build(deps): bump the ci group with 3 updates #4554
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
added
area/ci
|
@dependabot rebase |
Bumps the ci group with 3 updates: [Azure/login](https://github.com/azure/login), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `Azure/login` from 1.6.0 to 1.6.1 - [Release notes](https://github.com/azure/login/releases) - [Commits](Azure/login@e15b166...cb79c77) Updates `actions/upload-artifact` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@1eb3cb2...694cdab) Updates `anchore/sbom-action` from 0.15.3 to 0.15.4 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@c7f031d...41f7a6c) --- updated-dependencies: - dependency-name: Azure/login dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/github_actions/ci-e03874c51b
branch
from
91f8c03
to
2726da5
Compare
stefanprodan
added
the
backport:release/v2.2.x
stefanprodan
approved these changes
Jan 22, 2024
|
Backport failed for Please cherry-pick the changes locally and resolve any conflicts. git fetch origin release/v2.2.x
git worktree add -d .worktree/backport-4554-to-release/v2.2.x origin/release/v2.2.x
cd .worktree/backport-4554-to-release/v2.2.x
git switch --create backport-4554-to-release/v2.2.x
git cherry-pick -x 2726da5b856adebfc83925986c462670eaadf66f |
nrdufour
added a commit
to nrdufour/home-ops
that referenced
this pull request
Feb 7, 2024
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [fluxcd/flux2](https://github.com/fluxcd/flux2) | Kustomization | patch | `v2.2.2` -> `v2.2.3` | --- ### Release Notes <details> <summary>fluxcd/flux2 (fluxcd/flux2)</summary> ### [`v2.2.3`](https://github.com/fluxcd/flux2/releases/tag/v2.2.3) [Compare Source](fluxcd/flux2@v2.2.2...v2.2.3) #### Highlights Flux v2.2.3 is a patch release which comes with various fixes and improvements. Users are encouraged to upgrade for the best experience. :bulb: For upgrading to Flux v2.2, please see [the procedure documented in 2.2.0](https://github.com/fluxcd/flux2/releases/tag/v2.0.0). This release updates the Kubernetes dependencies to v1.28.6 and various other dependencies to their latest version to patch upstream CVEs. All controllers are built with Go 1.21.6 using Alpine Linux 3.19.1 base image. > \[!NOTE] > Due to breaking changes in [Helm v3.14.0](https://github.com/helm/helm/releases/tag/v3.14.0), the helm-controller version included in this patch release comes with Helm SDK v3.13.3. > A preview build of the helm-controller with the latest Helm SDK is available at [helm-controller#879](fluxcd/helm-controller#879). Fixes: - Reconciling empty directories and directories without Kubernetes manifests no longer results in an error. This regressing bug was introduced with the kustomize-controller upgrade to Kustomize v5.3 and has been fixed in this patch release. - The regression due to which `Roles` and `ClusterRoles` with aggregated roles were continuous reconciled by kustomize-controller has been fixed. - Fix the Git revision displaying when notification-controller sends alerts to Grafana. - The HelmRelease status reporting has been improved by ensuring that the stale failure conditions get updated after failure recovery. See the components changelog for a full list of bug fixes. #### Components changelog - source-controller [v1.2.4](https://github.com/fluxcd/source-controller/blob/v1.2.4/CHANGELOG.md) - kustomize-controller [v1.2.2](https://github.com/fluxcd/kustomize-controller/blob/v1.2.2/CHANGELOG.md) - notification-controller [v1.2.4](https://github.com/fluxcd/notification-controller/blob/v1.2.4/CHANGELOG.md) - helm-controller [v0.37.4](https://github.com/fluxcd/helm-controller/blob/v0.37.4/CHANGELOG.md) - image-reflector-controller [v0.31.2](https://github.com/fluxcd/image-reflector-controller/blob/v0.31.2/CHANGELOG.md) - image-automation-controller [v0.37.1](https://github.com/fluxcd/image-automation-controller/blob/v0.37.1/CHANGELOG.md) #### CLI Changelog - PR [#​4589](fluxcd/flux2#4589) - [@​stefanprodan](https://github.com/stefanprodan) - Update dependencies - PR [#​4585](fluxcd/flux2#4585) - [@​dependabot](https://github.com/dependabot)\[bot] - build(deps): bump the ci group with 3 updates - PR [#​4583](fluxcd/flux2#4583) - [@​fluxcdbot](https://github.com/fluxcdbot) - Update toolkit components - PR [#​4575](fluxcd/flux2#4575) - [@​stefanprodan](https://github.com/stefanprodan) - Update dependencies to Kubernetes v1.28.6 - PR [#​4573](fluxcd/flux2#4573) - [@​dependabot](https://github.com/dependabot)\[bot] - build(deps): bump the ci group with 5 updates - PR [#​4558](fluxcd/flux2#4558) - [@​twinguy](https://github.com/twinguy) - `flux check` should error on unrecognised args - PR [#​4557](fluxcd/flux2#4557) - [@​twinguy](https://github.com/twinguy) - `flux stats` should error on unrecognised args - PR [#​4554](fluxcd/flux2#4554) - [@​dependabot](https://github.com/dependabot)\[bot] - build(deps): bump the ci group with 3 updates - PR [#​4553](fluxcd/flux2#4553) - [@​twinguy](https://github.com/twinguy) - Properly detect unexpected arguments during uninstall - PR [#​4535](fluxcd/flux2#4535) - [@​dependabot](https://github.com/dependabot)\[bot] - build(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7 - PR [#​4533](fluxcd/flux2#4533) - [@​darkowlzz](https://github.com/darkowlzz) - tests/int: Add separate resource cleanup step </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNzMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE3My4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Reviewed-on: https://git.home/nrdufour/home-ops/pulls/364 Co-authored-by: Renovate <renovate@ptinem.io> Co-committed-by: Renovate <renovate@ptinem.io>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the ci group with 3 updates: Azure/login, actions/upload-artifact and anchore/sbom-action.
Updates
Azure/loginfrom 1.6.0 to 1.6.1Commits
cb79c77prepare release v1.6.1aeb0c36Fix #403: Catch the error thrown inpreandpoststeps (#407)2d38cb8docs: 📝 add warning about using self hosted runners on a single host (#3...Updates
actions/upload-artifactfrom 4.1.0 to 4.2.0Release notes
Sourced from actions/upload-artifact's releases.
Commits
694cdabMerge pull request #501 from actions/robherley/overwrite-artifact05d4fe6run licensed against version that matches ci40b3052update readme49552fcadd overwrite tests to workflow7961590licensed cache11ff42cadd new overwrite input & docsUpdates
anchore/sbom-actionfrom 0.15.3 to 0.15.4Release notes
Sourced from anchore/sbom-action's releases.
Commits
41f7a6cchore(deps): update Syft to v0.101.0 (#436)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions