diff --git a/.github/workflows/zz_generated.check_values_schema.yaml b/.github/workflows/zz_generated.check_values_schema.yaml index 32b4dae4..b6df649e 100644 --- a/.github/workflows/zz_generated.check_values_schema.yaml +++ b/.github/workflows/zz_generated.check_values_schema.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.21.0 +# devctl@6.23.3 # name: 'Values and schema' on: @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 diff --git a/.github/workflows/zz_generated.create_release.yaml b/.github/workflows/zz_generated.create_release.yaml index 81e70d89..07b7f5ed 100644 --- a/.github/workflows/zz_generated.create_release.yaml +++ b/.github/workflows/zz_generated.create_release.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.21.0 +# devctl@6.23.3 # name: Create Release on: @@ -52,7 +52,7 @@ jobs: echo "version=${version}" >> $GITHUB_OUTPUT - name: Checkout code if: ${{ steps.get_version.outputs.version != '' }} - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Get project.go path id: get_project_go_path if: ${{ steps.get_version.outputs.version != '' }} @@ -88,12 +88,12 @@ jobs: - gather_facts steps: - name: Install architect - uses: giantswarm/install-binary-action@v2.0.0 + uses: giantswarm/install-binary-action@033b1a657eea23d9c42e77312b370e6125e4e38f # v2.0.0 with: binary: "architect" version: "6.14.1" - name: Install semver - uses: giantswarm/install-binary-action@v2.0.0 + uses: giantswarm/install-binary-action@033b1a657eea23d9c42e77312b370e6125e4e38f # v2.0.0 with: binary: "semver" version: "3.2.0" @@ -101,7 +101,7 @@ jobs: tarball_binary_path: "*/src/${binary}" smoke_test: "${binary} --version" - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Update project.go id: update_project_go env: @@ -161,7 +161,7 @@ jobs: upload_url: ${{ steps.create_gh_release.outputs.upload_url }} steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: ref: ${{ github.sha }} - name: Ensure correct version in project.go @@ -172,7 +172,7 @@ jobs: grep -qE "version[[:space:]]*=[[:space:]]*\"$version\"" $file - name: Get Changelog Entry id: changelog_reader - uses: mindsers/changelog-reader-action@v2 + uses: mindsers/changelog-reader-action@32aa5b4c155d76c94e4ec883a223c947b2f02656 # v2.2.3 with: version: ${{ needs.gather_facts.outputs.version }} path: ./CHANGELOG.md @@ -191,7 +191,7 @@ jobs: git push "${REMOTE_REPO}" --tags - name: Create release id: create_gh_release - uses: ncipollo/release-action@v1 + uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0 env: GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}" with: @@ -206,7 +206,7 @@ jobs: if: ${{ needs.gather_facts.outputs.version }} steps: - name: Install semver - uses: giantswarm/install-binary-action@v2.0.0 + uses: giantswarm/install-binary-action@033b1a657eea23d9c42e77312b370e6125e4e38f # v2.0.0 with: binary: "semver" version: "3.0.0" @@ -214,7 +214,7 @@ jobs: tarball_binary_path: "*/src/${binary}" smoke_test: "${binary} --version" - name: Check out the repository - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 # Clone the whole history, not just the most recent commit. - name: Fetch all tags and branches diff --git a/.github/workflows/zz_generated.create_release_pr.yaml b/.github/workflows/zz_generated.create_release_pr.yaml index d08d72ed..4c60aeea 100644 --- a/.github/workflows/zz_generated.create_release_pr.yaml +++ b/.github/workflows/zz_generated.create_release_pr.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.21.0 +# devctl@6.23.3 # name: Create Release PR on: @@ -143,16 +143,16 @@ jobs: env: architect_flags: "--organisation ${{ github.repository_owner }} --project ${{ needs.gather_facts.outputs.repo_name }}" steps: - - uses: actions/setup-go@v3 + - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version: '=1.18.1' - name: Install architect - uses: giantswarm/install-binary-action@v2.0.0 + uses: giantswarm/install-binary-action@033b1a657eea23d9c42e77312b370e6125e4e38f # v2.0.0 with: binary: "architect" version: "6.11.0" - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: ref: ${{ needs.gather_facts.outputs.branch }} - name: Prepare release changes diff --git a/.github/workflows/zz_generated.diff_helm_render_templates.yaml b/.github/workflows/zz_generated.diff_helm_render_templates.yaml index a47a31ff..a02899d4 100644 --- a/.github/workflows/zz_generated.diff_helm_render_templates.yaml +++ b/.github/workflows/zz_generated.diff_helm_render_templates.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.21.0 +# devctl@6.23.3 # name: Compare Helm Rendering @@ -21,7 +21,7 @@ jobs: if: github.event_name == 'pull_request' steps: - name: Find suspend comment - uses: peter-evans/find-comment@v3 + uses: peter-evans/find-comment@d5fe37641ad8451bdd80312415672ba26c86575e # v3.0.0 continue-on-error: true id: fc with: @@ -45,14 +45,14 @@ jobs: runs-on: ubuntu-latest if: github.event_name == 'pull_request' && needs.check-cmp-state.outputs.suspend_comment_id == 0 && needs.check-cmp-state.outputs.suspend_diffs_printing_from_pr_body == 'false' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: install helm - uses: azure/setup-helm@v4 + uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4.1.0 with: version: ${{ env.helm_ver }} - run: which helm - name: install dyff - uses: giantswarm/install-binary-action@v1 + uses: giantswarm/install-binary-action@033b1a657eea23d9c42e77312b370e6125e4e38f # v2.0.0 with: binary: dyff download_url: "https://github.com/homeport/dyff/releases/download/v${version}/dyff_${version}_linux_amd64.tar.gz" @@ -79,7 +79,7 @@ jobs: helm template -n org-giantswarm -f "helm/${{ github.event.repository.name }}/ci/ci-values.yaml" -f "${test_file_path}" "helm/${{ github.event.repository.name }}" > "/tmp/${test_file_path}/render-new.yaml" done - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: ref: "${{ github.event.repository.default_branch }}" path: 'old' @@ -99,7 +99,7 @@ jobs: helm template -n org-giantswarm -f "old/helm/${{ github.event.repository.name }}/ci/ci-values.yaml" -f "${test_file_path}" "old/helm/${{ github.event.repository.name }}" > "/tmp/${test_file_path}/render-old.yaml" done - name: get the diffs - uses: mathiasvr/command-output@v2.0.0 + uses: mathiasvr/command-output@34408ea3d0528273faff3d9e201761ae96106cd0 # v2.0.0 id: diff with: run: | @@ -121,7 +121,7 @@ jobs: echo "=== No differences at all ===" fi - name: Find diff comment - uses: peter-evans/find-comment@v3 + uses: peter-evans/find-comment@d5fe37641ad8451bdd80312415672ba26c86575e # v3.0.0 continue-on-error: true id: fc with: @@ -129,7 +129,7 @@ jobs: comment-author: 'github-actions[bot]' body-includes: 'differences in the rendered Helm template' - name: Delete old comment - uses: jungwinter/comment@v1 + uses: winterjung/comment@fda92dbcb5e7e79cccd55ecb107a8a3d7802a469 # v1.1.0 continue-on-error: true if: steps.fc.outputs.comment-id != 0 with: @@ -137,7 +137,7 @@ jobs: comment_id: ${{ steps.fc.outputs.comment-id }} token: ${{ secrets.GITHUB_TOKEN }} - name: Create comment in case of differences - uses: peter-evans/create-or-update-comment@v4 + uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0 if: "!contains(steps.diff.outputs.stdout, '=== No differences at all ===')" with: issue-number: ${{ github.event.pull_request.number }} @@ -154,7 +154,7 @@ jobs: - name: Create comment in case of no differences - uses: peter-evans/create-or-update-comment@v4 + uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0 if: "contains(steps.diff.outputs.stdout, '=== No differences at all ===')" with: issue-number: ${{ github.event.pull_request.number }} diff --git a/.github/workflows/zz_generated.documentation_validation.yaml b/.github/workflows/zz_generated.documentation_validation.yaml index 8f4e9918..bd8576a5 100644 --- a/.github/workflows/zz_generated.documentation_validation.yaml +++ b/.github/workflows/zz_generated.documentation_validation.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.21.0 +# devctl@6.23.3 # # This workflow validates the documentation generated from the JSON schema of the cluster-app @@ -28,11 +28,11 @@ jobs: GO_VERSION: 1.21.3 steps: - name: Set up Go ${{ env.GO_VERSION }} - uses: actions/setup-go@v3.3.0 + uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version: ${{ env.GO_VERSION }} - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: "Run 'make generate-docs' and check for differences" run: | make generate-docs diff --git a/.github/workflows/zz_generated.gitleaks.yaml b/.github/workflows/zz_generated.gitleaks.yaml index 057a4e7a..9e8628b7 100644 --- a/.github/workflows/zz_generated.gitleaks.yaml +++ b/.github/workflows/zz_generated.gitleaks.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.21.0 +# devctl@6.23.3 # name: gitleaks @@ -10,7 +10,7 @@ jobs: gitleaks: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: '0' - name: gitleaks-action diff --git a/.github/workflows/zz_generated.json_schema_validation.yaml b/.github/workflows/zz_generated.json_schema_validation.yaml index 537f77ef..1872d683 100644 --- a/.github/workflows/zz_generated.json_schema_validation.yaml +++ b/.github/workflows/zz_generated.json_schema_validation.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.21.0 +# devctl@6.23.3 # # This workflow validates the JSON schema of the cluster-app, which is located in @@ -26,10 +26,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Run schemalint id: run-schemalint - uses: giantswarm/schemalint/actions/verify-helm-schema@v2 + uses: giantswarm/schemalint/actions/verify-helm-schema@79be66ce4ed5c6154615f68e9b97ab3110b62968 # v2.5.1 with: rule-set: 'cluster-app' generate: @@ -37,8 +37,8 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Run helm-values-gen id: run-helm-values-gen - uses: giantswarm/helm-values-gen/actions/ensure-generated@v1 + uses: giantswarm/helm-values-gen/actions/ensure-generated@bb33e5f342b2026c9ba36073a4f2fdc74495f8c4 # v1.0.3 diff --git a/.github/workflows/zz_generated.run_ossf_scorecard.yaml b/.github/workflows/zz_generated.run_ossf_scorecard.yaml index bfea0f8a..43efbeb6 100644 --- a/.github/workflows/zz_generated.run_ossf_scorecard.yaml +++ b/.github/workflows/zz_generated.run_ossf_scorecard.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.21.0 +# devctl@6.23.3 # # This workflow uses actions that are not certified by GitHub. They are provided @@ -38,12 +38,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.3.2 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif @@ -65,7 +65,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: SARIF file path: results.sarif @@ -73,6 +73,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3 + uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9 with: sarif_file: results.sarif diff --git a/Makefile b/Makefile index 8835dd63..402f5a6b 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.21.0 +# devctl@6.23.3 # include Makefile.*.mk diff --git a/Makefile.gen.app.mk b/Makefile.gen.app.mk index 9909aa1a..0f4c3379 100644 --- a/Makefile.gen.app.mk +++ b/Makefile.gen.app.mk @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.21.0 +# devctl@6.23.3 # ##@ App diff --git a/Makefile.gen.cluster_app.mk b/Makefile.gen.cluster_app.mk index 33e70262..467fef81 100644 --- a/Makefile.gen.cluster_app.mk +++ b/Makefile.gen.cluster_app.mk @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@6.21.0 +# devctl@6.23.3 # ##@ Schema