Charles-Edouard Brétéché
2cdeaacb87
fix: pr updater workflow ( #7665 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 11:14:50 +00:00
dependabot[bot]
5f15ad2ddc
chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 ( #7663 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551
2023-06-26 08:11:22 +00:00
dependabot[bot]
579bee8286
chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 ( #7664 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](dd6b2e2b61...d13028333d
2023-06-26 07:39:40 +00:00
Chip Zoller
c6e97c0ecc
add missing VULN_TEMPLATE.md ( #7640 )
...
* add missing VULN_TEMPLATE.md
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* remove file; fix reference
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
---------
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
2023-06-22 13:33:48 +00:00
Chip Zoller
4b8361bcc6
fix workflow ( #7615 )
...
* fix workflow
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* save
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* jq to compact output
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
---------
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 15:15:55 +00:00
Charles-Edouard Brétéché
48d64bd031
fix: token permissions ( #7624 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 09:47:15 +00:00
Charles-Edouard Brétéché
f307760a08
chore: improve pr updater job ( #7592 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 08:31:11 +00:00
Charles-Edouard Brétéché
ca8888c2da
fix: token permissions ( #7619 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-20 21:15:47 +00:00
Charles-Edouard Brétéché
d8951d4a95
fix: token permissions on report vulns workflow ( #7611 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-20 16:01:16 -04:00
Charles-Edouard Brétéché
4ff276c2d6
chore: improve dependabot config ( #7610 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-20 16:25:28 +00:00
Charles-Edouard Brétéché
58023c6360
fix: scorecard workflow ( #7605 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-20 13:30:15 +00:00
Charles-Edouard Brétéché
74f2cb3076
fix: CLI tests ( #7596 )
...
* fix: CLI tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-20 12:04:06 +00:00
Marcel
2a2be0ae5a
Add nancy-ignore to make it pass with current dependencies ( #7590 )
...
Signed-off-by: Marcel Müller <marcel@giantswarm.io>
2023-06-19 17:30:23 +00:00
Charles-Edouard Brétéché
2d060fae36
fix: scorecard workflow ( #7587 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-19 15:47:58 +00:00
Chip Zoller
f6045d7035
Test policy library ( #7568 )
...
* first attempt at adding policy library to kuttl tests
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix checkout
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* use standard config
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* use config file in kyverno/policies
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* cd
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix run command
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix debug failure uses
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
---------
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-19 15:17:24 +00:00
Charles-Edouard Brétéché
b092d6286b
chore: fix token permissions ( #7585 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-19 14:25:27 +00:00
Chip Zoller
85705a7fec
update ( #7573 )
...
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
2023-06-18 20:19:08 +00:00
Mike Bryant
91021b65b6
fix: Delete downstream objects on precondition fail ( #7496 )
...
* fix: Delete downstream objects on precondition fail
When a rule fails the match in a generate rule, the downstream resource gets deleted. This will now also happen if the rule is skipped due to a precondition.
Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>
* add debug command
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* sync trigger updates to downstream
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix bgscan fetching trigger
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: Move rbac change into tests for better isolation
Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>
* fix unit test
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-06-15 11:32:19 -04:00
dependabot[bot]
575cc7066a
chore(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 ( #7511 )
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](5f1fec7010...639cd343e1
2023-06-13 08:29:47 +00:00
dependabot[bot]
0af0944f87
chore(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 ( #7510 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](f82d6c1c34...336e29918d
2023-06-13 08:00:25 +00:00
dependabot[bot]
92989dcf94
chore(deps): bump github/codeql-action from 2.3.6 to 2.13.4 ( #7495 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.6 to 2.13.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](83f0fe6c49...cdcdbb5797
2023-06-12 12:36:19 +00:00
dependabot[bot]
43d9f64d94
chore(deps): bump aquasecurity/trivy-action from 0.11.0 to 0.11.2 ( #7494 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.11.0 to 0.11.2.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](b43daad0c3...41f05d9ecf
2023-06-12 09:08:28 +00:00
dependabot[bot]
5f73d2b796
chore(deps): bump actions/checkout from 3.5.2 to 3.5.3 ( #7493 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
2023-06-12 08:11:03 +00:00
Charles-Edouard Brétéché
123ba5f9d8
feat: sign released artifacts ( #7478 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-09 16:05:45 +00:00
dependabot[bot]
baa05b704f
chore(deps): bump slsa-framework/slsa-github-generator ( #7462 )
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.6.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-08 08:23:12 +00:00
dependabot[bot]
4bfe5e3e8d
chore(deps): bump docker/login-action from 2.1.0 to 2.2.0 ( #7463 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](f4ef78c080...465a07811f
2023-06-08 07:31:25 +00:00
dependabot[bot]
b4014b4c90
chore(deps): bump aquasecurity/trivy-action from 0.10.0 to 0.11.0 ( #7426 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](e5f43133f6...b43daad0c3
2023-06-06 11:10:36 +00:00
dependabot[bot]
2706c764fe
chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 ( #7414 )
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](08e2f20817...5f1fec7010
2023-06-05 07:29:19 +00:00
dependabot[bot]
f540006aa0
chore(deps): bump github/codeql-action from 2.3.5 to 2.3.6 ( #7382 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.5 to 2.3.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0225834cc5...83f0fe6c49
2023-06-02 07:55:18 +00:00
dependabot[bot]
a6786a152e
chore(deps): bump svenstaro/upload-release-action from 2.6.0 to 2.6.1 ( #7376 )
...
Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action ) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases )
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md )
- [Commits](58d5258088...2b9d2847a9
2023-06-01 08:40:26 +00:00
Chip Zoller
249d7e3150
update version drop-downs ( #7333 )
...
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
2023-05-30 21:54:35 +00:00
dependabot[bot]
fd7a25d0e3
chore(deps): bump github/codeql-action from 2.3.4 to 2.3.5 ( #7302 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.4 to 2.3.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f0e3dfb303...0225834cc5
2023-05-26 15:53:56 +08:00
Chip Zoller
64e3dde6ff
update versions ( #7297 )
...
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
2023-05-26 08:53:28 +08:00
dependabot[bot]
580e01e625
chore(deps): bump github/codeql-action from 2.3.3 to 2.3.4 ( #7288 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.3 to 2.3.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](29b1f65c5e...f0e3dfb303
2023-05-25 15:36:22 +00:00
dependabot[bot]
c2045a1496
chore(deps): bump actions/setup-python from 4.6.0 to 4.6.1 ( #7289 )
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.6.0 to 4.6.1.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](57ded4d7d5...bd6b4b6205
2023-05-25 23:02:47 +08:00
dependabot[bot]
8160a44400
chore(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.0 ( #7270 )
...
Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases )
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md )
- [Commits](7319e4733e...58d5258088
2023-05-24 08:23:24 +00:00
dependabot[bot]
addfe22842
chore(deps): bump sigstore/cosign-installer from 3.0.4 to 3.0.5 ( #7229 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](03d0fecf17...dd6b2e2b61
2023-05-18 11:04:23 +00:00
dependabot[bot]
e56c795143
chore(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.4 ( #7215 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](204a51a57a...03d0fecf17
2023-05-17 07:28:56 +00:00
dependabot[bot]
ea7a01c66e
chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 ( #7207 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](894ff025c7...eaaf4bedf3
2023-05-16 20:56:50 +08:00
dependabot[bot]
1d5bf55903
chore(deps): bump slsa-framework/slsa-github-generator ( #7160 )
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.5.0...v1.6.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-11 08:54:03 +00:00
dependabot[bot]
b27beda688
chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions ( #7123 )
...
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases )
- [Commits](21991cec25...555a30da26
2023-05-08 08:38:54 +00:00
dependabot[bot]
0d24443668
chore(deps): bump github/codeql-action from 2.3.2 to 2.3.3 ( #7099 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f3feb00acb...29b1f65c5e
2023-05-05 07:27:09 +00:00
Charles-Edouard Brétéché
02e89a5d22
fix: flaky github action ( #7068 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-05-02 17:29:48 +00:00
dependabot[bot]
f964f43889
chore(deps): bump github/codeql-action from 2.3.1 to 2.3.2 ( #7033 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8662eabe0e...f3feb00acb
2023-04-28 11:09:13 +00:00
dependabot[bot]
bf3baed013
chore(deps): bump github/codeql-action from 2.3.0 to 2.3.1 ( #7025 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2c19fb9a2...8662eabe0e
2023-04-27 11:38:52 +00:00
dependabot[bot]
e0de8c367d
chore(deps): bump sigstore/cosign-installer from 3.0.2 to 3.0.3 ( #7012 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](9e9de2292d...204a51a57a
2023-04-26 16:58:02 +08:00
Charles-Edouard Brétéché
daee335993
chore: bump kind image to 1.27.1 ( #6993 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-24 19:55:17 +08:00
dependabot[bot]
599638ba56
chore(deps): bump github/codeql-action from 2.2.12 to 2.3.0 ( #6989 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.12 to 2.3.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7df0ce3489...b2c19fb9a2
2023-04-24 17:02:34 +08:00
dependabot[bot]
2f37257f69
chore(deps): bump codecov/codecov-action from 3.1.2 to 3.1.3 ( #6982 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](40a12dcee2...894ff025c7
2023-04-21 08:21:55 +00:00
dependabot[bot]
30fc596dd1
chore(deps): bump actions/setup-python from 4.5.0 to 4.6.0 ( #6981 )
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](d27e3f3d7c...57ded4d7d5
2023-04-21 15:50:38 +08:00
