Without this patch, the name of the image is not templated, which
cause the action to fail.
This should fix it, by ensuring the image scan action uses a
templated value, instead of incorrectly relying on shell templating,
which doesn't run in the action.
Without this patch, we are using outdated images in kind cluster
setup.
This should fix it, by removing 1.17 cluster (which is not tested
anymore), and updating 1.19 images.
Until a new alpine image is created, we should ensure the latest
packages are used, and therefore we should upgrade default
installed packages.
Without this patch, we'll have outdated and vulnerable packages
until a new 3.12 image is released.
This is a problem, as we'll publish broken images.
This should temporarily workaround it, at the expense of larger
images (contains package cache)
Without this patch, dependabot will still try to bump some k8s
dependencies.
This is a problem, as we need to bump them together, manually.
This should fix it by removing them all from dependabot.
We are now testing the helm charts on each PR. They are now
ensured to be passing our tests and reviewed before merging.
This also means that the merged changes in the master branch
are reliable, and therefore can be consumed immediately.
Currently, we are waiting for a release to publish a helm
chart.
This is a problem as it means that the helm chart will
always lag behind, and we'll miss a few semantic versions,
if for example the helm chart is adapted multiple times
before the next release.
This should fix it by ensuring ALL the merged changes in
our helm chart will result in a new published helm chart.
Without this patch, chart linting will fail: more than two
spaces are needed before a comment in the helm chart values.
This fixes it by adding one more space, and move the whole block
of comments for consistency.
This ensures we bump the code for 1.20.
It updates the testing to ensure kured works on a 1.20 cluster,
removes the testing on 1.17 (as it is now deprecated).
Libraries remain on 1.19, to avoid breaking 1.18 clusters.
Without this patch, the PR jobs are broken and no jobs are running.
This was a recently introduced typo in the last refactor of the
PR jobs.
This should fix it, and make the PR test working again.
Without this, golang version used is the golang version decided
by github.
This is a problem, as it might shift over time, without our control.
This fixes it by getting the golang version from the go.mod.
Without this patch, we'll get kubernetes updates.
This is not necessary, and could be even a problem on merge:
those kubernetes updates are done separately, knowingly,
to respect the life cycle of the kubernetes we need
(and stay one version below latest to have a larger coverage
of versions).
We could keep dependabot to update those on a lower frequency,
but that sounds clunky and not great. Instead disable them all,
and rely on the team to do this regular maintenance work.
There are lots of duplicated code in this workflow.
This fixes it by making a unique job with parameters. The
matrix buys us the parallelisation and the fail-fast.
Without this patch, the lint action incorrectly returns everything
is fine.
This is a problem, as lint effectively is not running, and
therefore we could merge broken charts.
This fixes it by updating to the latest practices you can find
in the official chart-repo-actions.
(See the official example in
i1a9640d998/.github/workflows/lint-test.yaml)
