Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the ci group with 5 updates #4573

Merged
merged 1 commit into from Jan 29, 2024
Merged

build(deps): bump the ci group with 5 updates #4573

merged 1 commit into from Jan 29, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 29, 2024

Bumps the ci group with 5 updates:

Package From To
korthout/backport-action 2.3.0 2.4.1
google-github-actions/auth 2.0.1 2.1.0
google-github-actions/setup-gcloud 2.0.1 2.1.0
actions/upload-artifact 4.2.0 4.3.0
anchore/sbom-action 0.15.4 0.15.5

Updates korthout/backport-action from 2.3.0 to 2.4.1

Release notes

Sourced from korthout/backport-action's releases.

Backport-action v2.4.1

What's Changed

Full Changelog: korthout/backport-action@v2.4.0...v2.4.1

Backport-action v2.4.0

What's Changed

The new ${pull_description} placeholder allows you to copy the original pull request's description to the backported PR. This can be helpful if the body contains links to ticketing systems, related documents etc.

Full Changelog: korthout/backport-action@v2.3.0...v2.4.0

Commits
  • e8161d6 dist: release 2.4.1
  • 2740887 dist: build new version
  • ec07f3e Merge pull request #410 from jschmid1/fix/template-rendering
  • 75b4a31 fix: rendering templates due to missing brackets
  • 4e7a901 dist: release 2.5.0-SNAPSHOT
  • 79b9f24 dist: release 2.4.0
  • 8546a41 Merge pull request #409 from jschmid1/feat/pull_description_body
  • 29fedd9 docs: reorder the placeholders alphanumerically
  • 258a18b docs: align pull_description placeholder text
  • ba84c7a feat: add pull_description to placeholders
  • Additional commits viewable in compare view

Updates google-github-actions/auth from 2.0.1 to 2.1.0

Release notes

Sourced from google-github-actions/auth's releases.

v2.1.0

What's Changed

Full Changelog: google-github-actions/auth@v2...v2.1.0

Commits

Updates google-github-actions/setup-gcloud from 2.0.1 to 2.1.0

Release notes

Sourced from google-github-actions/setup-gcloud's releases.

v2.1.0

What's Changed

Full Changelog: google-github-actions/setup-gcloud@v2...v2.1.0

Commits

Updates actions/upload-artifact from 4.2.0 to 4.3.0

Release notes

Sourced from actions/upload-artifact's releases.

v4.3.0

What's Changed

Full Changelog: actions/upload-artifact@v4...v4.3.0

Commits

Updates anchore/sbom-action from 0.15.4 to 0.15.5

Release notes

Sourced from anchore/sbom-action's releases.

v0.15.5

Changes in v0.15.5

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the ci group with 5 updates
cccb044 
Bumps the ci group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [korthout/backport-action](https://github.com/korthout/backport-action) | `2.3.0` | `2.4.1` |
| [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.0.1` | `2.1.0` |
| [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) | `2.0.1` | `2.1.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.2.0` | `4.3.0` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.15.4` | `0.15.5` |


Updates `korthout/backport-action` from 2.3.0 to 2.4.1
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](korthout/backport-action@addffea...e8161d6)

Updates `google-github-actions/auth` from 2.0.1 to 2.1.0
- [Release notes](https://github.com/google-github-actions/auth/releases)
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md)
- [Commits](google-github-actions/auth@f6de816...5a50e58)

Updates `google-github-actions/setup-gcloud` from 2.0.1 to 2.1.0
- [Release notes](https://github.com/google-github-actions/setup-gcloud/releases)
- [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/main/CHANGELOG.md)
- [Commits](google-github-actions/setup-gcloud@5a5f7b8...98ddc00)

Updates `actions/upload-artifact` from 4.2.0 to 4.3.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@694cdab...26f96df)

Updates `anchore/sbom-action` from 0.15.4 to 0.15.5
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](anchore/sbom-action@41f7a6c...24b0d52)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: google-github-actions/auth
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: google-github-actions/setup-gcloud
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added area/ci CI related issues and pull requests dependencies Pull requests that update a dependency labels Jan 29, 2024
@stefanprodan stefanprodan added the backport:release/v2.2.x To be backported to release/v2.2.x label Jan 29, 2024
@stefanprodan stefanprodan merged commit 475bcb6 into main Jan 29, 2024
10 checks passed
@stefanprodan stefanprodan deleted the dependabot/github_actions/ci-6b7665cf80 branch January 29, 2024 07:26
@fluxcdbot
Copy link
Member

Backport failed for release/v2.2.x, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release/v2.2.x
git worktree add -d .worktree/backport-4573-to-release/v2.2.x origin/release/v2.2.x
cd .worktree/backport-4573-to-release/v2.2.x
git switch --create backport-4573-to-release/v2.2.x
git cherry-pick -x cccb044dd170f976f88637347ff1d4bb64fc98ed

nrdufour added a commit to nrdufour/home-ops that referenced this pull request Feb 7, 2024
@nrdufour
chore(deps): update dependency fluxcd/flux2 to v2.2.3 (#364)
e5d41f2 
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [fluxcd/flux2](https://github.com/fluxcd/flux2) | Kustomization | patch | `v2.2.2` -> `v2.2.3` |

---

### Release Notes

<details>
<summary>fluxcd/flux2 (fluxcd/flux2)</summary>

### [`v2.2.3`](https://github.com/fluxcd/flux2/releases/tag/v2.2.3)

[Compare Source](fluxcd/flux2@v2.2.2...v2.2.3)

#### Highlights

Flux v2.2.3 is a patch release which comes with various fixes and improvements. Users are encouraged to upgrade for the best experience.

:bulb: For upgrading to Flux v2.2, please see [the procedure documented in 2.2.0](https://github.com/fluxcd/flux2/releases/tag/v2.0.0).

This release updates the Kubernetes dependencies to v1.28.6 and various other dependencies to their latest version to patch upstream CVEs.

All controllers are built with Go 1.21.6 using Alpine Linux 3.19.1 base image.

> \[!NOTE]
> Due to breaking changes in [Helm v3.14.0](https://github.com/helm/helm/releases/tag/v3.14.0), the helm-controller version included in this patch release comes with Helm SDK v3.13.3.
> A preview build of the helm-controller with the latest Helm SDK is available at [helm-controller#879](fluxcd/helm-controller#879).

Fixes:

-   Reconciling empty directories and directories without Kubernetes manifests no longer results in an error. This regressing bug was introduced with the kustomize-controller upgrade to Kustomize v5.3 and has been fixed in this patch release.
-   The regression due to which `Roles` and `ClusterRoles` with aggregated roles were continuous reconciled by kustomize-controller has been fixed.
-   Fix the Git revision displaying when notification-controller sends alerts to Grafana.
-   The HelmRelease status reporting has been improved by ensuring that the stale failure conditions get updated after failure recovery.

See the components changelog for a full list of bug fixes.

#### Components changelog

-   source-controller [v1.2.4](https://github.com/fluxcd/source-controller/blob/v1.2.4/CHANGELOG.md)
-   kustomize-controller [v1.2.2](https://github.com/fluxcd/kustomize-controller/blob/v1.2.2/CHANGELOG.md)
-   notification-controller [v1.2.4](https://github.com/fluxcd/notification-controller/blob/v1.2.4/CHANGELOG.md)
-   helm-controller [v0.37.4](https://github.com/fluxcd/helm-controller/blob/v0.37.4/CHANGELOG.md)
-   image-reflector-controller [v0.31.2](https://github.com/fluxcd/image-reflector-controller/blob/v0.31.2/CHANGELOG.md)
-   image-automation-controller [v0.37.1](https://github.com/fluxcd/image-automation-controller/blob/v0.37.1/CHANGELOG.md)

#### CLI Changelog

-   PR [#&#8203;4589](fluxcd/flux2#4589) - [@&#8203;stefanprodan](https://github.com/stefanprodan) - Update dependencies
-   PR [#&#8203;4585](fluxcd/flux2#4585) - [@&#8203;dependabot](https://github.com/dependabot)\[bot] - build(deps): bump the ci group with 3 updates
-   PR [#&#8203;4583](fluxcd/flux2#4583) - [@&#8203;fluxcdbot](https://github.com/fluxcdbot) - Update toolkit components
-   PR [#&#8203;4575](fluxcd/flux2#4575) - [@&#8203;stefanprodan](https://github.com/stefanprodan) - Update dependencies to Kubernetes v1.28.6
-   PR [#&#8203;4573](fluxcd/flux2#4573) - [@&#8203;dependabot](https://github.com/dependabot)\[bot] - build(deps): bump the ci group with 5 updates
-   PR [#&#8203;4558](fluxcd/flux2#4558) - [@&#8203;twinguy](https://github.com/twinguy) - `flux check` should error on unrecognised args
-   PR [#&#8203;4557](fluxcd/flux2#4557) - [@&#8203;twinguy](https://github.com/twinguy) - `flux stats` should error on unrecognised args
-   PR [#&#8203;4554](fluxcd/flux2#4554) - [@&#8203;dependabot](https://github.com/dependabot)\[bot] - build(deps): bump the ci group with 3 updates
-   PR [#&#8203;4553](fluxcd/flux2#4553) - [@&#8203;twinguy](https://github.com/twinguy) - Properly detect unexpected arguments during uninstall
-   PR [#&#8203;4535](fluxcd/flux2#4535) - [@&#8203;dependabot](https://github.com/dependabot)\[bot] - build(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7
-   PR [#&#8203;4533](fluxcd/flux2#4533) - [@&#8203;darkowlzz](https://github.com/darkowlzz) - tests/int: Add separate resource cleanup step

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNzMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE3My4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://git.home/nrdufour/home-ops/pulls/364
Co-authored-by: Renovate <renovate@ptinem.io>
Co-committed-by: Renovate <renovate@ptinem.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stefanprodan stefanprodan stefanprodan approved these changes

Assignees
No one assigned
Labels
area/ci CI related issues and pull requests backport:release/v2.2.x To be backported to release/v2.2.x dependencies Pull requests that update a dependency
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@fluxcdbot @stefanprodan