Lucas Manuel Rodriguez
f701dc55ed
CI: Add shell cmd for windows runner and add some debug logs to help troubleshoot ( #13592 )
...
After @rfairburn made the DNS change the clouldflared tunnel started
working again (after months of being broken).
#13547
Run: https://github.com/fleetdm/fleet/actions/runs/6025182774
This PR adds some fixes to the two workflows that make use of
cloudflared.
There are still some issues to fix but these are some changes needed to
continue/help troubleshooting.
2023-08-30 15:49:47 -03:00
KanchiMoe
dece8e179c
Upversion markdown-link-check Github action ( #12026 )
2023-08-22 13:57:45 -07:00
Lucas Manuel Rodriguez
cafbe161a1
Bump fleet desktop version to 1.15.0 to generate artifacts and release ( #13393 )
2023-08-18 15:23:38 -05:00
Zach Wasserman
4ecc7db6d6
Complete removal of Cypress ( #13389 )
...
Remove the last of the dependencies and configuration around Cypress
since we no longer use it for testing.
2023-08-18 11:06:12 -06:00
Lucas Manuel Rodriguez
f9d6cf986b
Fix expected number of hosts in fleetctl-preview-latest workflow ( #13329 )
...
#13182
[This PR](https://github.com/fleetdm/osquery-in-a-box/pull/18 ) in the
osquery-in-a-box repository recently added a new host to the simulated
host list which broke the CI job in the fleetdm/fleet repository.
PR run with this branch:
https://github.com/fleetdm/fleet/actions/runs/5866786432
PS: One of the reasons we had this osquery-in-a-box repository outside
the monorepo was to not break customers using `fleetctl preview`. But
now that we have Fleet Sandbox and we don't encourage users to use
`fleetctl preview`:
1. Does it make sense to have the separate repository?
2. Does it make sense to continue supporting this workflow in CI?
2023-08-15 14:16:07 -03:00
Luke Heath
3dfe4c74bb
Update action version ( #13136 )
2023-08-03 14:27:32 -07:00
Joanne Stableford
79b8dd8e8f
Update fleetctl-workstations to min macOS 13.5 ( #13109 )
2023-08-02 18:38:11 -04:00
Joanne Stableford
ea934424ae
Update fleetctl-workstations-canary min OS to macOS 13.5 ( #13108 )
2023-08-02 18:22:46 -04:00
Roberto Dip
d9de78e9fc
upgrade Go version to 1.19.11 ( #12902 )
2023-07-26 11:09:22 -07:00
Eric
63eca92536
Change Node version used in Github workflows, add build-storybook step to website test ( #12748 )
...
Context: The "Deploy Fleet website" workflow is currently failing
because the `build-storybook` step requires Node v16.
<img width="1013" alt="image"
src="https://github.com/fleetdm/fleet/assets/7445991/7681e11e-a94f-4a0b-8cd8-baa1ef5a37d8 ">
Changes:
- Changed the `deploy-fleet-website` and `test-website` workflows to use
Node 16.
- Updated the version of `actions/setup-node` to v3 to use node 16.
- added the `--legacy-peer-deps` flag to the `npm install` in the
build-storybook step
- Added a step to build the storybook to the `test-website` workflow.
- Updated the `test-website` workflow to run when the workflow file is
changed.
2023-07-13 13:11:20 -05:00
Gabriel Hernandez
f9bbd47381
add back public storybook site build step ( #12746 )
...
this adds back building and publishing of storybook website.
2023-07-13 17:44:41 +01:00
dependabot[bot]
dbf87cbe62
Bump github/codeql-action from 2.2.4 to 2.20.1 ( #12437 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action )
from 2.2.4 to 2.20.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases ">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>CodeQL Bundle</h2>
<p>Bundles CodeQL CLI v2.13.4</p>
<ul>
<li>(<a
href="https://github.com/github/codeql-cli-binaries/blob/HEAD/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql-cli-binaries/releases/tag/v2.13.4 ">release</a>)</li>
</ul>
<p>Includes the following CodeQL language packs from <a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4 "><code>github/codeql@codeql-cli/v2.13.4</code></a>:</p>
<ul>
<li><code>codeql/cpp-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/cpp/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/cpp/ql/src ">source</a>)</li>
<li><code>codeql/cpp-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/cpp/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/cpp/ql/lib ">source</a>)</li>
<li><code>codeql/csharp-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/csharp/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/csharp/ql/src ">source</a>)</li>
<li><code>codeql/csharp-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/csharp/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/csharp/ql/lib ">source</a>)</li>
<li><code>codeql/go-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/go/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/go/ql/src ">source</a>)</li>
<li><code>codeql/go-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/go/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/go/ql/lib ">source</a>)</li>
<li><code>codeql/java-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/java/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/java/ql/src ">source</a>)</li>
<li><code>codeql/java-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/java/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/java/ql/lib ">source</a>)</li>
<li><code>codeql/javascript-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/javascript/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/javascript/ql/src ">source</a>)</li>
<li><code>codeql/javascript-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/javascript/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/javascript/ql/lib ">source</a>)</li>
<li><code>codeql/python-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/python/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/python/ql/src ">source</a>)</li>
<li><code>codeql/python-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/python/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/python/ql/lib ">source</a>)</li>
<li><code>codeql/ruby-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/ruby/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/ruby/ql/src ">source</a>)</li>
<li><code>codeql/ruby-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/ruby/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/ruby/ql/lib ">source</a>)</li>
<li><code>codeql/swift-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/swift/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/swift/ql/src ">source</a>)</li>
<li><code>codeql/swift-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/swift/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/swift/ql/lib ">source</a>)</li>
</ul>
<h2>CodeQL Bundle v2.6.0-beta.1</h2>
<p>Bundles CodeQL CLI <a
href="https://github.com/github/codeql-cli-binaries/releases/tag/v2.6.0-beta.1 ">v2.6.0-beta.1</a></p>
<h3>⚠️ This is a beta release containing a new CodeQL packaging feature.
It may not be compatible with existing workflows.</h3>
<p>This release contains beta support for <strong>CodeQL packs</strong>.
Please read the documentation below for more information:</p>
<ul>
<li><a
href="https://codeql.github.com/docs/codeql-cli/about-codeql-packs ">Using
CodeQL packs with the CodeQL CLI</a></li>
<li><a
href="https://docs.github.com/en/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-codeql-query-packs ">Using
CodeQL packs in Code Scanning on GitHub Actions</a></li>
<li><a
href="https://docs.github.com/en/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system#downloading-and-using-codeql-query-packs ">Using
CodeQL packs in Code Scanning on 3rd-party CI systems</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md ">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.20.1 - 21 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.4. <a
href="https://redirect.github.com/github/codeql-action/pull/1721 ">#1721</a></li>
<li>Experimental: add a new <code>resolve-environment</code> action
which attempts to infer a configuration for the build environment that
is required to build a given project. Do not use this in production as
it is part of an internal experiment and subject to change at any
time.</li>
</ul>
<h2>2.20.0 - 13 Jun 2023</h2>
<ul>
<li>Bump the version of the Action to 2.20.0. This ensures that users
who received a Dependabot upgrade to <a
href="cdcdbb5797https://redirect.github.com/github/codeql-action/pull/1729 ">#1729</a></li>
</ul>
<h2>2.3.6 - 01 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.3. <a
href="https://redirect.github.com/github/codeql-action/pull/1698 ">#1698</a></li>
</ul>
<h2>2.3.5 - 25 May 2023</h2>
<ul>
<li>Allow invalid URIs to be used as values to
<code>artifactLocation.uri</code> properties. This reverses a change
from <a
href="https://redirect.github.com/github/codeql-action/pull/1668 ">#1668</a>
that inadvertently led to stricter validation of some URI values. <a
href="https://redirect.github.com/github/codeql-action/pull/1705 ">#1705</a></li>
<li>Gracefully handle invalid URIs when fingerprinting. <a
href="https://redirect.github.com/github/codeql-action/pull/1694 ">#1694</a></li>
</ul>
<h2>2.3.4 - 24 May 2023</h2>
<ul>
<li>Updated the SARIF 2.1.0 JSON schema file to the latest from <a
href="123e95847b/Schemata/sarif-schema-2.1.0.jsonhttps://redirect.github.com/github/codeql-action/pull/1668 ">#1668</a></li>
<li>We are rolling out a feature in May 2023 that will disable Python
dependency installation for new users of the CodeQL Action. This
improves the speed of analysis while having only a very minor impact on
results. <a
href="https://redirect.github.com/github/codeql-action/pull/1676 ">#1676</a></li>
<li>We are improving the way that <a
href="https://github.com/github/codeql-action/releases ">CodeQL
bundles</a> are tagged to make it possible to easily identify bundles by
their CodeQL semantic version. <a
href="https://redirect.github.com/github/codeql-action/pull/1682 ">#1682</a>
<ul>
<li>As of CodeQL CLI 2.13.4, CodeQL bundles will be tagged using
semantic versions, for example <code>codeql-bundle-v2.13.4</code>,
instead of timestamps, like <code>codeql-bundle-20230615</code>.</li>
<li>This change does not affect the majority of workflows, and we will
not be changing tags for existing bundle releases.</li>
<li>Some workflows with custom logic that depends on the specific format
of the CodeQL bundle tag may need to be updated. For example, if your
workflow matches CodeQL bundle tag names against a
<code>codeql-bundle-yyyymmdd</code> pattern, you should update it to
also recognize <code>codeql-bundle-vx.y.z</code> tags.</li>
</ul>
</li>
<li>Remove the requirement for <code>on.push</code> and
<code>on.pull_request</code> to trigger on the same branches. <a
href="https://redirect.github.com/github/codeql-action/pull/1675 ">#1675</a></li>
</ul>
<h2>2.3.3 - 04 May 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.1. <a
href="https://redirect.github.com/github/codeql-action/pull/1664 ">#1664</a></li>
<li>You can now configure CodeQL within your code scanning workflow by
passing a <code>config</code> input to the <code>init</code> Action. See
<a href="https://aka.ms/code-scanning-docs/config-file ">Using a custom
configuration file</a> for more information about configuring code
scanning. <a
href="https://redirect.github.com/github/codeql-action/pull/1590 ">#1590</a></li>
</ul>
<h2>2.3.2 - 27 Apr 2023</h2>
<p>No user facing changes.</p>
<h2>2.3.1 - 26 Apr 2023</h2>
<p>No user facing changes.</p>
<h2>2.3.0 - 21 Apr 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.0. <a
href="https://redirect.github.com/github/codeql-action/pull/1649 ">#1649</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f6e388ebf0https://redirect.github.com/github/codeql-action/issues/1736 ">#1736</a>
from github/update-v2.20.1-4385ad556</li>
<li><a
href="28742472284385ad5563https://redirect.github.com/github/codeql-action/issues/1685 ">#1685</a>)</li>
<li><a
href="8ba77ef4d3https://redirect.github.com/github/codeql-action/issues/1734 ">#1734</a>)</li>
<li><a
href="82dbde173chttps://redirect.github.com/github/codeql-action/issues/1735 ">#1735</a>)</li>
<li><a
href="c6dff3470ehttps://redirect.github.com/github/codeql-action/issues/1721 ">#1721</a>
from github/update-bundle/codeql-bundle-v2.13.4</li>
<li><a
href="3e0c87dc38de74ca6211https://redirect.github.com/github/codeql-action/issues/1732 ">#1732</a>
from github/henrymercer/tolerate-unexpected-processi...</li>
<li><a
href="d6201b58de0ac18158d1https://redirect.github.com/github/codeql-action/issues/1684 ">#1684</a>
from github/mbg/add-resolve-environment</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/v2.2.4...f6e388ebf0efc915c6c5b165b019ee61a6746a38 ">compare
view</a></li>
</ul>
</details>
<br />
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 12:40:54 -07:00
dependabot[bot]
0730246723
Bump actions/setup-go from 2.1.3 to 4.0.1 ( #12294 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2.1.3
to 4.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases ">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update documentation for <code>v4</code> by <a
href="https://github.com/dsame "><code>@dsame</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/354 ">actions/setup-go#354</a></li>
<li>Fix glob bug in the package.json scripts section by <a
href="https://github.com/IvanZosimov "><code>@IvanZosimov</code></a> in
<a
href="https://redirect.github.com/actions/setup-go/pull/359 ">actions/setup-go#359</a></li>
<li>Bump <code>xml2js</code> dependency by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/370 ">actions/setup-go#370</a></li>
<li>Bump <code>@actions/cache</code> dependency to v3.2.1 by <a
href="https://github.com/nikolai-laevskii "><code>@nikolai-laevskii</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/374 ">actions/setup-go#374</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/nikolai-laevskii "><code>@nikolai-laevskii</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/374 ">actions/setup-go#374</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v4...v4.0.1 ">https://github.com/actions/setup-go/compare/v4...v4.0.1 </a></p>
<h2>v4.0.0</h2>
<p>In scope of release we enable cache by default. The action won’t
throw an error if the cache can’t be restored or saved. The action will
throw a warning message but it won’t stop a build process. The cache can
be disabled by specifying <code>cache: false</code>.</p>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ‘1.19’
- run: go run hello.go
</code></pre>
<p>Besides, we introduce such changes as</p>
<ul>
<li><a
href="https://redirect.github.com/actions/setup-go/pull/305 ">Allow to
use only GOCACHE for cache</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/315 ">Bump
json5 from 2.2.1 to 2.2.3</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/323 ">Use
proper version for primary key in cache</a></li>
<li><a
href="https://redirect.github.com/actions/setup-go/pull/351 ">Always add
Go bin to the PATH</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/350 ">Add
step warning if go-version input is empty</a></li>
</ul>
<h2>Add support for stable and oldstable aliases</h2>
<p>In scope of this release we introduce aliases for the
<code>go-version</code> input. The <code>stable</code> alias instals the
latest stable version of Go. The <code>oldstable</code> alias installs
previous latest minor release (the stable is 1.19.x -> the oldstable
is 1.18.x).</p>
<h3>Stable</h3>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: 'stable'
- run: go run hello.go
</code></pre>
<h3>OldStable</h3>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fac708d667https://redirect.github.com/actions/setup-go/issues/374 ">#374</a>)</li>
<li><a
href="dd84a9531ahttps://redirect.github.com/actions/setup-go/issues/370 ">#370</a>)</li>
<li><a
href="41c2024c46https://redirect.github.com/actions/setup-go/issues/359 ">#359</a>)</li>
<li><a
href="8dbf352f06https://redirect.github.com/actions/setup-go/issues/354 ">#354</a>)</li>
<li><a
href="4d34df0c23https://redirect.github.com/actions/setup-go/issues/348 ">#348</a>)</li>
<li><a
href="fdc0d672a1https://redirect.github.com/actions/setup-go/issues/351 ">#351</a>)</li>
<li><a
href="ebfdf6ac95https://redirect.github.com/actions/setup-go/issues/350 ">#350</a>)</li>
<li><a
href="b27d76912ehttps://redirect.github.com/actions/setup-go/issues/349 ">#349</a>)</li>
<li><a
href="c51a720768https://redirect.github.com/actions/setup-go/issues/332 ">#332</a>)</li>
<li><a
href="6b848af622https://redirect.github.com/actions/setup-go/issues/343 ">#343</a>
from akv-platform/reusable-workflow</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/setup-go/compare/v2.1.3...v4.0.1 ">compare
view</a></li>
</ul>
</details>
<br />
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 12:38:42 -07:00
dependabot[bot]
ffcfdbc15d
Bump slackapi/slack-github-action from 1.18.0 to 1.24.0 ( #12293 )
...
Bumps
[slackapi/slack-github-action](https://github.com/slackapi/slack-github-action )
from 1.18.0 to 1.24.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/slackapi/slack-github-action/releases ">slackapi/slack-github-action's
releases</a>.</em></p>
<blockquote>
<h2>Slack Send V1.24.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add in testing instructions for maintainer's guide and standardize
bullet point punctuation by <a
href="https://github.com/hello-ashleyintech "><code>@hello-ashleyintech</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/140 ">slackapi/slack-github-action#140</a></li>
<li>Added checks for bot token and webhook url length by <a
href="https://github.com/koki-develop "><code>@koki-develop</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/124 ">slackapi/slack-github-action#124</a></li>
<li>Add channel_id output parameter by <a
href="https://github.com/maso7 "><code>@maso7</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/149 ">slackapi/slack-github-action#149</a></li>
<li><a
href="https://redirect.github.com/slackapi/slack-github-action/issues/171 ">#171</a>
Update Technique 2 to use Actions context instead of values property by
<a href="https://github.com/mwbrooks "><code>@mwbrooks</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/172 ">slackapi/slack-github-action#172</a></li>
<li>Fix interpolation of variables in file-based payloads by <a
href="https://github.com/filmaj "><code>@filmaj</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/200 ">slackapi/slack-github-action#200</a></li>
<li>Update README.md with variable usage and links to example workflows
by <a href="https://github.com/filmaj "><code>@filmaj</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/201 ">slackapi/slack-github-action#201</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/koki-develop "><code>@koki-develop</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/124 ">slackapi/slack-github-action#124</a></li>
<li><a href="https://github.com/maso7 "><code>@maso7</code></a> made
their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/149 ">slackapi/slack-github-action#149</a></li>
<li><a href="https://github.com/mwbrooks "><code>@mwbrooks</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/172 ">slackapi/slack-github-action#172</a></li>
<li><a href="https://github.com/hnarimiya "><code>@hnarimiya</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/200 ">slackapi/slack-github-action#200</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.23.0...v1.24.0 ">https://github.com/slackapi/slack-github-action/compare/v1.23.0...v1.24.0 </a></p>
<h2>Slack Send V1.23.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump node from 12 to 16 by <a
href="https://github.com/quinnjn "><code>@quinnjn</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/128 ">slackapi/slack-github-action#128</a></li>
<li>Bump eslint from 8.23.0 to 8.24.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/135 ">slackapi/slack-github-action#135</a></li>
<li>Bump <code>@actions/core</code> from 1.9.1 to 1.10.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/134 ">slackapi/slack-github-action#134</a></li>
<li>Bump <code>@actions/github</code> from 5.0.3 to 5.1.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/133 ">slackapi/slack-github-action#133</a></li>
<li>Use https proxy agent by <a
href="https://github.com/EHitchcockIAG "><code>@EHitchcockIAG</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/132 ">slackapi/slack-github-action#132</a></li>
<li>Release v1.23.0 by <a
href="https://github.com/hello-ashleyintech "><code>@hello-ashleyintech</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/139 ">slackapi/slack-github-action#139</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/quinnjn "><code>@quinnjn</code></a> made
their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/128 ">slackapi/slack-github-action#128</a></li>
<li><a
href="https://github.com/EHitchcockIAG "><code>@EHitchcockIAG</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/132 ">slackapi/slack-github-action#132</a></li>
<li><a
href="https://github.com/hello-ashleyintech "><code>@hello-ashleyintech</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/139 ">slackapi/slack-github-action#139</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.22.0...v1.23.0 ">https://github.com/slackapi/slack-github-action/compare/v1.22.0...v1.23.0 </a></p>
<h2>Slack Send V1.22.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(message): support multiple channel IDs by <a
href="https://github.com/treemmett "><code>@treemmett</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/126 ">slackapi/slack-github-action#126</a>
(fixes <a
href="https://redirect.github.com/slackapi/slack-github-action/issues/118 ">#118</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/treemmett "><code>@treemmett</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/126 ">slackapi/slack-github-action#126</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.21.0...v1.22.0 ">https://github.com/slackapi/slack-github-action/compare/v1.21.0...v1.22.0 </a></p>
<h2>Slack Send V1.21.0</h2>
<h2>What's Changed</h2>
<ul>
<li>updated to 1.21.0, fixed update-ts by <a
href="https://github.com/stevengill "><code>@stevengill</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/110 ">slackapi/slack-github-action#110</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.20.0...v1.21.0 ">https://github.com/slackapi/slack-github-action/compare/v1.20.0...v1.21.0 </a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e28cf165c9f07b4a2d032c8b741a82https://redirect.github.com/slackapi/slack-github-action/issues/201 ">#201</a>)</li>
<li><a
href="81a1dc0cd9https://redirect.github.com/slackapi/slack-github-action/issues/200 ">#200</a>)</li>
<li><a
href="4eb7313607https://redirect.github.com/slackapi/slack-github-action/issues/194 ">#194</a>)</li>
<li><a
href="17394c7ff6https://redirect.github.com/slackapi/slack-github-action/issues/195 ">#195</a>)</li>
<li><a
href="2746ea8222https://redirect.github.com/slackapi/slack-github-action/issues/196 ">#196</a>)</li>
<li><a
href="1b89efce66https://redirect.github.com/slackapi/slack-github-action/issues/197 ">#197</a>)</li>
<li><a
href="0e608ca738https://redirect.github.com/slackapi/slack-github-action/issues/188 ">#188</a>)</li>
<li><a
href="02b50ad38bhttps://redirect.github.com/slackapi/slack-github-action/issues/189 ">#189</a>)</li>
<li>Additional commits viewable in <a
href="16b6c78ee7...e28cf165c9
2023-06-23 12:32:30 -07:00
Joanne Stableford
0f9bfa3dbd
Update fleetctl-workstations os update to 13.4.1 ( #12471 )
2023-06-22 20:05:15 -04:00
Joanne Stableford
f6f713f7fc
Update fleetctl-workstations-canary for minimum os 13.4.1 ( #12469 )
2023-06-22 19:54:43 -04:00
Zach Wasserman
1080406266
Generate targets for osquery 5.9.1 ( #12410 )
2023-06-21 23:14:52 -07:00
Luke Heath
1f455055a1
Use actions token during helm-publish workflow ( #12430 )
2023-06-21 09:30:25 -06:00
Luke Heath
b5994e7cb9
Use GitHub token in GoReleaser workflow ( #12303 )
2023-06-13 11:54:55 -05:00
Roberto Dip
ab9ac28538
upgrade go version to 1.19.10 ( #12187 )
...
for #12177
2023-06-07 17:59:30 -03:00
Luke Heath
1f8ca0bbb4
Use personal access token for workflows ( #12118 )
2023-06-02 16:23:23 -05:00
Gabriel Hernandez
2fcc5ee72e
generate js coverage report in CI ( #12029 )
...
relates to #8771
Add coverage for frontend and improve coverage reports around Backend
and frontend code.
2023-06-01 17:46:25 +01:00
Martin Angers
8b1bf35414
Increase Go test timeout to 15m ( #11920 )
2023-05-29 08:44:10 -04:00
KanchiMoe
257336c8b0
Upversion github actions in tfvalidate.yml ( #12005 )
...
This fixes the deprecation warnings that appear at the bottom of
https://github.com/fleetdm/fleet/actions/runs/5083875257
2023-05-28 22:54:46 -04:00
Luke Heath
256aa855d8
Adjust macOS version update deadline ( #11988 )
2023-05-26 10:41:08 -05:00
Zach Wasserman
048de9a002
Move all workstations to macOS 13.4.0 ( #11918 )
2023-05-23 20:42:08 -07:00
Luke Heath
846ee18cb3
Add example workflow ( #11893 )
2023-05-23 13:52:21 -05:00
Zach Wasserman
499a040c1b
Move canary workstations to macOS 13.4.0 ( #11792 )
2023-05-18 15:37:25 -07:00
KanchiMoe
9e9fd633c7
Update 'install go' Github Actions to use tag as it uses deprecated commands ( #11408 )
...
At the moment, in Github Actions, when a job has `uses:
actions/setup-go` it uses a specific commit from that repo.
In that commit, it used `set-output` somewhere, which is now deprecated
and will be disabled within the next month or so.
See here for more information:
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
This PR changes every instance where `actions/setup-go@...` was used and
replaces it with release `v2.1.3`. [From the release
notes](https://github.com/actions/setup-go/releases/tag/v2.1.3 ):
> Updated communication with runner to use environment files rather then
workflow commands
Which is what the above Github blog recommends doing.
---
Addationally, the latest version of this Github Action is
[`v4.0.0`](https://github.com/actions/setup-go/releases/tag/v4.0.0 ),
which you may want to update to in the future.
2023-05-17 15:56:16 -05:00
Luke Heath
191302c662
Use github action to apply profiles to workstations team ( #11716 )
2023-05-17 13:07:18 -05:00
Luke Heath
e794356e07
Use new fleet-mdm-gitops GitHub action to apply MDM configuration ( #11681 )
2023-05-16 10:16:22 -05:00
Luke Heath
25b7114174
Use new Fleet MDM gitops action ( #11678 )
2023-05-12 16:54:26 -05:00
Luke Heath
9f7e2ea4cc
Bump workstation macOS version requirement ( #11560 )
2023-05-09 16:07:03 -05:00
Zach Wasserman
8ebd988661
Update Fleet Desktop version ( #11549 )
2023-05-05 15:04:50 -07:00
dependabot[bot]
8c04305f7f
Bump aws-actions/amazon-ecr-login from 1.5.3 to 1.6.0 ( #11514 )
...
Bumps
[aws-actions/amazon-ecr-login](https://github.com/aws-actions/amazon-ecr-login )
from 1.5.3 to 1.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/amazon-ecr-login/releases ">aws-actions/amazon-ecr-login's
releases</a>.</em></p>
<blockquote>
<h2>v1.6.0</h2>
<p>See the <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/HEAD/CHANGELOG.md ">changelog</a>
for details about the changes included in this release.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/main/CHANGELOG.md ">aws-actions/amazon-ecr-login's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file.
See <a
href="https://github.com/conventional-changelog/standard-version ">standard-version</a>
for commit guidelines.</p>
<h2><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.3...v1.6.0 ">1.6.0</a>
(2023-03-29)</h2>
<h3>Features</h3>
<ul>
<li>add support for HTTP(s) proxy (<a
href="454a99d5dehttps://github.com/aws-actions/amazon-ecr-login/compare/v1.5.2...v1.5.3 ">1.5.3</a>
(2022-10-29)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.1...v1.5.2 ">1.5.2</a>
(2022-10-18)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.0...v1.5.1 ">1.5.1</a>
(2022-08-04)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>reverted change that masked Docker credentials (<a
href="7d073b66cchttps://github.com/aws-actions/amazon-ecr-login/compare/v1.4.0...v1.5.0 ">1.5.0</a>
(2022-06-27)</h2>
<h3>Features</h3>
<ul>
<li>added ECR Public Registry support (<a
href="b4f084e928https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.3...v1.4.0 ">1.4.0</a>
(2022-05-20)</h2>
<h3>Features</h3>
<ul>
<li>output docker credentials after login (<a
href="57206dc28cd121236bfd45a78e2dabhttps://github.com/aws-actions/amazon-ecr-login/compare/v1.3.2...v1.3.3 ">1.3.3</a>
(2021-02-15)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.1...v1.3.2 ">1.3.2</a>
(2021-02-01)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.0...v1.3.1 ">1.3.1</a>
(2020-11-24)</h3>
<h2><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.2.2...v1.3.0 ">1.3.0</a>
(2020-10-29)</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2f9f10ea3f7724c7e157https://redirect.github.com/aws-actions/amazon-ecr-login/issues/430 ">#430</a>
from aws-actions/http-proxy</li>
<li><a
href="454a99d5de62f4f872dbhttps://redirect.github.com/aws-actions/amazon-ecr-login/issues/429 ">#429</a>)</li>
<li><a
href="5cf60ad52chttps://redirect.github.com/aws-actions/amazon-ecr-login/issues/428 ">#428</a>)</li>
<li><a
href="7179228b86https://redirect.github.com/aws-actions/amazon-ecr-login/issues/426 ">#426</a>)</li>
<li><a
href="4ccd3fe855https://redirect.github.com/aws-actions/amazon-ecr-login/issues/424 ">#424</a>)</li>
<li><a
href="7ba8fdb4b8https://redirect.github.com/aws-actions/amazon-ecr-login/issues/423 ">#423</a>)</li>
<li><a
href="069994d041https://redirect.github.com/aws-actions/amazon-ecr-login/issues/422 ">#422</a>
from taichunmin/main</li>
<li><a
href="4f0431daa8261a7de32b...2f9f10ea3fhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aws-actions/amazon-ecr-login&package-manager=github_actions&previous-version=1.5.3&new-version=1.6.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-03 12:06:24 -07:00
KanchiMoe
3496011e35
Convert remaining uses of set-output for Github Actions ( #11352 )
2023-04-27 16:11:27 -05:00
KanchiMoe
503a30092f
Fix integration Github action using the deprecated command set-output ( #11282 )
2023-04-26 10:15:23 -05:00
Robert Fairburn
eb93343ffe
Warn against deploying fleetdm/fleet:main directly ( #11316 )
...
Deploying `fleetdm/fleet:main` directly to dogfood has problems if
migrations are needed and an image restarts. This causes crashloops in
the containers and leads to being rate-limited for pulls on dockerhub.
Warn against this and also suggest using quay.io as an alternative image
location.
2023-04-25 13:22:59 -05:00
dependabot[bot]
672c0d9239
Bump actions/upload-artifact from 3.1.0 to 3.1.2 ( #10183 )
...
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact )
from 3.1.0 to 3.1.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases ">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.2</h2>
<ul>
<li>Update all <code>@actions/*</code> NPM packages to their latest
versions- <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/374 ">#374</a></li>
<li>Update all dev dependencies to their most recent versions - <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/375 ">#375</a></li>
</ul>
<h2>v3.1.1</h2>
<ul>
<li>Update actions/core package to latest version to remove
<code>set-output</code> deprecation warning <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/351 ">#351</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0b7f8abb15https://github-redirect.dependabot.com/actions/upload-artifact/issues/312 ">#312</a>)</li>
<li><a
href="013d2b89bahttps://github-redirect.dependabot.com/actions/upload-artifact/issues/375 ">#375</a>)</li>
<li><a
href="055b8b3f04https://github-redirect.dependabot.com/actions/upload-artifact/issues/374 ">#374</a>)</li>
<li><a
href="7a5d4831f7https://github-redirect.dependabot.com/actions/upload-artifact/issues/315 ">#315</a>)</li>
<li><a
href="e0057a5b76https://github-redirect.dependabot.com/actions/upload-artifact/issues/352 ">#352</a>)</li>
<li><a
href="7fe6c13ac8https://github-redirect.dependabot.com/actions/upload-artifact/issues/363 ">#363</a>)</li>
<li><a
href="83fd05a356https://github-redirect.dependabot.com/actions/upload-artifact/issues/356 ">#356</a>)</li>
<li>See full diff in <a
href="3cea537223...0b7f8abb15https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=3.1.0&new-version=3.1.2 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-24 11:27:56 -07:00
Zachary Winnerman
443d2471d2
Add elastic apm to dogfood ( #11287 )
...
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-04-24 11:25:57 -04:00
Luke Heath
f53a896f09
Stop using temporary token ( #11210 )
2023-04-14 16:19:36 -05:00
Eric
29c9c17e1b
Remove build-storybook step from deploy website workflow ( #11209 )
...
Changes:
- Removed the build-storybook step from the "Deploy Fleet website"
workflow
- Removed the storybook directory from `website/.eslintignore`
2023-04-14 16:01:07 -05:00
Martin Angers
9aab3d628c
Move Redis cluster docker yml to separate file ( #11162 )
2023-04-12 15:14:28 -04:00
Luke Heath
30bc419491
Update workflow to set macos_updates and disk encryption for canary ( #11168 )
2023-04-12 11:32:13 -05:00
Luke Heath
bd1e7654dc
Use temporary github token to deploy website ( #11137 )
2023-04-11 10:37:47 -05:00
Luke Heath
7c6c209d79
Prepare v4.30.0 ( #11105 )
2023-04-10 15:48:34 -05:00
Zach Wasserman
1a521133f4
Upgrade Go version to 1.19.8 ( #11057 )
...
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
2023-04-07 12:05:22 -07:00
Noah Talerman
79e5f11664
Update Workstations YAML: Set macOS update deadline ( #10962 )
2023-04-06 18:42:04 -05:00
Luke Heath
0ee49f11fc
Prepare v4.29.1 ( #10945 )
2023-04-06 11:49:37 -05:00
Luke Heath
689d6ddffe
Exclude certain paths from docker publish workflow ( #10884 )
2023-04-06 11:49:11 -05:00
Robert Fairburn
a257a696a6
Ensure that short tags push to quay in addition to dockerhub ( #11006 )
...
This should include the short tags (such as `fleetdm/fleet:43e434b`)
when pushing to quay.io (`quay.io/fleetdm/fleet:43e434b`)
Additionally, the previous `docker buildx imagetools create` line was
only pushing a linux/amd64 image to quay. This means that for these
tags, one could not pull from quay on an arm64 Mac for example. This
update should correct that.
2023-04-05 12:04:34 -05:00
Luke Heath
bfaa8043bf
Add profiles workflow for canary team ( #10966 )
2023-04-04 15:51:07 -05:00
Luke Heath
ac983a97ab
Update the sentry environment variable name ( #10943 )
2023-04-03 14:12:16 -05:00
Robert Fairburn
fc84da1a36
Add Sentry secret to dogfood ( #10859 )
2023-03-30 12:51:12 -05:00
Robert Fairburn
0de8b58f60
Goreleaser quay push to use docker instead of podman ( #10830 )
...
This is to resolve #10693 and looks to work when it triggered on the
branch.
2023-03-30 12:46:39 -05:00
Lucas Manuel Rodriguez
40265d0e6f
Fix SMTP e-mail send when SMTP server has credentials ( #10758 )
...
#9609
This PR also fixes #10777 .
The issue is: We were using `svc.AppConfig` instead of
`svc.ds.AppConfig` to retrieve the SMTP credentials.
`svc.AppConfig` obfuscates credentials, whereas `svc.ds.AppConfig` does
not.
To help prevent this from happening again I've renamed `svc.AppConfig`
to `svc.AppConfigObfuscated`.
I've also added a new test SMTP server
(https://github.com/axllent/mailpit ) that supports Basic Authentication
and tests that make use of it to catch these kind of bugs (the tests are
executed when running `go test` with `MAIL_TEST=1`).
- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- [X] Manual QA for all new/changed functionality
- ~For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-03-28 15:23:15 -03:00
Zach Wasserman
477bb53f90
Generate targets for osquery 5.8.2 ( #10802 )
2023-03-28 10:50:07 -07:00
Luke Heath
30aa31e763
Remove disable knex, install fleetctl, apply to workstations ( #10757 )
2023-03-27 09:53:05 -05:00
Luke Heath
547111d5b6
Prepare 4.29.0 ( #10610 )
2023-03-22 15:14:51 -05:00
Luke Heath
7ebf308b0c
Revert fleetctl apply token ( #10647 )
2023-03-21 12:51:41 -05:00
Luke Heath
d514998f3a
Use gitops API token ( #10639 )
2023-03-21 11:23:08 -05:00
Luke Heath
9bf4601120
Prepare 4.28.1 ( #10461 ) ( #10609 )
2023-03-20 17:11:38 -05:00
Robert Fairburn
aadfb12d51
Update dogfood deploy help_p1 webhook secret name ( #10537 )
2023-03-16 16:56:46 -05:00
Lucas Manuel Rodriguez
296b70cda3
Add CI check for spec yamls ( #10530 )
...
This is to prevent merging broken yamls.
2023-03-16 08:54:21 -03:00
Zachary Winnerman
3158da0985
Terraform version bump ( #10513 )
...
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-03-15 12:41:25 -04:00
Lucas Manuel Rodriguez
b0f490b4d6
Run make dump-test-schema ( #10505 )
...
Forgot to run this in https://github.com/fleetdm/fleet/pull/10478
2023-03-15 10:47:49 -03:00
Lucas Manuel Rodriguez
e926581427
Observers can observe team settings ( #10447 )
...
#9984
- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- [X] Documented any permissions changes: Done by @noahtalerman, see
#10440
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- ~[ ] Manual QA for all new/changed functionality~
- For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-03-13 15:34:39 -03:00
Luke Heath
b3cd710286
Add MDM profiles and github workflow to apply them ( #10416 )
2023-03-10 11:23:10 -06:00
Zachary Winnerman
0ee617778a
Dogfood returns ( #10345 )
...
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-03-08 16:38:53 -05:00
dependabot[bot]
fdc55aabc4
Bump actions/cache from 3.0.8 to 3.2.6 ( #10268 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.0.8 to
3.2.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases ">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.6</h2>
<h2>What's Changed</h2>
<ul>
<li>Updated branch in Force deletion of caches by <a
href="https://github.com/t-dedah "><code>@t-dedah</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1108 ">actions/cache#1108</a></li>
<li>Fix zstd not being used after zstd version upgrade to 1.5.4 on
hosted runners by <a
href="https://github.com/pdotl "><code>@pdotl</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1118 ">actions/cache#1118</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.2.6 ">https://github.com/actions/cache/compare/v3...v3.2.6 </a></p>
<h2>v3.2.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Rewrite readmes by <a
href="https://github.com/jsoref "><code>@jsoref</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1085 ">actions/cache#1085</a></li>
<li>Fixed typos and formatting in docs by <a
href="https://github.com/kotewar "><code>@kotewar</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1076 ">actions/cache#1076</a></li>
<li>Fixing paths for OSes by <a
href="https://github.com/kotewar "><code>@kotewar</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1101 ">actions/cache#1101</a></li>
<li>Release patch version update by <a
href="https://github.com/Phantsure "><code>@Phantsure</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1105 ">actions/cache#1105</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jsoref "><code>@jsoref</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1085 ">actions/cache#1085</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.2.5 ">https://github.com/actions/cache/compare/v3...v3.2.5 </a></p>
<h2>v3.2.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Update json5 package version by <a
href="https://github.com/vsvipul "><code>@vsvipul</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1065 ">actions/cache#1065</a></li>
<li>Cache recipes for cache, restore and save actions by <a
href="https://github.com/kotewar "><code>@kotewar</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1055 ">actions/cache#1055</a></li>
<li>Add gnu tar and zstd as pre-requisites for windows self-hosted
runners by <a href="https://github.com/pdotl "><code>@pdotl</code></a>
in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1068 ">actions/cache#1068</a></li>
<li>Fix a whitespace typo by <a
href="https://github.com/kurtmckee "><code>@kurtmckee</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1074 ">actions/cache#1074</a></li>
<li>📝 <a
href="https://github-redirect.dependabot.com/actions/cache/issues/1045 ">#1045</a>
update using the <code>set-output</code> command is deprecated by <a
href="https://github.com/siguikesse "><code>@siguikesse</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1046 ">actions/cache#1046</a></li>
<li>Fix referenced output key in save action readme by <a
href="https://github.com/ruudk "><code>@ruudk</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1061 ">actions/cache#1061</a></li>
<li>Update workflows to use reusable-workflows by <a
href="https://github.com/jongwooo "><code>@jongwooo</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1066 ">actions/cache#1066</a></li>
<li>Introduce add-to-project step & rename workflow files by <a
href="https://github.com/pallavx "><code>@pallavx</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1077 ">actions/cache#1077</a></li>
<li>chore: Fix syntax error typo by <a
href="https://github.com/vHeemstra "><code>@vHeemstra</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1081 ">actions/cache#1081</a></li>
<li>Update caching-strategies.md by <a
href="https://github.com/kpfleming "><code>@kpfleming</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1084 ">actions/cache#1084</a></li>
<li>Added another usage hint to foresee <a
href="https://github-redirect.dependabot.com/actions/cache/issues/1072 ">#1072</a>
by <a href="https://github.com/maybeec "><code>@maybeec</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1089 ">actions/cache#1089</a></li>
<li>Add <code>fail-on-cache-miss</code> option by <a
href="https://github.com/cdce8p "><code>@cdce8p</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1036 ">actions/cache#1036</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/kurtmckee "><code>@kurtmckee</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1074 ">actions/cache#1074</a></li>
<li><a
href="https://github.com/siguikesse "><code>@siguikesse</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1046 ">actions/cache#1046</a></li>
<li><a href="https://github.com/ruudk "><code>@ruudk</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1061 ">actions/cache#1061</a></li>
<li><a href="https://github.com/pallavx "><code>@pallavx</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1077 ">actions/cache#1077</a></li>
<li><a href="https://github.com/vHeemstra "><code>@vHeemstra</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1081 ">actions/cache#1081</a></li>
<li><a href="https://github.com/kpfleming "><code>@kpfleming</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1084 ">actions/cache#1084</a></li>
<li><a href="https://github.com/maybeec "><code>@maybeec</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1089 ">actions/cache#1089</a></li>
<li><a href="https://github.com/cdce8p "><code>@cdce8p</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1036 ">actions/cache#1036</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.2.4 ">https://github.com/actions/cache/compare/v3...v3.2.4 </a></p>
<h2>v3.2.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Add Mint example by <a
href="https://github.com/uhooi "><code>@uhooi</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1051 ">actions/cache#1051</a></li>
<li>Fixed broken link by <a
href="https://github.com/kotewar "><code>@kotewar</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1057 ">actions/cache#1057</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md ">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>3.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -> node
16</li>
</ul>
<h3>3.0.1</h3>
<ul>
<li>Added support for caching from GHES 3.5.</li>
<li>Fixed download issue for files > 2GB during restore.</li>
</ul>
<h3>3.0.2</h3>
<ul>
<li>Added support for dynamic cache size cap on GHES.</li>
</ul>
<h3>3.0.3</h3>
<ul>
<li>Fixed avoiding empty cache save when no files are available for
caching. (<a
href="https://github-redirect.dependabot.com/actions/cache/issues/624 ">issue</a>)</li>
</ul>
<h3>3.0.4</h3>
<ul>
<li>Fixed tar creation error while trying to create tar with path as
<code>~/</code> home folder on <code>ubuntu-latest</code>. (<a
href="https://github-redirect.dependabot.com/actions/cache/issues/689 ">issue</a>)</li>
</ul>
<h3>3.0.5</h3>
<ul>
<li>Removed error handling by consuming actions/cache 3.0 toolkit, Now
cache server error handling will be done by toolkit. (<a
href="https://github-redirect.dependabot.com/actions/cache/pull/834 ">PR</a>)</li>
</ul>
<h3>3.0.6</h3>
<ul>
<li>Fixed <a
href="https://github-redirect.dependabot.com/actions/cache/issues/809 ">#809</a>
- zstd -d: no such file or directory error</li>
<li>Fixed <a
href="https://github-redirect.dependabot.com/actions/cache/issues/833 ">#833</a>
- cache doesn't work with github workspace directory</li>
</ul>
<h3>3.0.7</h3>
<ul>
<li>Fixed <a
href="https://github-redirect.dependabot.com/actions/cache/issues/810 ">#810</a>
- download stuck issue. A new timeout is introduced in the download
process to abort the download if it gets stuck and doesn't finish within
an hour.</li>
</ul>
<h3>3.0.8</h3>
<ul>
<li>Fix zstd not working for windows on gnu tar in issues <a
href="https://github-redirect.dependabot.com/actions/cache/issues/888 ">#888</a>
and <a
href="https://github-redirect.dependabot.com/actions/cache/issues/891 ">#891</a>.</li>
<li>Allowing users to provide a custom timeout as input for aborting
download of a cache segment using an environment variable
<code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li>
</ul>
<h3>3.0.9</h3>
<ul>
<li>Enhanced the warning message for cache unavailablity in case of
GHES.</li>
</ul>
<h3>3.0.10</h3>
<ul>
<li>Fix a bug with sorting inputs.</li>
<li>Update definition for restore-keys in README.md</li>
</ul>
<h3>3.0.11</h3>
<ul>
<li>Update toolkit version to 3.0.5 to include
<code>@actions/core@^1.10.0</code></li>
<li>Update <code>@actions/cache</code> to use updated
<code>saveState</code> and <code>setOutput</code> functions from
<code>@actions/core@^1.10.0</code></li>
</ul>
<h3>3.1.0-beta.1</h3>
<ul>
<li>Update <code>@actions/cache</code> on windows to use gnu tar and
zstd by default and fallback to bsdtar and zstd if gnu tar is not
available. (<a
href="https://github-redirect.dependabot.com/actions/cache/issues/984 ">issue</a>)</li>
</ul>
<h3>3.1.0-beta.2</h3>
<ul>
<li>Added support for fallback to gzip to restore old caches on
windows.</li>
</ul>
<h3>3.1.0-beta.3</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="69d9d449achttps://github-redirect.dependabot.com/actions/cache/issues/1118 ">#1118</a>
from actions/pdotl/zstd-hotfix</li>
<li><a
href="8d3a1e02aab1db4b48977d4d6f7ffd8f7fa5d71595b455a0fb81b7281936https://github-redirect.dependabot.com/actions/cache/issues/1108 ">#1108</a>)</li>
<li><a
href="6998d139ddhttps://github-redirect.dependabot.com/actions/cache/issues/1105 ">#1105</a>)</li>
<li><a
href="2b8105bdaehttps://github-redirect.dependabot.com/actions/cache/issues/1101 ">#1101</a>)</li>
<li><a
href="e08330827dhttps://github-redirect.dependabot.com/actions/cache/issues/1076 ">#1076</a>)</li>
<li>Additional commits viewable in <a
href="fd5de65bc8...69d9d449achttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=3.0.8&new-version=3.2.6 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-02 13:51:13 -08:00
Zach Wasserman
f8f3a1e335
Update OSSF Scorecards action ( #10255 )
...
Based on the current recommended configuration from
https://github.com/ossf/scorecard-action#installation .
2023-03-02 09:14:42 -08:00
Zach Wasserman
2ed2940683
Generate targets for osqueryd 5.8.1 ( #10245 )
2023-03-01 17:51:15 -08:00
Lucas Manuel Rodriguez
2c6bd879f8
Notify Go and Integration CI failures to new channel ( #10235 )
2023-03-01 20:14:07 -03:00
dependabot[bot]
05d38abc35
Bump github/codeql-action from 2.1.21 to 2.2.5 ( #10220 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action )
from 2.1.21 to 2.2.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md ">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.2.5 - 24 Feb 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.12.3. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1543 ">#1543</a></li>
</ul>
<h2>2.2.4 - 10 Feb 2023</h2>
<p>No user facing changes.</p>
<h2>2.2.3 - 08 Feb 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.12.2. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1518 ">#1518</a></li>
</ul>
<h2>2.2.2 - 06 Feb 2023</h2>
<ul>
<li>Fix an issue where customers using the CodeQL Action with the <a
href="https://docs.github.com/en/enterprise-server@3.7/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access ">CodeQL
Action sync tool</a> would not be able to obtain the CodeQL tools. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1517 ">#1517</a></li>
</ul>
<h2>2.2.1 - 27 Jan 2023</h2>
<p>No user facing changes.</p>
<h2>2.2.0 - 26 Jan 2023</h2>
<ul>
<li>Improve stability when choosing the default version of CodeQL to use
in code scanning workflow runs on Actions on GitHub.com. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1475 ">#1475</a>
<ul>
<li>This change addresses customer reports of code scanning alerts on
GitHub.com being closed and reopened during the rollout of new versions
of CodeQL in the GitHub Actions <a
href="https://github.com/actions/runner-images ">runner images</a>.</li>
<li><strong>No change is required for the majority of
workflows</strong>, including:
<ul>
<li>Workflows on GitHub.com hosted runners using the latest version
(<code>v2</code>) of the CodeQL Action.</li>
<li>Workflows on GitHub.com hosted runners that are pinned to specific
versions of the CodeQL Action from <code>v2.2.0</code> onwards.</li>
<li>Workflows on GitHub Enterprise Server.</li>
</ul>
</li>
<li><strong>A change may be required</strong> for workflows on
GitHub.com hosted runners that are pinned to specific versions of the
CodeQL Action before <code>v2.2.0</code> (e.g. <code>v2.1.32</code>):
<ul>
<li>Previously, these workflows would obtain the latest version of
CodeQL from the Actions runner image.</li>
<li>Now, these workflows will download an older, compatible version of
CodeQL from GitHub Releases. To use this older version, no change is
required. To use the newest version of CodeQL, please update your
workflows to reference the latest version of the CodeQL Action
(<code>v2</code>).</li>
</ul>
</li>
<li><strong>Internal changes</strong>
<ul>
<li>These changes will not affect the majority of code scanning
workflows. Continue reading only if your workflow uses <a
href="https://github.com/actions/toolkit/tree/main/packages/tool-cache "><code>@actions/tool-cache</code></a>
or relies on the precise location of CodeQL within the Actions tool
cache.</li>
<li>The tool cache now contains <strong>two</strong> recent CodeQL
versions (previously <strong>one</strong>).</li>
<li>Each CodeQL version is located under a directory named after the
release date and version number, e.g. CodeQL 2.11.6 is now located under
<code>CodeQL/2.11.6-20221211/x64/codeql</code> (previously
<code>CodeQL/0.0.0-20221211/x64/codeql</code>).</li>
</ul>
</li>
</ul>
</li>
<li>The maximum number of <a
href="https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#run-object ">SARIF
runs</a> per file has been increased from 15 to 20 for users uploading
SARIF files to GitHub.com. This change will help ensure that Code
Scanning can process SARIF files generated by third-party tools that
have many runs. See the <a
href="https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data ">GitHub
API documentation</a> for a list of all the limits around uploading
SARIF. This change will be released to GitHub Enterprise Server as part
of GHES 3.9.</li>
<li>Update default CodeQL bundle version to 2.12.1. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1498 ">#1498</a></li>
<li>Fix a bug that forced the <code>init</code> Action to run for at
least two minutes on JavaScript. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1494 ">#1494</a></li>
</ul>
<h2>2.1.39 - 18 Jan 2023</h2>
<ul>
<li>CodeQL Action v1 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v2. For more information, see <a
href="https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/ ">this
changelog post</a>. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1466 ">#1467</a></li>
<li>Python automatic dependency installation will no longer fail for
projects using Poetry that specify <code>virtualenvs.options.no-pip =
true</code> in their <code>poetry.toml</code>. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1431 ">#1431</a></li>
<li>Avoid printing a stack trace and error message when the action fails
to find the SHA at the</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="32dc499307https://github-redirect.dependabot.com/github/codeql-action/issues/1547 ">#1547</a>
from github/update-v2.2.5-237a258d2</li>
<li><a
href="b742728ac2237a258d2bhttps://github-redirect.dependabot.com/github/codeql-action/issues/1543 ">#1543</a>
from github/alexet/update-2.12.3</li>
<li><a
href="5972e6d72e164027e6823dde1f3512https://github-redirect.dependabot.com/github/codeql-action/issues/1540 ">#1540</a>
from cklin/expect-discarded-cache</li>
<li><a
href="d7d7567b0e0e4e857bab08d1f21d4ff3bd25eefahttps://github-redirect.dependabot.com/github/codeql-action/issues/1544 ">#1544</a>
from github/aeisenberg/clean-cache</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/v2.1.21...32dc499307d133bb5085bae78498c0ac2cf762d5 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2023-03-01 11:39:55 -08:00
dependabot[bot]
17ecc388ec
Bump tfsec/tfsec-sarif-action from 0.1.3 to 0.1.4 ( #10219 )
...
Bumps
[tfsec/tfsec-sarif-action](https://github.com/tfsec/tfsec-sarif-action )
from 0.1.3 to 0.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tfsec/tfsec-sarif-action/releases ">tfsec/tfsec-sarif-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Replace deprecated <code>set-output</code> usage with environment
file <code>GITHUB_OUTPUT</code> by <a
href="https://github.com/sivapalan "><code>@sivapalan</code></a> in <a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/35 ">aquasecurity/tfsec-sarif-action#35</a></li>
<li>Fix conditional expression for setting <code>TFSEC_VERSION</code> by
<a href="https://github.com/sivapalan "><code>@sivapalan</code></a> in
<a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/36 ">aquasecurity/tfsec-sarif-action#36</a></li>
<li>Forcing wget to use IPv4 by <a
href="https://github.com/jasonjanderson "><code>@jasonjanderson</code></a>
in <a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/37 ">aquasecurity/tfsec-sarif-action#37</a></li>
<li>add git and hg to docker image by <a
href="https://github.com/bobcallaway "><code>@bobcallaway</code></a> in
<a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/33 ">aquasecurity/tfsec-sarif-action#33</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/jasonjanderson "><code>@jasonjanderson</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/37 ">aquasecurity/tfsec-sarif-action#37</a></li>
<li><a
href="https://github.com/bobcallaway "><code>@bobcallaway</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/33 ">aquasecurity/tfsec-sarif-action#33</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/aquasecurity/tfsec-sarif-action/compare/v0.1.3...v0.1.4 ">https://github.com/aquasecurity/tfsec-sarif-action/compare/v0.1.3...v0.1.4 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="21ded20e8chttps://github-redirect.dependabot.com/tfsec/tfsec-sarif-action/issues/33 ">#33</a>)</li>
<li><a
href="8019886f8dhttps://github-redirect.dependabot.com/tfsec/tfsec-sarif-action/issues/37 ">#37</a>)</li>
<li><a
href="83567846f0https://github-redirect.dependabot.com/tfsec/tfsec-sarif-action/issues/36 ">#36</a>)</li>
<li><a
href="9d5437db455d34a982aa...21ded20e8chttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tfsec/tfsec-sarif-action&package-manager=github_actions&previous-version=0.1.3&new-version=0.1.4 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 11:37:49 -08:00
dependabot[bot]
74a86ff0ab
Bump dawidd6/action-download-artifact from 2.23.0 to 2.26.0 ( #10218 )
...
Bumps
[dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact )
from 2.23.0 to 2.26.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5e780fc7bbhttps://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/227 ">#227</a>)</li>
<li><a
href="b59d8c6a6chttps://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/225 ">#225</a>)</li>
<li><a
href="5004d5476ehttps://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/219 ">#219</a>
from dawidd6/dependabot-npm_and_yarn-actions-artifact...</li>
<li><a
href="b1a9c91d1fbd10f381a9https://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/218 ">#218</a>
from dawidd6/dependabot-npm_and_yarn-adm-zip-0.5.10</li>
<li><a
href="61a654a8cedcadc4bd45https://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/211 ">#211</a>
from koplo199/master</li>
<li><a
href="ceeb280c4f806bb52fe0e6e25ac3a2https://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/209 ">#209</a>
from dawidd6/v2</li>
<li>Additional commits viewable in <a
href="7847792dd4...5e780fc7bbhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dawidd6/action-download-artifact&package-manager=github_actions&previous-version=2.23.0&new-version=2.26.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2023-03-01 11:32:47 -08:00
StepSecurity Bot
2154c13865
Pin actions to commit SHA ( #10204 )
...
## Summary
This pull request is created by [Secure
Repo](https://app.stepsecurity.io/securerepo ) at the request of @zwass.
Please merge the Pull Request to incorporate the requested changes.
Please tag @zwass on your message if you have any questions related to
the PR. You can also engage with the
[StepSecurity](https://github.com/step-security ) team by tagging
@step-security-bot.
## Security Fixes
### Pinned Dependencies
GitHub Action tags and Docker tags are mutable. This poses a security
risk. GitHub's Security Hardening guide recommends pinning actions to
full length commit.
- [GitHub Security
Guide](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions )
- [The Open Source Security Foundation (OpenSSF) Security
Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies )
## Feedback
For bug reports, feature requests, and general feedback; please create
an issue in
[step-security/secure-repo](https://github.com/step-security/secure-repo ).
To create such PRs, please visit https://app.stepsecurity.io/securerepo .
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2023-02-28 17:55:38 -08:00
Zach Wasserman
64cd97fc83
Remove debug on failure from integration test action ( #10202 )
...
This would cause the job to take much longer to report a failure.
Instead, just add this line if debugging is necessary.
2023-02-28 17:23:52 -08:00
dependabot[bot]
0ef74017ea
Bump docker/login-action from 2.0.0 to 2.1.0 ( #10182 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from
2.0.0 to 2.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases ">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Ensure AWS temp credentials are redacted in workflow logs by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/login-action/issues/275 ">#275</a>)</li>
<li>Bump <code>@actions/core</code> from 1.6.0 to 1.10.0 (<a
href="https://github-redirect.dependabot.com/docker/login-action/issues/252 ">#252</a>
<a
href="https://github-redirect.dependabot.com/docker/login-action/issues/292 ">#292</a>)</li>
<li>Bump <code>@aws-sdk/client-ecr</code> from 3.53.0 to 3.186.0 (<a
href="https://github-redirect.dependabot.com/docker/login-action/issues/298 ">#298</a>)</li>
<li>Bump <code>@aws-sdk/client-ecr-public</code> from 3.53.0 to 3.186.0
(<a
href="https://github-redirect.dependabot.com/docker/login-action/issues/299 ">#299</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v2.0.0...v2.1.0 ">https://github.com/docker/login-action/compare/v2.0.0...v2.1.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f4ef78c080https://github-redirect.dependabot.com/docker/login-action/issues/299 ">#299</a>
from docker/dependabot/npm_and_yarn/aws-sdk/client-ec...</li>
<li><a
href="9ad4ce3929884eadd4f8a266232f5chttps://github-redirect.dependabot.com/docker/login-action/issues/298 ">#298</a>
from docker/dependabot/npm_and_yarn/aws-sdk/client-ec...</li>
<li><a
href="f97efcfbf95ae789beac71c23b5b34https://github-redirect.dependabot.com/docker/login-action/issues/292 ">#292</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.0</li>
<li><a
href="6401d70aab67e8909cc621f251affchttps://github-redirect.dependabot.com/docker/login-action/issues/275 ">#275</a>
from crazy-max/redact-aws-creds</li>
<li>Additional commits viewable in <a
href="49ed152c8e...f4ef78c080https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=2.0.0&new-version=2.1.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2023-02-28 17:19:37 -08:00
dependabot[bot]
56b26753a5
Bump ossf/scorecard-action from 1.1.2 to 2.1.2 ( #10180 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action )
from 1.1.2 to 2.1.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ossf/scorecard-action/releases ">ossf/scorecard-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.2</h2>
<h2>What's Changed</h2>
<h3>Fixes</h3>
<ul>
<li>🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf
statement. by <a
href="https://github.com/spencerschrock "><code>@spencerschrock</code></a>
in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054 ">ossf/scorecard-action#1054</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 ">https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 </a></p>
<h2>v2.1.1</h2>
<h2>Scorecard version</h2>
<p>This release use <a
href="https://github.com/ossf/scorecard/releases/tag/v4.10.1 ">Scorecard's
v4.10.1</a></p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 ">https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 </a></p>
<h2>v2.1.0</h2>
<h2>What's Changed</h2>
<h3>Scorecard version</h3>
<p>This release uses <a
href="https://github.com/ossf/scorecard/releases/tag/v4.10.0 ">scorecard
v4.10.0</a>.</p>
<h3>Improvements</h3>
<ul>
<li>Docker build workflow by <a
href="https://github.com/naveensrinivasan "><code>@naveensrinivasan</code></a>
in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/981 ">ossf/scorecard-action#981</a></li>
<li>Use root user in distroless to support GitHub Actions by <a
href="https://github.com/spencerschrock "><code>@spencerschrock</code></a>
in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/994 ">ossf/scorecard-action#994</a></li>
<li>Disable pull_request_target by <a
href="https://github.com/laurentsimon "><code>@laurentsimon</code></a>
in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1031 ">ossf/scorecard-action#1031</a></li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Add PAT section explaining risks by <a
href="https://github.com/olivekl "><code>@olivekl</code></a> in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1024 ">ossf/scorecard-action#1024</a></li>
<li>Make the badge text easier to copy by <a
href="https://github.com/rajbos "><code>@rajbos</code></a> in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1026 ">ossf/scorecard-action#1026</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/joycebrum "><code>@joycebrum</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/984 ">ossf/scorecard-action#984</a></li>
<li><a href="https://github.com/rajbos "><code>@rajbos</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1026 ">ossf/scorecard-action#1026</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.0.6...v2.1.0 ">https://github.com/ossf/scorecard-action/compare/v2.0.6...v2.1.0 </a></p>
<h2>v2.0.6</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix - Broken dockerfile by <a
href="https://github.com/naveensrinivasan "><code>@naveensrinivasan</code></a>
in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/979 ">ossf/scorecard-action#979</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.0.5...v2.0.6 ">https://github.com/ossf/scorecard-action/compare/v2.0.5...v2.0.6 </a></p>
<h2>v2.0.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Remove trailing space from example by <a
href="https://github.com/jamacku "><code>@jamacku</code></a> in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/955 ">ossf/scorecard-action#955</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e38b1902aehttps://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055 ">#1055</a>)</li>
<li><a
href="7da02bf0d5https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054 ">#1054</a>)</li>
<li><a
href="013c0f8bd2🌱 Bump actions/dependency-review-action from 3.0.1 to
3.0.2</li>
<li><a
href="f93c094f4a🌱 Bump github/codeql-action from 2.1.36 to 2.1.37</li>
<li><a
href="ce8978e058🌱 Bump actions/upload-artifact from 3.1.0 to 3.1.1</li>
<li><a
href="5ce49db1aa🌱 Bump actions/setup-go from 3.4.0 to 3.5.0</li>
<li><a
href="15c10fcf1chttps://github-redirect.dependabot.com/ossf/scorecard-action/issues/1047 ">#1047</a>)</li>
<li><a
href="f96da1a128🌱 Update scorecard for the panic (<a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1045 ">#1045</a>)</li>
<li><a
href="813a825152https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1044 ">#1044</a>)</li>
<li><a
href="be62ea89c1https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1042 ">#1042</a>)</li>
<li>Additional commits viewable in <a
href="ce330fde6b...e38b1902aehttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=1.1.2&new-version=2.1.2 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 17:17:15 -08:00
Luke Heath
ac3541659d
Remove e2e tests from github test workflow ( #10176 )
2023-02-28 14:07:03 -06:00
Zach Wasserman
dfba1d2511
Update codecov action ( #10124 )
2023-02-28 09:42:49 -08:00
Zach Wasserman
e971f4510b
Remove contents:write from build-orbit action ( #10156 )
...
This is no longer needed since we use the upload action rather than
draft GitHub release.
2023-02-27 19:51:43 -08:00
dependabot[bot]
c7672db1f9
Bump goreleaser/goreleaser-action from 3.0.0 to 4.2.0 ( #9558 )
...
Bumps
[goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action )
from 3.0.0 to 4.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/goreleaser/goreleaser-action/releases ">goreleaser/goreleaser-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: don't depend on the GitHub API to check release by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/391 ">goreleaser/goreleaser-action#391</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4.1.1...v4.2.0 ">https://github.com/goreleaser/goreleaser-action/compare/v4.1.1...v4.2.0 </a></p>
<h2>v4.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update Readme to reference
<code>goreleaser/goreleaser-action@v4</code> by <a
href="https://github.com/felladrin "><code>@felladrin</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/384 ">goreleaser/goreleaser-action#384</a></li>
<li>docs: fix README badge by <a
href="https://github.com/dirien "><code>@dirien</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/386 ">goreleaser/goreleaser-action#386</a></li>
<li>chore(deps): bump json5 from 2.2.0 to 2.2.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/388 ">goreleaser/goreleaser-action#388</a></li>
<li>fix: use <code>@action/github</code> by <a
href="https://github.com/caarlos0 "><code>@caarlos0</code></a> and <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/390 ">goreleaser/goreleaser-action#390</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/felladrin "><code>@felladrin</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/384 ">goreleaser/goreleaser-action#384</a></li>
<li><a href="https://github.com/dirien "><code>@dirien</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/386 ">goreleaser/goreleaser-action#386</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4.1.0...v4.1.1 ">https://github.com/goreleaser/goreleaser-action/compare/v4.1.0...v4.1.1 </a></p>
<h2>v4.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat!: remove auto-snapshot on dirty tag by <a
href="https://github.com/caarlos0 "><code>@caarlos0</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/382 ">goreleaser/goreleaser-action#382</a></li>
<li>docs: add example when using workdir along with upload-artifact by
<a href="https://github.com/zdtsw "><code>@zdtsw</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/366 ">goreleaser/goreleaser-action#366</a></li>
<li>Fix Self-Hosted Windows Error: Expand-Archive by <a
href="https://github.com/flarco "><code>@flarco</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/379 ">goreleaser/goreleaser-action#379</a></li>
<li>chore(deps): bump minimatch from 3.0.4 to 3.1.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/383 ">goreleaser/goreleaser-action#383</a></li>
</ul>
<h2>Migrating from v3</h2>
<p>If you need the auto-snapshot feature, take a look at <a
href="https://github.com/caarlos0/goreleaser-action-v4-auto-snapshot-example ">this
example repository</a>: it's a minimal working example with all you
need.</p>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/zdtsw "><code>@zdtsw</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/366 ">goreleaser/goreleaser-action#366</a></li>
<li><a href="https://github.com/flarco "><code>@flarco</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/379 ">goreleaser/goreleaser-action#379</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4...v4.1.0 ">https://github.com/goreleaser/goreleaser-action/compare/v4...v4.1.0 </a></p>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: do not override GORELEASER_CURRENT_TAG by <a
href="https://github.com/caarlos0 "><code>@caarlos0</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/370 ">goreleaser/goreleaser-action#370</a></li>
</ul>
<h2>Migrating from v3</h2>
<p>If you need the auto-snapshot feature, take a look at <a
href="https://github.com/caarlos0/goreleaser-action-v4-auto-snapshot-example ">this
example repository</a>: it's a minimal working example with all you
need.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v3...v4.0.0 ">https://github.com/goreleaser/goreleaser-action/compare/v3...v4.0.0 </a></p>
<h2>v3.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore: remove workaround for <code>setOutput</code> by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/374 ">#374</a>)</li>
<li>chore(deps): bump <code>@actions/core</code> from 1.9.1 to 1.10.0
(<a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/372 ">#372</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f82d6c1c34https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/391 ">#391</a>)</li>
<li><a
href="9754a253a8https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/390 ">#390</a>)</li>
<li><a
href="b1a238106bb1ffc5d990https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/388 ">#388</a>)</li>
<li><a
href="256e4b8b28a7c543ca7ahttps://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/386 ">#386</a>)</li>
<li><a
href="13f1e21a50https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/384 ">#384</a>)</li>
<li><a
href="8f67e590f278df308971https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/383 ">#383</a>)</li>
<li><a
href="66134d94a768acf3b1ad...f82d6c1c34https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=goreleaser/goreleaser-action&package-manager=github_actions&previous-version=3.0.0&new-version=4.2.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 18:22:01 -08:00
dependabot[bot]
673a4465cc
Bump stefanprodan/helm-gh-pages from 1.5.0 to 1.7.0 ( #8804 )
...
Bumps
[stefanprodan/helm-gh-pages](https://github.com/stefanprodan/helm-gh-pages )
from 1.5.0 to 1.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stefanprodan/helm-gh-pages/releases ">stefanprodan/helm-gh-pages's
releases</a>.</em></p>
<blockquote>
<h2>v1.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Allow private helm repo auth in dependencies by <a
href="https://github.com/zzorica "><code>@zzorica</code></a> in <a
href="https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/pull/35 ">stefanprodan/helm-gh-pages#35</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/zzorica "><code>@zzorica</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/pull/35 ">stefanprodan/helm-gh-pages#35</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/stefanprodan/helm-gh-pages/compare/v1.6.0...v1.7.0 ">https://github.com/stefanprodan/helm-gh-pages/compare/v1.6.0...v1.7.0 </a></p>
<h2>v1.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add support for alias:<!-- raw HTML omitted --> in dependencies
check by <a
href="https://github.com/paulcarlton-ww "><code>@paulcarlton-ww</code></a>
in <a
href="https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/pull/32 ">stefanprodan/helm-gh-pages#32</a></li>
<li>Update Helm to v3.10.0 by <a
href="https://github.com/stefanprodan "><code>@stefanprodan</code></a>
in <a
href="https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/pull/33 ">stefanprodan/helm-gh-pages#33</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/stefanprodan/helm-gh-pages/compare/v1.5.0...v1.6.0 ">https://github.com/stefanprodan/helm-gh-pages/compare/v1.5.0...v1.6.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0ad2bb3773https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/issues/35 ">#35</a>
from zzorica/allow-private-helm-repo-auth-in-dependencies</li>
<li><a
href="86e9903900a5c9252781https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/issues/33 ">#33</a>
from stefanprodan/helm-3.10.0</li>
<li><a
href="844812954cb97c7e37c5https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/issues/32 ">#32</a>
from paulcarlton-ww/debug</li>
<li><a
href="84568715a3aa53926042a77eeb9630ce5cd1646e13eb32b03bb43a8719cc...0ad2bb3773https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stefanprodan/helm-gh-pages&package-manager=github_actions&previous-version=1.5.0&new-version=1.7.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 18:17:32 -08:00
dependabot[bot]
527cb0a622
Bump aws-actions/amazon-ecr-login from 1.5.0 to 1.5.3 ( #8507 )
...
Bumps
[aws-actions/amazon-ecr-login](https://github.com/aws-actions/amazon-ecr-login )
from 1.5.0 to 1.5.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/amazon-ecr-login/releases ">aws-actions/amazon-ecr-login's
releases</a>.</em></p>
<blockquote>
<h2>v1.5.3</h2>
<p>See the <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/HEAD/CHANGELOG.md ">changelog</a>
for details about the changes included in this release.</p>
<h2>v1.5.2</h2>
<p>See the <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/HEAD/CHANGELOG.md ">changelog</a>
for details about the changes included in this release.</p>
<h2>v1.5.1</h2>
<p>See the <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/HEAD/CHANGELOG.md ">changelog</a>
for details about the changes included in this release.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/main/CHANGELOG.md ">aws-actions/amazon-ecr-login's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file.
See <a
href="https://github.com/conventional-changelog/standard-version ">standard-version</a>
for commit guidelines.</p>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.2...v1.5.3 ">1.5.3</a>
(2022-10-29)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.1...v1.5.2 ">1.5.2</a>
(2022-10-18)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.0...v1.5.1 ">1.5.1</a>
(2022-08-04)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>reverted change that masked Docker credentials (<a
href="7d073b66cchttps://github.com/aws-actions/amazon-ecr-login/compare/v1.4.0...v1.5.0 ">1.5.0</a>
(2022-06-27)</h2>
<h3>Features</h3>
<ul>
<li>added ECR Public Registry support (<a
href="b4f084e928https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.3...v1.4.0 ">1.4.0</a>
(2022-05-20)</h2>
<h3>Features</h3>
<ul>
<li>output docker credentials after login (<a
href="57206dc28cd121236bfd45a78e2dabhttps://github.com/aws-actions/amazon-ecr-login/compare/v1.3.2...v1.3.3 ">1.3.3</a>
(2021-02-15)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.1...v1.3.2 ">1.3.2</a>
(2021-02-01)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.0...v1.3.1 ">1.3.1</a>
(2020-11-24)</h3>
<h2><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.2.2...v1.3.0 ">1.3.0</a>
(2020-10-29)</h2>
<h3>Features</h3>
<ul>
<li>optional skipping of docker registries logout in post step (<a
href="https://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/78 ">#78</a>)
(<a
href="dd3fdeeb95https://github.com/aws-actions/amazon-ecr-login/compare/v1.2.1...v1.2.2 ">1.2.2</a>
(2020-10-05)</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="261a7de32b3e4df454b5https://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/330 ">#330</a>
from aws-actions/docs</li>
<li><a
href="c77259b767383620b24dhttps://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/352 ">#352</a>
from aws-actions/dependabot/npm_and_yarn/actions/core...</li>
<li><a
href="8ccaf47755eb9a709a70ba4f9ee500https://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/355 ">#355</a>
from aws-actions/dependabot/npm_and_yarn/eslint-8.25.0</li>
<li><a
href="a1ac76b296c21dbea0d3https://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/356 ">#356</a>
from aws-actions/dependabot/npm_and_yarn/aws-sdk-2.12...</li>
<li><a
href="e70c985d14https://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/354 ">#354</a>
from gotoeveryone/chore/update-runtime-to-node16</li>
<li>Additional commits viewable in <a
href="b874a33292...261a7de32bhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aws-actions/amazon-ecr-login&package-manager=github_actions&previous-version=1.5.0&new-version=1.5.3 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 18:15:16 -08:00
Luke Heath
71f2a62b4c
Prepare for 4.28.0 ( #10103 )
2023-02-27 15:19:15 -08:00
Zach Wasserman
2a7b7100dd
Update Orbit to use CGO on Linux ( #9846 )
2023-02-21 18:49:13 -08:00
Lucas Manuel Rodriguez
2e199dcdab
Fix golangci-lint issue and run Github action on all OSs ( #9944 )
...
We have code that builds conditionally depending on the platform (mostly
Orbit code) so we should run `golangci-lint` checks on all OSs.
This adds it to run on macOS, for Windows see:
https://github.com/fleetdm/fleet/issues/9943
2023-02-21 14:30:45 -03:00
Luke Heath
bc2c6e59f5
Update node-sass frontend dependency ( #9954 )
...
Due to the update in https://github.com/fleetdm/fleet/pull/9950 we need
to update our version of `node-sass` to support Node 19.
2023-02-20 14:23:19 -06:00
Zach Wasserman
4669d8c474
Generate Nudge targets in CI ( #9845 )
...
Tooling to generate targets in CI for #9798 .
---------
Co-authored-by: Roberto Dip <me@roperzh.com>
2023-02-20 09:23:56 -08:00
Luke Heath
13e821d059
Prepare for 4.27.1 ( #9885 )
2023-02-17 19:19:02 -08:00
Zach Wasserman
991858d6d5
Pull go version from GitHub variables for Fleet release builds ( #9883 )
2023-02-16 11:52:09 -06:00
Lucas Manuel Rodriguez
d4a1b4d218
Add CIS checks for 2.9.X and add pmset table to fleetd ( #9470 )
...
#9253
- ~[ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.~
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- [X] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [X] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
---------
Co-authored-by: Sharon Katz <121527325+sharon-fdm@users.noreply.github.com>
2023-02-08 13:08:17 -03:00
Luke Heath
b3daf3d715
Prepare for 4.27.0 ( #9683 )
2023-02-03 17:03:06 -08:00
Zach Wasserman
7299879365
Generate targets for osqueryd 5.7.0 ( #9115 )
...
5.7.0 is now released.
2023-01-30 17:29:19 -08:00
Eric
4fd1efe98a
Website: Add API to send signed CSR emails ( #8408 )
...
This pull request relies on the `mdm-gen-cert` command from
https://github.com/fleetdm/fleet/pull/8884 .
Closes: https://github.com/fleetdm/fleet/issues/8223
Changes:
- Updated the deploy Fleet website workflow to:
- Add Go as a dependency
- Build the mdm-gen-cert binary in `/website/.tools/`
- add the `/.tools/` folder to the Heroku app
- Added `deliver-apple-csr.js` - an API that:
- can be called by making a `POST` request to
`/api/v1/deliver-apple-csr`
- accepts `csr` as an input
- runs the `mdm-gen-cert` command with the `csr` set as an environment
variable
- returns an `invalidEmailDomain` response if the user's email domain is
in the array of banned email domains.
- saves the users organization and email address to the website's
database
- Sends an email to the requesting user's email address with the signed
CSR attached as a text file named `apple-apns-request.txt`
- Posts a message to a channel in the Fleet Slack.
- Added a new model: `CertificateSigningRequests` that contains two
required attributes: `emailAddress` and `organization`
- Added a new email template `email-signed-csr-for-apns`
- Updated routes, policies, eslintrc, and rebuilt cloud-sdk
Before this can be merged, we will need to:
- [x] Add new config variables in Heroku
- [x] `sails.config.custom.mdmVendorCertPem`
- [x] `sails.config.custom.mdmVendorKeyPem`
- [x] `sails.config.custom.mdmVendorKeyPassphrase`
- [x] `sails.config.custom.slackWebhookUrlForMDMSignups`
- [x] Add the `CertificateSigningRequests` model to the website's
database
2023-01-19 14:43:14 -06:00
Luke Heath
b6a6ac454f
Prepare for 4.26.0 ( #9326 )
2023-01-13 16:26:22 -08:00
Eric
47d43d5307
Website: fix failing GitHub workflows ( #9285 )
...
Changes:
- Updated the `build-static-content` script to use a GitHub API token
for requests if one is provided e.g., `sails run build-static-content
--githubAccessToken="foo"`
- Updated the `build-for-prod` npm script to run the
`build-static-content` script with a variable named `BUILD_SCRIPT_ARGS`.
- Updated the "Deploy Fleet website" and "Test Fleet website" workflows
to run the `build-for-prod` script with a GitHub API token
. .
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-01-11 13:31:20 -06:00
Lucas Manuel Rodriguez
ac22aadc13
Fleet server and tooling to use NETWORK_TEST_GITHUB_TOKEN when environment variable is set. ( #9143 )
...
* WIP
* Add more logging
* Check rate limit at end of action
* Add github client in more places
* Add new published firefox 93 vulnerabilities to tests
* Remove fmt printfs
* Restore CI check settings
* Readd newline
2023-01-03 14:56:11 -03:00
Zach Wasserman
33c0cb990d
Test larger runner for E2E test action ( #9066 )
2022-12-23 09:37:03 -08:00
Luke Heath
54e8b3e250
Prepare for 4.25.0 ( #9113 )
2022-12-22 15:13:24 -08:00
Zach Wasserman
e941adfaaa
Use ubuntu-20.04 runner for Fleet build ( #9114 )
...
A customer had a seccomp profile that seemed to be incompatible with the
changes in glibc in ubuntu-22.04. Setting the builder back to 20.04
explicitly to resolve this issue.
2022-12-22 14:48:41 -08:00
Eric
98c2ef98f7
Update test-website.yml ( #9042 )
2022-12-21 10:29:56 -06:00
Marcos Oviedo
605ae861c9
Windows installer now ensures that legacy osquery installations gets removed during clean install ( #9048 )
...
This relates to #8891 .
This PR introduces Wix custom actions usage.
2022-12-19 16:06:44 -08:00
Tomas Touceda
45e0a14700
Add quay push ( #8967 )
...
* Add quay push to the snapshot pusher to start
* Tags need to be just the tag part in this one
* Put the tag in a variable
* Fix typos
* Switch up how we define registry to see if it finds the image like this
* Add quay push everywhere else
2022-12-12 14:15:06 -03:00
Tomas Touceda
71dbb71df4
Update go to 1.19.4 ( #8945 )
...
* Update go to 1.19.4
* Comment out failing package test
* Comment out ALL the packaging tests for windows for the moment
* Update go to 1.19.4
* Comment out failing package test
* Comment out ALL the packaging tests for windows for the moment
* Update changelog
* Bump versions
* Update changelog to reflect this being a security release
2022-12-09 11:47:17 -03:00
Robert Fairburn
41feacad4d
Fix confusion with tags on dogfood deploy workflow ( #8964 )
...
* Fix confusion with tags on dogfood deploy workflow
* Update .github/workflows/dogfood-deploy.yml
Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com>
Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com>
2022-12-08 12:11:33 -06:00
Michal Nicpon
10b3179b63
Add fleetctl generate mdm-apple ( #8812 )
2022-12-07 18:24:42 +01:00
Roberto Dip
743ac46a09
disable fleetctl preview tests on macos ( #8911 )
2022-12-02 11:29:38 -03:00
Marcos Oviedo
ff9206655a
Fixing UninstallString to properly include msiexec /x call ( #8857 )
...
* Fixing UninstallString to properly include msiexec /x call
2022-11-28 20:18:28 -03:00
Zach Wasserman
efbe4c0777
Update Go to 1.19.3 ( #8525 ) ( #8614 )
...
Co-authored-by: Tomas Touceda <chiiph@gmail.com>
2022-11-08 13:03:23 -03:00
Zach Wasserman
875df496b1
Generate targets for osqueryd 5.6.0 ( #8355 )
2022-11-07 15:15:52 -08:00
Zach Wasserman
1920e64b93
Update Desktop version to 1.3.1 ( #8397 )
2022-11-07 15:15:21 -08:00
Luke Heath
8fb57d365b
Remove cypress dashboard ( #8518 )
2022-11-01 10:32:30 -05:00
Roberto Dip
e5f38f0015
fix integration.yml CI workflow by setting a Go version ( #8516 )
...
We don't have a `matrix.go-version` defined, so the task was using
`go1.17.13` as the default.
This explicitly sets the version to `go1.19.1`, I didn't use a `matrix`
definition because at least for now, we only want to run this test using a
single Go version.
Since I was there, I also updated test-native-tooling-packaging.yml to
use `go1.19.1` too.
2022-11-01 09:34:52 -03:00
Eric
a5ba469e41
update build-storybook step ( #8503 )
2022-10-31 14:02:29 -05:00
Guillaume Ross
75a9419412
8241 trivy ignore file action ( #8345 )
...
* Create .trivyignore
Adding original trivy ignore file. Working to resolve/document more of the findings, especially around go.mod. Will add a github action as well.
* Adding default trivy scan for testing
* Update trivy_scan.yml
Making it manual + daily for now
* Update trivy_scan.yml
updating name
* Renamed + configured Trivy scan
2022-10-31 10:50:29 -04:00
Eric
149a908b82
move build-storybook step ( #8492 )
2022-10-31 09:19:20 -05:00
Roberto Dip
96014148a8
run apt update before installing packages in golangci-lint ( #8487 )
2022-10-31 09:43:26 -03:00
Eric
c6698e242f
Website: Add storybook to Fleet website ( #8203 )
...
* Add build storybook to deploy website workflow
* add assets/storybook folder to .gitignore & .eslintIgnore
* Revert changes to website/.gitignore
* revert whitespace change
* Update deploy-fleet-website.yml
2022-10-28 19:48:14 -05:00
Marcos Oviedo
131cc7eeec
Orbit MSI installer now includes the necessary manifest file to use windows_event_log as a logger_plugin. ( #8343 )
...
* Orbit MSI installer now includes the necessary manifest file to use windows_event_log as a logger_plugin
2022-10-27 10:19:30 -03:00
Marcos Oviedo
8b77939494
Fixed an Orbit MSI installer bug that caused Orbit files not to be removed during uninstallation ( #8333 )
2022-10-25 09:00:37 -03:00
Michal Nicpon
56f3cb62ef
add concurrency to ci ( #8271 )
...
* add concurrency to ci
* add readme for workflows
2022-10-24 14:01:00 -06:00
Lucas Manuel Rodriguez
2bb7661b91
Update Fleet Desktop version to 1.3.0 ( #8202 )
2022-10-21 09:58:03 -07:00
Marcos Oviedo
ec3f49881f
8009 fleet desktop icon duplication ( #8017 )
...
* Adding a new synchronization mechanism between fleet-desktop app and Orbit service. Improved windows service teardown to ensure that fleet-desktop does not get force killed without getting signaled. Improved windows process enumeration to avoid unnecessary delays during windows service start and windows service teardown. Updating windows service to reflect service teardown extra time due to synchronization.
2022-10-13 10:58:37 -03:00
Lucas Manuel Rodriguez
bec3824ddb
Update mk-ca-bundle.pl tool in repository ( #8184 )
...
* Update mk-ca-bundle.pl in repository
* Update certs.pem with new version of mk-ca-bundle.pl
* Add extra check against curl.se site
2022-10-12 12:01:18 -03:00
Roberto Dip
174f894b53
fix migration order check by only checking additions ( #8172 )
...
this modifies the migration order CI check to only check for added files
by:
1. Escaping the blob we give to git, so bash doesn't perform expansion,
this lets git handle the blob matching, which for reasons I don't
fully understand allows to find file renames.
2. Applying `--diff-filter=A`, which makes git only list file additions.
2022-10-11 16:31:40 -03:00
Roberto Dip
2bb4ec2e6d
add script to check for migration order ( #7803 )
...
Related to #6142 , this adds a CI check for the order of migrations.
As I noted in a comment on the workflow file, it's important to keep in mind that some migrations might still go unnoticed even with this check, example:
1. PR1 adds a migration, CI check pass
2. PR2 adds a migration, CI pass, gets merged
3. PR1 can still be merged because the CI checks aren't run again
The check will fail in `main` however, so if we find the current script to be reliable, we could setup a Slack ping or something similar, to make sure somebody takes a look
2022-10-11 15:36:15 -03:00
dependabot[bot]
35ae71502f
Bump actions/setup-go from 3.2.1 to 3.3.0 ( #7470 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.2.1 to 3.3.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](84cbf80943...268d8c0ca0
2022-10-10 18:55:13 -03:00
Michal Nicpon
9056b22874
set default shell in workflows ( #8108 )
...
* wait for mysql in workflows
2022-10-07 09:43:56 -06:00
Lucas Manuel Rodriguez
127d18642d
Run TUF CI checks on ubuntu-latest ( #8088 )
...
* Run TUF CI checks on ubuntu-latest
* Add itself to path
2022-10-05 19:59:11 -03:00
Martin Angers
ec75fb10b2
Fix CI tests for Go ( #8079 )
2022-10-04 15:48:14 -04:00
Eric
fba863f1e1
Update test-website.yml ( #8076 )
2022-10-04 12:52:00 -05:00
Zach Wasserman
44dc5ab175
Add handling for Apple Team ID in Notarization ( #7991 )
...
Fleet's Notarization workflows no longer work without this argument, so this is added as an optional argument for Notarization.
2022-10-04 09:48:21 -07:00
Guillaume Ross
e48fbad3ac
Adding the schema path to the fleet website deployment workflow ( #8063 )
2022-10-03 12:20:30 -04:00
Zachary Winnerman
7e69a34f51
Make the github action fail if used on the main branch ( #7967 )
2022-09-29 17:30:47 +00:00
Martin Angers
7356378d0f
Update hashicorp/aws provider version for loadtesting and add CI validation ( #7937 )
...
* Update hashicorp/aws provider version for loadtesting and add CI validation
* Update name of the new workflow
2022-09-28 09:38:56 -05:00
Zach Wasserman
a106e1af83
Update Fleet Desktop version ( #7961 )
2022-09-27 19:22:40 -07:00
Zach Wasserman
855cca9368
Update notarization to use notarytool ( #7962 )
...
Updating from github.com/mitchellh/gon (old API) to the newer xcrun notarytool.
See https://github.com/fleetdm/fleet/actions/runs/3132173324/jobs/5084249006 for example run.
2022-09-27 08:25:42 -07:00
Marcos Oviedo
381f628be7
Bug 7874: Adding SCM calls to register Orbit as a windows service ( #7934 )
...
* Bug 7874: Adding SCM calls to register Orbit as a windows service
2022-09-27 11:52:41 -03:00
Martin Angers
84903deffb
Remove gotestfmt formatting on CI ( #7939 )
2022-09-26 11:37:21 -04:00
Gabriel Hernandez
fca5ad3158
add edit agent options activity text ( #7695 )
2022-09-23 12:05:07 -04:00
Luke Heath
a6dd4c3d0c
Add Cypress dashboard to CI ( #7899 )
2022-09-22 13:52:22 -05:00
Lucas Manuel Rodriguez
1a6380d590
Fix deprecated virtual runner and golangci-lint deprecated checkers ( #7716 )
2022-09-13 10:48:21 -03:00
Tomas Touceda
8457e55b53
Bump go to 1.19.1 ( #7690 )
...
* Bump go to 1.19.1
* Bump remaining go-version to the 1.19.1
* Add extra paths for test-go
* Oops, putting the right path in the right place
* gofmt file
* gofmt ALL THE THINGS
* Moar changes
* Actually, go.mod doesn't like minor versions
2022-09-12 20:32:43 -03:00
Roberto Dip
2397d744a2
fix conditional clauses to run workflows ( #7580 )
...
In https://github.com/fleetdm/fleet/pull/7399 we accidentally:
1. added a condition to `.github/workflows/fleet-and-orbit.yml` that always evaluates to `false` making this workflow always fail
2. modified the condition of `.github/workflows/fleetctl-preview-latest.yml`
This reverts those changes.
2022-09-06 10:20:45 -03:00
Roberto Dip
43785428fb
add workflow to test for uncommited schema changes ( #7467 )
...
This adds a new workflow to CI in order to test that the PR doesn't contain uncommited schema changes, which are the source of many merge conflicts and developer frustration.
2022-08-31 10:47:58 -03:00
dependabot[bot]
74839bc134
Bump dawidd6/action-download-artifact from 2.22.0 to 2.23.0 ( #7471 )
...
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact ) from 2.22.0 to 2.23.0.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases )
- [Commits](ea71f332a9...7847792dd4
2022-08-31 07:49:57 -03:00
dependabot[bot]
200ddfaaff
Bump actions/checkout from 2 to 3.0.2 ( #7301 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...2541b1294d2704b0964813337f33b291d3f8596b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-31 07:44:22 -03:00
