From f735943c69cd8e1c5c04e9f9bbc955d295f0eb11 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 16 Apr 2024 08:41:29 +0000 Subject: [PATCH] chore(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#10040) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/e1523de7571e31dbe865fd2e80c5c7c23ae71eb4...59acb6260d9c0ba8f4a2f9d9b48431a222b68e20) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/conformance.yaml | 2 +- .github/workflows/helm-release.yaml | 2 +- .github/workflows/images-publish.yaml | 2 +- .github/workflows/release.yaml | 6 +++--- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/conformance.yaml b/.github/workflows/conformance.yaml index e54c43fdfa..8604064e73 100644 --- a/.github/workflows/conformance.yaml +++ b/.github/workflows/conformance.yaml @@ -638,7 +638,7 @@ jobs: - name: Install crane uses: imjasonh/setup-crane@00c9e93efa4e1138c9a7a5c594acd6c75a2fbf0c - name: Install Cosign - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 + uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 - name: Install chainsaw uses: kyverno/action-install-chainsaw@995cddaee7702e849270b84fa44cdcebe7462da8 # v0.1.9 # create cluster diff --git a/.github/workflows/helm-release.yaml b/.github/workflows/helm-release.yaml index f359d8222b..def3e5e652 100644 --- a/.github/workflows/helm-release.yaml +++ b/.github/workflows/helm-release.yaml @@ -70,7 +70,7 @@ jobs: version: v3.10.3 - name: Install Cosign - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 + uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 - name: Set version run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV diff --git a/.github/workflows/images-publish.yaml b/.github/workflows/images-publish.yaml index cf7527d628..8650fc30ba 100644 --- a/.github/workflows/images-publish.yaml +++ b/.github/workflows/images-publish.yaml @@ -48,7 +48,7 @@ jobs: output: 'trivy-results.sarif' severity: 'CRITICAL,HIGH' - name: Install Cosign - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 + uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 - name: Publish kyverno id: publish-kyverno uses: ./.github/actions/publish-image diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index e55a49fc78..864e5bacd5 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -43,7 +43,7 @@ jobs: output: 'trivy-results.sarif' severity: 'CRITICAL,HIGH' - name: Install Cosign - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 + uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 - name: Publish kyverno id: release-kyverno uses: ./.github/actions/publish-image @@ -243,7 +243,7 @@ jobs: timeout-minutes: 30 - uses: creekorful/goreportcard-action@1f35ced8cdac2cba28c9a2f2288a16aacfd507f9 # v1.0 - name: Install Cosign - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 + uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 - name: Make Release env: VERSION: ${{ github.ref_name }} @@ -282,7 +282,7 @@ jobs: with: version: 0.35.0 - name: Install Cosign - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 + uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 - name: Build yaml manifest run: VERSION=${{ github.ref_name }} make codegen-manifest-release - name: Upload install manifest