From 091c583c9696aa5191530a1af8eb82eabd836ea5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 23:41:40 +0000 Subject: [PATCH 1/5] Bump docker/build-push-action from 4 to 5 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 5. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v4...v5) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/atlas-image-build.yaml | 2 +- .github/workflows/kanister-image-build.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/atlas-image-build.yaml b/.github/workflows/atlas-image-build.yaml index fa00927d24..21b87fb60f 100644 --- a/.github/workflows/atlas-image-build.yaml +++ b/.github/workflows/atlas-image-build.yaml @@ -54,7 +54,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: "{{defaultContext}}:docker/mongodb-atlas" push: true diff --git a/.github/workflows/kanister-image-build.yaml b/.github/workflows/kanister-image-build.yaml index ba9dd21a79..c935fd3c44 100644 --- a/.github/workflows/kanister-image-build.yaml +++ b/.github/workflows/kanister-image-build.yaml @@ -57,7 +57,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: "{{defaultContext}}:docker/build" push: true From e7933adf2337881bc9e3ac88f15522983456e28d Mon Sep 17 00:00:00 2001 From: Julio <1953782+julio-lopez@users.noreply.github.com> Date: Wed, 13 Sep 2023 17:06:40 -0700 Subject: [PATCH 2/5] deps(gha): use commit id for docker/build-push-action version --- .github/workflows/atlas-image-build.yaml | 2 +- .github/workflows/kanister-image-build.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/atlas-image-build.yaml b/.github/workflows/atlas-image-build.yaml index 21b87fb60f..4dd58a7f8a 100644 --- a/.github/workflows/atlas-image-build.yaml +++ b/.github/workflows/atlas-image-build.yaml @@ -54,7 +54,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: context: "{{defaultContext}}:docker/mongodb-atlas" push: true diff --git a/.github/workflows/kanister-image-build.yaml b/.github/workflows/kanister-image-build.yaml index c935fd3c44..034ab156f9 100644 --- a/.github/workflows/kanister-image-build.yaml +++ b/.github/workflows/kanister-image-build.yaml @@ -57,7 +57,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: context: "{{defaultContext}}:docker/build" push: true From 720d237b3fb9de350aafa4b46c69d4ac9d51fc16 Mon Sep 17 00:00:00 2001 From: Julio <1953782+julio-lopez@users.noreply.github.com> Date: Wed, 13 Sep 2023 17:02:21 -0700 Subject: [PATCH 3/5] deps(gha): use commit id for docker/login-action version --- .github/workflows/atlas-image-build.yaml | 2 +- .github/workflows/kanister-image-build.yaml | 2 +- .github/workflows/main.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/atlas-image-build.yaml b/.github/workflows/atlas-image-build.yaml index 4dd58a7f8a..e5930f704d 100644 --- a/.github/workflows/atlas-image-build.yaml +++ b/.github/workflows/atlas-image-build.yaml @@ -48,7 +48,7 @@ jobs: {{date 'YYYY.MM.DD-HHmm'}} ${{ inputs.tag }} - name: Login to GHCR - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/.github/workflows/kanister-image-build.yaml b/.github/workflows/kanister-image-build.yaml index 034ab156f9..ee0be74d85 100644 --- a/.github/workflows/kanister-image-build.yaml +++ b/.github/workflows/kanister-image-build.yaml @@ -51,7 +51,7 @@ jobs: {{date 'YYYY.MM.DD-HHmm'}} ${{ inputs.tag }} - name: Login to GHCR - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 8bc6dc10de..388c65df76 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -82,7 +82,7 @@ jobs: - uses: actions/download-artifact@v3 with: name: src - - uses: docker/login-action@v3 + - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: ghcr.io username: ${{ github.actor }} From 50c63482e708cd9665daff943d5dadd7745c548a Mon Sep 17 00:00:00 2001 From: Julio <1953782+julio-lopez@users.noreply.github.com> Date: Wed, 13 Sep 2023 17:02:21 -0700 Subject: [PATCH 4/5] deps(gha): use commit id for docker/metadata-action version MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Upgrades the action to 96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 Release notes: Release notes Sourced from docker/metadata-action's releases. v5.0.0 Node 20 as default runtime (requires Actions Runner v2.308.0 or later) by @​crazy-max in docker/metadata-action#328 Bump @​actions/core from 1.10.0 to 1.10.1 in docker/metadata-action#333 Bump csv-parse from 5.4.0 to 5.5.0 in docker/metadata-action#320 Bump semver from 7.5.1 to 7.5.2 in docker/metadata-action#304 Bump handlebars from 4.7.7 to 4.7.8 in docker/metadata-action#315 Full Changelog: docker/metadata-action@v4.6.0...v5.0.0 v4.6.0 Dedup and sort labels by @​crazy-max in docker/metadata-action#301 Bump @​docker/actions-toolkit from 0.3.0 to 0.5.0 in docker/metadata-action#302 Full Changelog: docker/metadata-action@v4.5.0...v4.6.0 v4.5.0 Bump @​docker/actions-toolkit from 0.1.0 to 0.3.0 in docker/metadata-action#296 Bump csv-parse from 5.3.8 to 5.4.0 in docker/metadata-action#294 Full Changelog: docker/metadata-action@v4.4.0...v4.5.0 v4.4.0 Add context input to define the metadata provider by @​neilime in docker/metadata-action#248 Switch to actions-toolkit implementation by @​crazy-max in docker/metadata-action#266 docker/metadata-action#273 docker/metadata-action#284 Bump csv-parse from 5.3.3 to 5.3.8 in docker/metadata-action#271 docker/metadata-action#286 Bump moment-timezone from 0.5.40 to 0.5.43 in docker/metadata-action#268 docker/metadata-action#278 docker/metadata-action#281 Bump semver from 7.4.0 to 7.5.0 in docker/metadata-action#285 Full Changelog: docker/metadata-action@v4.3.0...v4.4.0 v4.3.0 Provide outputs as env vars by @​crazy-max (#257) Full Changelog: docker/metadata-action@v4.2.0...v4.3.0 v4.2.0 Add tz attribute to handlebar date function by @​chroju (#251) Bump minimatch from 3.0.4 to 3.1.2 (#242) Bump csv-parse from 5.3.1 to 5.3.3 (#245) Bump json5 from 2.2.0 to 2.2.3 (#252) Full Changelog: docker/metadata-action@v4.1.1...v4.2.0 v4.1.1 Revert changes to set associated head sha on pull request event by @​crazy-max (#239) User can still set associated head sha on PR by setting the env var DOCKER_METADATA_PR_HEAD_SHA=true Bump csv-parse from 5.3.0 to 5.3.1 (#237) Full Changelog: docker/metadata-action@v4.1.0...v4.1.1 ... (truncated) Ref #2332 --- .github/workflows/atlas-image-build.yaml | 2 +- .github/workflows/kanister-image-build.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/atlas-image-build.yaml b/.github/workflows/atlas-image-build.yaml index e5930f704d..ad6176cf30 100644 --- a/.github/workflows/atlas-image-build.yaml +++ b/.github/workflows/atlas-image-build.yaml @@ -39,7 +39,7 @@ jobs: uses: docker/setup-buildx-action@v2 - name: Image metadata id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | diff --git a/.github/workflows/kanister-image-build.yaml b/.github/workflows/kanister-image-build.yaml index ee0be74d85..6e1c07d045 100644 --- a/.github/workflows/kanister-image-build.yaml +++ b/.github/workflows/kanister-image-build.yaml @@ -42,7 +42,7 @@ jobs: uses: docker/setup-buildx-action@v2 - name: Image metadata id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | From 80fd70133fc1420b67a30a50a89716dd77c2c2c4 Mon Sep 17 00:00:00 2001 From: Julio <1953782+julio-lopez@users.noreply.github.com> Date: Wed, 13 Sep 2023 17:02:21 -0700 Subject: [PATCH 5/5] deps(gha): upgrade the setup-buildx-action to v3.0.0 Uses commit id for docker/setup-buildx-action version Release notes at https://github.com/docker/setup-buildx-action/releases/tag/v3.0.0 --- .github/workflows/atlas-image-build.yaml | 2 +- .github/workflows/kanister-image-build.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/atlas-image-build.yaml b/.github/workflows/atlas-image-build.yaml index ad6176cf30..85aaefa8e4 100644 --- a/.github/workflows/atlas-image-build.yaml +++ b/.github/workflows/atlas-image-build.yaml @@ -36,7 +36,7 @@ jobs: if: needs.check-files.outputs.changed == 'true' steps: - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Image metadata id: meta uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 diff --git a/.github/workflows/kanister-image-build.yaml b/.github/workflows/kanister-image-build.yaml index 6e1c07d045..90492fcdea 100644 --- a/.github/workflows/kanister-image-build.yaml +++ b/.github/workflows/kanister-image-build.yaml @@ -39,7 +39,7 @@ jobs: # if: needs.check-files.outputs.changed == 'true' steps: - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Image metadata id: meta uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0