437484
2022-04-11 10:26:45 -04:00
6c7d03a5ea
Bump github/codeql-action from 1.1.5 to 2.1.6 ( #2031 )
...
* Bump github/codeql-action from 1.1.5 to 2.1.6
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.5 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8834766498...28eead2408
2022-04-04 11:22:15 -04:00
8651c0604a
Bump github/codeql-action from 1.1.3 to 1.1.5 ( #2000 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.3 to 1.1.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](75f07e7ab2...8834766498
2022-03-21 09:32:16 -04:00
f38043ff59
Fix image tags in release workflow ( #1977 )
...
Two bugs:
- fix typo in debug release_tag (should be release-tag)
- only tag :latest images as :v1.X.Y; tag non-:latest images as
:v1.X.Y-debug etc.
2022-03-10 15:30:18 -05:00
aca3b966a3
Bump actions/setup-go from 2.2.0 to 3 ( #1970 )
...
* Bump actions/setup-go from 2.2.0 to 3
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2.2.0 to 3.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](bfdd3570ce...f6164bd8c8
2022-03-07 14:14:29 -05:00
5bf2b70e1d
Bump google-github-actions/setup-gcloud from 0.5.0 to 0.5.1 ( #1950 )
...
* Bump google-github-actions/setup-gcloud from 0.5.0 to 0.5.1
Bumps [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud ) from 0.5.0 to 0.5.1.
- [Release notes](https://github.com/google-github-actions/setup-gcloud/releases )
- [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google-github-actions/setup-gcloud/compare/v0.5.0...v0.5.1 )
---
updated-dependencies:
- dependency-name: google-github-actions/setup-gcloud
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update .github/workflows/images.yaml
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jason Hall <jasonhall@redhat.com>
2022-03-07 14:09:51 -05:00
493ce4f949
Update dependabot settings to get updates for docker ( #1969 )
...
- Update dependabot settings to get updates for docker
2022-03-07 14:09:44 -05:00
20e18132b0
Pinned GitHub actions by SHA ( #1963 )
...
- Pinned GitHub actions by SHA
https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies
2022-03-07 13:34:23 -05:00
Aaron Prindle
dependabot[bot]
Ferran Vidal
Jason Hall
Joël Pepper
Shude Li
Naveen