Jean-Philippe Evrard
87a8aa6fb6
Merge pull request #1297 from kubereboot/dependabot/github_actions/actions/setup-go-6.3.0
2026-03-23 22:04:23 +01:00
Jean-Philippe Evrard
4b15eeb4a5
Merge pull request #1295 from kubereboot/dependabot/github_actions/docker/setup-buildx-action-4.0.0
2026-03-23 21:59:01 +01:00
dependabot[bot]
0330c1737c
build(deps): bump actions/setup-go from 6.0.0 to 6.3.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 6.0.0 to 6.3.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](4469467582...4b73464bb3support@github.com >
2026-03-23 05:48:59 +00:00
dependabot[bot]
0faf1d812b
build(deps): bump docker/build-push-action from 6.18.0 to 7.0.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6.18.0 to 7.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](263435318d...d08e5c354asupport@github.com >
2026-03-23 05:48:01 +00:00
dependabot[bot]
ca152e76f7
build(deps): bump docker/setup-buildx-action from 3.11.1 to 4.0.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.11.1 to 4.0.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](e468171a9d...4d04d5d948support@github.com >
2026-03-23 05:47:52 +00:00
Jean-Philippe Evrard
fe114765ef
Manually bump trivy
...
Without this, the CI will fail to use trivy.
Multiple reasons:
- We used shas + tags in the past. This was to guarantee the
version matches the release. Sadly that behaviour has changed
since september 2025, and dependabot does not update anymore
the sha pinned actions unless the version is also in comment.
This will be fixed in another PR.
- Trivy releases had to be republished since trivy security
incident.
- Old releases should not be used, so bumping is necessary.
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2026-03-19 18:53:25 +01:00
Jean-Philippe Evrard
168fe81bb4
Update policy for kube version
...
We have historically decided to support AND TEST 3 versions
of kubernetes. For that, we lagged behind in terms of client versions.
Lagging behind one version allowed us, thanks to kubernetes client version skew,
to support 3 versions at relatively low cost.
However, maintaining 3 versions has always been a pain.
For that, we pinned old versions of kubernetes clients/api and test tooling.
In december 2025 community meeting, we decided to only maintain two
versions: the most current one, and the previous one.
This allows us to bump more regularly and be more secure.
We can also more easily use dependabot this way.
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2026-03-19 06:07:15 +01:00
Jean-Philippe Evrard
4d5ca31338
Merge pull request #1279 from kubereboot/dependabot/github_actions/docker/metadata-action-5.10.0
2026-02-22 08:17:34 +01:00
Jean-Philippe Evrard
6a1ba49eb6
Merge pull request #1278 from kubereboot/dependabot/github_actions/docker/login-action-3.7.0
2026-02-22 08:17:07 +01:00
Jean-Philippe Evrard
cbc7da275f
Merge pull request #1277 from kubereboot/dependabot/github_actions/jdx/mise-action-3.6.1
2026-02-22 08:16:32 +01:00
dependabot[bot]
743cc1a13f
build(deps): bump docker/metadata-action from 5.8.0 to 5.10.0
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 5.8.0 to 5.10.0.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](c1e51972af...c299e40c65support@github.com >
2026-01-30 17:54:53 +00:00
dependabot[bot]
ef88f700e8
build(deps): bump docker/login-action from 3.6.0 to 3.7.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](5e57cd1181...c94ce9fb46support@github.com >
2026-01-30 17:54:40 +00:00
dependabot[bot]
31c2febd45
build(deps): bump jdx/mise-action from 3.5.1 to 3.6.1
...
Bumps [jdx/mise-action](https://github.com/jdx/mise-action ) from 3.5.1 to 3.6.1.
- [Release notes](https://github.com/jdx/mise-action/releases )
- [Changelog](https://github.com/jdx/mise-action/blob/main/CHANGELOG.md )
- [Commits](146a281750...6d1e696aa2support@github.com >
2026-01-30 17:54:34 +00:00
dependabot[bot]
e68a556b8d
build(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](330a01c490...b7c566a772support@github.com >
2026-01-30 17:54:27 +00:00
Jean-Philippe Evrard
1f7961dc47
Merge pull request #1248 from kubereboot/dependabot/github_actions/jdx/mise-action-3.4.0
2026-01-30 08:30:16 +01:00
Jean-Philippe Evrard
efedb85f53
Merge pull request #1255 from kubereboot/dependabot/github_actions/step-security/harden-runner-2.13.2
2026-01-30 08:29:15 +01:00
Jean-Philippe Evrard
35b7a2d9c6
Merge pull request #1256 from kubereboot/dependabot/github_actions/docker/setup-qemu-action-3.7.0
2026-01-30 08:28:24 +01:00
Jean-Philippe Evrard
9afdecf1ec
Update Kured to support kubernetes 1.35
...
Now that a new kind version is released supporting 1.35,
we can use it for our CI testing.
This commit:
- Bumps the kind version and its images to support the 1.35
- Ensure all the API calls are done with client-go (and other k8s deps)
supporting a maximum ranges of versions (0.34)
- Aligns Kured go version with k8s 0.34 go version.
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2026-01-22 18:27:03 +01:00
dependabot[bot]
34177f9b57
build(deps): bump jdx/mise-action from 3.3.1 to 3.4.0
...
Bumps [jdx/mise-action](https://github.com/jdx/mise-action ) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/jdx/mise-action/releases )
- [Changelog](https://github.com/jdx/mise-action/blob/main/CHANGELOG.md )
- [Commits](e3d7b8d67a...be3be2260bsupport@github.com >
2025-12-19 18:26:29 +00:00
dependabot[bot]
ed77686a5c
build(deps): bump docker/setup-qemu-action from 3.6.0 to 3.7.0
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](29109295f8...c7c5346462support@github.com >
2025-11-05 17:05:06 +00:00
dependabot[bot]
1cbf1933dc
build(deps): bump step-security/harden-runner from 2.13.1 to 2.13.2
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.13.1 to 2.13.2.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](f4a75cfd61...95d9a5dedasupport@github.com >
2025-11-05 17:04:59 +00:00
Dharsan Baskar
453b69f199
fix: don't auto-close PRs with keep label
...
Signed-off-by: Dharsan Baskar <git@dharsanb.com >
2025-11-02 16:47:14 +05:30
Jean-Philippe Evrard
5c3b6e5294
Revert "Bump GoReleaser to version 2"
...
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2025-11-02 10:36:49 +01:00
Jean-Philippe Evrard
610c7b7b40
Merge pull request #1230 from dharsanb/bump-goreleaser
...
Bump GoReleaser to version 2
2025-11-01 11:34:26 +01:00
Jean-Philippe Evrard
29abf56d46
Merge pull request #1236 from kubereboot/dependabot/github_actions/actions/upload-artifact-5.0.0
2025-10-31 17:28:58 +01:00
dependabot[bot]
c08d7bb07b
build(deps): bump lycheeverse/lychee-action from 2.6.1 to 2.7.0
...
Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action ) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/lycheeverse/lychee-action/releases )
- [Commits](885c65f3dc...a8c4c7cb88support@github.com >
2025-10-29 17:05:14 +00:00
dependabot[bot]
eff1008d65
build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.6.2 to 5.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](ea165f8d65...330a01c490support@github.com >
2025-10-27 17:22:48 +00:00
dependabot[bot]
2244e8f9e6
build(deps): bump actions/stale from 10.0.0 to 10.1.0
...
Bumps [actions/stale](https://github.com/actions/stale ) from 10.0.0 to 10.1.0.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](3a9db7e6a4...5f858e3efbsupport@github.com >
2025-10-14 18:24:42 +00:00
dependabot[bot]
4706ecee41
build(deps): bump actions/dependency-review-action from 4.8.0 to 4.8.1
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](56339e523c...40c09b7dc9support@github.com >
2025-10-13 17:05:06 +00:00
Dharsan Baskar
18335b9b38
ci: fix periodic test setup for go
...
Signed-off-by: Dharsan Baskar <git@dharsanb.com >
2025-10-11 10:20:40 +05:30
Dharsan Baskar
f82a42e41f
ci: bump goreleaser to version 2
...
Signed-off-by: Dharsan Baskar <git@dharsanb.com >
2025-10-09 10:09:08 +05:30
Dharsan Baskar
f611bd11ac
build: changed developer toolkit management from shell script to mise
...
Signed-off-by: Dharsan Baskar <git@dharsanb.com >
2025-10-08 07:46:23 +05:30
Jean-Philippe Evrard
70e258aabf
Merge pull request #1217 from kubereboot/dependabot/github_actions/actions/dependency-review-action-4.8.0
...
build(deps): bump actions/dependency-review-action from 4.7.3 to 4.8.0
2025-10-05 09:15:32 +02:00
Jean-Philippe Evrard
d788f58e60
Merge pull request #1219 from kubereboot/dependabot/github_actions/docker/login-action-3.6.0
2025-10-02 19:58:49 +02:00
dependabot[bot]
771080a2fd
build(deps): bump github/codeql-action from 3.30.3 to 3.30.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.30.3 to 3.30.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](192325c861...64d10c1313support@github.com >
2025-10-02 17:05:06 +00:00
dependabot[bot]
dfb6c13e8c
build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.4.2 to 2.4.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](05b42c6244...4eaacf0543support@github.com >
2025-10-01 17:06:30 +00:00
dependabot[bot]
a9b8c8a721
build(deps): bump docker/login-action from 3.5.0 to 3.6.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](184bdaa072...5e57cd1181support@github.com >
2025-09-29 20:30:52 +00:00
dependabot[bot]
a7fbd55747
build(deps): bump actions/dependency-review-action from 4.7.3 to 4.8.0
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.7.3 to 4.8.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](595b5aeba7...56339e523csupport@github.com >
2025-09-26 17:04:44 +00:00
Jean-Philippe Evrard
5d893c22dc
Merge pull request #1210 from kubereboot/dependabot/github_actions/step-security/harden-runner-2.13.1
...
build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1
2025-09-14 10:17:34 +02:00
dependabot[bot]
52aa00dd1e
build(deps): bump github/codeql-action from 3.30.1 to 3.30.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.30.1 to 3.30.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f1f6e5f6af...192325c861support@github.com >
2025-09-11 17:05:40 +00:00
dependabot[bot]
f773059366
build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.13.0 to 2.13.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](ec9f2d5744...f4a75cfd61support@github.com >
2025-09-10 17:05:09 +00:00
Jean-Philippe Evrard
c4a35595c6
Merge pull request #1201 from kubereboot/dependabot/github_actions/aquasecurity/trivy-action-0.33.1
...
build(deps): bump aquasecurity/trivy-action from 0.33.0 to 0.33.1
2025-09-06 16:44:38 +02:00
Jean-Philippe Evrard
305c302ebd
Merge pull request #1202 from kubereboot/dependabot/github_actions/actions/setup-go-6.0.0
...
build(deps): bump actions/setup-go from 5.5.0 to 6.0.0
2025-09-06 16:44:12 +02:00
Jean-Philippe Evrard
a079b240c7
Merge pull request #1203 from kubereboot/dependabot/github_actions/actions/stale-10.0.0
...
build(deps): bump actions/stale from 9.1.0 to 10.0.0
2025-09-06 16:43:28 +02:00
dependabot[bot]
e3f469523f
build(deps): bump github/codeql-action from 3.29.11 to 3.30.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.11 to 3.30.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3c3833e0f8...f1f6e5f6afsupport@github.com >
2025-09-05 17:04:15 +00:00
dependabot[bot]
603ace4ef0
build(deps): bump actions/stale from 9.1.0 to 10.0.0
...
Bumps [actions/stale](https://github.com/actions/stale ) from 9.1.0 to 10.0.0.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](5bef64f19d...3a9db7e6a4support@github.com >
2025-09-04 17:04:28 +00:00
dependabot[bot]
6a4c64093c
build(deps): bump actions/setup-go from 5.5.0 to 6.0.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.5.0 to 6.0.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](d35c59abb0...4469467582support@github.com >
2025-09-04 17:04:25 +00:00
dependabot[bot]
65c8b7ef5e
build(deps): bump aquasecurity/trivy-action from 0.33.0 to 0.33.1
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.33.0 to 0.33.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](f9424c10c3...b6643a29fesupport@github.com >
2025-09-04 04:19:37 +00:00
Jean-Philippe Evrard
6ab853dd71
Update Kured to support kubernetes 1.34
...
Now that a new kind version is released supporting 1.34,
we can use it for our CI testing.
This commit:
- Bumps the kind version and its images to support the 1.34
- Ensure all the API calls are done with client-go (and other k8s deps)
supporting a maximum ranges of versions (0.33)
- Aligns Kured go version with k8s 0.33 go version.
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2025-08-30 13:54:16 +02:00
dependabot[bot]
5305da5ce2
build(deps): bump github/codeql-action from 3.29.10 to 3.29.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.10 to 3.29.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](96f518a34f...3c3833e0f8support@github.com >
2025-08-29 21:11:35 +02:00
