diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 210ba8d6..cf5ca905 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -29,17 +29,17 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 + uses: github/codeql-action/init@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 + uses: github/codeql-action/autobuild@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 + uses: github/codeql-action/analyze@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index 1ecdf000..223c42f2 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -8,4 +8,4 @@ on: jobs: validate: name: Validate - uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@76287d41ec5f06ecbdd0a6453877a78675aceffe # v0.11.2 + uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@03958ef7a63d60075caa6172af19b41d4d6b4b0f # v1.0.0 diff --git a/.github/workflows/dependencyreview.yaml b/.github/workflows/dependencyreview.yaml index bf2dcfba..7b0990bc 100644 --- a/.github/workflows/dependencyreview.yaml +++ b/.github/workflows/dependencyreview.yaml @@ -17,11 +17,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 with: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: 'Dependency Review' uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4 diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index b81add5f..60f2f06e 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -16,12 +16,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@76287d41ec5f06ecbdd0a6453877a78675aceffe # v0.11.2 + uses: defenseunicorns/uds-common/.github/actions/setup@03958ef7a63d60075caa6172af19b41d4d6b4b0f # v1.0.0 with: registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index 5a7e596e..c567996f 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -22,7 +22,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: persist-credentials: false @@ -37,7 +37,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1 with: name: SARIF file path: results.sarif @@ -45,6 +45,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 + uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 with: sarif_file: results.sarif diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml index a3bfd78a..27f8ec2f 100644 --- a/.github/workflows/tag-and-release.yaml +++ b/.github/workflows/tag-and-release.yaml @@ -41,17 +41,17 @@ jobs: id-token: write steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@76287d41ec5f06ecbdd0a6453877a78675aceffe # v0.11.2 + uses: defenseunicorns/uds-common/.github/actions/setup@03958ef7a63d60075caa6172af19b41d4d6b4b0f # v1.0.0 with: registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} chainguardIdentity: ${{ secrets.CHAINGUARD_IDENTITY }} - - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 + - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Build Package run: uds run -f tasks/publish.yaml build-package --set FLAVOR=${{ matrix.flavor }} --no-progress @@ -70,10 +70,10 @@ jobs: - name: Debug Output if: ${{ always() }} - uses: defenseunicorns/uds-common/.github/actions/debug-output@76287d41ec5f06ecbdd0a6453877a78675aceffe # v0.11.2 + uses: defenseunicorns/uds-common/.github/actions/debug-output@03958ef7a63d60075caa6172af19b41d4d6b4b0f # v1.0.0 - name: Save logs if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@76287d41ec5f06ecbdd0a6453877a78675aceffe # v0.11.2 + uses: defenseunicorns/uds-common/.github/actions/save-logs@03958ef7a63d60075caa6172af19b41d4d6b4b0f # v1.0.0 with: suffix: ${{ matrix.flavor }}-${{ matrix.architecture }}-${{ github.run_id }}-${{ github.run_attempt }} diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 282dcbbd..8b65ebd3 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -49,35 +49,35 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@76287d41ec5f06ecbdd0a6453877a78675aceffe # v0.11.2 + uses: defenseunicorns/uds-common/.github/actions/setup@03958ef7a63d60075caa6172af19b41d4d6b4b0f # v1.0.0 with: registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} chainguardIdentity: ${{ secrets.CHAINGUARD_IDENTITY }} - - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 + - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Test - uses: defenseunicorns/uds-common/.github/actions/test@76287d41ec5f06ecbdd0a6453877a78675aceffe # v0.11.2 + uses: defenseunicorns/uds-common/.github/actions/test@03958ef7a63d60075caa6172af19b41d4d6b4b0f # v1.0.0 with: flavor: ${{ matrix.flavor }} type: ${{ matrix.type }} - name: Debug Output if: ${{ always() }} - uses: defenseunicorns/uds-common/.github/actions/debug-output@76287d41ec5f06ecbdd0a6453877a78675aceffe # v0.11.2 + uses: defenseunicorns/uds-common/.github/actions/debug-output@03958ef7a63d60075caa6172af19b41d4d6b4b0f # v1.0.0 - name: Save logs if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@76287d41ec5f06ecbdd0a6453877a78675aceffe # v0.11.2 + uses: defenseunicorns/uds-common/.github/actions/save-logs@03958ef7a63d60075caa6172af19b41d4d6b4b0f # v1.0.0 with: suffix: ${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} - - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + - uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1 if: always() with: name: playwright-report-${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5344be12..c32e03f5 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.6.0 + rev: v5.0.0 hooks: - id: check-added-large-files args: ["--maxkb=1024"] @@ -32,7 +32,7 @@ repos: hooks: - id: fix-smartquotes - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.29.1 + rev: 0.29.3 hooks: - id: check-jsonschema name: "Validate Zarf Configs Against Schema" @@ -41,14 +41,14 @@ repos: args: [ "--schemafile", - "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.37.0/zarf.schema.json", + "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.41.0/zarf.schema.json", "--no-cache" ] - repo: https://github.com/golangci/golangci-lint - rev: v1.59.1 + rev: v1.61.0 hooks: - id: golangci-lint - repo: https://github.com/renovatebot/pre-commit-hooks - rev: 38.21.2 + rev: 38.110.2 hooks: - id: renovate-config-validator diff --git a/plugins/Dockerfile b/plugins/Dockerfile index 0de2de3f..6e3c25cb 100644 --- a/plugins/Dockerfile +++ b/plugins/Dockerfile @@ -1,7 +1,7 @@ FROM cgr.dev/chainguard/busybox:latest # renovate: datasource=github-tags depName=mattermost/mattermost-plugin-ai versioning=semver -ENV MATTERMOST_AI_PLUGIN_VERSION=0.9.1 +ENV MATTERMOST_AI_PLUGIN_VERSION=1.0.0 # renovate: datasource=github-tags depName=mattermost/mattermost-plugin-gitlab versioning=semver ENV MATTERMOST_GITLAB_PLUGIN_VERSION=1.9.1 diff --git a/tasks.yaml b/tasks.yaml index a3fe4e16..e83591d0 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -2,11 +2,11 @@ includes: - cleanup: ./tasks/cleanup.yaml - dependencies: ./tasks/dependencies.yaml - test: ./tasks/test.yaml - - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.11.2/tasks/create.yaml - - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.11.2/tasks/lint.yaml - - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.11.2/tasks/pull.yaml - - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.11.2/tasks/deploy.yaml - - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.11.2/tasks/setup.yaml + - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.0.0/tasks/create.yaml + - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.0.0/tasks/lint.yaml + - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.0.0/tasks/pull.yaml + - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.0.0/tasks/deploy.yaml + - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.0.0/tasks/setup.yaml tasks: - name: default diff --git a/tasks/publish.yaml b/tasks/publish.yaml index a44670ca..d9a435b3 100644 --- a/tasks/publish.yaml +++ b/tasks/publish.yaml @@ -1,10 +1,10 @@ includes: - dependencies: ./dependencies.yaml - test: ./test.yaml - - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.11.2/tasks/create.yaml - - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.11.2/tasks/deploy.yaml - - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.11.2/tasks/publish.yaml - - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.11.2/tasks/setup.yaml + - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.0.0/tasks/create.yaml + - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.0.0/tasks/deploy.yaml + - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.0.0/tasks/publish.yaml + - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v1.0.0/tasks/setup.yaml tasks: - name: build-package