Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: automated PR to main 2024-09-13 #1798

Merged
merged 8 commits into from
Sep 13, 2024
Merged

chore: automated PR to main 2024-09-13 #1798

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
4d4d00c
feat: refactor cosign verification error messages (#1750)
binbin-li Sep 10, 2024
7657a3f
chore: update CRD and related code to enable `type` field (#1779)
junczhu Sep 10, 2024
acf60d1
chore: Bump step-security/harden-runner from 2.9.1 to 2.10.0 (#1794)
dependabot[bot] Sep 11, 2024
5381e0c
fix: showing verifier config parse detail in err log (#1791)
junczhu Sep 11, 2024
b7cab88
chore: update error messages for cosign validation (#1792)
binbin-li Sep 11, 2024
4b04c08
chore: bump support GK version matrix to include v3.17.0 (#1795)
akashsinghal Sep 12, 2024
630a2bd
chore: Bump step-security/harden-runner from 2.10.0 to 2.10.1 (#1796)
dependabot[bot] Sep 12, 2024
b32db85
fix: missing status update in KMP controller (#1761)
duffney Sep 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 12 additions & 12 deletions .github/workflows/build-pr.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
uses: ./.github/workflows/e2e-cli.yml
secrets:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}

call_test_e2e_basic:
name: "run e2e on basic matrix"
if: ${{ ! (contains(github.event.pull_request.labels.*.name, 'safe to test') || github.event_name == 'workflow_dispatch') }}
Expand All @@ -25,8 +25,8 @@ jobs:
fail-fast: false
matrix:
KUBERNETES_VERSION: ["1.29.2"]
GATEKEEPER_VERSION: ["3.16.0"]
uses: ./.github/workflows/e2e-k8s.yml
GATEKEEPER_VERSION: ["3.17.0"]
uses: ./.github/workflows/e2e-k8s.yml
with:
k8s_version: ${{ matrix.KUBERNETES_VERSION }}
gatekeeper_version: ${{ matrix.GATEKEEPER_VERSION }}
Expand All @@ -38,11 +38,11 @@ jobs:
fail-fast: false
matrix:
KUBERNETES_VERSION: ["1.28.12", "1.29.2"]
GATEKEEPER_VERSION: ["3.14.0", "3.15.0", "3.16.0"]
uses: ./.github/workflows/e2e-k8s.yml
GATEKEEPER_VERSION: ["3.15.0", "3.16.0", "3.17.0"]
uses: ./.github/workflows/e2e-k8s.yml
with:
k8s_version: ${{ matrix.KUBERNETES_VERSION }}
gatekeeper_version: ${{ matrix.GATEKEEPER_VERSION }}
gatekeeper_version: ${{ matrix.GATEKEEPER_VERSION }}

build_test_aks_e2e_conditional:
name: "Build and run e2e Test on AKS with conditions"
Expand All @@ -54,23 +54,23 @@ jobs:
fail-fast: false
matrix:
KUBERNETES_VERSION: ["1.28.12", "1.29.2"]
GATEKEEPER_VERSION: ["3.14.0", "3.15.0", "3.16.0"]
GATEKEEPER_VERSION: ["3.15.0", "3.16.0", "3.17.0"]
uses: ./.github/workflows/e2e-aks.yml
with:
k8s_version: ${{ matrix.KUBERNETES_VERSION }}
gatekeeper_version: ${{ matrix.GATEKEEPER_VERSION }}
secrets: inherit

aks-test-cleanup:
needs: ['build_test_aks_e2e_conditional']
needs: ["build_test_aks_e2e_conditional"]
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
environment: azure-test
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

Expand All @@ -79,7 +79,7 @@ jobs:
- name: Set up Go 1.22
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: '1.22'
go-version: "1.22"

- name: Az CLI login
uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1
Expand All @@ -90,4 +90,4 @@ jobs:

- name: clean up
run: |
make e2e-cleanup AZURE_SUBSCRIPTION_ID=${{ secrets.AZURE_SUBSCRIPTION_ID }}
make e2e-cleanup AZURE_SUBSCRIPTION_ID=${{ secrets.AZURE_SUBSCRIPTION_ID }}
8 changes: 4 additions & 4 deletions .github/workflows/cache-cleanup.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,16 +10,16 @@ permissions:
jobs:
cleanup:
runs-on: ubuntu-latest
steps:
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

- name: Cleanup
run: |
gh extension install actions/gh-actions-cache

echo "Fetching list of cache key"
cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH -L 100 | cut -f 1 )

Expand All @@ -34,4 +34,4 @@ jobs:
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO: ${{ github.repository }}
BRANCH: refs/pull/${{ github.event.pull_request.number }}/merge
BRANCH: refs/pull/${{ github.event.pull_request.number }}/merge
18 changes: 9 additions & 9 deletions .github/workflows/clean-dev-package.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,24 +10,24 @@ jobs:
cleanup-packages:
runs-on: ubuntu-latest
permissions:
packages: write
packages: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

- name: Clean up ratify-crds-dev
uses: actions/delete-package-versions@e5bc658cc4c965c472efe991f8beea3981499c55 # v5.0.0
with:
package-name: 'ratify-crds-dev'
package-type: 'container'
with:
package-name: "ratify-crds-dev"
package-type: "container"
min-versions-to-keep: 7
delete-only-pre-release-versions: "true"
- name: Clean up ratify-dev
uses: actions/delete-package-versions@e5bc658cc4c965c472efe991f8beea3981499c55 # v5.0.0
with:
package-name: 'ratify-dev'
package-type: 'container'
with:
package-name: "ratify-dev"
package-type: "container"
min-versions-to-keep: 7
delete-only-pre-release-versions: "true"
delete-only-pre-release-versions: "true"
9 changes: 4 additions & 5 deletions .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,19 +1,18 @@

name: "CodeQL Scan"

on:
push:
branches:
branches:
- main
- dev
- 1.0.0*
pull_request:
branches:
branches:
- main
- dev
- 1.0.0*
schedule:
- cron: '30 1 * * 0'
- cron: "30 1 * * 0"
workflow_dispatch:

permissions: read-all
Expand All @@ -27,7 +26,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/e2e-aks.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,14 @@ on:
workflow_call:
inputs:
k8s_version:
description: 'Kubernetes version'
description: "Kubernetes version"
required: true
default: '1.29.2'
default: "1.29.2"
type: string
gatekeeper_version:
description: 'Gatekeeper version'
description: "Gatekeeper version"
required: true
default: '3.16.0'
default: "3.17.0"
type: string

jobs:
Expand All @@ -28,7 +28,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

Expand All @@ -37,7 +37,7 @@ jobs:
- name: Set up Go 1.22
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: '1.22'
go-version: "1.22"
- name: Az CLI login
uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1
with:
Expand Down Expand Up @@ -69,4 +69,4 @@ jobs:
with:
name: e2e-logs-aks-${{ inputs.k8s_version }}-${{ inputs.gatekeeper_version }}
path: |
logs-*.json
logs-*.json
23 changes: 11 additions & 12 deletions .github/workflows/e2e-cli.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

Expand All @@ -29,13 +29,12 @@ jobs:
uses: apache/skywalking-eyes/dependency@cd7b195c51fd3d6ad52afceb760719ddc6b3ee91
with:
config: .github/licenserc.yml
flags:
--weak-compatible=true
flags: --weak-compatible=true
build:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

Expand Down Expand Up @@ -64,7 +63,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

Expand All @@ -89,10 +88,10 @@ jobs:
with:
token: ${{ secrets.CODECOV_TOKEN }}
markdown-link-check:
runs-on: ubuntu-latest
steps:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

Expand All @@ -103,7 +102,7 @@ jobs:
- name: Run link check
uses: gaurav-nelson/github-action-markdown-link-check@d53a906aa6b22b8979d33bc86170567e619495ec #3.10.3
with:
use-quiet-mode: 'no'
use-verbose-mode: 'yes'
config-file: '.github/workflows/markdown.links.config.json'
folder-path: 'docs/'
use-quiet-mode: "no"
use-verbose-mode: "yes"
config-file: ".github/workflows/markdown.links.config.json"
folder-path: "docs/"
14 changes: 7 additions & 7 deletions .github/workflows/e2e-k8s.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,14 @@ on:
workflow_call:
inputs:
k8s_version:
description: 'Kubernetes version'
description: "Kubernetes version"
required: true
default: '1.29.2'
default: "1.29.2"
type: string
gatekeeper_version:
description: 'Gatekeeper version'
description: "Gatekeeper version"
required: true
default: '3.16.0'
default: "3.17.0"
type: string

jobs:
Expand All @@ -26,7 +26,7 @@ jobs:
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

Expand All @@ -35,7 +35,7 @@ jobs:
- name: Set up Go 1.22
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: '1.22'
go-version: "1.22"

- name: Bootstrap e2e
run: |
Expand Down Expand Up @@ -70,4 +70,4 @@ jobs:
with:
name: e2e-logs-${{ inputs.k8s_version }}-${{ inputs.gatekeeper_version }}
path: |
logs-*.json
logs-*.json
4 changes: 2 additions & 2 deletions .github/workflows/golangci-lint.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: '1.22'
go-version: "1.22"
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: golangci-lint
uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/high-availability.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
DAPR_VERSION: ["1.13.2"]
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

Expand All @@ -39,7 +39,7 @@ jobs:
- name: Set up Go 1.22
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: '1.22'
go-version: "1.22"

- name: Bootstrap e2e
run: |
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/pr-to-main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ name: pr_to_main

on:
schedule:
- cron: '30 8 * * 0' # early morning (08:30 UTC) every Sunday
- cron: "30 8 * * 0" # early morning (08:30 UTC) every Sunday
workflow_dispatch:

permissions:
Expand All @@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/publish-charts.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,12 @@ jobs:
contents: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- name: Publish Helm charts
uses: stefanprodan/helm-gh-pages@0ad2bb377311d61ac04ad9eb6f252fb68e207260 # v1.7.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.GITHUB_TOKEN }}
Loading
Loading