Enable dependabot

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2026-05-06 01:27:05 +00:00 · 2025-05-15 01:28:59 +03:00
parent c8419e386a
commit ca101e6728
9 changed files with 42 additions and 56 deletions
--- a/.github/actions/release-notes/Dockerfile
+++ b/.github/actions/release-notes/Dockerfile
@@ -1,6 +0,0 @@
-FROM stefanprodan/alpine-base:latest
-
-COPY entrypoint.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh
-
-ENTRYPOINT ["/entrypoint.sh"]
--- a/.github/actions/release-notes/action.yml
+++ b/.github/actions/release-notes/action.yml
@@ -1,9 +0,0 @@
-name: 'github-release-notes'
-description: 'A GitHub Action to run github-release-notes commands'
-author: 'Stefan Prodan'
-branding:
-  icon: 'command'
-  color: 'blue'
-runs:
-  using: 'docker'
-  image: 'Dockerfile'
--- a/.github/actions/release-notes/entrypoint.sh
+++ b/.github/actions/release-notes/entrypoint.sh
@@ -1,25 +0,0 @@
-#!/usr/bin/env bash
-
-set -o errexit
-set -o pipefail
-
-VERSION=0.2.0
-BIN_DIR="$GITHUB_WORKSPACE/bin"
-
-main() {
-  mkdir -p ${BIN_DIR}
-  tmpDir=$(mktemp -d)
-
-  pushd $tmpDir >& /dev/null
-
-  curl -sSL https://github.com/buchanae/github-release-notes/releases/download/${VERSION}/github-release-notes-linux-amd64-${VERSION}.tar.gz | tar xz
-  cp github-release-notes ${BIN_DIR}/github-release-notes
-
-  popd >& /dev/null
-  rm -rf $tmpDir
-}
-
-main
-
-echo "$BIN_DIR" >> $GITHUB_PATH
-echo "$RUNNER_WORKSPACE/$(basename $GITHUB_REPOSITORY)/bin" >> $GITHUB_PATH
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -0,0 +1,11 @@
+version: 2
+
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    groups:
+      actions:
+        patterns:
+          - "*"
+    schedule:
+      interval: "weekly"
--- a/.github/workflows/cve-scan.yml
+++ b/.github/workflows/cve-scan.yml
@@ -21,7 +21,7 @@ jobs:
          docker build -t ${IMAGE} .
          echo "image=$IMAGE" >> $GITHUB_OUTPUT
      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@v0.30.0
        with:
          image-ref: ${{ steps.build.outputs.image }}
          format: table
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -26,7 +26,7 @@ jobs:
      - name: Setup Helm
        uses: azure/setup-helm@v3
        with:
-          version: v3.16.1
+          version: v3.17.3
      - name: Deploy
        run: ./test/deploy.sh
      - name: Run integration tests
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -18,8 +18,8 @@ jobs:
    steps:
      - uses: actions/checkout@v4
      - uses: sigstore/cosign-installer@v3
-      - uses: fluxcd/flux2/action@main
-      - uses: stefanprodan/timoni/actions/setup@main
+      - uses: fluxcd/flux2/action@v2.5.1
+      - uses: stefanprodan/timoni/actions/setup@v0.24.0
      - name: Setup Notation CLI
        uses: notaryproject/notation-action/setup@v1
        with:
@@ -39,7 +39,7 @@ jobs:
      - name: Setup Helm
        uses: azure/setup-helm@v3
        with:
-          version: v3.16.1
+          version: v3.17.3
      - name: Setup QEMU
        uses: docker/setup-qemu-action@v3
        with:
@@ -156,15 +156,10 @@ jobs:
          notation sign --signature-format cose ghcr.io/stefanprodan/manifests/podinfo:${{ steps.prep.outputs.VERSION }}
          notation sign --signature-format cose ghcr.io/stefanprodan/podinfo-deploy:${{ steps.prep.outputs.VERSION }}
          notation sign --signature-format cose ghcr.io/stefanprodan/podinfo-deploy:latest
-      - uses: ./.github/actions/release-notes
-      - name: Generate release notes
-        run: |
-          echo 'CHANGELOG' > /tmp/release.txt
-          github-release-notes -org stefanprodan -repo podinfo -since-latest-release >> /tmp/release.txt
      - name: Publish release
        uses: goreleaser/goreleaser-action@v6
        with:
          version: latest
-          args: release --release-notes=/tmp/release.txt --skip=validate
+          args: release --skip=validate
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -11,6 +11,7 @@ permissions:

 env:
  KUBERNETES_VERSION: 1.31.0
+  HELM_VERSION: 3.17.3

 jobs:
  test:
@@ -34,11 +35,11 @@ jobs:
      - name: Setup Helm
        uses: azure/setup-helm@v3
        with:
-          version: v3.16.1
+          version: v${{ env.HELM_VERSION }}
      - name: Setup CUE
        uses: cue-lang/setup-cue@v1.0.0
      - name: Setup Timoni
-        uses: stefanprodan/timoni/actions/setup@main
+        uses: stefanprodan/timoni/actions/setup@v0.24.0
      - name: Run unit tests
        run: make test
      - name: Validate Helm chart