Commit graph

216 commits

Author SHA1 Message Date
dependabot[bot] 1ff8d57ea1
chore(deps): Bump anchore/scan-action from 3.3.7 to 3.3.8 (#3682)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-04 20:34:20 +00:00
dependabot[bot] 7ce745a82d
chore(deps): Bump docker/metadata-action from 5.0.0 to 5.3.0 (#3683)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-04 21:32:49 +01:00
Brennan Kinney 19e96b5131
fix: update-check.sh should query GH Releases (#3666)
* fix: Source `VERSION` from image ENV

Now CI builds triggered from tagged releases will always have the correct version. No need for manually updating a separate file.

* fix: Query latest GH release tag

Compare to the remote GH release tag published, rather than contents of a `VERSION` file.

`VERSION` file remains in source for now as prior releases still rely on it for an update notification.

* chore: Switch from `yq` to `jaq`

- Can more easily express a string subslice.
- Lighter weight: 9.3M vs 1.7M.
- Drawback, no YAML input/output support.

If `yq` is preferred, the `v` prefix could be removed via BASH easily enough.

* chore: Add entry to `CHANGELOG.md`

* ci: `VERSION` has no relevance to `:edge`

* docs: Update build guide + simplify `make build`

---------

Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2023-11-30 10:21:26 +13:00
dependabot[bot] b037288e5a
chore(deps): Bump anchore/scan-action from 3.3.6 to 3.3.7 (#3667)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-27 14:22:17 +01:00
Georg Lauterbach 68a43eb497
ci: push :edge when VERSION is updated (#3662)
Previously, we did not run the workflow on push on `master` when a
release happened because the push on master is guarded by a check on
which files were changed.

With this change, I added `VERSION` to the list of files to consider
when updating `:edge`.
2023-11-26 21:44:47 +01:00
dependabot[bot] 042bd872bf
chore(deps): Bump docker/build-push-action from 5.0.0 to 5.1.0 (#3645)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-20 14:03:32 +01:00
Georg Lauterbach f5a7e9d119
contributors: fix spelling & remove dedicated AllContributors section (#3638)
With the latest `contributors.yml` workflow, everyone is included in the
list of contributors. Hence, we do not need the extra section anymore.
2023-11-14 16:15:39 +01:00
georglauterbach eb7b1882e1
update contributors.yml action 2023-10-22 17:42:01 +02:00
dependabot[bot] 539a7bc3bb
chore(deps): Bump docker/login-action from 2 to 3 (#3543)
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-19 03:01:59 +00:00
dependabot[bot] 285266a6aa
chore(deps): Bump docker/metadata-action from 4.6.0 to 5.0.0 (#3544)
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4.6.0 to 5.0.0.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/docker/metadata-action/compare/v4.6.0...v5.0.0)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-19 02:59:39 +00:00
dependabot[bot] af65189a82
chore(deps): Bump docker/setup-qemu-action from 2.2.0 to 3.0.0 (#3542)
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.2.0 to 3.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-19 02:57:36 +00:00
dependabot[bot] c425cdddc5
chore(deps): Bump docker/build-push-action from 4.2.1 to 5.0.0 (#3541)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4.2.1 to 5.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2023-09-19 02:55:20 +00:00
dependabot[bot] 62f4544dd2
chore(deps): Bump docker/setup-buildx-action from 2.10.0 to 3.0.0 (#3540)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.10.0 to 3.0.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-19 14:53:39 +12:00
dependabot[bot] 8329fa19cc
chore(deps): Bump myrotvorets/set-commit-status-action (#3534)
Bumps [myrotvorets/set-commit-status-action](https://github.com/myrotvorets/set-commit-status-action) from 1.1.7 to 2.0.0.
- [Release notes](https://github.com/myrotvorets/set-commit-status-action/releases)
- [Commits](https://github.com/myrotvorets/set-commit-status-action/compare/v1.1.7...v2.0.0)

---
updated-dependencies:
- dependency-name: myrotvorets/set-commit-status-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-12 10:50:55 +12:00
dependabot[bot] fc3229f8d2
chore(deps): Bump docker/build-push-action from 4.1.1 to 4.2.1 (#3533)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-11 18:58:36 +02:00
dependabot[bot] c5420530b7
chore(deps): Bump actions/checkout from 3 to 4 (#3525)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-04 17:07:38 +02:00
Brennan Kinney 19b72aead3
docs: Update docs builder image (#3516)
- Bump to release `9.2.x`
- Image now has `MAJOR.MINOR` tag support to pull latest `PATCH` versions.
2023-08-29 23:33:39 +12:00
dependabot[bot] 855d9acb53
chore(deps): Bump docker/setup-buildx-action from 2.9.1 to 2.10.0 (#3511)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-28 19:33:05 +02:00
dependabot[bot] 0dc862156f
chore(deps): Bump nwtgck/actions-netlify from 2.0 to 2.1 (#3495)
Bumps [nwtgck/actions-netlify](https://github.com/nwtgck/actions-netlify) from 2.0 to 2.1.
- [Release notes](https://github.com/nwtgck/actions-netlify/releases)
- [Changelog](https://github.com/nwtgck/actions-netlify/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/nwtgck/actions-netlify/compare/v2.0...v2.1)

---
updated-dependencies:
- dependency-name: nwtgck/actions-netlify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-22 10:30:10 +12:00
dependabot[bot] 7d5c2736ce
chore(deps): Bump docker/setup-buildx-action from 2.9.0 to 2.9.1 (#3430)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-17 21:48:19 +02:00
dependabot[bot] 18f8d2573b
chore(deps): Bump docker/setup-buildx-action from 2.8.0 to 2.9.0 (#3421)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-10 19:25:14 +02:00
dependabot[bot] ee7c4b1ede
chore(deps): Bump docker/setup-buildx-action from 2.7.0 to 2.8.0 (#3414)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 14:54:14 +02:00
dependabot[bot] 32c3ecd00e
chore(deps): Bump anchore/scan-action from 3.3.5 to 3.3.6 (#3406)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-26 20:01:26 +02:00
dependabot[bot] 4dae83b256
chore(deps): Bump peter-evans/create-pull-request from 5.0.1 to 5.0.2 (#3399)
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v5.0.1...v5.0.2)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-20 09:43:57 +02:00
dependabot[bot] e380cc3065
chore(deps): Bump docker/setup-buildx-action from 2.6.0 to 2.7.0 (#3398) 2023-06-19 23:21:13 +02:00
dependabot[bot] 59bcab6127
chore(deps): Bump docker/build-push-action from 4.1.0 to 4.1.1 (#3400) 2023-06-19 23:14:09 +02:00
dependabot[bot] 7a5dfb71c2
chore(deps): Bump docker/metadata-action from 4.5.0 to 4.6.0 (#3401) 2023-06-19 23:03:45 +02:00
dependabot[bot] 8fbc58cf5d
chore(deps): Bump docker/setup-qemu-action from 2.1.0 to 2.2.0 (#3389) 2023-06-12 19:19:35 +02:00
dependabot[bot] 7b1a712c91
chore(deps): Bump docker/metadata-action from 4.4.0 to 4.5.0 (#3387)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 17:13:51 +00:00
dependabot[bot] 8e87a4d845
chore(deps): Bump docker/setup-buildx-action from 2.5.0 to 2.6.0 (#3388)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 17:12:00 +00:00
dependabot[bot] 7bf772e2d6
chore(deps): Bump docker/build-push-action from 4.0.0 to 4.1.0 (#3390)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 19:10:10 +02:00
dependabot[bot] d1fb8f5958
chore(deps): Bump myrotvorets/set-commit-status-action from 1.1.6 to 1.1.7 (#3377)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-29 16:52:34 +02:00
georglauterbach da8d3654b8
add dispatch to scheduled build workflow 2023-05-15 20:36:08 +02:00
Georg Lauterbach e82f0f2527
ci: fix scheduled build permissions (#3345) 2023-05-15 20:35:00 +02:00
dependabot[bot] 9577ab5033
chore(deps): Bump peter-evans/create-pull-request from 5.0.0 to 5.0.1 (#3314) 2023-05-08 15:07:40 +02:00
georglauterbach 869caf35ec
ci: fix contributors workflow (again) (#3304) 2023-05-02 20:52:54 +02:00
Brennan Kinney cd7d9b1977
update contributors.yml (#2227) 2023-04-29 09:03:18 +02:00
dependabot[bot] 223c766320
chore(deps): Bump docker/metadata-action from 4.3.0 to 4.4.0 (#3287)
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/v4.3.0...v4.4.0)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-24 15:02:26 +02:00
Georg Lauterbach ff087837bd
fix: GH docs update workflow (#3241) 2023-04-10 11:54:52 +02:00
Georg Lauterbach cf8e555212
docs: miscellaneous improvements (#3219)
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2023-04-08 11:54:16 +02:00
dependabot[bot] 637d27efc7
chore(deps): Bump peaceiris/actions-gh-pages from 3.9.2 to 3.9.3 (#3216) 2023-04-03 15:22:52 +02:00
dependabot[bot] 69031b969d
chore(deps): Bump anchore/scan-action from 3.3.4 to 3.3.5 (#3217) 2023-04-03 15:00:45 +02:00
dependabot[bot] 1c231053d0
chore(deps): Bump actions/stale from 7 to 8 (#3205)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-28 01:28:18 +02:00
Jack Pearson e12b032f77
docs: Change edge version links to latest + fix links intended as relative not absolute (#3190)
* docs: change some absolute links to relative links

* docs: change most hard-coded links to `edge` to point to `latest`

* Apply suggestions from code review

* docs: revert 404 page to edge and change canonical link to `latest

---------

Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2023-03-22 23:43:10 +13:00
Jack Pearson d770c67a2d
ci(docs): Update latest symlink via docs-production-deploy workflow (#3183) 2023-03-20 11:37:24 +13:00
dependabot[bot] e890ba46a3
chore(deps): Bump docker/setup-buildx-action from 2.4.1 to 2.5.0 (#3176)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-14 11:45:27 +13:00
Brennan Kinney aa4d4fe315
ci(fix): Only apply permissions at the job level (#3142)
If permissions are specified at the workflow level, any that are not explicitly set became `none` and jobs cannot request that to change.

Permissions are therefore scoped to the job itself.
2023-03-03 15:32:00 +01:00
Georg Lauterbach 4e82d4de54
ci/docs: add vulnerability scanning workflow & security policy (#3106) 2023-02-23 08:53:12 +01:00
dependabot[bot] 16f46c1e14
chore(deps): Bump docker/setup-buildx-action from 2.4.0 to 2.4.1 (#3087)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.4.0...v2.4.1)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-15 11:52:40 +13:00
Brennan Kinney 646e010cb7
ci(fix): Temporarily avoid specifying provenance (#3072)
* ci(fix): Temporarily avoid specifying `provenance`

As the test workflow does not use the `docker-container` buildx driver, it uses the Docker Engine bundled BuildKit version which until v23 release does not support attestations.

Likewise the current buildx version in CI is `0.10.0` which does not respect `--provenance false`, the presence of the option appears to trigger a BuildKit version compatibility check and fail early before it considers the value of the option.

* chore: Use buildx `docker-container` driver instead

An alternative solution to omitting `provenance: false` (_not supported by buildx 0.10.0 with default `docker` driver when Docker Engine bundles BuildKit less than 0.10.0, which is the case prior to the Docker Engine v23 release_). 

This approach provides more consistency with the build and publish workflows by using the same buildx `docker-container` driver (_and thus newer BuildKit, enabling support for  `provenance: false`_).

* chore: Revise test workflow inline docs

Buildx `docker-container` driver is not needed here, but it does seem like it improves cache-hit ratio when building from the retrieved build cache (from the earlier build workflow). Possibly due to building with the same BuildKit version.
2023-02-09 22:33:50 +13:00