Joanne Stableford
7945c17a39
Update name for workflow ( #15203 )
...
Update name to "Apply latest configuration profiles and macOS updates"
Because it used to say update MDM (workflow is for more than MDM), and
keeps it in line with workstation group.
2023-11-20 12:37:42 -05:00
Lucas Manuel Rodriguez
809cc5e2d3
Bump Fleet Desktop version to v1.18.3 ( #15123 )
2023-11-14 07:07:55 -03:00
Sabrina Coy
b3f5c17796
Update smoke-tests.md ( #15004 )
...
Adding MDM-specific smoke tests to pre-release smoke testing.
2023-11-10 13:33:46 -06:00
Rachael Shaw
a0d5d55dfa
Standardize where to specify design changes in the bug report template ( #15027 )
...
Since a lot of bugs end up needing additional product design work, I
propose adding a (commented-out by default) section to this template to
standardize where to add design changes, once settled.
Reasoning: in estimation sessions, it can sometimes be hard to find this
information: sometimes it's in the comments, sometimes it's been added
to the description... either way, its not always obvious to spot. I
think it will help us move quicker if there's a consistent heading to
look for.
(Also, open to suggestions for other ways of wording that heading! This
is just the way I've been adding it to issue descriptions lately.)
2023-11-10 13:31:31 -06:00
Zach Wasserman
4dff885b16
Generate targets for osquery 5.10.2 ( #14828 )
2023-11-07 14:32:41 -03:00
Lucas Manuel Rodriguez
a8bf79193f
Update Fleet Desktop to 1.18.2 ( #14976 )
2023-11-07 14:32:20 -03:00
Martin Angers
eaf05fb75b
Update PR template regarding API documentation changes ( #14839 )
2023-11-07 08:17:01 -05:00
Luke Heath
91db043094
Use go variable to set version in workflows ( #14890 )
2023-11-03 09:42:27 -05:00
Rachael Shaw
1bda4751b5
Update labels for feature request template ( #14881 )
...
Re: https://fleetdm.slack.com/archives/C02A8BRABB5/p1698869746853609
2023-11-02 14:50:41 -05:00
Luke Heath
25307dfc7c
Remove daily schedule so it only gets triggered by security alerts ( #14871 )
2023-11-02 09:53:40 -05:00
Sharon Katz
ab7717009e
Add Kolide osquery tables
2023-11-01 20:11:35 -06:00
Robert Fairburn
7b31344988
Dogfood github actions and monitoring module fixes ( #14875 )
...
These items fix the github action for use with the updates to the
monitoring module.
Additionally there were some changes needed to the monitoring module to
make it behave inside the GH action.
Once this is approved/merged, the new tag for them monitoring module
will be created as `tf-mod-addon-monitoring-v1.1.1`
2023-11-01 16:34:13 -05:00
Martin Angers
0d3ba2534b
Fix checking for hosts FK when no migrations files were modified ( #14866 )
2023-11-01 14:41:43 -04:00
Tim Lee
203fdb51ba
Prevent hosts foreign key migrations ( #14290 )
2023-11-01 09:04:46 -06:00
Zach Wasserman
dbd84cc366
Generate targets for osquery 5.10.1 ( #14413 )
2023-10-31 10:20:20 -07:00
Victor Lyuboslavsky
c8be2beb37
Update pull_request_template.md (fixed rest-api.md path) ( #14572 )
2023-10-31 10:54:44 -05:00
Eric
2216132267
Update the deploy-fleet-website workflow ( #14756 )
...
Clsoes: https://github.com/fleetdm/fleet/issues/14162
Changes:
- Added two steps to the `deploy-fleet-website` workflow to prevent
errors when pushing to the Heroku git repo:
1. The first step runs a command to install the `heroku-repo` plugin in
the Heroku CLI.
2. The second step runs a command to reset the Heroku git repo for the
Fleet website. (This has no impact on the live Heroku app)
2023-10-26 17:24:56 -05:00
Noah Talerman
e6b809b043
Story issue template: deduplicate ( #14663 )
...
- Remove doc checkbox from "Engineering" section
2023-10-24 16:02:29 -04:00
dependabot[bot]
4aa1301550
Bump ossf/scorecard-action from 2.1.2 to 2.3.1 ( #14723 )
2023-10-24 14:25:02 -05:00
Noah Talerman
b72badccce
Update product DRIs and rituals ( #14690 )
...
- "Head of Product" => "Head of Product Design"
- #help-product => #help-product-design
- "Sprint kickoff review" is now one ritual that includes both MDM and
Endpoint ops teams
- "Pre-sprint prioritization" ritual is now one ritual that includes
both MDM and Endpoint ops teams
- Remove "Sprint release notes kickoff" ritual. Plan is to inform
#g-demand of new features asynchronously. Any discussion that needs to
happen live will happen at product office hours
- Remove "Report number of estimated stories (Endpoint ops))" and
"Report number of estimated stories (MDM)" rituals. One person (Head of
Product Design) is both reporting and tracking product KPIs
- Remove "Bug de-prioritization" ritual. Trying this instead: ~~CEO,~~
Head of Product Design, and Head of Product Development align on next
steps for which bugs to schedule into the next sprint and which can be
de-prioritized during the "Churned bug review" ritual. Less meetings.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-10-23 13:45:30 -05:00
Luke Heath
23d8087401
Publish on push to prepare and patch branches ( #14648 )
2023-10-23 11:41:41 -05:00
Roberto Dip
ad9e30f120
Update Go to v1.21.3 ( #14634 )
...
for #14633
2023-10-19 10:01:05 -03:00
dependabot[bot]
12c46af3b2
Bump fleetdm/fleet-mdm-gitops from 1.0.7 to 1.1.0 ( #14453 )
2023-10-11 13:52:31 -05:00
Luke Heath
43f6936bcd
Add dependabot configuration ( #14447 )
2023-10-11 12:56:23 -05:00
Roberto Dip
641856c1dc
trigger orbit build on version bump ( #14315 )
...
The
[goreleaser-orbit.yaml](https://github.com/fleetdm/fleet/actions/workflows/goreleaser-orbit.yaml )
workflow tends to timeout up to 9-10 times before successfully building
a macOS binary.
We have been using this workflow as a back-up, but it requires doing the
version bump and manually triggering the workflow, which can be error
prone.
This change follows the `workflows/generate-desktop-targets.yml` to
trigger the workflow when the workflow file itself is modified.
2023-10-05 09:52:10 -03:00
Roberto Dip
5a9c0af652
Bump Fleet Desktop version to 1.17.0 ( #14179 )
2023-09-29 10:02:08 -03:00
Roberto Dip
3bf6f18c16
bump Orbit version to 1.17.0 ( #14183 )
2023-09-29 10:01:46 -03:00
Isabell Reedy
01da7ca516
Update story template to be more explicit about doc changes ( #14146 )
2023-09-26 22:13:36 -05:00
Luke Heath
d809858f4e
Revert docker publish filtering on pull requests ( #14125 )
2023-09-26 12:02:50 -05:00
Luke Heath
1e1e28791f
Document milestone release ritual ( #13932 )
2023-09-25 14:35:36 -05:00
Isabell Reedy
a5936e58b3
Update feature request template - ask for core problem ( #14089 )
...
Slight shift in the template to focus more on the problems people are
facing. Helps us get to the root of issues without getting sidetracked
by suggested solutions.
---------
Co-authored-by: Mo Zhu <mo@fleetdm.com>
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-09-23 00:19:42 -05:00
Mo Zhu
d592a431d0
Issue template: User story: Always specify feature tier, rather than assume ( #14098 )
...
Feedback from team that it was not obvious that if you delete it, you
should assume it is free. Probably should not rely on that embedded
assumption going forward, esp. for new engineers.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-09-23 00:03:43 -05:00
Lucas Manuel Rodriguez
fe7d9f9f8b
Allow manual run of docker publish CI action ( #14051 )
...
I need this change to load test #13926 .
Due to recent changes we are not triggering a build on every
branch/commit pushed.
For load testing we need a way to trigger a build manually.
2023-09-21 15:14:43 -03:00
Luke Heath
72b3a6b7bb
Remove merge gatekeeper workflow ( #13989 )
2023-09-18 16:10:09 -05:00
Luke Heath
043976d250
Use GITHUB_TOKEN in merge gatekeeper ( #13980 )
2023-09-18 13:10:58 -05:00
Luke Heath
9debc2fd2c
Do not skip push commits on docker publish workflow ( #13960 )
...
Co-authored-by: Roberto Dip <me@roperzh.com>
2023-09-15 14:32:13 -05:00
Luke Heath
7815a7f695
Gatekeeper should ignore handbook and website PRs ( #13948 )
2023-09-15 09:57:28 -05:00
Luke Heath
798457d9aa
Do not run docker publish workflow on fork PRs ( #13918 )
2023-09-13 16:34:39 -05:00
Roberto Dip
ea6b59f179
upgrade Go version to 1.21.1 ( #13877 )
...
For #13715 , this:
- Upgrades the Go version to `1.21.1`, infrastructure changes are
addressed separately at https://github.com/fleetdm/fleet/pull/13878
- Upgrades the linter version, as the current version doesn't work well
after the Go upgrade
- Fixes new linting errors (we now get errors for memory aliasing in
loops! 🎉 )
After this is merged people will need to:
1. Update their Go version. I use `gvm` and I did it like:
```
$ gvm install go1.21.1
$ gvm use go1.21.1 --default
```
2. Update the local version of `golangci-lint`:
```
$ go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.54.2
```
3. (optional) depending on your setup, you might need to re-install some
packages, for example:
```
# goimports to automatically import libraries
$ go install golang.org/x/tools/cmd/goimports@latest
# gopls for the language server
$ go install golang.org/x/tools/gopls@latest
# etc...
```
2023-09-13 15:59:35 -03:00
Isabell Reedy
a03680d9a7
Add scalability testing check to issue template ( #13798 )
...
Scalability testing added.
Moved API changes from engineering to product.
2023-09-12 13:27:05 -05:00
Lucas Manuel Rodriguez
811e38c0f2
Add build info to orbit macos build action ( #13796 )
2023-09-07 13:23:38 -03:00
George Karr
899cb38f22
Allow build orbit to run manually ( #13795 )
2023-09-07 11:32:05 -03:00
Luke Heath
6130a7bbd7
Bump Fleet Desktop version to 1.16.0 ( #13753 )
2023-09-06 12:46:47 -05:00
Lucas Manuel Rodriguez
9a3b4cd365
Attempt to stabilize the broken integration.yml workflow ( #13653 )
...
#13547
This is an attempt to stabilize this workflow that has been broken for
4-6 months.
# Issue and proposed solution
Github runner VMs re-use UUIDs, which is not supported by Orbit (this
causes a host to be enrolled as two hosts in Fleet), thus, until that is
fixed in https://github.com/fleetdm/fleet/issues/8021 I propose we
stabilize this workflow by testing all `stable` channels only (which is
better than having the build broken all the time IMO).
Once https://github.com/fleetdm/fleet/issues/8021 is fixed we can re-add
the edge channels.
2023-09-01 12:25:17 -03:00
Roberto Dip
5ad734d617
upgrade go to v1.19.12 ( #13617 )
2023-08-31 13:49:24 -05:00
Luke Heath
204f082fe5
Pin all workflow actions versions by commit ( #13462 )
2023-08-31 12:09:21 -05:00
Luke Heath
0541618aeb
Add merge gatekeeper action ( #13546 )
2023-08-31 11:11:46 -05:00
Lucas Manuel Rodriguez
4654450bc8
Fix expected number of hosts for the Test fleetctl preview workflow ( #13605 )
...
Similar to the other we fixed recently the same way:
https://github.com/fleetdm/fleet/pull/13329
2023-08-30 17:45:41 -03:00
Lucas Manuel Rodriguez
f701dc55ed
CI: Add shell cmd for windows runner and add some debug logs to help troubleshoot ( #13592 )
...
After @rfairburn made the DNS change the clouldflared tunnel started
working again (after months of being broken).
#13547
Run: https://github.com/fleetdm/fleet/actions/runs/6025182774
This PR adds some fixes to the two workflows that make use of
cloudflared.
There are still some issues to fix but these are some changes needed to
continue/help troubleshooting.
2023-08-30 15:49:47 -03:00
Noah Talerman
6f36e0121a
Update story issue template ( #13549 )
...
- Remove "Product quality" section from the template. @sabrinabuckets
and I think this might be redundant. Separate "QA" section asks for
testing steps and has a confirmation step.
2023-08-29 21:43:10 -05:00
Sabrina Coy
7ca75a8fcb
Update bug-report.md ( #13204 )
...
Adding addition fields & re-ordering the Bugs template to facilitate
more robust bug reporting.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-08-23 08:22:54 -07:00
KanchiMoe
dece8e179c
Upversion markdown-link-check Github action ( #12026 )
2023-08-22 13:57:45 -07:00
Martin Angers
de32faefdb
Add /scripts/run and scripts/run/sync API endpoints to run scripts (part 1) ( #13417 )
2023-08-21 14:47:19 -04:00
Lucas Manuel Rodriguez
cafbe161a1
Bump fleet desktop version to 1.15.0 to generate artifacts and release ( #13393 )
2023-08-18 15:23:38 -05:00
Zach Wasserman
4ecc7db6d6
Complete removal of Cypress ( #13389 )
...
Remove the last of the dependencies and configuration around Cypress
since we no longer use it for testing.
2023-08-18 11:06:12 -06:00
Lucas Manuel Rodriguez
f9d6cf986b
Fix expected number of hosts in fleetctl-preview-latest workflow ( #13329 )
...
#13182
[This PR](https://github.com/fleetdm/osquery-in-a-box/pull/18 ) in the
osquery-in-a-box repository recently added a new host to the simulated
host list which broke the CI job in the fleetdm/fleet repository.
PR run with this branch:
https://github.com/fleetdm/fleet/actions/runs/5866786432
PS: One of the reasons we had this osquery-in-a-box repository outside
the monorepo was to not break customers using `fleetctl preview`. But
now that we have Fleet Sandbox and we don't encourage users to use
`fleetctl preview`:
1. Does it make sense to have the separate repository?
2. Does it make sense to continue supporting this workflow in CI?
2023-08-15 14:16:07 -03:00
Isabell Reedy
18d232bfe6
Change "tier" to "echelon" to match the handbook ( #13235 )
2023-08-10 00:50:31 -05:00
Luke Heath
3dfe4c74bb
Update action version ( #13136 )
2023-08-03 14:27:32 -07:00
Joanne Stableford
79b8dd8e8f
Update fleetctl-workstations to min macOS 13.5 ( #13109 )
2023-08-02 18:38:11 -04:00
Joanne Stableford
ea934424ae
Update fleetctl-workstations-canary min OS to macOS 13.5 ( #13108 )
2023-08-02 18:22:46 -04:00
Roberto Dip
d9de78e9fc
upgrade Go version to 1.19.11 ( #12902 )
2023-07-26 11:09:22 -07:00
Mike McNeil
d2d0dbb586
Fixed capitalization ( #12956 )
...
...
2023-07-25 15:16:36 -05:00
Luke Heath
8fb694f20f
Add new timebox scrum item and related documentation ( #12929 )
...
There have been several tickets created for investigation or research
purposes like [this one ](https://github.com/fleetdm/fleet/issues/12904 )
that we don't have a ticket type for within our current three types
(`story`, `~sub-task`, and `bug`). This results in the existing scrum
item types needing to be misused. I'm adding a fourth type called
`timebox` at Mike's request. I'm also including documentation on the
usage of this new type.
Lastly, I'm proposing we stop calling sub-tasks "unestimated sub-tasks"
in the GitHub template because it is confusing and inaccurate. Our
documentation states: "Sub-tasks are labeled as `~sub-task` and enable
us to break down complex tasks into more detailed and easier-to-estimate
work units.". In our estimation sessions, we put point estimates on
sub-tasks.
The spirit of this statement is that all sub-task points bubble up to
their parent story, and the parent story is what matters to the rest of
the business. That is clearly defined in our documentation and processes
and will not confuse our usage of stories.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-07-24 23:00:19 -05:00
Luke Heath
36ffc63755
Refine user story template ( #12819 )
...
Based on our last product/eng sync. Slimming down the fields so it's
less daunting and separating the checkboxes into each department.
The expectation would be that each list is fully complete before passing
to the next step (product > engineering > product quality). ..
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-07-21 21:54:17 -05:00
Eric
63eca92536
Change Node version used in Github workflows, add build-storybook step to website test ( #12748 )
...
Context: The "Deploy Fleet website" workflow is currently failing
because the `build-storybook` step requires Node v16.
<img width="1013" alt="image"
src="https://github.com/fleetdm/fleet/assets/7445991/7681e11e-a94f-4a0b-8cd8-baa1ef5a37d8 ">
Changes:
- Changed the `deploy-fleet-website` and `test-website` workflows to use
Node 16.
- Updated the version of `actions/setup-node` to v3 to use node 16.
- added the `--legacy-peer-deps` flag to the `npm install` in the
build-storybook step
- Added a step to build the storybook to the `test-website` workflow.
- Updated the `test-website` workflow to run when the workflow file is
changed.
2023-07-13 13:11:20 -05:00
Gabriel Hernandez
f9bbd47381
add back public storybook site build step ( #12746 )
...
this adds back building and publishing of storybook website.
2023-07-13 17:44:41 +01:00
Mike Thomas
08f00c2755
Mike j thomas website request template update ( #12329 )
...
Changes:
- I added links to "Writing a good user story" and "Quality" in the
website handbook.
- Fixed up a couple of things that Grammarly keeps reminding me about
when I create issues from this template.
2023-06-29 10:09:20 -05:00
dependabot[bot]
dbf87cbe62
Bump github/codeql-action from 2.2.4 to 2.20.1 ( #12437 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action )
from 2.2.4 to 2.20.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases ">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>CodeQL Bundle</h2>
<p>Bundles CodeQL CLI v2.13.4</p>
<ul>
<li>(<a
href="https://github.com/github/codeql-cli-binaries/blob/HEAD/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql-cli-binaries/releases/tag/v2.13.4 ">release</a>)</li>
</ul>
<p>Includes the following CodeQL language packs from <a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4 "><code>github/codeql@codeql-cli/v2.13.4</code></a>:</p>
<ul>
<li><code>codeql/cpp-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/cpp/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/cpp/ql/src ">source</a>)</li>
<li><code>codeql/cpp-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/cpp/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/cpp/ql/lib ">source</a>)</li>
<li><code>codeql/csharp-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/csharp/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/csharp/ql/src ">source</a>)</li>
<li><code>codeql/csharp-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/csharp/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/csharp/ql/lib ">source</a>)</li>
<li><code>codeql/go-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/go/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/go/ql/src ">source</a>)</li>
<li><code>codeql/go-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/go/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/go/ql/lib ">source</a>)</li>
<li><code>codeql/java-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/java/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/java/ql/src ">source</a>)</li>
<li><code>codeql/java-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/java/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/java/ql/lib ">source</a>)</li>
<li><code>codeql/javascript-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/javascript/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/javascript/ql/src ">source</a>)</li>
<li><code>codeql/javascript-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/javascript/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/javascript/ql/lib ">source</a>)</li>
<li><code>codeql/python-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/python/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/python/ql/src ">source</a>)</li>
<li><code>codeql/python-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/python/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/python/ql/lib ">source</a>)</li>
<li><code>codeql/ruby-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/ruby/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/ruby/ql/src ">source</a>)</li>
<li><code>codeql/ruby-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/ruby/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/ruby/ql/lib ">source</a>)</li>
<li><code>codeql/swift-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/swift/ql/src/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/swift/ql/src ">source</a>)</li>
<li><code>codeql/swift-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/swift/ql/lib/CHANGELOG.md ">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/swift/ql/lib ">source</a>)</li>
</ul>
<h2>CodeQL Bundle v2.6.0-beta.1</h2>
<p>Bundles CodeQL CLI <a
href="https://github.com/github/codeql-cli-binaries/releases/tag/v2.6.0-beta.1 ">v2.6.0-beta.1</a></p>
<h3>⚠️ This is a beta release containing a new CodeQL packaging feature.
It may not be compatible with existing workflows.</h3>
<p>This release contains beta support for <strong>CodeQL packs</strong>.
Please read the documentation below for more information:</p>
<ul>
<li><a
href="https://codeql.github.com/docs/codeql-cli/about-codeql-packs ">Using
CodeQL packs with the CodeQL CLI</a></li>
<li><a
href="https://docs.github.com/en/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-codeql-query-packs ">Using
CodeQL packs in Code Scanning on GitHub Actions</a></li>
<li><a
href="https://docs.github.com/en/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system#downloading-and-using-codeql-query-packs ">Using
CodeQL packs in Code Scanning on 3rd-party CI systems</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md ">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.20.1 - 21 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.4. <a
href="https://redirect.github.com/github/codeql-action/pull/1721 ">#1721</a></li>
<li>Experimental: add a new <code>resolve-environment</code> action
which attempts to infer a configuration for the build environment that
is required to build a given project. Do not use this in production as
it is part of an internal experiment and subject to change at any
time.</li>
</ul>
<h2>2.20.0 - 13 Jun 2023</h2>
<ul>
<li>Bump the version of the Action to 2.20.0. This ensures that users
who received a Dependabot upgrade to <a
href="cdcdbb5797https://redirect.github.com/github/codeql-action/pull/1729 ">#1729</a></li>
</ul>
<h2>2.3.6 - 01 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.3. <a
href="https://redirect.github.com/github/codeql-action/pull/1698 ">#1698</a></li>
</ul>
<h2>2.3.5 - 25 May 2023</h2>
<ul>
<li>Allow invalid URIs to be used as values to
<code>artifactLocation.uri</code> properties. This reverses a change
from <a
href="https://redirect.github.com/github/codeql-action/pull/1668 ">#1668</a>
that inadvertently led to stricter validation of some URI values. <a
href="https://redirect.github.com/github/codeql-action/pull/1705 ">#1705</a></li>
<li>Gracefully handle invalid URIs when fingerprinting. <a
href="https://redirect.github.com/github/codeql-action/pull/1694 ">#1694</a></li>
</ul>
<h2>2.3.4 - 24 May 2023</h2>
<ul>
<li>Updated the SARIF 2.1.0 JSON schema file to the latest from <a
href="123e95847b/Schemata/sarif-schema-2.1.0.jsonhttps://redirect.github.com/github/codeql-action/pull/1668 ">#1668</a></li>
<li>We are rolling out a feature in May 2023 that will disable Python
dependency installation for new users of the CodeQL Action. This
improves the speed of analysis while having only a very minor impact on
results. <a
href="https://redirect.github.com/github/codeql-action/pull/1676 ">#1676</a></li>
<li>We are improving the way that <a
href="https://github.com/github/codeql-action/releases ">CodeQL
bundles</a> are tagged to make it possible to easily identify bundles by
their CodeQL semantic version. <a
href="https://redirect.github.com/github/codeql-action/pull/1682 ">#1682</a>
<ul>
<li>As of CodeQL CLI 2.13.4, CodeQL bundles will be tagged using
semantic versions, for example <code>codeql-bundle-v2.13.4</code>,
instead of timestamps, like <code>codeql-bundle-20230615</code>.</li>
<li>This change does not affect the majority of workflows, and we will
not be changing tags for existing bundle releases.</li>
<li>Some workflows with custom logic that depends on the specific format
of the CodeQL bundle tag may need to be updated. For example, if your
workflow matches CodeQL bundle tag names against a
<code>codeql-bundle-yyyymmdd</code> pattern, you should update it to
also recognize <code>codeql-bundle-vx.y.z</code> tags.</li>
</ul>
</li>
<li>Remove the requirement for <code>on.push</code> and
<code>on.pull_request</code> to trigger on the same branches. <a
href="https://redirect.github.com/github/codeql-action/pull/1675 ">#1675</a></li>
</ul>
<h2>2.3.3 - 04 May 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.1. <a
href="https://redirect.github.com/github/codeql-action/pull/1664 ">#1664</a></li>
<li>You can now configure CodeQL within your code scanning workflow by
passing a <code>config</code> input to the <code>init</code> Action. See
<a href="https://aka.ms/code-scanning-docs/config-file ">Using a custom
configuration file</a> for more information about configuring code
scanning. <a
href="https://redirect.github.com/github/codeql-action/pull/1590 ">#1590</a></li>
</ul>
<h2>2.3.2 - 27 Apr 2023</h2>
<p>No user facing changes.</p>
<h2>2.3.1 - 26 Apr 2023</h2>
<p>No user facing changes.</p>
<h2>2.3.0 - 21 Apr 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.0. <a
href="https://redirect.github.com/github/codeql-action/pull/1649 ">#1649</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f6e388ebf0https://redirect.github.com/github/codeql-action/issues/1736 ">#1736</a>
from github/update-v2.20.1-4385ad556</li>
<li><a
href="28742472284385ad5563https://redirect.github.com/github/codeql-action/issues/1685 ">#1685</a>)</li>
<li><a
href="8ba77ef4d3https://redirect.github.com/github/codeql-action/issues/1734 ">#1734</a>)</li>
<li><a
href="82dbde173chttps://redirect.github.com/github/codeql-action/issues/1735 ">#1735</a>)</li>
<li><a
href="c6dff3470ehttps://redirect.github.com/github/codeql-action/issues/1721 ">#1721</a>
from github/update-bundle/codeql-bundle-v2.13.4</li>
<li><a
href="3e0c87dc38de74ca6211https://redirect.github.com/github/codeql-action/issues/1732 ">#1732</a>
from github/henrymercer/tolerate-unexpected-processi...</li>
<li><a
href="d6201b58de0ac18158d1https://redirect.github.com/github/codeql-action/issues/1684 ">#1684</a>
from github/mbg/add-resolve-environment</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/v2.2.4...f6e388ebf0efc915c6c5b165b019ee61a6746a38 ">compare
view</a></li>
</ul>
</details>
<br />
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 12:40:54 -07:00
dependabot[bot]
0730246723
Bump actions/setup-go from 2.1.3 to 4.0.1 ( #12294 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2.1.3
to 4.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases ">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update documentation for <code>v4</code> by <a
href="https://github.com/dsame "><code>@dsame</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/354 ">actions/setup-go#354</a></li>
<li>Fix glob bug in the package.json scripts section by <a
href="https://github.com/IvanZosimov "><code>@IvanZosimov</code></a> in
<a
href="https://redirect.github.com/actions/setup-go/pull/359 ">actions/setup-go#359</a></li>
<li>Bump <code>xml2js</code> dependency by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/370 ">actions/setup-go#370</a></li>
<li>Bump <code>@actions/cache</code> dependency to v3.2.1 by <a
href="https://github.com/nikolai-laevskii "><code>@nikolai-laevskii</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/374 ">actions/setup-go#374</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/nikolai-laevskii "><code>@nikolai-laevskii</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/374 ">actions/setup-go#374</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v4...v4.0.1 ">https://github.com/actions/setup-go/compare/v4...v4.0.1 </a></p>
<h2>v4.0.0</h2>
<p>In scope of release we enable cache by default. The action won’t
throw an error if the cache can’t be restored or saved. The action will
throw a warning message but it won’t stop a build process. The cache can
be disabled by specifying <code>cache: false</code>.</p>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ‘1.19’
- run: go run hello.go
</code></pre>
<p>Besides, we introduce such changes as</p>
<ul>
<li><a
href="https://redirect.github.com/actions/setup-go/pull/305 ">Allow to
use only GOCACHE for cache</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/315 ">Bump
json5 from 2.2.1 to 2.2.3</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/323 ">Use
proper version for primary key in cache</a></li>
<li><a
href="https://redirect.github.com/actions/setup-go/pull/351 ">Always add
Go bin to the PATH</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/350 ">Add
step warning if go-version input is empty</a></li>
</ul>
<h2>Add support for stable and oldstable aliases</h2>
<p>In scope of this release we introduce aliases for the
<code>go-version</code> input. The <code>stable</code> alias instals the
latest stable version of Go. The <code>oldstable</code> alias installs
previous latest minor release (the stable is 1.19.x -> the oldstable
is 1.18.x).</p>
<h3>Stable</h3>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: 'stable'
- run: go run hello.go
</code></pre>
<h3>OldStable</h3>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fac708d667https://redirect.github.com/actions/setup-go/issues/374 ">#374</a>)</li>
<li><a
href="dd84a9531ahttps://redirect.github.com/actions/setup-go/issues/370 ">#370</a>)</li>
<li><a
href="41c2024c46https://redirect.github.com/actions/setup-go/issues/359 ">#359</a>)</li>
<li><a
href="8dbf352f06https://redirect.github.com/actions/setup-go/issues/354 ">#354</a>)</li>
<li><a
href="4d34df0c23https://redirect.github.com/actions/setup-go/issues/348 ">#348</a>)</li>
<li><a
href="fdc0d672a1https://redirect.github.com/actions/setup-go/issues/351 ">#351</a>)</li>
<li><a
href="ebfdf6ac95https://redirect.github.com/actions/setup-go/issues/350 ">#350</a>)</li>
<li><a
href="b27d76912ehttps://redirect.github.com/actions/setup-go/issues/349 ">#349</a>)</li>
<li><a
href="c51a720768https://redirect.github.com/actions/setup-go/issues/332 ">#332</a>)</li>
<li><a
href="6b848af622https://redirect.github.com/actions/setup-go/issues/343 ">#343</a>
from akv-platform/reusable-workflow</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/setup-go/compare/v2.1.3...v4.0.1 ">compare
view</a></li>
</ul>
</details>
<br />
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 12:38:42 -07:00
dependabot[bot]
ffcfdbc15d
Bump slackapi/slack-github-action from 1.18.0 to 1.24.0 ( #12293 )
...
Bumps
[slackapi/slack-github-action](https://github.com/slackapi/slack-github-action )
from 1.18.0 to 1.24.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/slackapi/slack-github-action/releases ">slackapi/slack-github-action's
releases</a>.</em></p>
<blockquote>
<h2>Slack Send V1.24.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add in testing instructions for maintainer's guide and standardize
bullet point punctuation by <a
href="https://github.com/hello-ashleyintech "><code>@hello-ashleyintech</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/140 ">slackapi/slack-github-action#140</a></li>
<li>Added checks for bot token and webhook url length by <a
href="https://github.com/koki-develop "><code>@koki-develop</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/124 ">slackapi/slack-github-action#124</a></li>
<li>Add channel_id output parameter by <a
href="https://github.com/maso7 "><code>@maso7</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/149 ">slackapi/slack-github-action#149</a></li>
<li><a
href="https://redirect.github.com/slackapi/slack-github-action/issues/171 ">#171</a>
Update Technique 2 to use Actions context instead of values property by
<a href="https://github.com/mwbrooks "><code>@mwbrooks</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/172 ">slackapi/slack-github-action#172</a></li>
<li>Fix interpolation of variables in file-based payloads by <a
href="https://github.com/filmaj "><code>@filmaj</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/200 ">slackapi/slack-github-action#200</a></li>
<li>Update README.md with variable usage and links to example workflows
by <a href="https://github.com/filmaj "><code>@filmaj</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/201 ">slackapi/slack-github-action#201</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/koki-develop "><code>@koki-develop</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/124 ">slackapi/slack-github-action#124</a></li>
<li><a href="https://github.com/maso7 "><code>@maso7</code></a> made
their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/149 ">slackapi/slack-github-action#149</a></li>
<li><a href="https://github.com/mwbrooks "><code>@mwbrooks</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/172 ">slackapi/slack-github-action#172</a></li>
<li><a href="https://github.com/hnarimiya "><code>@hnarimiya</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/200 ">slackapi/slack-github-action#200</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.23.0...v1.24.0 ">https://github.com/slackapi/slack-github-action/compare/v1.23.0...v1.24.0 </a></p>
<h2>Slack Send V1.23.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump node from 12 to 16 by <a
href="https://github.com/quinnjn "><code>@quinnjn</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/128 ">slackapi/slack-github-action#128</a></li>
<li>Bump eslint from 8.23.0 to 8.24.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/135 ">slackapi/slack-github-action#135</a></li>
<li>Bump <code>@actions/core</code> from 1.9.1 to 1.10.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/134 ">slackapi/slack-github-action#134</a></li>
<li>Bump <code>@actions/github</code> from 5.0.3 to 5.1.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/133 ">slackapi/slack-github-action#133</a></li>
<li>Use https proxy agent by <a
href="https://github.com/EHitchcockIAG "><code>@EHitchcockIAG</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/132 ">slackapi/slack-github-action#132</a></li>
<li>Release v1.23.0 by <a
href="https://github.com/hello-ashleyintech "><code>@hello-ashleyintech</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/139 ">slackapi/slack-github-action#139</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/quinnjn "><code>@quinnjn</code></a> made
their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/128 ">slackapi/slack-github-action#128</a></li>
<li><a
href="https://github.com/EHitchcockIAG "><code>@EHitchcockIAG</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/132 ">slackapi/slack-github-action#132</a></li>
<li><a
href="https://github.com/hello-ashleyintech "><code>@hello-ashleyintech</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/139 ">slackapi/slack-github-action#139</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.22.0...v1.23.0 ">https://github.com/slackapi/slack-github-action/compare/v1.22.0...v1.23.0 </a></p>
<h2>Slack Send V1.22.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(message): support multiple channel IDs by <a
href="https://github.com/treemmett "><code>@treemmett</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/126 ">slackapi/slack-github-action#126</a>
(fixes <a
href="https://redirect.github.com/slackapi/slack-github-action/issues/118 ">#118</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/treemmett "><code>@treemmett</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/126 ">slackapi/slack-github-action#126</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.21.0...v1.22.0 ">https://github.com/slackapi/slack-github-action/compare/v1.21.0...v1.22.0 </a></p>
<h2>Slack Send V1.21.0</h2>
<h2>What's Changed</h2>
<ul>
<li>updated to 1.21.0, fixed update-ts by <a
href="https://github.com/stevengill "><code>@stevengill</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/110 ">slackapi/slack-github-action#110</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.20.0...v1.21.0 ">https://github.com/slackapi/slack-github-action/compare/v1.20.0...v1.21.0 </a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e28cf165c9f07b4a2d032c8b741a82https://redirect.github.com/slackapi/slack-github-action/issues/201 ">#201</a>)</li>
<li><a
href="81a1dc0cd9https://redirect.github.com/slackapi/slack-github-action/issues/200 ">#200</a>)</li>
<li><a
href="4eb7313607https://redirect.github.com/slackapi/slack-github-action/issues/194 ">#194</a>)</li>
<li><a
href="17394c7ff6https://redirect.github.com/slackapi/slack-github-action/issues/195 ">#195</a>)</li>
<li><a
href="2746ea8222https://redirect.github.com/slackapi/slack-github-action/issues/196 ">#196</a>)</li>
<li><a
href="1b89efce66https://redirect.github.com/slackapi/slack-github-action/issues/197 ">#197</a>)</li>
<li><a
href="0e608ca738https://redirect.github.com/slackapi/slack-github-action/issues/188 ">#188</a>)</li>
<li><a
href="02b50ad38bhttps://redirect.github.com/slackapi/slack-github-action/issues/189 ">#189</a>)</li>
<li>Additional commits viewable in <a
href="16b6c78ee7...e28cf165c9
2023-06-23 12:32:30 -07:00
Joanne Stableford
0f9bfa3dbd
Update fleetctl-workstations os update to 13.4.1 ( #12471 )
2023-06-22 20:05:15 -04:00
Joanne Stableford
f6f713f7fc
Update fleetctl-workstations-canary for minimum os 13.4.1 ( #12469 )
2023-06-22 19:54:43 -04:00
Zach Wasserman
1080406266
Generate targets for osquery 5.9.1 ( #12410 )
2023-06-21 23:14:52 -07:00
Luke Heath
1f455055a1
Use actions token during helm-publish workflow ( #12430 )
2023-06-21 09:30:25 -06:00
Mo Zhu
98aa845c31
Update feature-request.md ( #12176 )
2023-06-13 11:03:04 -07:00
Luke Heath
b5994e7cb9
Use GitHub token in GoReleaser workflow ( #12303 )
2023-06-13 11:54:55 -05:00
Luke Heath
db2215e2e4
Update bug process in handbook ( #12203 )
2023-06-09 13:02:19 -05:00
Roberto Dip
ab9ac28538
upgrade go version to 1.19.10 ( #12187 )
...
for #12177
2023-06-07 17:59:30 -03:00
Luke Heath
1f8ca0bbb4
Use personal access token for workflows ( #12118 )
2023-06-02 16:23:23 -05:00
Gabriel Hernandez
2fcc5ee72e
generate js coverage report in CI ( #12029 )
...
relates to #8771
Add coverage for frontend and improve coverage reports around Backend
and frontend code.
2023-06-01 17:46:25 +01:00
Reed Haynes
800584d8ec
Update smoke-tests.md ( #12061 )
...
Add step to ensure there are no release blocking tickets open that might
have gone missed.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Added/updated tests (smoke test template)
2023-05-31 16:06:15 -05:00
Martin Angers
8b1bf35414
Increase Go test timeout to 15m ( #11920 )
2023-05-29 08:44:10 -04:00
KanchiMoe
257336c8b0
Upversion github actions in tfvalidate.yml ( #12005 )
...
This fixes the deprecation warnings that appear at the bottom of
https://github.com/fleetdm/fleet/actions/runs/5083875257
2023-05-28 22:54:46 -04:00
Luke Heath
256aa855d8
Adjust macOS version update deadline ( #11988 )
2023-05-26 10:41:08 -05:00
Luke Heath
8d47cbca4d
Add QA section to website request template ( #11871 )
2023-05-25 08:35:08 +09:00
Zach Wasserman
048de9a002
Move all workstations to macOS 13.4.0 ( #11918 )
2023-05-23 20:42:08 -07:00
Luke Heath
846ee18cb3
Add example workflow ( #11893 )
2023-05-23 13:52:21 -05:00
Mike McNeil
301840a334
Update website-request.md ( #11881 )
2023-05-22 22:47:49 -05:00
Zach Wasserman
499a040c1b
Move canary workstations to macOS 13.4.0 ( #11792 )
2023-05-18 15:37:25 -07:00
Luke Heath
29321021d1
Add test plan section to user story issue template ( #11657 )
2023-05-18 16:20:29 -05:00
KanchiMoe
9e9fd633c7
Update 'install go' Github Actions to use tag as it uses deprecated commands ( #11408 )
...
At the moment, in Github Actions, when a job has `uses:
actions/setup-go` it uses a specific commit from that repo.
In that commit, it used `set-output` somewhere, which is now deprecated
and will be disabled within the next month or so.
See here for more information:
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
This PR changes every instance where `actions/setup-go@...` was used and
replaces it with release `v2.1.3`. [From the release
notes](https://github.com/actions/setup-go/releases/tag/v2.1.3 ):
> Updated communication with runner to use environment files rather then
workflow commands
Which is what the above Github blog recommends doing.
---
Addationally, the latest version of this Github Action is
[`v4.0.0`](https://github.com/actions/setup-go/releases/tag/v4.0.0 ),
which you may want to update to in the future.
2023-05-17 15:56:16 -05:00
Luke Heath
191302c662
Use github action to apply profiles to workstations team ( #11716 )
2023-05-17 13:07:18 -05:00
Luke Heath
e794356e07
Use new fleet-mdm-gitops GitHub action to apply MDM configuration ( #11681 )
2023-05-16 10:16:22 -05:00
Luke Heath
25b7114174
Use new Fleet MDM gitops action ( #11678 )
2023-05-12 16:54:26 -05:00
Mo Zhu
24389d3e57
Create release-article template ( #11517 )
...
.
2023-05-11 09:34:01 -07:00
Luke Heath
9f7e2ea4cc
Bump workstation macOS version requirement ( #11560 )
2023-05-09 16:07:03 -05:00
Zach Wasserman
8ebd988661
Update Fleet Desktop version ( #11549 )
2023-05-05 15:04:50 -07:00
Eric
1502106c88
Create website request issue template ( #11488 )
...
Changes:
- Added an issue template for requesting changes to fleetdm.com.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-05-03 18:15:19 -05:00
dependabot[bot]
8c04305f7f
Bump aws-actions/amazon-ecr-login from 1.5.3 to 1.6.0 ( #11514 )
...
Bumps
[aws-actions/amazon-ecr-login](https://github.com/aws-actions/amazon-ecr-login )
from 1.5.3 to 1.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/amazon-ecr-login/releases ">aws-actions/amazon-ecr-login's
releases</a>.</em></p>
<blockquote>
<h2>v1.6.0</h2>
<p>See the <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/HEAD/CHANGELOG.md ">changelog</a>
for details about the changes included in this release.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/main/CHANGELOG.md ">aws-actions/amazon-ecr-login's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file.
See <a
href="https://github.com/conventional-changelog/standard-version ">standard-version</a>
for commit guidelines.</p>
<h2><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.3...v1.6.0 ">1.6.0</a>
(2023-03-29)</h2>
<h3>Features</h3>
<ul>
<li>add support for HTTP(s) proxy (<a
href="454a99d5dehttps://github.com/aws-actions/amazon-ecr-login/compare/v1.5.2...v1.5.3 ">1.5.3</a>
(2022-10-29)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.1...v1.5.2 ">1.5.2</a>
(2022-10-18)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.0...v1.5.1 ">1.5.1</a>
(2022-08-04)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>reverted change that masked Docker credentials (<a
href="7d073b66cchttps://github.com/aws-actions/amazon-ecr-login/compare/v1.4.0...v1.5.0 ">1.5.0</a>
(2022-06-27)</h2>
<h3>Features</h3>
<ul>
<li>added ECR Public Registry support (<a
href="b4f084e928https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.3...v1.4.0 ">1.4.0</a>
(2022-05-20)</h2>
<h3>Features</h3>
<ul>
<li>output docker credentials after login (<a
href="57206dc28cd121236bfd45a78e2dabhttps://github.com/aws-actions/amazon-ecr-login/compare/v1.3.2...v1.3.3 ">1.3.3</a>
(2021-02-15)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.1...v1.3.2 ">1.3.2</a>
(2021-02-01)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.0...v1.3.1 ">1.3.1</a>
(2020-11-24)</h3>
<h2><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.2.2...v1.3.0 ">1.3.0</a>
(2020-10-29)</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2f9f10ea3f7724c7e157https://redirect.github.com/aws-actions/amazon-ecr-login/issues/430 ">#430</a>
from aws-actions/http-proxy</li>
<li><a
href="454a99d5de62f4f872dbhttps://redirect.github.com/aws-actions/amazon-ecr-login/issues/429 ">#429</a>)</li>
<li><a
href="5cf60ad52chttps://redirect.github.com/aws-actions/amazon-ecr-login/issues/428 ">#428</a>)</li>
<li><a
href="7179228b86https://redirect.github.com/aws-actions/amazon-ecr-login/issues/426 ">#426</a>)</li>
<li><a
href="4ccd3fe855https://redirect.github.com/aws-actions/amazon-ecr-login/issues/424 ">#424</a>)</li>
<li><a
href="7ba8fdb4b8https://redirect.github.com/aws-actions/amazon-ecr-login/issues/423 ">#423</a>)</li>
<li><a
href="069994d041https://redirect.github.com/aws-actions/amazon-ecr-login/issues/422 ">#422</a>
from taichunmin/main</li>
<li><a
href="4f0431daa8261a7de32b...2f9f10ea3fhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aws-actions/amazon-ecr-login&package-manager=github_actions&previous-version=1.5.3&new-version=1.6.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-03 12:06:24 -07:00
KanchiMoe
3496011e35
Convert remaining uses of set-output for Github Actions ( #11352 )
2023-04-27 16:11:27 -05:00
KanchiMoe
503a30092f
Fix integration Github action using the deprecated command set-output ( #11282 )
2023-04-26 10:15:23 -05:00
Robert Fairburn
eb93343ffe
Warn against deploying fleetdm/fleet:main directly ( #11316 )
...
Deploying `fleetdm/fleet:main` directly to dogfood has problems if
migrations are needed and an image restarts. This causes crashloops in
the containers and leads to being rate-limited for pulls on dockerhub.
Warn against this and also suggest using quay.io as an alternative image
location.
2023-04-25 13:22:59 -05:00
dependabot[bot]
672c0d9239
Bump actions/upload-artifact from 3.1.0 to 3.1.2 ( #10183 )
...
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact )
from 3.1.0 to 3.1.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases ">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.2</h2>
<ul>
<li>Update all <code>@actions/*</code> NPM packages to their latest
versions- <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/374 ">#374</a></li>
<li>Update all dev dependencies to their most recent versions - <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/375 ">#375</a></li>
</ul>
<h2>v3.1.1</h2>
<ul>
<li>Update actions/core package to latest version to remove
<code>set-output</code> deprecation warning <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/351 ">#351</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0b7f8abb15https://github-redirect.dependabot.com/actions/upload-artifact/issues/312 ">#312</a>)</li>
<li><a
href="013d2b89bahttps://github-redirect.dependabot.com/actions/upload-artifact/issues/375 ">#375</a>)</li>
<li><a
href="055b8b3f04https://github-redirect.dependabot.com/actions/upload-artifact/issues/374 ">#374</a>)</li>
<li><a
href="7a5d4831f7https://github-redirect.dependabot.com/actions/upload-artifact/issues/315 ">#315</a>)</li>
<li><a
href="e0057a5b76https://github-redirect.dependabot.com/actions/upload-artifact/issues/352 ">#352</a>)</li>
<li><a
href="7fe6c13ac8https://github-redirect.dependabot.com/actions/upload-artifact/issues/363 ">#363</a>)</li>
<li><a
href="83fd05a356https://github-redirect.dependabot.com/actions/upload-artifact/issues/356 ">#356</a>)</li>
<li>See full diff in <a
href="3cea537223...0b7f8abb15https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=3.1.0&new-version=3.1.2 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-24 11:27:56 -07:00
Zachary Winnerman
443d2471d2
Add elastic apm to dogfood ( #11287 )
...
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-04-24 11:25:57 -04:00
Luke Heath
f53a896f09
Stop using temporary token ( #11210 )
2023-04-14 16:19:36 -05:00
Eric
29c9c17e1b
Remove build-storybook step from deploy website workflow ( #11209 )
...
Changes:
- Removed the build-storybook step from the "Deploy Fleet website"
workflow
- Removed the storybook directory from `website/.eslintignore`
2023-04-14 16:01:07 -05:00
Luke Heath
3b5dbeccf0
Update bug-report.md ( #11203 )
2023-04-14 13:34:37 -05:00
Martin Angers
9aab3d628c
Move Redis cluster docker yml to separate file ( #11162 )
2023-04-12 15:14:28 -04:00
Luke Heath
30bc419491
Update workflow to set macos_updates and disk encryption for canary ( #11168 )
2023-04-12 11:32:13 -05:00
Luke Heath
bd1e7654dc
Use temporary github token to deploy website ( #11137 )
2023-04-11 10:37:47 -05:00
Luke Heath
7c6c209d79
Prepare v4.30.0 ( #11105 )
2023-04-10 15:48:34 -05:00
Zach Wasserman
1a521133f4
Upgrade Go version to 1.19.8 ( #11057 )
...
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
2023-04-07 12:05:22 -07:00
Noah Talerman
79e5f11664
Update Workstations YAML: Set macOS update deadline ( #10962 )
2023-04-06 18:42:04 -05:00
Mo Zhu
d776f713ad
Add requestor section ( #11010 )
...
Add requestor to help keep track of who needs to be notified if a story
gets de-prioritized
.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-04-06 18:20:14 -05:00
Mike McNeil
5f4f9c810d
Disable blank issues to ensure new community feature requests going into a board ( #11045 )
2023-04-06 18:19:24 -05:00
Luke Heath
0ee49f11fc
Prepare v4.29.1 ( #10945 )
2023-04-06 11:49:37 -05:00
Luke Heath
689d6ddffe
Exclude certain paths from docker publish workflow ( #10884 )
2023-04-06 11:49:11 -05:00
Robert Fairburn
a257a696a6
Ensure that short tags push to quay in addition to dockerhub ( #11006 )
...
This should include the short tags (such as `fleetdm/fleet:43e434b`)
when pushing to quay.io (`quay.io/fleetdm/fleet:43e434b`)
Additionally, the previous `docker buildx imagetools create` line was
only pushing a linux/amd64 image to quay. This means that for these
tags, one could not pull from quay on an arm64 Mac for example. This
update should correct that.
2023-04-05 12:04:34 -05:00
Luke Heath
bfaa8043bf
Add profiles workflow for canary team ( #10966 )
2023-04-04 15:51:07 -05:00
Luke Heath
ac983a97ab
Update the sentry environment variable name ( #10943 )
2023-04-03 14:12:16 -05:00
Robert Fairburn
fc84da1a36
Add Sentry secret to dogfood ( #10859 )
2023-03-30 12:51:12 -05:00
Robert Fairburn
0de8b58f60
Goreleaser quay push to use docker instead of podman ( #10830 )
...
This is to resolve #10693 and looks to work when it triggered on the
branch.
2023-03-30 12:46:39 -05:00
Lucas Manuel Rodriguez
40265d0e6f
Fix SMTP e-mail send when SMTP server has credentials ( #10758 )
...
#9609
This PR also fixes #10777 .
The issue is: We were using `svc.AppConfig` instead of
`svc.ds.AppConfig` to retrieve the SMTP credentials.
`svc.AppConfig` obfuscates credentials, whereas `svc.ds.AppConfig` does
not.
To help prevent this from happening again I've renamed `svc.AppConfig`
to `svc.AppConfigObfuscated`.
I've also added a new test SMTP server
(https://github.com/axllent/mailpit ) that supports Basic Authentication
and tests that make use of it to catch these kind of bugs (the tests are
executed when running `go test` with `MAIL_TEST=1`).
- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- [X] Manual QA for all new/changed functionality
- ~For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-03-28 15:23:15 -03:00
Zach Wasserman
477bb53f90
Generate targets for osquery 5.8.2 ( #10802 )
2023-03-28 10:50:07 -07:00
Zach Wasserman
a0f8ecdf2a
Turn down dependabot settings ( #10571 )
...
Disable dependabot for non-security dependency upgrades. It should
continue to function as normal for security issues in dependencies.
2023-03-27 11:22:18 -07:00
Luke Heath
30aa31e763
Remove disable knex, install fleetctl, apply to workstations ( #10757 )
2023-03-27 09:53:05 -05:00
Luke Heath
547111d5b6
Prepare 4.29.0 ( #10610 )
2023-03-22 15:14:51 -05:00
Luke Heath
7ebf308b0c
Revert fleetctl apply token ( #10647 )
2023-03-21 12:51:41 -05:00
Luke Heath
d514998f3a
Use gitops API token ( #10639 )
2023-03-21 11:23:08 -05:00
Luke Heath
9bf4601120
Prepare 4.28.1 ( #10461 ) ( #10609 )
2023-03-20 17:11:38 -05:00
Robert Fairburn
aadfb12d51
Update dogfood deploy help_p1 webhook secret name ( #10537 )
2023-03-16 16:56:46 -05:00
Lucas Manuel Rodriguez
296b70cda3
Add CI check for spec yamls ( #10530 )
...
This is to prevent merging broken yamls.
2023-03-16 08:54:21 -03:00
Zachary Winnerman
3158da0985
Terraform version bump ( #10513 )
...
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-03-15 12:41:25 -04:00
Lucas Manuel Rodriguez
b0f490b4d6
Run make dump-test-schema ( #10505 )
...
Forgot to run this in https://github.com/fleetdm/fleet/pull/10478
2023-03-15 10:47:49 -03:00
Lucas Manuel Rodriguez
e926581427
Observers can observe team settings ( #10447 )
...
#9984
- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- [X] Documented any permissions changes: Done by @noahtalerman, see
#10440
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- ~[ ] Manual QA for all new/changed functionality~
- For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-03-13 15:34:39 -03:00
Luke Heath
b3cd710286
Add MDM profiles and github workflow to apply them ( #10416 )
2023-03-10 11:23:10 -06:00
Zachary Winnerman
0ee617778a
Dogfood returns ( #10345 )
...
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-03-08 16:38:53 -05:00
Noah Talerman
1e9c928628
Issue templates: Update story ( #10277 )
...
- Add a reminder to specify any changes to permissions
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-03-02 17:37:17 -06:00
dependabot[bot]
fdc55aabc4
Bump actions/cache from 3.0.8 to 3.2.6 ( #10268 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.0.8 to
3.2.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases ">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.6</h2>
<h2>What's Changed</h2>
<ul>
<li>Updated branch in Force deletion of caches by <a
href="https://github.com/t-dedah "><code>@t-dedah</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1108 ">actions/cache#1108</a></li>
<li>Fix zstd not being used after zstd version upgrade to 1.5.4 on
hosted runners by <a
href="https://github.com/pdotl "><code>@pdotl</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1118 ">actions/cache#1118</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.2.6 ">https://github.com/actions/cache/compare/v3...v3.2.6 </a></p>
<h2>v3.2.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Rewrite readmes by <a
href="https://github.com/jsoref "><code>@jsoref</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1085 ">actions/cache#1085</a></li>
<li>Fixed typos and formatting in docs by <a
href="https://github.com/kotewar "><code>@kotewar</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1076 ">actions/cache#1076</a></li>
<li>Fixing paths for OSes by <a
href="https://github.com/kotewar "><code>@kotewar</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1101 ">actions/cache#1101</a></li>
<li>Release patch version update by <a
href="https://github.com/Phantsure "><code>@Phantsure</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1105 ">actions/cache#1105</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jsoref "><code>@jsoref</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1085 ">actions/cache#1085</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.2.5 ">https://github.com/actions/cache/compare/v3...v3.2.5 </a></p>
<h2>v3.2.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Update json5 package version by <a
href="https://github.com/vsvipul "><code>@vsvipul</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1065 ">actions/cache#1065</a></li>
<li>Cache recipes for cache, restore and save actions by <a
href="https://github.com/kotewar "><code>@kotewar</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1055 ">actions/cache#1055</a></li>
<li>Add gnu tar and zstd as pre-requisites for windows self-hosted
runners by <a href="https://github.com/pdotl "><code>@pdotl</code></a>
in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1068 ">actions/cache#1068</a></li>
<li>Fix a whitespace typo by <a
href="https://github.com/kurtmckee "><code>@kurtmckee</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1074 ">actions/cache#1074</a></li>
<li>📝 <a
href="https://github-redirect.dependabot.com/actions/cache/issues/1045 ">#1045</a>
update using the <code>set-output</code> command is deprecated by <a
href="https://github.com/siguikesse "><code>@siguikesse</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1046 ">actions/cache#1046</a></li>
<li>Fix referenced output key in save action readme by <a
href="https://github.com/ruudk "><code>@ruudk</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1061 ">actions/cache#1061</a></li>
<li>Update workflows to use reusable-workflows by <a
href="https://github.com/jongwooo "><code>@jongwooo</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1066 ">actions/cache#1066</a></li>
<li>Introduce add-to-project step & rename workflow files by <a
href="https://github.com/pallavx "><code>@pallavx</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1077 ">actions/cache#1077</a></li>
<li>chore: Fix syntax error typo by <a
href="https://github.com/vHeemstra "><code>@vHeemstra</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1081 ">actions/cache#1081</a></li>
<li>Update caching-strategies.md by <a
href="https://github.com/kpfleming "><code>@kpfleming</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1084 ">actions/cache#1084</a></li>
<li>Added another usage hint to foresee <a
href="https://github-redirect.dependabot.com/actions/cache/issues/1072 ">#1072</a>
by <a href="https://github.com/maybeec "><code>@maybeec</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1089 ">actions/cache#1089</a></li>
<li>Add <code>fail-on-cache-miss</code> option by <a
href="https://github.com/cdce8p "><code>@cdce8p</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1036 ">actions/cache#1036</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/kurtmckee "><code>@kurtmckee</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1074 ">actions/cache#1074</a></li>
<li><a
href="https://github.com/siguikesse "><code>@siguikesse</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1046 ">actions/cache#1046</a></li>
<li><a href="https://github.com/ruudk "><code>@ruudk</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1061 ">actions/cache#1061</a></li>
<li><a href="https://github.com/pallavx "><code>@pallavx</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1077 ">actions/cache#1077</a></li>
<li><a href="https://github.com/vHeemstra "><code>@vHeemstra</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1081 ">actions/cache#1081</a></li>
<li><a href="https://github.com/kpfleming "><code>@kpfleming</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1084 ">actions/cache#1084</a></li>
<li><a href="https://github.com/maybeec "><code>@maybeec</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1089 ">actions/cache#1089</a></li>
<li><a href="https://github.com/cdce8p "><code>@cdce8p</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1036 ">actions/cache#1036</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.2.4 ">https://github.com/actions/cache/compare/v3...v3.2.4 </a></p>
<h2>v3.2.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Add Mint example by <a
href="https://github.com/uhooi "><code>@uhooi</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1051 ">actions/cache#1051</a></li>
<li>Fixed broken link by <a
href="https://github.com/kotewar "><code>@kotewar</code></a> in <a
href="https://github-redirect.dependabot.com/actions/cache/pull/1057 ">actions/cache#1057</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md ">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>3.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -> node
16</li>
</ul>
<h3>3.0.1</h3>
<ul>
<li>Added support for caching from GHES 3.5.</li>
<li>Fixed download issue for files > 2GB during restore.</li>
</ul>
<h3>3.0.2</h3>
<ul>
<li>Added support for dynamic cache size cap on GHES.</li>
</ul>
<h3>3.0.3</h3>
<ul>
<li>Fixed avoiding empty cache save when no files are available for
caching. (<a
href="https://github-redirect.dependabot.com/actions/cache/issues/624 ">issue</a>)</li>
</ul>
<h3>3.0.4</h3>
<ul>
<li>Fixed tar creation error while trying to create tar with path as
<code>~/</code> home folder on <code>ubuntu-latest</code>. (<a
href="https://github-redirect.dependabot.com/actions/cache/issues/689 ">issue</a>)</li>
</ul>
<h3>3.0.5</h3>
<ul>
<li>Removed error handling by consuming actions/cache 3.0 toolkit, Now
cache server error handling will be done by toolkit. (<a
href="https://github-redirect.dependabot.com/actions/cache/pull/834 ">PR</a>)</li>
</ul>
<h3>3.0.6</h3>
<ul>
<li>Fixed <a
href="https://github-redirect.dependabot.com/actions/cache/issues/809 ">#809</a>
- zstd -d: no such file or directory error</li>
<li>Fixed <a
href="https://github-redirect.dependabot.com/actions/cache/issues/833 ">#833</a>
- cache doesn't work with github workspace directory</li>
</ul>
<h3>3.0.7</h3>
<ul>
<li>Fixed <a
href="https://github-redirect.dependabot.com/actions/cache/issues/810 ">#810</a>
- download stuck issue. A new timeout is introduced in the download
process to abort the download if it gets stuck and doesn't finish within
an hour.</li>
</ul>
<h3>3.0.8</h3>
<ul>
<li>Fix zstd not working for windows on gnu tar in issues <a
href="https://github-redirect.dependabot.com/actions/cache/issues/888 ">#888</a>
and <a
href="https://github-redirect.dependabot.com/actions/cache/issues/891 ">#891</a>.</li>
<li>Allowing users to provide a custom timeout as input for aborting
download of a cache segment using an environment variable
<code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li>
</ul>
<h3>3.0.9</h3>
<ul>
<li>Enhanced the warning message for cache unavailablity in case of
GHES.</li>
</ul>
<h3>3.0.10</h3>
<ul>
<li>Fix a bug with sorting inputs.</li>
<li>Update definition for restore-keys in README.md</li>
</ul>
<h3>3.0.11</h3>
<ul>
<li>Update toolkit version to 3.0.5 to include
<code>@actions/core@^1.10.0</code></li>
<li>Update <code>@actions/cache</code> to use updated
<code>saveState</code> and <code>setOutput</code> functions from
<code>@actions/core@^1.10.0</code></li>
</ul>
<h3>3.1.0-beta.1</h3>
<ul>
<li>Update <code>@actions/cache</code> on windows to use gnu tar and
zstd by default and fallback to bsdtar and zstd if gnu tar is not
available. (<a
href="https://github-redirect.dependabot.com/actions/cache/issues/984 ">issue</a>)</li>
</ul>
<h3>3.1.0-beta.2</h3>
<ul>
<li>Added support for fallback to gzip to restore old caches on
windows.</li>
</ul>
<h3>3.1.0-beta.3</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="69d9d449achttps://github-redirect.dependabot.com/actions/cache/issues/1118 ">#1118</a>
from actions/pdotl/zstd-hotfix</li>
<li><a
href="8d3a1e02aab1db4b48977d4d6f7ffd8f7fa5d71595b455a0fb81b7281936https://github-redirect.dependabot.com/actions/cache/issues/1108 ">#1108</a>)</li>
<li><a
href="6998d139ddhttps://github-redirect.dependabot.com/actions/cache/issues/1105 ">#1105</a>)</li>
<li><a
href="2b8105bdaehttps://github-redirect.dependabot.com/actions/cache/issues/1101 ">#1101</a>)</li>
<li><a
href="e08330827dhttps://github-redirect.dependabot.com/actions/cache/issues/1076 ">#1076</a>)</li>
<li>Additional commits viewable in <a
href="fd5de65bc8...69d9d449achttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=3.0.8&new-version=3.2.6 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-02 13:51:13 -08:00
Zach Wasserman
f8f3a1e335
Update OSSF Scorecards action ( #10255 )
...
Based on the current recommended configuration from
https://github.com/ossf/scorecard-action#installation .
2023-03-02 09:14:42 -08:00
Zach Wasserman
2ed2940683
Generate targets for osqueryd 5.8.1 ( #10245 )
2023-03-01 17:51:15 -08:00
Lucas Manuel Rodriguez
2c6bd879f8
Notify Go and Integration CI failures to new channel ( #10235 )
2023-03-01 20:14:07 -03:00
dependabot[bot]
05d38abc35
Bump github/codeql-action from 2.1.21 to 2.2.5 ( #10220 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action )
from 2.1.21 to 2.2.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md ">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.2.5 - 24 Feb 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.12.3. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1543 ">#1543</a></li>
</ul>
<h2>2.2.4 - 10 Feb 2023</h2>
<p>No user facing changes.</p>
<h2>2.2.3 - 08 Feb 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.12.2. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1518 ">#1518</a></li>
</ul>
<h2>2.2.2 - 06 Feb 2023</h2>
<ul>
<li>Fix an issue where customers using the CodeQL Action with the <a
href="https://docs.github.com/en/enterprise-server@3.7/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access ">CodeQL
Action sync tool</a> would not be able to obtain the CodeQL tools. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1517 ">#1517</a></li>
</ul>
<h2>2.2.1 - 27 Jan 2023</h2>
<p>No user facing changes.</p>
<h2>2.2.0 - 26 Jan 2023</h2>
<ul>
<li>Improve stability when choosing the default version of CodeQL to use
in code scanning workflow runs on Actions on GitHub.com. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1475 ">#1475</a>
<ul>
<li>This change addresses customer reports of code scanning alerts on
GitHub.com being closed and reopened during the rollout of new versions
of CodeQL in the GitHub Actions <a
href="https://github.com/actions/runner-images ">runner images</a>.</li>
<li><strong>No change is required for the majority of
workflows</strong>, including:
<ul>
<li>Workflows on GitHub.com hosted runners using the latest version
(<code>v2</code>) of the CodeQL Action.</li>
<li>Workflows on GitHub.com hosted runners that are pinned to specific
versions of the CodeQL Action from <code>v2.2.0</code> onwards.</li>
<li>Workflows on GitHub Enterprise Server.</li>
</ul>
</li>
<li><strong>A change may be required</strong> for workflows on
GitHub.com hosted runners that are pinned to specific versions of the
CodeQL Action before <code>v2.2.0</code> (e.g. <code>v2.1.32</code>):
<ul>
<li>Previously, these workflows would obtain the latest version of
CodeQL from the Actions runner image.</li>
<li>Now, these workflows will download an older, compatible version of
CodeQL from GitHub Releases. To use this older version, no change is
required. To use the newest version of CodeQL, please update your
workflows to reference the latest version of the CodeQL Action
(<code>v2</code>).</li>
</ul>
</li>
<li><strong>Internal changes</strong>
<ul>
<li>These changes will not affect the majority of code scanning
workflows. Continue reading only if your workflow uses <a
href="https://github.com/actions/toolkit/tree/main/packages/tool-cache "><code>@actions/tool-cache</code></a>
or relies on the precise location of CodeQL within the Actions tool
cache.</li>
<li>The tool cache now contains <strong>two</strong> recent CodeQL
versions (previously <strong>one</strong>).</li>
<li>Each CodeQL version is located under a directory named after the
release date and version number, e.g. CodeQL 2.11.6 is now located under
<code>CodeQL/2.11.6-20221211/x64/codeql</code> (previously
<code>CodeQL/0.0.0-20221211/x64/codeql</code>).</li>
</ul>
</li>
</ul>
</li>
<li>The maximum number of <a
href="https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#run-object ">SARIF
runs</a> per file has been increased from 15 to 20 for users uploading
SARIF files to GitHub.com. This change will help ensure that Code
Scanning can process SARIF files generated by third-party tools that
have many runs. See the <a
href="https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data ">GitHub
API documentation</a> for a list of all the limits around uploading
SARIF. This change will be released to GitHub Enterprise Server as part
of GHES 3.9.</li>
<li>Update default CodeQL bundle version to 2.12.1. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1498 ">#1498</a></li>
<li>Fix a bug that forced the <code>init</code> Action to run for at
least two minutes on JavaScript. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1494 ">#1494</a></li>
</ul>
<h2>2.1.39 - 18 Jan 2023</h2>
<ul>
<li>CodeQL Action v1 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v2. For more information, see <a
href="https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/ ">this
changelog post</a>. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1466 ">#1467</a></li>
<li>Python automatic dependency installation will no longer fail for
projects using Poetry that specify <code>virtualenvs.options.no-pip =
true</code> in their <code>poetry.toml</code>. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1431 ">#1431</a></li>
<li>Avoid printing a stack trace and error message when the action fails
to find the SHA at the</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="32dc499307https://github-redirect.dependabot.com/github/codeql-action/issues/1547 ">#1547</a>
from github/update-v2.2.5-237a258d2</li>
<li><a
href="b742728ac2237a258d2bhttps://github-redirect.dependabot.com/github/codeql-action/issues/1543 ">#1543</a>
from github/alexet/update-2.12.3</li>
<li><a
href="5972e6d72e164027e6823dde1f3512https://github-redirect.dependabot.com/github/codeql-action/issues/1540 ">#1540</a>
from cklin/expect-discarded-cache</li>
<li><a
href="d7d7567b0e0e4e857bab08d1f21d4ff3bd25eefahttps://github-redirect.dependabot.com/github/codeql-action/issues/1544 ">#1544</a>
from github/aeisenberg/clean-cache</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/v2.1.21...32dc499307d133bb5085bae78498c0ac2cf762d5 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2023-03-01 11:39:55 -08:00
dependabot[bot]
17ecc388ec
Bump tfsec/tfsec-sarif-action from 0.1.3 to 0.1.4 ( #10219 )
...
Bumps
[tfsec/tfsec-sarif-action](https://github.com/tfsec/tfsec-sarif-action )
from 0.1.3 to 0.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tfsec/tfsec-sarif-action/releases ">tfsec/tfsec-sarif-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Replace deprecated <code>set-output</code> usage with environment
file <code>GITHUB_OUTPUT</code> by <a
href="https://github.com/sivapalan "><code>@sivapalan</code></a> in <a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/35 ">aquasecurity/tfsec-sarif-action#35</a></li>
<li>Fix conditional expression for setting <code>TFSEC_VERSION</code> by
<a href="https://github.com/sivapalan "><code>@sivapalan</code></a> in
<a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/36 ">aquasecurity/tfsec-sarif-action#36</a></li>
<li>Forcing wget to use IPv4 by <a
href="https://github.com/jasonjanderson "><code>@jasonjanderson</code></a>
in <a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/37 ">aquasecurity/tfsec-sarif-action#37</a></li>
<li>add git and hg to docker image by <a
href="https://github.com/bobcallaway "><code>@bobcallaway</code></a> in
<a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/33 ">aquasecurity/tfsec-sarif-action#33</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/jasonjanderson "><code>@jasonjanderson</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/37 ">aquasecurity/tfsec-sarif-action#37</a></li>
<li><a
href="https://github.com/bobcallaway "><code>@bobcallaway</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/aquasecurity/tfsec-sarif-action/pull/33 ">aquasecurity/tfsec-sarif-action#33</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/aquasecurity/tfsec-sarif-action/compare/v0.1.3...v0.1.4 ">https://github.com/aquasecurity/tfsec-sarif-action/compare/v0.1.3...v0.1.4 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="21ded20e8chttps://github-redirect.dependabot.com/tfsec/tfsec-sarif-action/issues/33 ">#33</a>)</li>
<li><a
href="8019886f8dhttps://github-redirect.dependabot.com/tfsec/tfsec-sarif-action/issues/37 ">#37</a>)</li>
<li><a
href="83567846f0https://github-redirect.dependabot.com/tfsec/tfsec-sarif-action/issues/36 ">#36</a>)</li>
<li><a
href="9d5437db455d34a982aa...21ded20e8chttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tfsec/tfsec-sarif-action&package-manager=github_actions&previous-version=0.1.3&new-version=0.1.4 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 11:37:49 -08:00
dependabot[bot]
74a86ff0ab
Bump dawidd6/action-download-artifact from 2.23.0 to 2.26.0 ( #10218 )
...
Bumps
[dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact )
from 2.23.0 to 2.26.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5e780fc7bbhttps://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/227 ">#227</a>)</li>
<li><a
href="b59d8c6a6chttps://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/225 ">#225</a>)</li>
<li><a
href="5004d5476ehttps://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/219 ">#219</a>
from dawidd6/dependabot-npm_and_yarn-actions-artifact...</li>
<li><a
href="b1a9c91d1fbd10f381a9https://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/218 ">#218</a>
from dawidd6/dependabot-npm_and_yarn-adm-zip-0.5.10</li>
<li><a
href="61a654a8cedcadc4bd45https://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/211 ">#211</a>
from koplo199/master</li>
<li><a
href="ceeb280c4f806bb52fe0e6e25ac3a2https://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/209 ">#209</a>
from dawidd6/v2</li>
<li>Additional commits viewable in <a
href="7847792dd4...5e780fc7bbhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dawidd6/action-download-artifact&package-manager=github_actions&previous-version=2.23.0&new-version=2.26.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2023-03-01 11:32:47 -08:00
StepSecurity Bot
2154c13865
Pin actions to commit SHA ( #10204 )
...
## Summary
This pull request is created by [Secure
Repo](https://app.stepsecurity.io/securerepo ) at the request of @zwass.
Please merge the Pull Request to incorporate the requested changes.
Please tag @zwass on your message if you have any questions related to
the PR. You can also engage with the
[StepSecurity](https://github.com/step-security ) team by tagging
@step-security-bot.
## Security Fixes
### Pinned Dependencies
GitHub Action tags and Docker tags are mutable. This poses a security
risk. GitHub's Security Hardening guide recommends pinning actions to
full length commit.
- [GitHub Security
Guide](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions )
- [The Open Source Security Foundation (OpenSSF) Security
Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies )
## Feedback
For bug reports, feature requests, and general feedback; please create
an issue in
[step-security/secure-repo](https://github.com/step-security/secure-repo ).
To create such PRs, please visit https://app.stepsecurity.io/securerepo .
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2023-02-28 17:55:38 -08:00
Zach Wasserman
64cd97fc83
Remove debug on failure from integration test action ( #10202 )
...
This would cause the job to take much longer to report a failure.
Instead, just add this line if debugging is necessary.
2023-02-28 17:23:52 -08:00
dependabot[bot]
0ef74017ea
Bump docker/login-action from 2.0.0 to 2.1.0 ( #10182 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from
2.0.0 to 2.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases ">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Ensure AWS temp credentials are redacted in workflow logs by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/login-action/issues/275 ">#275</a>)</li>
<li>Bump <code>@actions/core</code> from 1.6.0 to 1.10.0 (<a
href="https://github-redirect.dependabot.com/docker/login-action/issues/252 ">#252</a>
<a
href="https://github-redirect.dependabot.com/docker/login-action/issues/292 ">#292</a>)</li>
<li>Bump <code>@aws-sdk/client-ecr</code> from 3.53.0 to 3.186.0 (<a
href="https://github-redirect.dependabot.com/docker/login-action/issues/298 ">#298</a>)</li>
<li>Bump <code>@aws-sdk/client-ecr-public</code> from 3.53.0 to 3.186.0
(<a
href="https://github-redirect.dependabot.com/docker/login-action/issues/299 ">#299</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v2.0.0...v2.1.0 ">https://github.com/docker/login-action/compare/v2.0.0...v2.1.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f4ef78c080https://github-redirect.dependabot.com/docker/login-action/issues/299 ">#299</a>
from docker/dependabot/npm_and_yarn/aws-sdk/client-ec...</li>
<li><a
href="9ad4ce3929884eadd4f8a266232f5chttps://github-redirect.dependabot.com/docker/login-action/issues/298 ">#298</a>
from docker/dependabot/npm_and_yarn/aws-sdk/client-ec...</li>
<li><a
href="f97efcfbf95ae789beac71c23b5b34https://github-redirect.dependabot.com/docker/login-action/issues/292 ">#292</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.0</li>
<li><a
href="6401d70aab67e8909cc621f251affchttps://github-redirect.dependabot.com/docker/login-action/issues/275 ">#275</a>
from crazy-max/redact-aws-creds</li>
<li>Additional commits viewable in <a
href="49ed152c8e...f4ef78c080https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=2.0.0&new-version=2.1.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2023-02-28 17:19:37 -08:00
dependabot[bot]
56b26753a5
Bump ossf/scorecard-action from 1.1.2 to 2.1.2 ( #10180 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action )
from 1.1.2 to 2.1.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ossf/scorecard-action/releases ">ossf/scorecard-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.2</h2>
<h2>What's Changed</h2>
<h3>Fixes</h3>
<ul>
<li>🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf
statement. by <a
href="https://github.com/spencerschrock "><code>@spencerschrock</code></a>
in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054 ">ossf/scorecard-action#1054</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 ">https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 </a></p>
<h2>v2.1.1</h2>
<h2>Scorecard version</h2>
<p>This release use <a
href="https://github.com/ossf/scorecard/releases/tag/v4.10.1 ">Scorecard's
v4.10.1</a></p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 ">https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 </a></p>
<h2>v2.1.0</h2>
<h2>What's Changed</h2>
<h3>Scorecard version</h3>
<p>This release uses <a
href="https://github.com/ossf/scorecard/releases/tag/v4.10.0 ">scorecard
v4.10.0</a>.</p>
<h3>Improvements</h3>
<ul>
<li>Docker build workflow by <a
href="https://github.com/naveensrinivasan "><code>@naveensrinivasan</code></a>
in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/981 ">ossf/scorecard-action#981</a></li>
<li>Use root user in distroless to support GitHub Actions by <a
href="https://github.com/spencerschrock "><code>@spencerschrock</code></a>
in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/994 ">ossf/scorecard-action#994</a></li>
<li>Disable pull_request_target by <a
href="https://github.com/laurentsimon "><code>@laurentsimon</code></a>
in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1031 ">ossf/scorecard-action#1031</a></li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Add PAT section explaining risks by <a
href="https://github.com/olivekl "><code>@olivekl</code></a> in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1024 ">ossf/scorecard-action#1024</a></li>
<li>Make the badge text easier to copy by <a
href="https://github.com/rajbos "><code>@rajbos</code></a> in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1026 ">ossf/scorecard-action#1026</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/joycebrum "><code>@joycebrum</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/984 ">ossf/scorecard-action#984</a></li>
<li><a href="https://github.com/rajbos "><code>@rajbos</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1026 ">ossf/scorecard-action#1026</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.0.6...v2.1.0 ">https://github.com/ossf/scorecard-action/compare/v2.0.6...v2.1.0 </a></p>
<h2>v2.0.6</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix - Broken dockerfile by <a
href="https://github.com/naveensrinivasan "><code>@naveensrinivasan</code></a>
in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/979 ">ossf/scorecard-action#979</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.0.5...v2.0.6 ">https://github.com/ossf/scorecard-action/compare/v2.0.5...v2.0.6 </a></p>
<h2>v2.0.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Remove trailing space from example by <a
href="https://github.com/jamacku "><code>@jamacku</code></a> in <a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/pull/955 ">ossf/scorecard-action#955</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e38b1902aehttps://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055 ">#1055</a>)</li>
<li><a
href="7da02bf0d5https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054 ">#1054</a>)</li>
<li><a
href="013c0f8bd2🌱 Bump actions/dependency-review-action from 3.0.1 to
3.0.2</li>
<li><a
href="f93c094f4a🌱 Bump github/codeql-action from 2.1.36 to 2.1.37</li>
<li><a
href="ce8978e058🌱 Bump actions/upload-artifact from 3.1.0 to 3.1.1</li>
<li><a
href="5ce49db1aa🌱 Bump actions/setup-go from 3.4.0 to 3.5.0</li>
<li><a
href="15c10fcf1chttps://github-redirect.dependabot.com/ossf/scorecard-action/issues/1047 ">#1047</a>)</li>
<li><a
href="f96da1a128🌱 Update scorecard for the panic (<a
href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1045 ">#1045</a>)</li>
<li><a
href="813a825152https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1044 ">#1044</a>)</li>
<li><a
href="be62ea89c1https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1042 ">#1042</a>)</li>
<li>Additional commits viewable in <a
href="ce330fde6b...e38b1902aehttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=1.1.2&new-version=2.1.2 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 17:17:15 -08:00
Luke Heath
ac3541659d
Remove e2e tests from github test workflow ( #10176 )
2023-02-28 14:07:03 -06:00
Zach Wasserman
dfba1d2511
Update codecov action ( #10124 )
2023-02-28 09:42:49 -08:00
Zach Wasserman
e971f4510b
Remove contents:write from build-orbit action ( #10156 )
...
This is no longer needed since we use the upload action rather than
draft GitHub release.
2023-02-27 19:51:43 -08:00
dependabot[bot]
c7672db1f9
Bump goreleaser/goreleaser-action from 3.0.0 to 4.2.0 ( #9558 )
...
Bumps
[goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action )
from 3.0.0 to 4.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/goreleaser/goreleaser-action/releases ">goreleaser/goreleaser-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: don't depend on the GitHub API to check release by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/391 ">goreleaser/goreleaser-action#391</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4.1.1...v4.2.0 ">https://github.com/goreleaser/goreleaser-action/compare/v4.1.1...v4.2.0 </a></p>
<h2>v4.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update Readme to reference
<code>goreleaser/goreleaser-action@v4</code> by <a
href="https://github.com/felladrin "><code>@felladrin</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/384 ">goreleaser/goreleaser-action#384</a></li>
<li>docs: fix README badge by <a
href="https://github.com/dirien "><code>@dirien</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/386 ">goreleaser/goreleaser-action#386</a></li>
<li>chore(deps): bump json5 from 2.2.0 to 2.2.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/388 ">goreleaser/goreleaser-action#388</a></li>
<li>fix: use <code>@action/github</code> by <a
href="https://github.com/caarlos0 "><code>@caarlos0</code></a> and <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/390 ">goreleaser/goreleaser-action#390</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/felladrin "><code>@felladrin</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/384 ">goreleaser/goreleaser-action#384</a></li>
<li><a href="https://github.com/dirien "><code>@dirien</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/386 ">goreleaser/goreleaser-action#386</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4.1.0...v4.1.1 ">https://github.com/goreleaser/goreleaser-action/compare/v4.1.0...v4.1.1 </a></p>
<h2>v4.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat!: remove auto-snapshot on dirty tag by <a
href="https://github.com/caarlos0 "><code>@caarlos0</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/382 ">goreleaser/goreleaser-action#382</a></li>
<li>docs: add example when using workdir along with upload-artifact by
<a href="https://github.com/zdtsw "><code>@zdtsw</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/366 ">goreleaser/goreleaser-action#366</a></li>
<li>Fix Self-Hosted Windows Error: Expand-Archive by <a
href="https://github.com/flarco "><code>@flarco</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/379 ">goreleaser/goreleaser-action#379</a></li>
<li>chore(deps): bump minimatch from 3.0.4 to 3.1.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/383 ">goreleaser/goreleaser-action#383</a></li>
</ul>
<h2>Migrating from v3</h2>
<p>If you need the auto-snapshot feature, take a look at <a
href="https://github.com/caarlos0/goreleaser-action-v4-auto-snapshot-example ">this
example repository</a>: it's a minimal working example with all you
need.</p>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/zdtsw "><code>@zdtsw</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/366 ">goreleaser/goreleaser-action#366</a></li>
<li><a href="https://github.com/flarco "><code>@flarco</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/379 ">goreleaser/goreleaser-action#379</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4...v4.1.0 ">https://github.com/goreleaser/goreleaser-action/compare/v4...v4.1.0 </a></p>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: do not override GORELEASER_CURRENT_TAG by <a
href="https://github.com/caarlos0 "><code>@caarlos0</code></a> in <a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/pull/370 ">goreleaser/goreleaser-action#370</a></li>
</ul>
<h2>Migrating from v3</h2>
<p>If you need the auto-snapshot feature, take a look at <a
href="https://github.com/caarlos0/goreleaser-action-v4-auto-snapshot-example ">this
example repository</a>: it's a minimal working example with all you
need.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v3...v4.0.0 ">https://github.com/goreleaser/goreleaser-action/compare/v3...v4.0.0 </a></p>
<h2>v3.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore: remove workaround for <code>setOutput</code> by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/374 ">#374</a>)</li>
<li>chore(deps): bump <code>@actions/core</code> from 1.9.1 to 1.10.0
(<a
href="https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/372 ">#372</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f82d6c1c34https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/391 ">#391</a>)</li>
<li><a
href="9754a253a8https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/390 ">#390</a>)</li>
<li><a
href="b1a238106bb1ffc5d990https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/388 ">#388</a>)</li>
<li><a
href="256e4b8b28a7c543ca7ahttps://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/386 ">#386</a>)</li>
<li><a
href="13f1e21a50https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/384 ">#384</a>)</li>
<li><a
href="8f67e590f278df308971https://github-redirect.dependabot.com/goreleaser/goreleaser-action/issues/383 ">#383</a>)</li>
<li><a
href="66134d94a768acf3b1ad...f82d6c1c34https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=goreleaser/goreleaser-action&package-manager=github_actions&previous-version=3.0.0&new-version=4.2.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 18:22:01 -08:00
dependabot[bot]
673a4465cc
Bump stefanprodan/helm-gh-pages from 1.5.0 to 1.7.0 ( #8804 )
...
Bumps
[stefanprodan/helm-gh-pages](https://github.com/stefanprodan/helm-gh-pages )
from 1.5.0 to 1.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stefanprodan/helm-gh-pages/releases ">stefanprodan/helm-gh-pages's
releases</a>.</em></p>
<blockquote>
<h2>v1.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Allow private helm repo auth in dependencies by <a
href="https://github.com/zzorica "><code>@zzorica</code></a> in <a
href="https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/pull/35 ">stefanprodan/helm-gh-pages#35</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/zzorica "><code>@zzorica</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/pull/35 ">stefanprodan/helm-gh-pages#35</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/stefanprodan/helm-gh-pages/compare/v1.6.0...v1.7.0 ">https://github.com/stefanprodan/helm-gh-pages/compare/v1.6.0...v1.7.0 </a></p>
<h2>v1.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add support for alias:<!-- raw HTML omitted --> in dependencies
check by <a
href="https://github.com/paulcarlton-ww "><code>@paulcarlton-ww</code></a>
in <a
href="https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/pull/32 ">stefanprodan/helm-gh-pages#32</a></li>
<li>Update Helm to v3.10.0 by <a
href="https://github.com/stefanprodan "><code>@stefanprodan</code></a>
in <a
href="https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/pull/33 ">stefanprodan/helm-gh-pages#33</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/stefanprodan/helm-gh-pages/compare/v1.5.0...v1.6.0 ">https://github.com/stefanprodan/helm-gh-pages/compare/v1.5.0...v1.6.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0ad2bb3773https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/issues/35 ">#35</a>
from zzorica/allow-private-helm-repo-auth-in-dependencies</li>
<li><a
href="86e9903900a5c9252781https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/issues/33 ">#33</a>
from stefanprodan/helm-3.10.0</li>
<li><a
href="844812954cb97c7e37c5https://github-redirect.dependabot.com/stefanprodan/helm-gh-pages/issues/32 ">#32</a>
from paulcarlton-ww/debug</li>
<li><a
href="84568715a3aa53926042a77eeb9630ce5cd1646e13eb32b03bb43a8719cc...0ad2bb3773https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stefanprodan/helm-gh-pages&package-manager=github_actions&previous-version=1.5.0&new-version=1.7.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 18:17:32 -08:00
dependabot[bot]
527cb0a622
Bump aws-actions/amazon-ecr-login from 1.5.0 to 1.5.3 ( #8507 )
...
Bumps
[aws-actions/amazon-ecr-login](https://github.com/aws-actions/amazon-ecr-login )
from 1.5.0 to 1.5.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/amazon-ecr-login/releases ">aws-actions/amazon-ecr-login's
releases</a>.</em></p>
<blockquote>
<h2>v1.5.3</h2>
<p>See the <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/HEAD/CHANGELOG.md ">changelog</a>
for details about the changes included in this release.</p>
<h2>v1.5.2</h2>
<p>See the <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/HEAD/CHANGELOG.md ">changelog</a>
for details about the changes included in this release.</p>
<h2>v1.5.1</h2>
<p>See the <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/HEAD/CHANGELOG.md ">changelog</a>
for details about the changes included in this release.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/amazon-ecr-login/blob/main/CHANGELOG.md ">aws-actions/amazon-ecr-login's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file.
See <a
href="https://github.com/conventional-changelog/standard-version ">standard-version</a>
for commit guidelines.</p>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.2...v1.5.3 ">1.5.3</a>
(2022-10-29)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.1...v1.5.2 ">1.5.2</a>
(2022-10-18)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.5.0...v1.5.1 ">1.5.1</a>
(2022-08-04)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>reverted change that masked Docker credentials (<a
href="7d073b66cchttps://github.com/aws-actions/amazon-ecr-login/compare/v1.4.0...v1.5.0 ">1.5.0</a>
(2022-06-27)</h2>
<h3>Features</h3>
<ul>
<li>added ECR Public Registry support (<a
href="b4f084e928https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.3...v1.4.0 ">1.4.0</a>
(2022-05-20)</h2>
<h3>Features</h3>
<ul>
<li>output docker credentials after login (<a
href="57206dc28cd121236bfd45a78e2dabhttps://github.com/aws-actions/amazon-ecr-login/compare/v1.3.2...v1.3.3 ">1.3.3</a>
(2021-02-15)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.1...v1.3.2 ">1.3.2</a>
(2021-02-01)</h3>
<h3><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.3.0...v1.3.1 ">1.3.1</a>
(2020-11-24)</h3>
<h2><a
href="https://github.com/aws-actions/amazon-ecr-login/compare/v1.2.2...v1.3.0 ">1.3.0</a>
(2020-10-29)</h2>
<h3>Features</h3>
<ul>
<li>optional skipping of docker registries logout in post step (<a
href="https://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/78 ">#78</a>)
(<a
href="dd3fdeeb95https://github.com/aws-actions/amazon-ecr-login/compare/v1.2.1...v1.2.2 ">1.2.2</a>
(2020-10-05)</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="261a7de32b3e4df454b5https://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/330 ">#330</a>
from aws-actions/docs</li>
<li><a
href="c77259b767383620b24dhttps://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/352 ">#352</a>
from aws-actions/dependabot/npm_and_yarn/actions/core...</li>
<li><a
href="8ccaf47755eb9a709a70ba4f9ee500https://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/355 ">#355</a>
from aws-actions/dependabot/npm_and_yarn/eslint-8.25.0</li>
<li><a
href="a1ac76b296c21dbea0d3https://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/356 ">#356</a>
from aws-actions/dependabot/npm_and_yarn/aws-sdk-2.12...</li>
<li><a
href="e70c985d14https://github-redirect.dependabot.com/aws-actions/amazon-ecr-login/issues/354 ">#354</a>
from gotoeveryone/chore/update-runtime-to-node16</li>
<li>Additional commits viewable in <a
href="b874a33292...261a7de32bhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aws-actions/amazon-ecr-login&package-manager=github_actions&previous-version=1.5.0&new-version=1.5.3 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 18:15:16 -08:00
Luke Heath
71f2a62b4c
Prepare for 4.28.0 ( #10103 )
2023-02-27 15:19:15 -08:00
Zach Wasserman
2a7b7100dd
Update Orbit to use CGO on Linux ( #9846 )
2023-02-21 18:49:13 -08:00
Lucas Manuel Rodriguez
2e199dcdab
Fix golangci-lint issue and run Github action on all OSs ( #9944 )
...
We have code that builds conditionally depending on the platform (mostly
Orbit code) so we should run `golangci-lint` checks on all OSs.
This adds it to run on macOS, for Windows see:
https://github.com/fleetdm/fleet/issues/9943
2023-02-21 14:30:45 -03:00
Mike McNeil
02d21dd495
tweaks and rename issue templae ( #9970 )
...
. .
.
.....
.
2023-02-21 02:32:11 -06:00
Mike McNeil
8dd2bfdca8
Issue template: Update feature-request.md ( #9971 )
...
.
2023-02-21 02:31:53 -06:00
Mo Zhu
2c3bb838fa
User story template, sub-task template, and handbook improvements ( #9375 )
...
.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-02-21 00:58:52 -06:00
Luke Heath
bc2c6e59f5
Update node-sass frontend dependency ( #9954 )
...
Due to the update in https://github.com/fleetdm/fleet/pull/9950 we need
to update our version of `node-sass` to support Node 19.
2023-02-20 14:23:19 -06:00
Zach Wasserman
4669d8c474
Generate Nudge targets in CI ( #9845 )
...
Tooling to generate targets in CI for #9798 .
---------
Co-authored-by: Roberto Dip <me@roperzh.com>
2023-02-20 09:23:56 -08:00
Luke Heath
13e821d059
Prepare for 4.27.1 ( #9885 )
2023-02-17 19:19:02 -08:00
Zach Wasserman
991858d6d5
Pull go version from GitHub variables for Fleet release builds ( #9883 )
2023-02-16 11:52:09 -06:00
Lucas Manuel Rodriguez
d4a1b4d218
Add CIS checks for 2.9.X and add pmset table to fleetd ( #9470 )
...
#9253
- ~[ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files )
for more information.~
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- [X] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [X] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
---------
Co-authored-by: Sharon Katz <121527325+sharon-fdm@users.noreply.github.com>
2023-02-08 13:08:17 -03:00
Luke Heath
b3daf3d715
Prepare for 4.27.0 ( #9683 )
2023-02-03 17:03:06 -08:00
Zach Wasserman
7299879365
Generate targets for osqueryd 5.7.0 ( #9115 )
...
5.7.0 is now released.
2023-01-30 17:29:19 -08:00
Reed Haynes
a1ccbf4c3b
remove broken fleet ui link in bug template ( #9472 )
...
# Checklist for submitter
n/a
2023-01-24 11:03:47 -06:00
Eric
4fd1efe98a
Website: Add API to send signed CSR emails ( #8408 )
...
This pull request relies on the `mdm-gen-cert` command from
https://github.com/fleetdm/fleet/pull/8884 .
Closes: https://github.com/fleetdm/fleet/issues/8223
Changes:
- Updated the deploy Fleet website workflow to:
- Add Go as a dependency
- Build the mdm-gen-cert binary in `/website/.tools/`
- add the `/.tools/` folder to the Heroku app
- Added `deliver-apple-csr.js` - an API that:
- can be called by making a `POST` request to
`/api/v1/deliver-apple-csr`
- accepts `csr` as an input
- runs the `mdm-gen-cert` command with the `csr` set as an environment
variable
- returns an `invalidEmailDomain` response if the user's email domain is
in the array of banned email domains.
- saves the users organization and email address to the website's
database
- Sends an email to the requesting user's email address with the signed
CSR attached as a text file named `apple-apns-request.txt`
- Posts a message to a channel in the Fleet Slack.
- Added a new model: `CertificateSigningRequests` that contains two
required attributes: `emailAddress` and `organization`
- Added a new email template `email-signed-csr-for-apns`
- Updated routes, policies, eslintrc, and rebuilt cloud-sdk
Before this can be merged, we will need to:
- [x] Add new config variables in Heroku
- [x] `sails.config.custom.mdmVendorCertPem`
- [x] `sails.config.custom.mdmVendorKeyPem`
- [x] `sails.config.custom.mdmVendorKeyPassphrase`
- [x] `sails.config.custom.slackWebhookUrlForMDMSignups`
- [x] Add the `CertificateSigningRequests` model to the website's
database
2023-01-19 14:43:14 -06:00
Mo Zhu
02e5d46afd
Add product label by default to stories ( #9422 )
2023-01-19 10:05:49 -05:00
Luke Heath
6b2cc04537
Change technical sub-task default label ( #9357 )
2023-01-16 12:49:16 -06:00
Luke Heath
b6a6ac454f
Prepare for 4.26.0 ( #9326 )
2023-01-13 16:26:22 -08:00
Mike McNeil
9b38551921
Add story label to issue template ( #9334 )
...
. .
2023-01-13 18:17:08 -06:00
Sharon Katz
f627bf43ac
modify_issue_template ( #9329 )
...
This PR will change our github issues template from the previous
**new-feature-work** to **Story** and **sub-task**.
It can only be tested after merging to main.
# Testing required:
After merging this PR to main, make sure that when creating a new issue,
these templates are available instead of the old one.
# Checklist for submitter
- [ ] Manual QA for all new/changed functionality
.
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-01-13 17:37:02 -06:00
Eric
47d43d5307
Website: fix failing GitHub workflows ( #9285 )
...
Changes:
- Updated the `build-static-content` script to use a GitHub API token
for requests if one is provided e.g., `sails run build-static-content
--githubAccessToken="foo"`
- Updated the `build-for-prod` npm script to run the
`build-static-content` script with a variable named `BUILD_SCRIPT_ARGS`.
- Updated the "Deploy Fleet website" and "Test Fleet website" workflows
to run the `build-for-prod` script with a GitHub API token
. .
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-01-11 13:31:20 -06:00
Luke Heath
d4bf6fd428
Remove epic label from all new feature issues ( #9221 )
2023-01-09 16:27:30 -06:00
Lucas Manuel Rodriguez
ac22aadc13
Fleet server and tooling to use NETWORK_TEST_GITHUB_TOKEN when environment variable is set. ( #9143 )
...
* WIP
* Add more logging
* Check rate limit at end of action
* Add github client in more places
* Add new published firefox 93 vulnerabilities to tests
* Remove fmt printfs
* Restore CI check settings
* Readd newline
2023-01-03 14:56:11 -03:00
Zach Wasserman
33c0cb990d
Test larger runner for E2E test action ( #9066 )
2022-12-23 09:37:03 -08:00
Luke Heath
54e8b3e250
Prepare for 4.25.0 ( #9113 )
2022-12-22 15:13:24 -08:00
Zach Wasserman
e941adfaaa
Use ubuntu-20.04 runner for Fleet build ( #9114 )
...
A customer had a seccomp profile that seemed to be incompatible with the
changes in glibc in ubuntu-22.04. Setting the builder back to 20.04
explicitly to resolve this issue.
2022-12-22 14:48:41 -08:00
Eric
98c2ef98f7
Update test-website.yml ( #9042 )
2022-12-21 10:29:56 -06:00
Marcos Oviedo
605ae861c9
Windows installer now ensures that legacy osquery installations gets removed during clean install ( #9048 )
...
This relates to #8891 .
This PR introduces Wix custom actions usage.
2022-12-19 16:06:44 -08:00
Tomas Touceda
45e0a14700
Add quay push ( #8967 )
...
* Add quay push to the snapshot pusher to start
* Tags need to be just the tag part in this one
* Put the tag in a variable
* Fix typos
* Switch up how we define registry to see if it finds the image like this
* Add quay push everywhere else
2022-12-12 14:15:06 -03:00
Tomas Touceda
71dbb71df4
Update go to 1.19.4 ( #8945 )
...
* Update go to 1.19.4
* Comment out failing package test
* Comment out ALL the packaging tests for windows for the moment
* Update go to 1.19.4
* Comment out failing package test
* Comment out ALL the packaging tests for windows for the moment
* Update changelog
* Bump versions
* Update changelog to reflect this being a security release
2022-12-09 11:47:17 -03:00
Robert Fairburn
41feacad4d
Fix confusion with tags on dogfood deploy workflow ( #8964 )
...
* Fix confusion with tags on dogfood deploy workflow
* Update .github/workflows/dogfood-deploy.yml
Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com>
Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com>
2022-12-08 12:11:33 -06:00
Michal Nicpon
10b3179b63
Add fleetctl generate mdm-apple ( #8812 )
2022-12-07 18:24:42 +01:00
Roberto Dip
743ac46a09
disable fleetctl preview tests on macos ( #8911 )
2022-12-02 11:29:38 -03:00
Marcos Oviedo
ff9206655a
Fixing UninstallString to properly include msiexec /x call ( #8857 )
...
* Fixing UninstallString to properly include msiexec /x call
2022-11-28 20:18:28 -03:00
Mo Zhu
9e2b98336a
Reminder to update the transparency page for new features ( #8761 )
2022-11-18 11:17:46 -05:00
Zach Wasserman
efbe4c0777
Update Go to 1.19.3 ( #8525 ) ( #8614 )
...
Co-authored-by: Tomas Touceda <chiiph@gmail.com>
2022-11-08 13:03:23 -03:00
Zach Wasserman
875df496b1
Generate targets for osqueryd 5.6.0 ( #8355 )
2022-11-07 15:15:52 -08:00
Zach Wasserman
1920e64b93
Update Desktop version to 1.3.1 ( #8397 )
2022-11-07 15:15:21 -08:00
Mo Zhu
f7c99dbf3d
Update feature-request.md ( #8581 )
2022-11-04 09:41:19 -04:00
Mo Zhu
d436fdfe9f
Update new-feature-work.md ( #8580 )
2022-11-04 09:40:54 -04:00
Luke Heath
8fb57d365b
Remove cypress dashboard ( #8518 )
2022-11-01 10:32:30 -05:00
Roberto Dip
e5f38f0015
fix integration.yml CI workflow by setting a Go version ( #8516 )
...
We don't have a `matrix.go-version` defined, so the task was using
`go1.17.13` as the default.
This explicitly sets the version to `go1.19.1`, I didn't use a `matrix`
definition because at least for now, we only want to run this test using a
single Go version.
Since I was there, I also updated test-native-tooling-packaging.yml to
use `go1.19.1` too.
2022-11-01 09:34:52 -03:00
Eric
a5ba469e41
update build-storybook step ( #8503 )
2022-10-31 14:02:29 -05:00
Guillaume Ross
75a9419412
8241 trivy ignore file action ( #8345 )
...
* Create .trivyignore
Adding original trivy ignore file. Working to resolve/document more of the findings, especially around go.mod. Will add a github action as well.
* Adding default trivy scan for testing
* Update trivy_scan.yml
Making it manual + daily for now
* Update trivy_scan.yml
updating name
* Renamed + configured Trivy scan
2022-10-31 10:50:29 -04:00
Eric
149a908b82
move build-storybook step ( #8492 )
2022-10-31 09:19:20 -05:00
Roberto Dip
96014148a8
run apt update before installing packages in golangci-lint ( #8487 )
2022-10-31 09:43:26 -03:00
Eric
c6698e242f
Website: Add storybook to Fleet website ( #8203 )
...
* Add build storybook to deploy website workflow
* add assets/storybook folder to .gitignore & .eslintIgnore
* Revert changes to website/.gitignore
* revert whitespace change
* Update deploy-fleet-website.yml
2022-10-28 19:48:14 -05:00
Marcos Oviedo
131cc7eeec
Orbit MSI installer now includes the necessary manifest file to use windows_event_log as a logger_plugin. ( #8343 )
...
* Orbit MSI installer now includes the necessary manifest file to use windows_event_log as a logger_plugin
2022-10-27 10:19:30 -03:00
Marcos Oviedo
8b77939494
Fixed an Orbit MSI installer bug that caused Orbit files not to be removed during uninstallation ( #8333 )
2022-10-25 09:00:37 -03:00
Michal Nicpon
56f3cb62ef
add concurrency to ci ( #8271 )
...
* add concurrency to ci
* add readme for workflows
2022-10-24 14:01:00 -06:00
Mo Zhu
a691ae62a8
Update new-feature-work.md ( #8412 )
...
- Update issue template
2022-10-24 10:08:37 -04:00
Michal Nicpon
3953a1f4dd
update pull request template with link to docs on changes ( #8400 )
2022-10-21 11:34:44 -06:00
Lucas Manuel Rodriguez
2bb7661b91
Update Fleet Desktop version to 1.3.0 ( #8202 )
2022-10-21 09:58:03 -07:00
Mo Zhu
16d1ba80b7
Update new feature work template ( #8382 )
...
- Update the issue template
2022-10-21 10:09:54 -04:00
Marcos Oviedo
ec3f49881f
8009 fleet desktop icon duplication ( #8017 )
...
* Adding a new synchronization mechanism between fleet-desktop app and Orbit service. Improved windows service teardown to ensure that fleet-desktop does not get force killed without getting signaled. Improved windows process enumeration to avoid unnecessary delays during windows service start and windows service teardown. Updating windows service to reflect service teardown extra time due to synchronization.
2022-10-13 10:58:37 -03:00
Lucas Manuel Rodriguez
bec3824ddb
Update mk-ca-bundle.pl tool in repository ( #8184 )
...
* Update mk-ca-bundle.pl in repository
* Update certs.pem with new version of mk-ca-bundle.pl
* Add extra check against curl.se site
2022-10-12 12:01:18 -03:00
Roberto Dip
174f894b53
fix migration order check by only checking additions ( #8172 )
...
this modifies the migration order CI check to only check for added files
by:
1. Escaping the blob we give to git, so bash doesn't perform expansion,
this lets git handle the blob matching, which for reasons I don't
fully understand allows to find file renames.
2. Applying `--diff-filter=A`, which makes git only list file additions.
2022-10-11 16:31:40 -03:00
Roberto Dip
2bb4ec2e6d
add script to check for migration order ( #7803 )
...
Related to #6142 , this adds a CI check for the order of migrations.
As I noted in a comment on the workflow file, it's important to keep in mind that some migrations might still go unnoticed even with this check, example:
1. PR1 adds a migration, CI check pass
2. PR2 adds a migration, CI pass, gets merged
3. PR1 can still be merged because the CI checks aren't run again
The check will fail in `main` however, so if we find the current script to be reliable, we could setup a Slack ping or something similar, to make sure somebody takes a look
2022-10-11 15:36:15 -03:00
dependabot[bot]
35ae71502f
Bump actions/setup-go from 3.2.1 to 3.3.0 ( #7470 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.2.1 to 3.3.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](84cbf80943...268d8c0ca0
2022-10-10 18:55:13 -03:00
Michal Nicpon
9056b22874
set default shell in workflows ( #8108 )
...
* wait for mysql in workflows
2022-10-07 09:43:56 -06:00
Lucas Manuel Rodriguez
c09a30d11e
Add Orbit testing to pull_request_template.md ( #7896 )
...
* Add Orbit testing to pull_request_template.md
* Address PR comment
2022-10-06 08:16:18 -03:00
Lucas Manuel Rodriguez
127d18642d
Run TUF CI checks on ubuntu-latest ( #8088 )
...
* Run TUF CI checks on ubuntu-latest
* Add itself to path
2022-10-05 19:59:11 -03:00
Martin Angers
ec75fb10b2
Fix CI tests for Go ( #8079 )
2022-10-04 15:48:14 -04:00
Eric
fba863f1e1
Update test-website.yml ( #8076 )
2022-10-04 12:52:00 -05:00
Zach Wasserman
44dc5ab175
Add handling for Apple Team ID in Notarization ( #7991 )
...
Fleet's Notarization workflows no longer work without this argument, so this is added as an optional argument for Notarization.
2022-10-04 09:48:21 -07:00
Guillaume Ross
e48fbad3ac
Adding the schema path to the fleet website deployment workflow ( #8063 )
2022-10-03 12:20:30 -04:00
Zachary Winnerman
7e69a34f51
Make the github action fail if used on the main branch ( #7967 )
2022-09-29 17:30:47 +00:00
Martin Angers
7356378d0f
Update hashicorp/aws provider version for loadtesting and add CI validation ( #7937 )
...
* Update hashicorp/aws provider version for loadtesting and add CI validation
* Update name of the new workflow
2022-09-28 09:38:56 -05:00
Zach Wasserman
a106e1af83
Update Fleet Desktop version ( #7961 )
2022-09-27 19:22:40 -07:00
Zach Wasserman
855cca9368
Update notarization to use notarytool ( #7962 )
...
Updating from github.com/mitchellh/gon (old API) to the newer xcrun notarytool.
See https://github.com/fleetdm/fleet/actions/runs/3132173324/jobs/5084249006 for example run.
2022-09-27 08:25:42 -07:00
Marcos Oviedo
381f628be7
Bug 7874: Adding SCM calls to register Orbit as a windows service ( #7934 )
...
* Bug 7874: Adding SCM calls to register Orbit as a windows service
2022-09-27 11:52:41 -03:00
Martin Angers
84903deffb
Remove gotestfmt formatting on CI ( #7939 )
2022-09-26 11:37:21 -04:00
Gabriel Hernandez
fca5ad3158
add edit agent options activity text ( #7695 )
2022-09-23 12:05:07 -04:00
Luke Heath
a6dd4c3d0c
Add Cypress dashboard to CI ( #7899 )
2022-09-22 13:52:22 -05:00
Martin Angers
db24cf32fa
Add new low_disk_space URL parameter to the GET /hosts endpoint (and GET /hosts/count) ( #7853 )
2022-09-21 15:16:31 -04:00
Reed Haynes
8607a5d394
Update smoke-tests.md ( #7827 )
...
Add "migration tests" step to QA template.
2022-09-19 14:23:02 -04:00
Lucas Manuel Rodriguez
1a6380d590
Fix deprecated virtual runner and golangci-lint deprecated checkers ( #7716 )
2022-09-13 10:48:21 -03:00
Luke Heath
32cde29834
Disable dependabot version updates for npm ( #7697 )
2022-09-13 10:17:40 -03:00
Tomas Touceda
8457e55b53
Bump go to 1.19.1 ( #7690 )
...
* Bump go to 1.19.1
* Bump remaining go-version to the 1.19.1
* Add extra paths for test-go
* Oops, putting the right path in the right place
* gofmt file
* gofmt ALL THE THINGS
* Moar changes
* Actually, go.mod doesn't like minor versions
2022-09-12 20:32:43 -03:00
Roberto Dip
2397d744a2
fix conditional clauses to run workflows ( #7580 )
...
In https://github.com/fleetdm/fleet/pull/7399 we accidentally:
1. added a condition to `.github/workflows/fleet-and-orbit.yml` that always evaluates to `false` making this workflow always fail
2. modified the condition of `.github/workflows/fleetctl-preview-latest.yml`
This reverts those changes.
2022-09-06 10:20:45 -03:00
Luke Heath
b1c46b4063
Set dependabot to check npm production dependencies only ( #7566 )
2022-09-02 14:16:26 -05:00
Luke Heath
6cdd053ead
Set go and npm reviewers to DRI only ( #7542 )
...
Co-authored-by: Guillaume Ross <guillaume@fleetdm.com>
2022-09-02 13:06:22 -05:00
Guillaume Ross
fbb88b18b3
Tentative dependabot config with assignees ( #7488 )
...
I am not 100% sure the npm thing for / and /website separately will work as intended but this should already make things more precise
2022-08-31 14:59:36 -05:00
Roberto Dip
43785428fb
add workflow to test for uncommited schema changes ( #7467 )
...
This adds a new workflow to CI in order to test that the PR doesn't contain uncommited schema changes, which are the source of many merge conflicts and developer frustration.
2022-08-31 10:47:58 -03:00
dependabot[bot]
74839bc134
Bump dawidd6/action-download-artifact from 2.22.0 to 2.23.0 ( #7471 )
...
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact ) from 2.22.0 to 2.23.0.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases )
- [Commits](ea71f332a9...7847792dd4
2022-08-31 07:49:57 -03:00
dependabot[bot]
200ddfaaff
Bump actions/checkout from 2 to 3.0.2 ( #7301 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...2541b1294d2704b0964813337f33b291d3f8596b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-31 07:44:22 -03:00
dependabot[bot]
fda99bf3ca
Bump github/codeql-action from 2.1.17 to 2.1.21 ( #7400 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.17 to 2.1.21.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0c670bbf04...c7f292ea4f
2022-08-31 07:42:53 -03:00
dependabot[bot]
9e18a33eff
Bump actions/cache ( #7344 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 661fd3eb7f2f20d8c7c84bc2b0509efd7a826628 to 3.0.8. This release includes the previously tagged commit.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](661fd3eb7f...fd5de65bc8
2022-08-31 07:41:09 -03:00
Roberto Dip
715f320be1
reduce scope in which packaging and preview actions are run ( #7429 )
2022-08-29 15:38:30 -03:00
Roberto Dip
3d75ddcdc2
increase the CI timeout to install Docker on macOS ( #7430 )
...
in #7399 we reduced the timeout to 10 minutes, however there are multiple timing out and failing on main on the install docker step.
2022-08-29 12:50:16 -03:00
Michal Nicpon
f7b394b1a3
fix brew install warning ( #7399 )
2022-08-25 15:26:02 -06:00
Noah Talerman
b0e37accc9
Update "Learn how to use Fleet" for Fleet Sandbox ( #7142 )
...
- Update "Learn how to use Fleet" docs page to walk a Fleet Sandbox user through adding their device and running a query
- Add a "Get operating system information" query to standard query library for the "Learn how to use Fleet" walkthrough
- Update Fleet's top level README to point users who want to try Fleet to Fleet Sandbox
- Update "How to install osquery..." (macOS, Windows, Linux) blog posts to point users who want to try Fleet to Fleet Sandbox
- Move `fleetctl preview` questions to "Contributing" FAQ section in docs. This is because `fleetctl preview` is now a testing tool for Fleet contributors
- Update "Deploying" docs to point users who want to try Fleet to Fleet Sandbox
2022-08-19 14:13:15 -04:00
Zach Wasserman
ecb428a904
Prepare for Orbit 1.1.0 ( #7315 )
2022-08-19 08:27:50 -07:00
Zach Wasserman
abe76968f7
Generate targets for osquery 5.5.1 ( #7290 )
2022-08-19 08:15:24 -07:00
Zach Wasserman
c3ab51bea5
Generate targets for osquery 5.5.0 ( #7265 )
2022-08-18 15:00:58 +00:00
