From 779e45b530a26007f089510d2f69907080713113 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 10 Nov 2024 15:39:49 +0000 Subject: [PATCH] chore(deps): bump the ci group with 7 updates Bumps the ci group with 7 updates: | Package | From | To | | --- | --- | --- | | [helm/kind-action](https://github.com/helm/kind-action) | `1.9.0` | `1.10.0` | | [yokawasa/action-setup-kube-tools](https://github.com/yokawasa/action-setup-kube-tools) | `0.11.0` | `0.11.2` | | [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) | `1.25.0` | `1.27.0` | | [thollander/actions-comment-pull-request](https://github.com/thollander/actions-comment-pull-request) | `2.5.0` | `3.0.1` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.15.11` | `0.17.7` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.5.0` | `3.7.0` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `5` | `6` | Updates `helm/kind-action` from 1.9.0 to 1.10.0 - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/v1.9.0...v1.10.0) Updates `yokawasa/action-setup-kube-tools` from 0.11.0 to 0.11.2 - [Release notes](https://github.com/yokawasa/action-setup-kube-tools/releases) - [Commits](https://github.com/yokawasa/action-setup-kube-tools/compare/v0.11.0...v0.11.2) Updates `slackapi/slack-github-action` from 1.25.0 to 1.27.0 - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Commits](https://github.com/slackapi/slack-github-action/compare/v1.25.0...v1.27.0) Updates `thollander/actions-comment-pull-request` from 2.5.0 to 3.0.1 - [Release notes](https://github.com/thollander/actions-comment-pull-request/releases) - [Commits](https://github.com/thollander/actions-comment-pull-request/compare/v2.5.0...v3.0.1) Updates `anchore/sbom-action` from 0.15.11 to 0.17.7 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/sbom-action/compare/7ccf588e3cf3cc2611714c2eeae48550fbc17552...fc46e51fd3cb168ffb36c6d1915723c47db58abb) Updates `sigstore/cosign-installer` from 3.5.0 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.5.0...v3.7.0) Updates `goreleaser/goreleaser-action` from 5 to 6 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](https://github.com/goreleaser/goreleaser-action/compare/v5...v6) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: yokawasa/action-setup-kube-tools dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: slackapi/slack-github-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: thollander/actions-comment-pull-request dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci ... Signed-off-by: dependabot[bot] --- .github/workflows/e2e.yaml | 6 +++--- .github/workflows/mend_scan.yaml | 2 +- .github/workflows/release.yaml | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 4043d14e..7ed51bff 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -36,10 +36,10 @@ jobs: restore-keys: | ${{ runner.os }}-go- - name: Setup Kubernetes - uses: helm/kind-action@v1.9.0 + uses: helm/kind-action@v1.10.0 with: install_only: true - - uses: yokawasa/action-setup-kube-tools@v0.11.0 + - uses: yokawasa/action-setup-kube-tools@v0.11.2 with: kustomize: '5.0.1' tilt: '0.32.2' @@ -48,7 +48,7 @@ jobs: run: make e2e-verbose - name: Notify on Failure id: slack-notification - uses: slackapi/slack-github-action@v1.25.0 + uses: slackapi/slack-github-action@v1.27.0 if: ${{ github.ref_name == 'main' && github.event_name == 'schedule' && always() }} with: # Slack channel id, channel name, or user id to post message. diff --git a/.github/workflows/mend_scan.yaml b/.github/workflows/mend_scan.yaml index 4587be61..83658fe4 100644 --- a/.github/workflows/mend_scan.yaml +++ b/.github/workflows/mend_scan.yaml @@ -178,7 +178,7 @@ jobs: sha: ${{ github.event.pull_request.head.sha }} - name: Comment Mend Status on PR if: ${{ github.event_name != 'schedule' && steps.pr_exists.outputs.pr_found == 'true' }} - uses: thollander/actions-comment-pull-request@v2.5.0 + uses: thollander/actions-comment-pull-request@v3.0.1 with: message: | ## Mend Scan Summary: :${{ steps.report.outputs.status }}: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 2961d345..d9332cf6 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -97,11 +97,11 @@ jobs: mkdir -p output helm template ./deploy --namespace ocm-system --set "manager.image.tag=${{ env.RELEASE_VERSION }}" --include-crds > ./output/install.yaml - name: Setup Syft - uses: anchore/sbom-action/download-syft@7ccf588e3cf3cc2611714c2eeae48550fbc17552 # v0.15.11 + uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 - name: Setup Cosign - uses: sigstore/cosign-installer@v3.5.0 + uses: sigstore/cosign-installer@v3.7.0 - name: Run goreleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@v6 with: distribution: goreleaser version: latest