Develop #1861
Merged
Develop #1861
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the docker-packages group in /build with 1 update: golang. Updates `golang` from 1.22-alpine to 1.23-alpine --- updated-dependencies: - dependency-name: golang dependency-type: direct:production dependency-group: docker-packages ... Signed-off-by: dependabot[bot] <[email protected]>
…11 updates Bumps the gh-actions-packages group with 6 updates in the /.github/actions/build directory: | Package | From | To | | --- | --- | --- | | [docker/login-action](https://github.com/docker/login-action) | `2.1.0` | `3.3.0` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.15.1` | `0.17.8` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.1.2` | `3.7.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `2.4.1` | `3.7.1` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `4.0.0` | `6.9.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `3.1.2` | `4.4.3` | Bumps the gh-actions-packages group with 2 updates in the /.github/actions/context directory: [mikefarah/yq](https://github.com/mikefarah/yq) and [docker/metadata-action](https://github.com/docker/metadata-action). Bumps the gh-actions-packages group with 3 updates in the /.github/actions/grype directory: [github/codeql-action](https://github.com/github/codeql-action), [docker/login-action](https://github.com/docker/login-action) and [anchore/scan-action](https://github.com/anchore/scan-action). Bumps the gh-actions-packages group with 2 updates in the /.github/actions/trivy-config directory: [github/codeql-action](https://github.com/github/codeql-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Bumps the gh-actions-packages group with 3 updates in the /.github/actions/trivy-image directory: [github/codeql-action](https://github.com/github/codeql-action), [docker/login-action](https://github.com/docker/login-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `docker/login-action` from 2.1.0 to 3.3.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@f4ef78c...9780b0c) Updates `anchore/sbom-action` from 0.15.1 to 0.17.8 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](anchore/sbom-action@5ecf649...55dc4ee) Updates `sigstore/cosign-installer` from 3.1.2 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@11086d2...dc72c7d) Updates `docker/setup-buildx-action` from 2.4.1 to 3.7.1 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@f03ac48...c47758b) Updates `docker/build-push-action` from 4.0.0 to 6.9.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@3b5e802...4f58ea7) Updates `actions/upload-artifact` from 3.1.2 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@0b7f8ab...b4b15b8) Updates `mikefarah/yq` from 4.31.2 to 4.44.5 - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](mikefarah/yq@47f4f8c...bc5b54c) Updates `docker/metadata-action` from 4.3.0 to 5.6.1 - [Release notes](https://github.com/docker/metadata-action/releases) - [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md) - [Commits](docker/metadata-action@507c2f2...369eb59) Updates `github/codeql-action` from 2.2.5 to 3.27.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@32dc499...f09c1c0) Updates `docker/login-action` from 2.1.0 to 3.3.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@f4ef78c...9780b0c) Updates `anchore/scan-action` from 3.3.4 to 5.3.0 - [Release notes](https://github.com/anchore/scan-action/releases) - [Changelog](https://github.com/anchore/scan-action/blob/main/CHANGELOG.md) - [Commits](anchore/scan-action@dafbc97...869c549) Updates `github/codeql-action` from 2.2.5 to 3.27.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@32dc499...f09c1c0) Updates `aquasecurity/trivy-action` from 0.28.0 to 0.29.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@915b19b...18f2510) Updates `github/codeql-action` from 2.2.5 to 3.27.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@32dc499...f09c1c0) Updates `docker/login-action` from 2.1.0 to 3.3.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@f4ef78c...9780b0c) Updates `aquasecurity/trivy-action` from 0.28.0 to 0.29.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@915b19b...18f2510) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions-packages - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions-packages - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions-packages - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions-packages - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions-packages - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions-packages - dependency-name: mikefarah/yq dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions-packages - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions-packages - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions-packages - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions-packages - dependency-name: anchore/scan-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions-packages - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions-packages - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions-packages - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions-packages - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions-packages - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions-packages ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps the gomod-packages group with 4 updates: [github.com/sigstore/rekor](https://github.com/sigstore/rekor), [k8s.io/api](https://github.com/kubernetes/api), [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) and [k8s.io/client-go](https://github.com/kubernetes/client-go). Updates `github.com/sigstore/rekor` from 1.3.6 to 1.3.7 - [Release notes](https://github.com/sigstore/rekor/releases) - [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md) - [Commits](sigstore/rekor@v1.3.6...v1.3.7) Updates `k8s.io/api` from 0.31.2 to 0.31.3 - [Commits](kubernetes/api@v0.31.2...v0.31.3) Updates `k8s.io/apimachinery` from 0.31.2 to 0.31.3 - [Commits](kubernetes/apimachinery@v0.31.2...v0.31.3) Updates `k8s.io/client-go` from 0.31.2 to 0.31.3 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.31.2...v0.31.3) --- updated-dependencies: - dependency-name: github.com/sigstore/rekor dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod-packages - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod-packages - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod-packages - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod-packages ... Signed-off-by: dependabot[bot] <[email protected]>
Removed the signing of the build image and creation of SBOM to reduce complexity. Also moved the code of the context and build action into the reusable build workflow.
Removed the ossf scorecard.
Removed semgrep and checkov.
Removed grype and dependency-submission.
Consolidated integration tests into a single action, as well as some parts of the self-hosted notary setup. Also updated Kubernetes test versions to the 3 latest and 3 older versions.
Restructures the ci, renames some of the arguments and their values and adds a documentation.
Also introduces a structure to add more log formats should the need arise. Does not change the default of logging prettified json. Signed-off-by: Christian Zenker <[email protected]>
Added a flag to enable/disable a [pod disruption budget](https://kubernetes.io/docs/tasks/run-application/configure-pdb/), helping Connaisseur to be always available. fixes #1850
…updates (#1855) Bumps the gh-actions-packages group with 4 updates in the / directory: [mikefarah/yq](https://github.com/mikefarah/yq), [docker/build-push-action](https://github.com/docker/build-push-action), [actions/setup-go](https://github.com/actions/setup-go) and [github/codeql-action](https://github.com/github/codeql-action). Updates `mikefarah/yq` from 4.44.5 to 4.44.6 - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](mikefarah/yq@bc5b54c...4839dbb) Updates `docker/build-push-action` from 6.9.0 to 6.10.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@4f58ea7...48aba3b) Updates `actions/setup-go` from 5.1.0 to 5.2.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@41dfa10...3041bf5) Updates `github/codeql-action` from 3.27.5 to 3.27.7 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@f09c1c0...babb554) --- updated-dependencies: - dependency-name: mikefarah/yq dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-actions-packages - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions-packages - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions-packages - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-actions-packages ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Fix the trivy exit code not being correctly set.
Bumps the gh-actions-packages group with 1 update in the / directory: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3.27.7 to 3.27.9 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@babb554...df409f7) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-actions-packages ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…es (#1857) Bumps the gomod-packages group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/docker/cli](https://github.com/docker/cli) | `27.3.1+incompatible` | `27.4.0+incompatible` | | [github.com/docker/docker](https://github.com/docker/docker) | `27.3.1+incompatible` | `27.4.0+incompatible` | | [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.9.0` | `1.10.0` | | [k8s.io/api](https://github.com/kubernetes/api) | `0.31.3` | `0.32.0` | | [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.31.3` | `0.32.0` | Updates `github.com/docker/cli` from 27.3.1+incompatible to 27.4.0+incompatible - [Commits](docker/cli@v27.3.1...v27.4.0) Updates `github.com/docker/docker` from 27.3.1+incompatible to 27.4.0+incompatible - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v27.3.1...v27.4.0) Updates `github.com/stretchr/testify` from 1.9.0 to 1.10.0 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.9.0...v1.10.0) Updates `k8s.io/api` from 0.31.3 to 0.32.0 - [Commits](kubernetes/api@v0.31.3...v0.32.0) Updates `k8s.io/apimachinery` from 0.31.3 to 0.32.0 - [Commits](kubernetes/apimachinery@v0.31.3...v0.32.0) Updates `k8s.io/client-go` from 0.31.3 to 0.32.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.31.3...v0.32.0) --- updated-dependencies: - dependency-name: github.com/docker/cli dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod-packages - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod-packages - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod-packages - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod-packages - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod-packages - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod-packages ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.28.0 to 0.31.0. - [Commits](golang/crypto@v0.28.0...v0.31.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Starkteetje
approved these changes
Dec 13, 2024
|
Codecov ReportAll modified and coverable lines are covered by tests ✅
❗ Your organization needs to install the Codecov GitHub app to enable full functionality. Additional details and impacted files@@ Coverage Diff @@
## master #1861 +/- ##
==========================================
+ Coverage 88.08% 91.38% +3.29%
==========================================
Files 36 35 -1
Lines 2509 2541 +32
==========================================
+ Hits 2210 2322 +112
+ Misses 255 168 -87
- Partials 44 51 +7 ☔ View full report in Codecov by Sentry. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
v3.8.0
Feat
Ci
Update