Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump github/codeql-action from 2 to 3 #1722

Merged
merged 1 commit into from
Dec 13, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 13, 2023

Bumps github/codeql-action from 2 to 3.

Release notes

Sourced from github/codeql-action's releases.

CodeQL Bundle v2.15.4

Bundles CodeQL CLI v2.15.4

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.15.4:

CodeQL Bundle

Bundles CodeQL CLI v2.15.3

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.15.3:

CodeQL Bundle

Bundles CodeQL CLI v2.15.2

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.15.2:

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

Commits
  • b374143 Merge pull request #2034 from github/update-v3.22.11-64e61baea
  • e2b5cc7 Update changelog for v3.22.11
  • 64e61ba Merge pull request #2006 from github/nickfyson/node-20
  • c757f9f Apply suggestions from code review
  • 7898bc2 add pr check for node version consistency
  • 6b5b958 remove dedundant single quotes from node version strings
  • ea1e72c Update .github/workflows/pr-checks.yml
  • b974542 Merge branch 'main' into nickfyson/node-20
  • b995212 Bump the actions group with 2 updates (#2024)
  • 3c1878d Merge pull request #2029 from github/mergeback/v2.22.10-to-main-305f6546
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Dec 13, 2023
@sebrandon1 sebrandon1 merged commit 2a5158a into main Dec 13, 2023
21 checks passed
@dependabot dependabot bot deleted the dependabot/github_actions/github/codeql-action-3 branch December 13, 2023 19:14
greyerof added a commit that referenced this pull request Dec 15, 2023
* Bump github.com/onsi/ginkgo/v2 from 2.13.0 to 2.13.1 (#1610)

Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.13.0 to 2.13.1.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.13.0...v2.13.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/test-network-function/privileged-daemonset (#1612)

Bumps [github.com/test-network-function/privileged-daemonset](https://github.com/test-network-function/privileged-daemonset) from 1.0.14 to 1.0.15.
- [Release notes](https://github.com/test-network-function/privileged-daemonset/releases)
- [Commits](redhat-best-practices-for-k8s/privileged-daemonset@v1.0.14...v1.0.15)

---
updated-dependencies:
- dependency-name: github.com/test-network-function/privileged-daemonset
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Temporarily disable QE parallel flag for nightlies (#1617)

* Bump github.com/test-network-function/test-network-function-claim (#1611)

Bumps [github.com/test-network-function/test-network-function-claim](https://github.com/test-network-function/test-network-function-claim) from 1.0.30 to 1.0.31.
- [Release notes](https://github.com/test-network-function/test-network-function-claim/releases)
- [Commits](redhat-best-practices-for-k8s/certsuite-claim@v1.0.30...v1.0.31)

---
updated-dependencies:
- dependency-name: github.com/test-network-function/test-network-function-claim
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: David Rabkin <david@rabkin.co.il>

* Update RHCOS to OCP version map (#1618)

Co-authored-by: sebrandon1 <sebrandon1@users.noreply.github.com>

* Disable Go cache for self-hosted (#1626)

* Add retries to QE nightlies (#1628)

* Fix gchat alert message. (#1630)

After testing it in a private repo, it works when the webhook URL+query
is surrounded by single quotes.

* Update RHCOS to OCP version map (#1629)

Co-authored-by: sebrandon1 <sebrandon1@users.noreply.github.com>

* Fixed function AreCPUResourcesWholeUnits(). (#1631)

The bug happens when deploying pods with containers that don't have any
cpu req/limit defined in its spec but they do have any other resource
(like mem) set.

cut.Resources.Requests and cut.Resources.Limits are maps, whose keys are
the different resources (mem, cpu, hugepages) that were explicitly set
in the container spec.

Requests.Cpu() returns a defaulted (zeroed) Quantity for the cpu
resource if that resource type doesn't exist in the requests map, which
will happen if cpu reqs/limits are not explicitly set in the pod spec.

* Bump ubi8/ubi from 8.8-1067.1698056881 to 8.9-1028 (#1633)

Bumps ubi8/ubi from 8.8-1067.1698056881 to 8.9-1028.

---
updated-dependencies:
- dependency-name: ubi8/ubi
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/test-network-function/oct from 0.0.3 to 0.0.4 (#1632)

* Bump ubi8/ubi-minimal from 8.8-1072.1697626218 to 8.9-1029 (#1634)

Bumps ubi8/ubi-minimal from 8.8-1072.1697626218 to 8.9-1029.

---
updated-dependencies:
- dependency-name: ubi8/ubi-minimal
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/kubectl from 0.28.3 to 0.28.4 (#1636)

Bumps [k8s.io/kubectl](https://github.com/kubernetes/kubectl) from 0.28.3 to 0.28.4.
- [Commits](kubernetes/kubectl@v0.28.3...v0.28.4)

---
updated-dependencies:
- dependency-name: k8s.io/kubectl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update RHCOS to OCP version map (#1641)

Co-authored-by: sebrandon1 <sebrandon1@users.noreply.github.com>

* Re-enable QE PR checks (#1640)

* enable collector's sanity check (#1606)

* enable collector's sanity check

* added tmate session for testing

* disable tmate session

* Fix catalog links (#1650)

* Prepare for v4.5.6 (#1651)

* Temp. disable collector sanity check (#1653)

* Bump github.com/mittwald/go-helm-client from 0.12.3 to 0.12.4 (#1652)

Bumps [github.com/mittwald/go-helm-client](https://github.com/mittwald/go-helm-client) from 0.12.3 to 0.12.4.
- [Release notes](https://github.com/mittwald/go-helm-client/releases)
- [Commits](mittwald/go-helm-client@v0.12.3...v0.12.4)

---
updated-dependencies:
- dependency-name: github.com/mittwald/go-helm-client
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/deckarep/golang-set/v2 from 2.3.1 to 2.4.0 (#1656)

Bumps [github.com/deckarep/golang-set/v2](https://github.com/deckarep/golang-set) from 2.3.1 to 2.4.0.
- [Release notes](https://github.com/deckarep/golang-set/releases)
- [Commits](deckarep/golang-set@v2.3.1...v2.4.0)

---
updated-dependencies:
- dependency-name: github.com/deckarep/golang-set/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update RHCOS to OCP version map (#1659)

Co-authored-by: sebrandon1 <sebrandon1@users.noreply.github.com>

* Update RHCOS to OCP version map (#1660)

Co-authored-by: sebrandon1 <sebrandon1@users.noreply.github.com>

* Update RHCOS to OCP version map (#1661)

Co-authored-by: sebrandon1 <sebrandon1@users.noreply.github.com>

* Bump github.com/operator-framework/api from 0.19.0 to 0.20.0 (#1657)

Bumps [github.com/operator-framework/api](https://github.com/operator-framework/api) from 0.19.0 to 0.20.0.
- [Release notes](https://github.com/operator-framework/api/releases)
- [Changelog](https://github.com/operator-framework/api/blob/master/RELEASE.md)
- [Commits](operator-framework/api@v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: github.com/operator-framework/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gonzalo Reyero Ferreras <87083379+greyerof@users.noreply.github.com>

* Allow cluster role bindings for pods ultimately owned by a cluster wide operator (#1646)

* Recursively get top pod owners.
If top owner is a CSV installed cluster-wide, allow cluster role-bindings

* Addressing comments from Gonzalo

* Adding unit testing (comment from Brandon)

* Add-batch-cert-script (#1604)

* Script to batch check operators

* installing operators using tasty😋(https://github.com/karmab/tasty) instead of operator SDK

* Addressing comments from David R. and other fixes

* Update RHCOS to OCP version map (#1669)

Co-authored-by: sebrandon1 <sebrandon1@users.noreply.github.com>

* Bump github.com/onsi/ginkgo/v2 from 2.13.1 to 2.13.2 (#1671)

Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.13.1 to 2.13.2.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.13.1...v2.13.2)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add depends-on PRs action to qe-hosted workflow (#1677)

* Bump github.com/deckarep/golang-set/v2 from 2.4.0 to 2.5.0 (#1674)

Bumps [github.com/deckarep/golang-set/v2](https://github.com/deckarep/golang-set) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/deckarep/golang-set/releases)
- [Commits](deckarep/golang-set@v2.4.0...v2.5.0)

---
updated-dependencies:
- dependency-name: github.com/deckarep/golang-set/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gonzalo Reyero Ferreras <87083379+greyerof@users.noreply.github.com>

* Update RHCOS to OCP version map (#1678)

Co-authored-by: sebrandon1 <sebrandon1@users.noreply.github.com>

* Cherry pick 1-to-1 result struct change (#1675)

* Switch gradetool to latest image (main) (#1680)

* Increase QE timeout to 90 minutes (#1683)

* Update RHCOS to OCP version map (#1685)

Co-authored-by: sebrandon1 <sebrandon1@users.noreply.github.com>

* Fix copyright years (#1686)

* Prepare for v4.5.7 (#1682)

* Fix WG done call (#1688)

* Remove GPL commitment (#1689)

* Bump github.com/test-network-function/privileged-daemonset (#1695)

Bumps [github.com/test-network-function/privileged-daemonset](https://github.com/test-network-function/privileged-daemonset) from 1.0.15 to 1.0.16.
- [Release notes](https://github.com/test-network-function/privileged-daemonset/releases)
- [Commits](redhat-best-practices-for-k8s/privileged-daemonset@v1.0.15...v1.0.16)

---
updated-dependencies:
- dependency-name: github.com/test-network-function/privileged-daemonset
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update Go to v1.21.5 (#1697)

* Bump actions/setup-go from 4 to 5 (#1700)

Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update RHCOS to OCP version map (#1705)

Co-authored-by: sebrandon1 <sebrandon1@users.noreply.github.com>

* The find command requires a directory as the first argument (#1709)

* Add operator versions (#1708)

* Add operator versions

* Fix the indentation

* extracts results.html from tar.gz and debug mode (#1706)

* extracts results.html from tar.gz and debug mode

* Addressing comment from David R.

* Updating Telco list (#1712)

* skip operator if claim file couldn't be parsed (#1714)

* skip operator if claim file couldn't be parsed
* addressing comments from David R.

* Bump github/codeql-action from 2 to 3 (#1722)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Enable QE nightlies for ginkgo_removal (#1723)

* Revert "Enable QE nightlies for ginkgo_removal (#1723)" (#1724)

This reverts commit 82d3442.

* Bump actions/upload-artifact from 3 to 4 (#1729)

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Adjusted tags in versions.json.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brandon Palm <bpalm@redhat.com>
Co-authored-by: David Rabkin <david@rabkin.co.il>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: sebrandon1 <sebrandon1@users.noreply.github.com>
Co-authored-by: jmontesi <100689165+jmontesi@users.noreply.github.com>
Co-authored-by: Shir Moran <101132224+shirmoran@users.noreply.github.com>
Co-authored-by: David Elie-Dit-Cosaque <86730676+edcdavid@users.noreply.github.com>
Co-authored-by: Banashri Mandal <bmandal@redhat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant