dependabot[bot]
1ff8d57ea1
chore(deps): Bump anchore/scan-action from 3.3.7 to 3.3.8 ( #3682 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-04 20:34:20 +00:00
dependabot[bot]
7ce745a82d
chore(deps): Bump docker/metadata-action from 5.0.0 to 5.3.0 ( #3683 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-04 21:32:49 +01:00
Brennan Kinney
19e96b5131
fix: update-check.sh
should query GH Releases ( #3666 )
...
* fix: Source `VERSION` from image ENV
Now CI builds triggered from tagged releases will always have the correct version. No need for manually updating a separate file.
* fix: Query latest GH release tag
Compare to the remote GH release tag published, rather than contents of a `VERSION` file.
`VERSION` file remains in source for now as prior releases still rely on it for an update notification.
* chore: Switch from `yq` to `jaq`
- Can more easily express a string subslice.
- Lighter weight: 9.3M vs 1.7M.
- Drawback, no YAML input/output support.
If `yq` is preferred, the `v` prefix could be removed via BASH easily enough.
* chore: Add entry to `CHANGELOG.md`
* ci: `VERSION` has no relevance to `:edge`
* docs: Update build guide + simplify `make build`
---------
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2023-11-30 10:21:26 +13:00
dependabot[bot]
b037288e5a
chore(deps): Bump anchore/scan-action from 3.3.6 to 3.3.7 ( #3667 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-27 14:22:17 +01:00
Georg Lauterbach
68a43eb497
ci: push :edge
when VERSION
is updated ( #3662 )
...
Previously, we did not run the workflow on push on `master` when a
release happened because the push on master is guarded by a check on
which files were changed.
With this change, I added `VERSION` to the list of files to consider
when updating `:edge`.
2023-11-26 21:44:47 +01:00
dependabot[bot]
042bd872bf
chore(deps): Bump docker/build-push-action from 5.0.0 to 5.1.0 ( #3645 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-20 14:03:32 +01:00
Georg Lauterbach
f5a7e9d119
contributors: fix spelling & remove dedicated AllContributors section ( #3638 )
...
With the latest `contributors.yml` workflow, everyone is included in the
list of contributors. Hence, we do not need the extra section anymore.
2023-11-14 16:15:39 +01:00
georglauterbach
eb7b1882e1
update contributors.yml
action
2023-10-22 17:42:01 +02:00
dependabot[bot]
539a7bc3bb
chore(deps): Bump docker/login-action from 2 to 3 ( #3543 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-19 03:01:59 +00:00
dependabot[bot]
285266a6aa
chore(deps): Bump docker/metadata-action from 4.6.0 to 5.0.0 ( #3544 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 4.6.0 to 5.0.0.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md )
- [Commits](https://github.com/docker/metadata-action/compare/v4.6.0...v5.0.0 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-19 02:59:39 +00:00
dependabot[bot]
af65189a82
chore(deps): Bump docker/setup-qemu-action from 2.2.0 to 3.0.0 ( #3542 )
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 2.2.0 to 3.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0 )
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-19 02:57:36 +00:00
dependabot[bot]
c425cdddc5
chore(deps): Bump docker/build-push-action from 4.2.1 to 5.0.0 ( #3541 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4.2.1 to 5.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2023-09-19 02:55:20 +00:00
dependabot[bot]
62f4544dd2
chore(deps): Bump docker/setup-buildx-action from 2.10.0 to 3.0.0 ( #3540 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.10.0 to 3.0.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-19 14:53:39 +12:00
dependabot[bot]
8329fa19cc
chore(deps): Bump myrotvorets/set-commit-status-action ( #3534 )
...
Bumps [myrotvorets/set-commit-status-action](https://github.com/myrotvorets/set-commit-status-action ) from 1.1.7 to 2.0.0.
- [Release notes](https://github.com/myrotvorets/set-commit-status-action/releases )
- [Commits](https://github.com/myrotvorets/set-commit-status-action/compare/v1.1.7...v2.0.0 )
---
updated-dependencies:
- dependency-name: myrotvorets/set-commit-status-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-12 10:50:55 +12:00
dependabot[bot]
fc3229f8d2
chore(deps): Bump docker/build-push-action from 4.1.1 to 4.2.1 ( #3533 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-11 18:58:36 +02:00
dependabot[bot]
c5420530b7
chore(deps): Bump actions/checkout from 3 to 4 ( #3525 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-04 17:07:38 +02:00
Brennan Kinney
19b72aead3
docs: Update docs builder image ( #3516 )
...
- Bump to release `9.2.x`
- Image now has `MAJOR.MINOR` tag support to pull latest `PATCH` versions.
2023-08-29 23:33:39 +12:00
dependabot[bot]
855d9acb53
chore(deps): Bump docker/setup-buildx-action from 2.9.1 to 2.10.0 ( #3511 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-28 19:33:05 +02:00
dependabot[bot]
0dc862156f
chore(deps): Bump nwtgck/actions-netlify from 2.0 to 2.1 ( #3495 )
...
Bumps [nwtgck/actions-netlify](https://github.com/nwtgck/actions-netlify ) from 2.0 to 2.1.
- [Release notes](https://github.com/nwtgck/actions-netlify/releases )
- [Changelog](https://github.com/nwtgck/actions-netlify/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/nwtgck/actions-netlify/compare/v2.0...v2.1 )
---
updated-dependencies:
- dependency-name: nwtgck/actions-netlify
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-22 10:30:10 +12:00
dependabot[bot]
7d5c2736ce
chore(deps): Bump docker/setup-buildx-action from 2.9.0 to 2.9.1 ( #3430 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-17 21:48:19 +02:00
dependabot[bot]
18f8d2573b
chore(deps): Bump docker/setup-buildx-action from 2.8.0 to 2.9.0 ( #3421 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-10 19:25:14 +02:00
dependabot[bot]
ee7c4b1ede
chore(deps): Bump docker/setup-buildx-action from 2.7.0 to 2.8.0 ( #3414 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 14:54:14 +02:00
dependabot[bot]
32c3ecd00e
chore(deps): Bump anchore/scan-action from 3.3.5 to 3.3.6 ( #3406 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-26 20:01:26 +02:00
dependabot[bot]
4dae83b256
chore(deps): Bump peter-evans/create-pull-request from 5.0.1 to 5.0.2 ( #3399 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v5.0.1...v5.0.2 )
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-20 09:43:57 +02:00
dependabot[bot]
e380cc3065
chore(deps): Bump docker/setup-buildx-action from 2.6.0 to 2.7.0 ( #3398 )
2023-06-19 23:21:13 +02:00
dependabot[bot]
59bcab6127
chore(deps): Bump docker/build-push-action from 4.1.0 to 4.1.1 ( #3400 )
2023-06-19 23:14:09 +02:00
dependabot[bot]
7a5dfb71c2
chore(deps): Bump docker/metadata-action from 4.5.0 to 4.6.0 ( #3401 )
2023-06-19 23:03:45 +02:00
dependabot[bot]
8fbc58cf5d
chore(deps): Bump docker/setup-qemu-action from 2.1.0 to 2.2.0 ( #3389 )
2023-06-12 19:19:35 +02:00
dependabot[bot]
7b1a712c91
chore(deps): Bump docker/metadata-action from 4.4.0 to 4.5.0 ( #3387 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 17:13:51 +00:00
dependabot[bot]
8e87a4d845
chore(deps): Bump docker/setup-buildx-action from 2.5.0 to 2.6.0 ( #3388 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 17:12:00 +00:00
dependabot[bot]
7bf772e2d6
chore(deps): Bump docker/build-push-action from 4.0.0 to 4.1.0 ( #3390 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 19:10:10 +02:00
dependabot[bot]
d1fb8f5958
chore(deps): Bump myrotvorets/set-commit-status-action from 1.1.6 to 1.1.7 ( #3377 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-29 16:52:34 +02:00
georglauterbach
da8d3654b8
add dispatch to scheduled build workflow
2023-05-15 20:36:08 +02:00
Georg Lauterbach
e82f0f2527
ci: fix scheduled build permissions ( #3345 )
2023-05-15 20:35:00 +02:00
dependabot[bot]
9577ab5033
chore(deps): Bump peter-evans/create-pull-request from 5.0.0 to 5.0.1 ( #3314 )
2023-05-08 15:07:40 +02:00
georglauterbach
869caf35ec
ci: fix contributors workflow (again) ( #3304 )
2023-05-02 20:52:54 +02:00
Brennan Kinney
cd7d9b1977
update contributors.yml
( #2227 )
2023-04-29 09:03:18 +02:00
dependabot[bot]
223c766320
chore(deps): Bump docker/metadata-action from 4.3.0 to 4.4.0 ( #3287 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](https://github.com/docker/metadata-action/compare/v4.3.0...v4.4.0 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-24 15:02:26 +02:00
Georg Lauterbach
ff087837bd
fix: GH docs update workflow ( #3241 )
2023-04-10 11:54:52 +02:00
Georg Lauterbach
cf8e555212
docs: miscellaneous improvements ( #3219 )
...
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2023-04-08 11:54:16 +02:00
dependabot[bot]
637d27efc7
chore(deps): Bump peaceiris/actions-gh-pages from 3.9.2 to 3.9.3 ( #3216 )
2023-04-03 15:22:52 +02:00
dependabot[bot]
69031b969d
chore(deps): Bump anchore/scan-action from 3.3.4 to 3.3.5 ( #3217 )
2023-04-03 15:00:45 +02:00
dependabot[bot]
1c231053d0
chore(deps): Bump actions/stale from 7 to 8 ( #3205 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-28 01:28:18 +02:00
Jack Pearson
e12b032f77
docs: Change edge
version links to latest
+ fix links intended as relative not absolute ( #3190 )
...
* docs: change some absolute links to relative links
* docs: change most hard-coded links to `edge` to point to `latest`
* Apply suggestions from code review
* docs: revert 404 page to edge and change canonical link to `latest
---------
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2023-03-22 23:43:10 +13:00
Jack Pearson
d770c67a2d
ci(docs): Update latest
symlink via docs-production-deploy workflow ( #3183 )
2023-03-20 11:37:24 +13:00
dependabot[bot]
e890ba46a3
chore(deps): Bump docker/setup-buildx-action from 2.4.1 to 2.5.0 ( #3176 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-14 11:45:27 +13:00
Brennan Kinney
aa4d4fe315
ci(fix): Only apply permissions at the job level ( #3142 )
...
If permissions are specified at the workflow level, any that are not explicitly set became `none` and jobs cannot request that to change.
Permissions are therefore scoped to the job itself.
2023-03-03 15:32:00 +01:00
Georg Lauterbach
4e82d4de54
ci/docs: add vulnerability scanning workflow & security policy ( #3106 )
2023-02-23 08:53:12 +01:00
dependabot[bot]
16f46c1e14
chore(deps): Bump docker/setup-buildx-action from 2.4.0 to 2.4.1 ( #3087 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.4.0...v2.4.1 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-15 11:52:40 +13:00
Brennan Kinney
646e010cb7
ci(fix): Temporarily avoid specifying provenance
( #3072 )
...
* ci(fix): Temporarily avoid specifying `provenance`
As the test workflow does not use the `docker-container` buildx driver, it uses the Docker Engine bundled BuildKit version which until v23 release does not support attestations.
Likewise the current buildx version in CI is `0.10.0` which does not respect `--provenance false`, the presence of the option appears to trigger a BuildKit version compatibility check and fail early before it considers the value of the option.
* chore: Use buildx `docker-container` driver instead
An alternative solution to omitting `provenance: false` (_not supported by buildx 0.10.0 with default `docker` driver when Docker Engine bundles BuildKit less than 0.10.0, which is the case prior to the Docker Engine v23 release_).
This approach provides more consistency with the build and publish workflows by using the same buildx `docker-container` driver (_and thus newer BuildKit, enabling support for `provenance: false`_).
* chore: Revise test workflow inline docs
Buildx `docker-container` driver is not needed here, but it does seem like it improves cache-hit ratio when building from the retrieved build cache (from the earlier build workflow). Possibly due to building with the same BuildKit version.
2023-02-09 22:33:50 +13:00