Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update terraform cloudposse/cloud-infrastructure-automation/spacelift to v1.7.2 #154

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): update terraform cloudposse/cloud-infrastructure-automation/spacelift to v1.7.2 #154

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 30, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
cloudposse/cloud-infrastructure-automation/spacelift (source) module minor 1.6.0 -> 1.7.2
cloudposse/cloud-infrastructure-automation/spacelift (source) module patch 1.7.0 -> 1.7.2
cloudposse/cloud-infrastructure-automation/spacelift (source) module minor 1.5.0 -> 1.7.2

Release Notes

cloudposse/terraform-spacelift-cloud-infrastructure-automation (cloudposse/cloud-infrastructure-automation/spacelift)

v1.7.2

Compare Source

🤖 Automatic Updates
chore(deps): update terraform cloudposse/stack-config/yaml to v1.8.0 (main) @​renovate (#​188) This PR contains the following updates:
Package Type Update Change
cloudposse/stack-config/yaml (source) module minor 1.6.0 -> 1.8.0
Release Notes
cloudposse/terraform-yaml-stack-config (cloudposse/stack-config/yaml)
v1.8.0

Compare Source

🚀 Enhancements
[remote-state] Improve backend compatibility @​&#​8203;Nuru (#&#​8203;105)
what
  • Improve remote-state backend compatibility

Rather than trying to parse the backend configuration, as a general rule we now just pass it through to the data source. This provides future-proof compatibility with all backends supported by Terraform and OpenTofu.

why
  • This prevents the need for updates like #​99 to provide configuration for future S3 backends, while eliminating compatibility issues like #​102.
  • This also eliminates deprecation warnings caused by forcing configuration to look a certain way.
  • Now, users can manage their own remote state configuration to match their toolset.
references
v1.7.0: (not recommended)

Compare Source

feat: support for gcs backends @​&#​8203;burnzy (#&#​8203;95)
what

Simple change to add support for GCS backends

why

Allows GCP users (users with gcs backends) to make use of this remote-state module for sharing data between components.

references
🚀 Enhancements
Support local backend @​&#​8203;Nuru (#&#​8203;104)
what
  • Support retrieving remote state from local backends
    • NOTE: Using relative paths in local backends is tricky, because the path needs to resolve to the same directory from the source root module directory as from the client root module directory.
  • Fix Terratests
    • The spacelift test suite is broken, and we never previously required it to work, so it is now skipped
  • Update test suite to use go v1.21 and update dependencies
why
  • When running demos and tests, it is more convenient to use local backends
  • Maintain some degree of testing
  • Closes multiple dependabot PRs:
🤖 Automatic Updates
Bump the go_modules group in /test/src with 5 updates @​&#​8203;dependabot (#&#​8203;94) Bumps the go_modules group in /test/src with 5 updates:
Package From To
github.com/hashicorp/go-getter 1.7.1 1.7.5
golang.org/x/crypto 0.1.0 0.17.0
golang.org/x/net 0.8.0 0.10.0
google.golang.org/grpc 1.51.0 1.56.3
google.golang.org/protobuf 1.28.1 1.30.0

Updates github.com/hashicorp/go-getter from 1.7.1 to 1.7.5

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.7.5

What's Changed

New Contributors

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.4...v1.7.5

v1.7.4

What's Changed

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.3...v1.7.4

v1.7.3

What's Changed

New Contributors

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.2...v1.7.3

v1.7.2

What's Changed

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.1...v1.7.2

Commits

Updates golang.org/x/crypto from 0.1.0 to 0.17.0

Commits
  • 9d2ee97 ssh: implement strict KEX protocol changes
  • 4e5a261 ssh: close net.Conn on all NewServerConn errors
  • 152cdb1 x509roots/fallback: update bundle
  • fdfe1f8 ssh: defer channel window adjustment
  • b8ffc16 blake2b: drop Go 1.6, Go 1.8 compatibility
  • 7e6fbd8 ssh: wrap errors from client handshake
  • bda2f3f argon2: avoid clobbering BP
  • 325b735 ssh/test: skip TestSSHCLIAuth on Windows
  • 1eadac5 go.mod: update golang.org/x dependencies
  • b2d7c26 ssh: add (*Client).DialContext method
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.8.0 to 0.10.0

Commits
  • daac0ce go.mod: update golang.org/x dependencies
  • 82780d6 http2: don't reuse connections that are experiencing errors
  • 0bfab66 ipv4, ipv6: drop redundant skip checks based on GOOS
  • 938ff15 ipv4, ipv6, nettest: skip unsupported tests on wasip1
  • eb1572c html: another shot at security doc
  • 9001ca7 nettest: re-enable unixpacket tests on netbsd/386
  • 3d5a8ee internal/socks: permit authenticating with an empty password
  • 694cff8 go.mod: update golang.org/x dependencies
  • 6960703 http2: log the correct error when retrying in (*Transport).RoundTripOpt
  • 9f24bb4 http2: properly discard data received after request/response body is closed
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.51.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#&#​8203;6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#&#​8203;6245)
  • xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#&#​8203;6361)
  • xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#&#​8203;6361)

API Changes

  • orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#&#​8203;6223)

Release 1.55.1

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#&#​8203;6374)

Release 1.55.0

Behavior Changes

... (truncated)

Commits

Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.
Migrate new test account @​&#​8203;osterman (#&#​8203;103)
what
  • Update .github/settings.yml
  • Update .github/chatops.yml files
why
  • Re-apply .github/settings.yml from org level to get terratest environment
  • Migrate to new test account
References
  • DEV-388 Automate clean up of test account in new organization
  • DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
  • DEV-386 Update terratest to use new testing account with GitHub OIDC
Update .github/settings.yml @​&#​8203;osterman (#&#​8203;101)
what
  • Update .github/settings.yml
  • Drop .github/auto-release.yml files
why
  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings
references
  • DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update .github/settings.yml @​&#​8203;osterman (#&#​8203;100)
what
  • Update .github/settings.yml
  • Drop .github/auto-release.yml files
why
  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings
references
  • DEV-1242 Add protected tags with Repository Rulesets on GitHub
Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Migrate new test account @​osterman (#​187)
what
  • Update .github/settings.yml
  • Update .github/chatops.yml files
why
  • Re-apply .github/settings.yml from org level to get terratest environment
  • Migrate to new test account
References
  • DEV-388 Automate clean up of test account in new organization
  • DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
  • DEV-386 Update terratest to use new testing account with GitHub OIDC
Update .github/settings.yml @​osterman (#​186)
what
  • Update .github/settings.yml
  • Drop .github/auto-release.yml files
why
  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings
references
  • DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update .github/settings.yml @​osterman (#​185)
what
  • Update .github/settings.yml
  • Drop .github/auto-release.yml files
why
  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings
references
  • DEV-1242 Add protected tags with Repository Rulesets on GitHub

v1.7.1

Compare Source

🤖 Automatic Updates
chore(deps): update terraform cloudposse/stack-config/yaml to v1.6.0 (main) @​renovate (#​184) This PR contains the following updates:
Package Type Update Change
cloudposse/stack-config/yaml (source) module minor 1.5.0 -> 1.6.0
Release Notes
cloudposse/terraform-yaml-stack-config (cloudposse/stack-config/yaml)
v1.6.0

Compare Source

what

Add options required by S3-compatible backend for Oracle Cloud Infrastructure as described here

why

Some of the options available for S3 backend for Terraform are not supported by remote-state module. However, they are useful when working with cloud providers other than AWS.

references

S3-compatible backend for OCI
Terraform S3 backend

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

v1.7.0

Compare Source

feat(spacelift-policy): add support for file paths @​oycyc (#​183)
what
  • Adds support for using a local file path as the source of a Spacelift Rego policy
  • Adds an example and supporting tests
why
  • Policies are not always on a public URL.
  • Having a lot of inline policies makes the file hard to manage, plus the code editor won't recognize the syntax because it's not in a .rego file
  • Although this can be done on a case by case basis at the root module level, when there is a lot of policies, especially when certain policies uses an URL while others is inline and some uses local file path, it becomes messy. It's cleaner to have it at the module.
🤖 Automatic Updates
Update .github/settings.yml @​osterman (#​182)
what
  • Update .github/settings.yml
  • Drop .github/auto-release.yml files
why
  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings
references
  • DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update release workflow to allow pull-requests: write @​osterman (#​180)
what
  • Update workflow (.github/workflows/release.yaml) to have permission to comment on PR
why
  • So we can support commenting on PRs with a link to the release
Update GitHub Workflows to use shared workflows from '.github' repo @​osterman (#​179)
what
  • Update workflows (.github/workflows) to use shared workflows from .github repo
why
  • Reduce nested levels of reusable workflows
Update GitHub Workflows to Fix ReviewDog TFLint Action @​osterman (#​178)
what
  • Update workflows (.github/workflows) to add issue: write permission needed by ReviewDog tflint action
why
  • The ReviewDog action will comment with line-level suggestions based on linting failures
Update GitHub workflows @​osterman (#​177)
what
  • Update workflows (.github/workflows/settings.yaml)
why
  • Support new readme generation workflow.
  • Generate banners
Use GitHub Action Workflows from `cloudposse/.github` Repo @​osterman (#​174)
what
  • Install latest GitHub Action Workflows
why
  • Use shared workflows from cldouposse/.github repository
  • Simplify management of workflows from centralized hub of configuration
Add GitHub Settings @​osterman (#​169)
what
  • Install a repository config (.github/settings.yaml)
why
  • Programmatically manage GitHub repo settings
Update README.md and docs @​cloudpossebot (#​166)
what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update Scaffolding @​osterman (#​165)
what
  • Reran make readme to rebuild README.md from README.yaml
  • Migrate to square badges
  • Add scaffolding for repo settings and Mergify
why
  • Upstream template changed in the .github repo
  • Work better with repository rulesets
  • Modernize look & feel
Update README.md and docs @​cloudpossebot (#​164)
what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@mtweeman mtweeman force-pushed the renovate/cloudposse-cloud-infrastructure-automation-spacelift-1.x branch from b9f330f to c542762 Compare October 4, 2024 06:08
@renovate renovate bot force-pushed the renovate/cloudposse-cloud-infrastructure-automation-spacelift-1.x branch from c542762 to 26d1712 Compare October 8, 2024 08:32
@renovate renovate bot force-pushed the renovate/cloudposse-cloud-infrastructure-automation-spacelift-1.x branch from 26d1712 to 1567a93 Compare October 28, 2024 06:44
@renovate renovate bot changed the title chore(deps): update terraform cloudposse/cloud-infrastructure-automation/spacelift to v1.7.1 chore(deps): update terraform cloudposse/cloud-infrastructure-automation/spacelift to v1.7.2 Oct 28, 2024
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Oct 28, 2024

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

@mtweeman mtweeman force-pushed the renovate/cloudposse-cloud-infrastructure-automation-spacelift-1.x branch from 1567a93 to 0f63700 Compare November 3, 2024 09:21
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Nov 3, 2024

/spacelift summary

Spacelift Triggered Stacks (3)

/spacelift root-gbl-spacelift-spaces preview
/spacelift root-gbl-spacelift-admin-stack preview
/spacelift plat-gbl-spacelift-admin-stack preview

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants