Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[pull] master from kumahq:master #27

Merged
merged 229 commits into from
Jun 21, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
229 commits
Select commit Hold shift + click to select a range
1dd64ef
fix(kuma-cp): consistently check for expiring ZoneIngress/ZoneEgress …
kumahq[bot] May 6, 2024
9e2b3bb
docs(MADR): mesh service vips and hostnames (#9692)
jakubdyszkiewicz May 7, 2024
766696f
fix(gatewayapi): reconcile HTTPRoutes when relevant Services change (…
michaelbeaumont May 8, 2024
0273020
chore(gatewayapi): actually log error listing Gateways (#10193)
michaelbeaumont May 8, 2024
49bf0b8
chore(deps): bump Kong/public-shared-actions from 2.2.2 to 2.2.3 (#10…
dependabot[bot] May 8, 2024
bbc4bd3
chore(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 (…
dependabot[bot] May 8, 2024
85d931d
chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 (#10195)
dependabot[bot] May 8, 2024
37ae957
chore(deps): bump kumahq/kuma-gui to f9850df1940b18345d4d2045be580181…
kumahq[bot] May 8, 2024
a0fea35
chore(deps): bump kumahq/kuma-gui to 859680c3cc57f135c2c84af7d6e90049…
kumahq[bot] May 8, 2024
839ef66
chore(deps): bump kumahq/kuma-gui to f085327955fa82459d729ec5c5e53035…
kumahq[bot] May 8, 2024
6f6a4b9
refactor(transparent-proxy): adjust tproxy iptables API (#10185)
bartsmykla May 8, 2024
a74d511
docs(MADR): grpc and tcp virtual probes (#9964)
jijiechen May 9, 2024
44932b3
refactor(transparent-proxy): simplify more tproxy configuration (#10206)
bartsmykla May 9, 2024
eccfafa
refactor(transparent-proxy): allow config to be initialized (#10207)
bartsmykla May 10, 2024
71aa62d
ci(cloudsmith): add cloudsmith pkg hosting attribution (#10208)
curiositycasualty May 10, 2024
fe76d6a
chore(deps): bump kumahq/kuma-gui to 1339f19c8a82e4f2b001e03d36f9606c…
kumahq[bot] May 10, 2024
23c378a
chore(deps): manually bump go to 1.21.10 (#10209)
slonka May 10, 2024
aadf931
docs(MADR): mesh service universal ux (#10205)
jakubdyszkiewicz May 10, 2024
1ac98a9
chore(cni): don't redirect inbound for gateway in CNI (#10220)
bartsmykla May 13, 2024
f2cdcdf
chore(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#10228)
dependabot[bot] May 13, 2024
9b68bde
chore(deps): bump github/codeql-action from 3.25.3 to 3.25.5 (#10227)
dependabot[bot] May 13, 2024
0757ff1
chore(deps): bump github.com/prometheus/client_golang from 1.19.0 to …
dependabot[bot] May 13, 2024
6c9c7a8
chore(deps): bump golang.org/x/net from 0.24.0 to 0.25.0 (#10225)
dependabot[bot] May 13, 2024
3a756e4
chore(deps): bump github.com/testcontainers/testcontainers-go from 0.…
dependabot[bot] May 13, 2024
56dbf0f
chore(deps): bump postgres from `4aea012` to `ba727f7` in /test/docke…
dependabot[bot] May 13, 2024
7e1b9af
chore(deps): bump kumahq/kuma-gui to 44cf02f02626ded03c85db712c1659ff…
kumahq[bot] May 14, 2024
0b43c08
docs(MADR): mesh service multizone ux (#9979)
jakubdyszkiewicz May 14, 2024
8c8ffe7
chore(deps): bump kumahq/kuma-gui to 1f3222f9cdd7b9a769986103b6d99420…
kumahq[bot] May 14, 2024
adc094d
fix(MeshHttpRoute): don't split header value prematurely (#10191)
spacewander May 14, 2024
5d367af
chore(deps): bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#1…
dependabot[bot] May 14, 2024
388456d
chore(deps): bump kumahq/kuma-gui to d1c7cdf47718ba8f3b359c5628ffcc4b…
kumahq[bot] May 14, 2024
65f4744
ci(k8s): bump max k8s minor version to v1.30 (#10233)
michaelbeaumont May 14, 2024
4001d14
ci(mk): fix postgres target (#10234)
Automaat May 15, 2024
a9a628a
chore(deps): bump kumahq/kuma-gui to a458d3d801f0a4f99e2cecb0f8d33f2c…
kumahq[bot] May 15, 2024
55fa983
chore(deps): bump kumahq/kuma-gui to 9dfdcfac45466501205dd8b5bb1bbc8d…
kumahq[bot] May 15, 2024
9129786
ci(mk): use `POSTGRES_STORE_TYPE` directly for `run/kuma-cp` (#10241)
michaelbeaumont May 16, 2024
7240781
chore(deps): bump kumahq/kuma-gui to c434fba54b5c24c45de159c97ec0ab6b…
kumahq[bot] May 16, 2024
6e066fb
build(darwin): fix build constraints (#10251)
michaelbeaumont May 16, 2024
84fffb7
chore(deps): manually bump go to 1.21.10 (backport of #10209) (#10258)
kumahq[bot] May 17, 2024
5dac9ae
chore(deps): bump kumahq/kuma-gui to 626a85d167e91d07107bd5973a0b8f41…
kumahq[bot] May 17, 2024
5c1bc6e
chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#10263)
dependabot[bot] May 17, 2024
413bddf
fix(kuma-cp): filter out old dangling zone resources in global (backp…
michaelbeaumont May 17, 2024
39ddee6
chore(deps): bump google.golang.org/grpc from 1.63.2 to 1.64.0 (#10266)
dependabot[bot] May 17, 2024
e995d5f
chore(deps): bump debian from `1aadfee` to `fac2c0f` in /tools/releas…
dependabot[bot] May 17, 2024
6f14ed4
chore(deps): bump kumahq/kuma-gui to f7ca1ca2f645ea067c7ebf7a983f0098…
kumahq[bot] May 17, 2024
02072c7
docs(CHANGELOG.md): updating changelog and version files (#10273)
kumahq[bot] May 17, 2024
84a6ab5
fix(MeshRoute): properly map listener TLS certs to DownstreamTlsConte…
michaelbeaumont May 20, 2024
33eccf2
chore(deps): upgrade ci-tools to v0.13.0 (#10275)
bartsmykla May 20, 2024
6e28313
chore(deps): upgrade ci-tools to v.0.13.1 (#10278)
bartsmykla May 20, 2024
cc25ae0
docs(CHANGELOG.md): updating changelog and version files (#10280)
kumahq[bot] May 20, 2024
87b8f49
chore(deps): bump kumahq/kuma-gui to 9b5043319d557db3ffaab0a15f1543b9…
kumahq[bot] May 20, 2024
70513b2
chore(deps): bump kumahq/kuma-gui to 1ae4cece2a2212f2c446c3d7f6c79cfd…
kumahq[bot] May 20, 2024
6152096
chore(deps): bump postgres from `ba727f7` to `1bf73cc` in /test/docke…
dependabot[bot] May 21, 2024
9ab05c3
chore(deps): bump github/codeql-action from 3.25.5 to 3.25.6 (#10286)
dependabot[bot] May 21, 2024
9d35b5d
chore(deps): bump kumahq/ubuntu-netools from `59423e3` to `8675216` i…
dependabot[bot] May 21, 2024
6612696
chore(deps): bump github.com/containernetworking/plugins from 1.4.1 t…
dependabot[bot] May 21, 2024
ad2c42d
chore(deps): bump kumahq/kuma-gui to 7a36d272e42d83adc041ddf5b4a22800…
kumahq[bot] May 21, 2024
612e625
feat(MeshService): add port names (#10287)
michaelbeaumont May 21, 2024
a70a79d
feat(k8s): add kubernetes.io/hostname to default node labels to copy …
slonka May 21, 2024
5631efc
feat(MeshExternalService): add bootstrapped files (#10239)
slonka May 21, 2024
960380b
feat(MeshService): add events when generating from Kubernetes Service…
michaelbeaumont May 21, 2024
0e9f776
docs(MADR): meshExternalService API madr (#10229)
lukidzi May 22, 2024
5c23819
chore(deps): bump kumahq/kuma-gui to b60c43a1060c8dbc84cf74ed2e9bfcc8…
kumahq[bot] May 22, 2024
a2596a0
docs(MADR): meshpassthrough design (#10253)
lukidzi May 22, 2024
926aa31
chore(deps): bump github.com/go-logr/logr from 1.4.1 to 1.4.2 (#10295)
dependabot[bot] May 22, 2024
3ce8323
chore(deps): bump github.com/gruntwork-io/terratest from 0.46.14 to 0…
dependabot[bot] May 22, 2024
42079f6
chore(deps): bump github.com/onsi/ginkgo/v2 from 2.17.3 to 2.18.0 (#1…
dependabot[bot] May 22, 2024
9970499
chore(deps): bump the go-opentelemetry-io group with 9 updates (#10294)
dependabot[bot] May 22, 2024
e0221c6
feat(MeshRetry): allow setting numRetries to 0 to disable retries (#1…
lahabana May 22, 2024
eae22cf
feat(report): add more info in the report (#10270)
lahabana May 22, 2024
a431a9d
chore(kuma-dp): the ProxyType can also be egress (#10299)
spacewander May 22, 2024
eb7fef2
chore(deps): bump kumahq/kuma-gui to f27345a5de41fc0d09182c042d304e5e…
kumahq[bot] May 22, 2024
8eb0143
chore(tokens): remove tokens without key_id (#10301)
lahabana May 22, 2024
f4b14c4
feat(kds): add a flag to avoid creating a zone on connection on kds (…
lahabana May 22, 2024
059b4ba
feat(meshexternalservice): api schema implementation (#10293)
slonka May 22, 2024
2cf9935
chore(merge): release-2.7 branch to master
kumahq[bot] May 22, 2024
590532a
chore(deps): bump kumahq/kuma-gui to 2c92ac5f8969390d6e3aac1b6b9b239c…
kumahq[bot] May 23, 2024
d1d255d
Merge pull request #10304 from kumahq/chore/merge-release-to-master
michaelbeaumont May 23, 2024
49ca160
fix(k8s): use EndpointSlices to determine identity for Service withou…
michaelbeaumont May 23, 2024
d34b5bd
chore(deps): bump kumahq/kuma-gui to 545847a9ea53e3dca45d611c710d1834…
kumahq[bot] May 23, 2024
09521ae
chore(deps): bump kumahq/kuma-gui to 7f25b6671f83c4bd74b9ad34cfb13458…
kumahq[bot] May 23, 2024
5e1efc6
chore(deps): bump kumahq/kuma-gui to 9691ec3ab7ed877d5b10a802dff29076…
kumahq[bot] May 23, 2024
cf9b78d
ci(.github): publish slsa artifacts to cloudsmith (#10215)
saisatishkarra May 23, 2024
180976f
docs(MADR): policy on namespace (#10148)
lobkovilya May 23, 2024
6ae285c
fix(kds): fix updating metric of kds client version (#10312)
Automaat May 27, 2024
dc92b27
ci(deps): update golangci-lint to v1.59.0 (#10318)
michaelbeaumont May 27, 2024
45d9ca7
test(MeshService): fix testdata references (#10321)
michaelbeaumont May 27, 2024
186d39b
feat(MeshExternalService): implement validator (#10306)
slonka May 27, 2024
3be96d3
fix(kds): change version label name for kds_clint_versions metric (#1…
Automaat May 27, 2024
759c8f8
chore(deps): bump cloudsmith-io/action from 0.6.6 to 0.6.7 (#10324)
dependabot[bot] May 27, 2024
667f184
chore(deps): bump github.com/jackc/pgx/v5 from 5.5.5 to 5.6.0 (#10325)
dependabot[bot] May 27, 2024
9fe1039
feat(mk): add possibility to configure extra args for shellcheck (#10…
Automaat May 28, 2024
e90fc3d
fix(GatewayAPI): only enqueue Gateway reconciliations from routes if …
spacewander May 28, 2024
f4c5c6c
chore(deps): bump github.com/onsi/ginkgo/v2 from 2.18.0 to 2.19.0 (#1…
dependabot[bot] May 28, 2024
58aab0f
test(MeshService): improve golden files in controller (#10322)
michaelbeaumont May 28, 2024
175eb63
fix(gateway): run validating webhook on MeshGatewayInstance (#10330)
Icarus9913 May 28, 2024
b94f248
ci(check): improve find call for shellcheck (#10332)
michaelbeaumont May 28, 2024
3220769
feat(meshservice): ipam (#10320)
jakubdyszkiewicz May 28, 2024
b0abc25
feat(store): update does not wipe out labels (#10335)
jakubdyszkiewicz May 28, 2024
8e7fb30
feat(HostnameGenerator): add API (#10333)
michaelbeaumont May 28, 2024
cd189ee
fix(kds): fix the case when webhook/db reject resource (#10315)
lukidzi May 29, 2024
0f33dbf
docs(CHANGELOG.md): updating changelog and version files (#10359)
kumahq[bot] May 30, 2024
c502074
ci(lint): don't accidentally append to non-zero length slices (#10317)
alingse Jun 3, 2024
22f5e48
test(e2e): add tests for all previously valid versions (#10313)
lahabana Jun 3, 2024
cc25719
feat(kuma-dp): add function to find default CA (#10367)
lukidzi Jun 3, 2024
22dfe6d
chore(deps): bump actions/create-github-app-token from 1.10.0 to 1.10…
dependabot[bot] Jun 3, 2024
2b66e09
chore(deps): bump github/codeql-action from 3.25.6 to 3.25.7 (#10373)
dependabot[bot] Jun 3, 2024
d140eac
chore(deps): bump github.com/emicklei/go-restful/v3 from 3.12.0 to 3.…
dependabot[bot] Jun 3, 2024
536ea8c
chore(deps): bump github.com/prometheus/common from 0.53.0 to 0.54.0 …
dependabot[bot] Jun 3, 2024
93c7b39
feat(meshpassthrough): create API and validators (#10314)
lukidzi Jun 4, 2024
eb2136c
feat(meshexternalservice): add IP allocator for meshexternalservice (…
lukidzi Jun 4, 2024
8567857
feat(MeshService): handle headless Services (#10308)
michaelbeaumont Jun 4, 2024
d82f752
feat(kds): sync mesh service status (#10337)
jakubdyszkiewicz Jun 4, 2024
c26bfce
feat(HostnameGenerator): apply templates to MeshServices (#10362)
michaelbeaumont Jun 4, 2024
e16b302
docs(MADR): add policy matching for `MeshService` (#10152)
michaelbeaumont Jun 4, 2024
ed8d37c
fix(api-server): check for tenant just before logging (#10377)
michaelbeaumont Jun 4, 2024
a3e04e9
chore(dns): remove empty dns port completely (#10338)
Icarus9913 Jun 5, 2024
4d02c0b
feat(hostnamegenerator): implement MeshExternalService support (#10379)
lukidzi Jun 5, 2024
c474449
chore(kds): add tenantID to 'received NACK' log message (#10381)
michaelbeaumont Jun 5, 2024
369f417
feat(MeshService): use hostnames for DNS (#10387)
michaelbeaumont Jun 5, 2024
0cc6470
feat(kuma-cni): add readOnlyRootFilesystem into securityContext of th…
jijiechen Jun 6, 2024
4ad47f0
fix(HostnameGenerator): don't exit component on error (#10392)
michaelbeaumont Jun 6, 2024
47fe36a
ci(mk): fix yq usage (#10389)
michaelbeaumont Jun 6, 2024
cc79786
chore(deps): bump envoy version from 1.29.4 to 1.29.5 (#10391)
lukidzi Jun 6, 2024
eed54f2
chore(deps): bump github/codeql-action from 3.25.7 to 3.25.8 (#10396)
dependabot[bot] Jun 6, 2024
8763470
chore(MeshGatewayInstance): supplement creating validation for mode (…
Icarus9913 Jun 6, 2024
c340665
chore(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 (#10398)
dependabot[bot] Jun 6, 2024
10f9c36
test(e2e): add MeshService universal functionality test (#10393)
michaelbeaumont Jun 6, 2024
22b48f2
chore(deps): upgrade go from 1.21.10 to 1.21.11 (#10401)
lukidzi Jun 6, 2024
f086ded
feat(MeshService): support mTLS (#10403)
michaelbeaumont Jun 6, 2024
6e73eeb
feat(meshservice): sync mesh service to other zones (#10380)
jakubdyszkiewicz Jun 7, 2024
1b99118
chore(deps): ignore go-control-plane updates by dependabot (#10412)
bartsmykla Jun 7, 2024
31832e8
chore(deps): bump ubuntu from jammy-20240427 to jammy-20240530 in /to…
dependabot[bot] Jun 7, 2024
7ee74b4
feat(kuma-cp): add policy matching api for meshservice (#10378)
Automaat Jun 10, 2024
871dc55
feat(kuma-cp): consumer policies on app's namespace (#10361)
lobkovilya Jun 10, 2024
0f629cc
chore(deps): bump kumahq/kuma-gui to ab0c9cfd5dffe8b24caaafa9ffbb152c…
kumahq[bot] Jun 10, 2024
b64a203
chore(deps): bump kumahq/kuma-gui to cea16960623d961d5147ea1f9aec153a…
kumahq[bot] Jun 10, 2024
7aee9dd
chore(deps): bump kumahq/kuma-gui to b3155393458fcfa59e13e27b51861f53…
kumahq[bot] Jun 10, 2024
1005c75
chore(deps): bump cloudsmith-io/action from 0.6.7 to 0.6.8 (#10427)
dependabot[bot] Jun 11, 2024
7457d73
chore(deps): bump kumahq/kuma-gui to ec391c4ff03e24626596360ee43532fd…
kumahq[bot] Jun 11, 2024
9412a62
chore(deps): bump kumahq/kuma-gui to c03d009a0751bd3fd1a422be5bdde922…
kumahq[bot] Jun 11, 2024
da824ce
fix(kuma-cp): mistakenly setting 'kuma.io/display-name' as label (#10…
lobkovilya Jun 11, 2024
17d9a55
chore(deps): bump kumahq/kuma-gui to 8ca6dfa0fcfec783baf70c919c7c4d0b…
kumahq[bot] Jun 11, 2024
d0043db
docs(MADR): multizone sni (#10388)
jakubdyszkiewicz Jun 11, 2024
3b26205
fix(kuma-dp): set systemCaPath when requesting config from kuma-cp (#…
lukidzi Jun 12, 2024
aab380b
feat(api): add meshexternalservice TargetRefKind and changed int to P…
lukidzi Jun 12, 2024
1f9c833
feat(meshservice): cross-zone connectivity (#10411)
jakubdyszkiewicz Jun 12, 2024
8938b8f
docs(MADR): mesh service identity sync (#10441)
jakubdyszkiewicz Jun 12, 2024
551f23e
feat(meshexternalservice): add servername (#10445)
lukidzi Jun 12, 2024
2cefe91
chore(k3d): define ipv6 subnet only when ipv6 test (#10448)
lukidzi Jun 12, 2024
0b95809
chore(deps): bump kumahq/kuma-gui to 70e3801759fa00d5a44e85d69dec7213…
kumahq[bot] Jun 12, 2024
ed6ac58
test(refactor): change the name from WithMesh to WithMeshBuilder (#10…
lukidzi Jun 12, 2024
e4c9f4d
fix(HostnameGenerator): make global scoped (#10449)
michaelbeaumont Jun 13, 2024
05d2b92
chore(distribution): allow custom envoy version (#10402)
lukidzi Jun 13, 2024
78f80ed
chore(mk): support extra targets for `make docs` (#10454)
jijiechen Jun 13, 2024
8ded1a1
feat(MeshPassthrough): implementation of the new policy (#10363)
lukidzi Jun 13, 2024
694abcc
chore(deps): bump kumahq/kuma-gui to c4982fbe7e6672e474555caf0135a52d…
kumahq[bot] Jun 13, 2024
9e862b6
fix(meshpassthrough): fix build (#10458)
lukidzi Jun 13, 2024
cf2bbb9
fix(kumactl): fix bad escape on regex (#10420)
lahabana Jun 13, 2024
c264fea
chore(kuma-dp): remove backward compability for tempDir generating fo…
Icarus9913 Jun 13, 2024
88b8616
test(cni): remove cni delay for exclude test (#10339)
slonka Jun 13, 2024
dca7f04
ci(policies): include labels and status in openapi spec (#10455)
lahabana Jun 13, 2024
3d506ed
fix(kds): clone resource on update meta (#10460)
jakubdyszkiewicz Jun 13, 2024
d510d45
fix(k8s): virtual probes for sidecar initContainer ports also exposed…
michaelbeaumont Jun 13, 2024
46c17ea
chore(deps): bump kumahq/kuma-gui to 586a5bcbef470571fa1c07c632f24e45…
kumahq[bot] Jun 13, 2024
06352bc
fix(meshpassthrough): proper escape ipv6 (#10466)
lukidzi Jun 13, 2024
04a141d
test(e2e): disable "Upgrade Multizone with Helm" (#10464)
lobkovilya Jun 13, 2024
794bb0e
chore(deps): bump envoy version from 1.29.5 to 1.30.2 (#10453)
lukidzi Jun 14, 2024
f33703c
feat(api-server): update policies api response structure (#10428)
Icarus9913 Jun 14, 2024
4ea1935
feat(meshservice): sync identity cross zones (#10451)
jakubdyszkiewicz Jun 14, 2024
d0c8811
ci(policy-gen): handle global scoped policies correctly (#10467)
lahabana Jun 14, 2024
40bccfe
chore(deps): bump kumahq/kuma-gui to 1305822d22bbbcd624520562bb7368de…
kumahq[bot] Jun 14, 2024
d4c2a61
test(e2e): exclude mesh service multizone on ipv6 (#10470)
jakubdyszkiewicz Jun 14, 2024
26a06b3
chore(deps): bump kumahq/kuma-gui to ce03cceec102c31cfcf214f45fc861e5…
kumahq[bot] Jun 14, 2024
08bb137
fix(kuma-cp): consistently update ZoneIngress available services (#10…
michaelbeaumont Jun 14, 2024
a3f26d3
fix(ZoneIngress): fix no pointer panic for advertised address resolvi…
Icarus9913 Jun 17, 2024
9198bbd
chore(deps): bump kumahq/kuma-gui to d78d88b4e74653fc026f5ba06a994a49…
kumahq[bot] Jun 17, 2024
f1ba55b
feat(MeshService): set kuma.io/managed-by for converted MeshServices …
michaelbeaumont Jun 17, 2024
8922ecc
fix(kds): fix resource name hashing on global (#10452)
Automaat Jun 17, 2024
60f30c8
chore(deps): bump kumahq/kuma-gui to ad77e49b0f6111cda50cc471c4756616…
kumahq[bot] Jun 17, 2024
bc8adb2
fix(kds): send NACK only when resource is invalid and do not retry (#…
lukidzi Jun 17, 2024
bc3b262
feat(hostnamegenerator): add display name to HostnameGenerator (#10476)
slonka Jun 17, 2024
dff3afe
feat(MeshService): tag with headlessness, add pod-name/pod-index labe…
michaelbeaumont Jun 17, 2024
0e41f80
chore(deps): bump postgres from `1bf73cc` to `46aa2ee` in /test/docke…
dependabot[bot] Jun 17, 2024
738b743
chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#10521)
dependabot[bot] Jun 17, 2024
8d4aac3
chore(deps): bump github/codeql-action from 3.25.8 to 3.25.10 (#10522)
dependabot[bot] Jun 17, 2024
3142f2b
chore(deps): bump cloudsmith-io/action from 0.6.8 to 0.6.9 (#10523)
dependabot[bot] Jun 17, 2024
7b6a151
chore(deps): bump debian from `fac2c0f` to `a92ed51` in /tools/releas…
dependabot[bot] Jun 17, 2024
84fb6c5
chore(deps): bump github.com/miekg/dns from 1.1.59 to 1.1.61 (#10527)
dependabot[bot] Jun 17, 2024
1d03fa5
chore(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2 (#…
dependabot[bot] Jun 17, 2024
fad3089
chore(deps): bump github.com/exaring/otelpgx from 0.5.4 to 0.6.1 (#10…
dependabot[bot] Jun 17, 2024
9fafcdb
chore(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#10530)
dependabot[bot] Jun 17, 2024
37037e5
chore(deps): bump go.opentelemetry.io/proto/otlp from 1.2.0 to 1.3.1 …
dependabot[bot] Jun 17, 2024
b3d0ef2
chore(deps): bump github.com/containernetworking/cni from 1.2.0 to 1.…
dependabot[bot] Jun 17, 2024
c2cb216
feat(MeshExternalService): resource implementation (#10336)
slonka Jun 18, 2024
aba6518
feat(meshpassthrough): allow only proxyType sidecar (#10532)
lukidzi Jun 18, 2024
d342325
feat(hostnamegenerator): add zone and namespace variables (#10533)
jakubdyszkiewicz Jun 18, 2024
ded4717
fix(meshservice): tags and selector (#10535)
jakubdyszkiewicz Jun 18, 2024
eb397e0
chore(deps): bump kumahq/kuma-gui to 66557e25566afb314d1171a88e01e711…
kumahq[bot] Jun 18, 2024
c84d60f
chore(dependabot): set dependabot to run on monday (#10500)
lukidzi Jun 18, 2024
0cb5d52
chore(deps): bump kumahq/kuma-gui to 18949c77c3bb027d07093a806649e0e4…
kumahq[bot] Jun 18, 2024
2e73f74
chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.2.0 to 2.3.0 …
dependabot[bot] Jun 18, 2024
25570ee
ci(meshexternalservice): skip ipv6 on meshexternalservice (#10542)
slonka Jun 18, 2024
99d5173
fix(build): set envoy version conditionally (#10538)
lukidzi Jun 18, 2024
40b67af
chore(deps): bump github.com/containernetworking/plugins from 1.5.0 t…
dependabot[bot] Jun 18, 2024
cf05626
feat(kuma-cp): always add kuma.io/zone label to resource (#10457)
Automaat Jun 18, 2024
db2766e
chore(deps): bump kumahq/kuma-gui to ad77e49b0f6111cda50cc471c4756616…
kumahq[bot] Jun 19, 2024
9c83c96
chore(deps): bump cloudsmith-io/action from 0.6.9 to 0.6.10 (#10545)
dependabot[bot] Jun 19, 2024
d8238c3
test(e2e): add second hostname generator to MeshService test (#10550)
michaelbeaumont Jun 19, 2024
d0fd4e0
fix(validation): don't prefix validation errors with `spec.` for core…
michaelbeaumont Jun 19, 2024
ba31b94
fix(kuma-cp): validate the bandwidth strictly (#10371)
spacewander Jun 19, 2024
446556f
test(e2e): ipv6 for mesh service and mesh external service (#10549)
jakubdyszkiewicz Jun 19, 2024
dc85a72
feat(meshservice): rename protocol to appprotocol (#10539)
jakubdyszkiewicz Jun 19, 2024
9ec5f15
chore(deps): bump kumahq/kuma-gui to cb6fb967670c6a0c9018df3cc5cf5dc7…
kumahq[bot] Jun 19, 2024
1091939
docs(CHANGELOG.md): updating changelog and version files (#10555)
kumahq[bot] Jun 19, 2024
a75626d
chore(deps): bump kumahq/kuma-gui to eccbeaf46ac4088a051031f8bcdaff24…
kumahq[bot] Jun 19, 2024
c3938f9
chore(deps): bump kumahq/kuma-gui to c3637f25200d646ef20167ac5ad991e2…
kumahq[bot] Jun 19, 2024
3a18762
test(e2e): fix race in sync + available services test (#10563)
michaelbeaumont Jun 19, 2024
14ff9d2
feat(kds): create first, then remove synced resources (#10562)
Automaat Jun 19, 2024
b3b1159
feat(meshservice): prefer MeshService over kuma.io/service routing (#…
jakubdyszkiewicz Jun 19, 2024
b169080
ci(gha): figure out the newest branch (#10566)
jakubdyszkiewicz Jun 19, 2024
e5052ca
fix(meshexternalservice): correctly set tls context and protocol (#10…
lukidzi Jun 20, 2024
2d079a4
docs(CHANGELOG.md): updating changelog and version files (#10572)
kumahq[bot] Jun 20, 2024
45eed3b
feat(meshexternalservice): make `type` optional (#10570)
slonka Jun 20, 2024
098c42c
test(e2e): mesh service connectivity (#10571)
jakubdyszkiewicz Jun 20, 2024
38165c2
test(upgrades): skip versions if does not have release date (#10574)
slonka Jun 20, 2024
8f359bf
chore(merge): release-2.8 branch to master
kumahq[bot] Jun 20, 2024
81b2ea3
docs(CHANGELOG.md): updating changelog and version files (#10579)
kumahq[bot] Jun 20, 2024
62e96b4
chore(merge): release-2.8 branch to master (#10567)
slonka Jun 20, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
4 changes: 2 additions & 2 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,13 @@ parameters:
# These parameters are not meant to be changed they are more constants for the build change these in mk/dev.mk
go_version:
type: string
default: "1.21.9"
default: "1.21.11"
first_k8s_version:
type: string
default: "v1.23.17-k3s1"
last_k8s_version:
type: string
default: "v1.29.1-k3s2"
default: "v1.30.0-k3s1"
ubuntu_image:
type: string
default: "ubuntu-2204:2022.10.2"
Expand Down
8 changes: 7 additions & 1 deletion .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ updates:
directory: "/"
schedule:
interval: "weekly"
day: monday
open-pull-requests-limit: 15
labels:
- "dependencies"
Expand All @@ -14,6 +15,11 @@ updates:
go.opentelemetry.io:
patterns:
- "go.opentelemetry.io/*"
ignore:
# go-control-plane v0.12.0 introduced a potential deadlock issue. This issue is
# being tracked in https://github.com/envoyproxy/go-control-plane/issues/875.
# Remove this once the issue is resolved.
- dependency-name: github.com/envoyproxy/go-control-plane

- package-ecosystem: "docker"
directory: "/tools/releases/dockerfiles"
Expand All @@ -37,5 +43,5 @@ updates:
interval: "weekly"
open-pull-requests-limit: 15
labels:
- "dependencies"
- "dependencies"
- "ci/skip-test" # No need to run tests on github actions updates
14 changes: 7 additions & 7 deletions .github/workflows/_build_publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ jobs:
outputs:
BINARY_ARTIFACT_DIGEST_BASE64: ${{ steps.inspect-binary-output.outputs.binary_artifact_digest_base64 }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
Expand Down Expand Up @@ -95,7 +95,7 @@ jobs:
matrix:
image: ${{ fromJSON(inputs.images) }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Install dependencies for cross builds
Expand Down Expand Up @@ -128,15 +128,15 @@ jobs:
make test/container-structure/${{ matrix.image }}
- name: scan amd64 image
id: scan_image-amd64
uses: Kong/public-shared-actions/security-actions/scan-docker-image@2f02738ecb1670f01391162e43fe3f5d4e7942a1 # v2.2.2
uses: Kong/public-shared-actions/security-actions/scan-docker-image@62643b74f79f6a697b9add1a2f9c069bf9ca1250 # v2.3.0
with:
asset_prefix: image_${{ matrix.image }}-amd64
image: ./build/docker/${{ matrix.image }}-amd64.tar
upload-sbom-release-assets: true
- name: scan arm64 image
id: scan_image-arm64
if: ${{ fromJSON(inputs.FULL_MATRIX) }}
uses: Kong/public-shared-actions/security-actions/scan-docker-image@2f02738ecb1670f01391162e43fe3f5d4e7942a1 # v2.2.2
uses: Kong/public-shared-actions/security-actions/scan-docker-image@62643b74f79f6a697b9add1a2f9c069bf9ca1250 # v2.3.0
with:
asset_prefix: image_${{ matrix.image }}-arm64
image: ./build/docker/${{ matrix.image }}-arm64.tar
Expand Down Expand Up @@ -184,7 +184,7 @@ jobs:
- name: sign image
if: ${{ fromJSON(inputs.ALLOW_PUSH) }}
id: sign
uses: Kong/public-shared-actions/security-actions/sign-docker-image@2f02738ecb1670f01391162e43fe3f5d4e7942a1 # v2.2.2
uses: Kong/public-shared-actions/security-actions/sign-docker-image@62643b74f79f6a697b9add1a2f9c069bf9ca1250 # v2.3.0
with:
image_digest: ${{ steps.image_digest.outputs.digest }}
tags: ${{ steps.image_meta.outputs.image }}
Expand Down Expand Up @@ -213,7 +213,7 @@ jobs:
timeout-minutes: 10
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Install dependencies for cross builds
Expand Down Expand Up @@ -263,7 +263,7 @@ jobs:
- name: Generate GitHub app token
id: github-app-token
if: ${{ github.ref_type == 'tag' }}
uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1.10.0
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/_e2e.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ jobs:
echo "run-type=$RUN_TYPE">> $GITHUB_OUTPUT
- name: "GitHub Actions: check out code"
if: steps.eval-params.outputs.run-type == 'github'
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: "GitHub Actions: setup go"
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,14 @@ env:
CI_TOOLS_DIR: "/home/runner/work/kuma/kuma/.ci_tools"
# This is automatically managed by CI
K8S_MIN_VERSION: v1.23.17-k3s1
K8S_MAX_VERSION: v1.29.1-k3s2
K8S_MAX_VERSION: v1.30.0-k3s1
jobs:
test_unit:
timeout-minutes: 20
if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci/skip-test') }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/auto-merge.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
steps:
- name: Generate GitHub app token
id: github-app-token
uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1.10.0
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/blackbox-tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
timeout-minutes: 30
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: "Set up Go"
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/bom.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
timeout-minutes: 10
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: go.mod
Expand Down
59 changes: 55 additions & 4 deletions .github/workflows/build-test-distribute.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,23 +34,24 @@ jobs:
REGISTRY: ${{ steps.metadata.outputs.registry }}
VERSION_NAME: ${{ steps.metadata.outputs.version }}
NOTARY_REPOSITORY: ${{ (contains(steps.metadata.outputs.version, 'preview') && 'notary-internal') || 'notary' }}
CLOUDSMITH_REPOSITORY: ${{ steps.metadata.outputs.distribution_repository }}
steps:
- name: "Fail when 'ci/force-publish' label is present on PRs from forks"
if: ${{ fromJSON(env.FORCE_PUBLISH_FROM_FORK) }}
run: |
echo "::error title=Label 'ci/force-publish' cannot be used on PRs from forks::To prevent accidental exposure of secrets, CI won't use repository secrets on pull requests from forks"
exit 1
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: go.mod
cache: false
- uses: golangci/golangci-lint-action@38e1018663fa5173f3968ea0777460d3de38f256 # v5.3.0
- uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6.0.1
with:
args: --fix=false --verbose
version: v1.56.1
version: v1.59.0
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
Expand All @@ -65,7 +66,7 @@ jobs:
- run: |
make check
- id: sca-project
uses: Kong/public-shared-actions/security-actions/sca@2f02738ecb1670f01391162e43fe3f5d4e7942a1 # v2.2.2
uses: Kong/public-shared-actions/security-actions/sca@62643b74f79f6a697b9add1a2f9c069bf9ca1250 # v2.3.0
with:
dir: .
config: .syft.yaml
Expand All @@ -75,6 +76,7 @@ jobs:
echo "images=$(make images/info/release/json)" >> $GITHUB_OUTPUT
echo "registry=$(make docker/info/registry)" >> $GITHUB_OUTPUT
echo "version=$(make build/info/version)" >> $GITHUB_OUTPUT
echo "distribution_repository=$(make build/info/cloudsmith_repository)" >> $GITHUB_OUTPUT
test:
permissions:
contents: read
Expand Down Expand Up @@ -121,6 +123,12 @@ jobs:
timeout-minutes: 10
if: ${{ always() }}
runs-on: ubuntu-latest
permissions:
contents: write
actions: read # For getting workflow run info
env:
SECURITY_ASSETS_DOWNLOAD_PATH: "${{ github.workspace }}/security-assets"
SECURITY_ASSETS_PACKAGE_NAME: "security-assets" # Cloudsmith package for hosting security assets
steps:
- name: "Halt due to previous failures"
run: |-
Expand All @@ -129,3 +137,46 @@ jobs:
# so we manually check it here. An example could be found here: https://github.com/kumahq/kuma/actions/runs/7044980149
[[ ${{ contains(needs.*.result, 'failure')|| contains(needs.*.result, 'cancelled') }} == "true" ]] && exit 1
echo "All dependent jobs succeeded"
- name: "Download all SBOM assets"
id: collect_sbom
if: ${{ needs.build_publish.result == 'success' }}
uses: actions/download-artifact@v4
with:
path: ${{ env.SECURITY_ASSETS_DOWNLOAD_PATH }}
pattern: "*sbom.{cyclonedx,spdx}.json"
merge-multiple: true
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: "Download binary artifact provenance"
if: ${{ needs.provenance.result == 'success' && github.ref_type == 'tag' }}
id: collect_provenance
uses: actions/download-artifact@v4
with:
path: ${{ env.SECURITY_ASSETS_DOWNLOAD_PATH }}
pattern: ${{ github.event.repository.name }}.intoto.jsonl
merge-multiple: true
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: "Generate security assets TAR"
if: ${{ needs.build_publish.result == 'success' }}
id: security_assets_metadata
run: |
cd ${{ env.SECURITY_ASSETS_DOWNLOAD_PATH }}
find . -maxdepth 1 -type f \( -name '*sbom.*.json' -o -name '*.intoto.jsonl' \) -print | tar -cvzf ${{ env.SECURITY_ASSETS_PACKAGE_NAME }}.tar.gz -T -
ls -alR .
# Publish aggregated zip file of SBOMs and/or Binary Provenance to artifact regstry
- name: Push security assets to cloudsmith
id: push_security_assets
if: ${{ needs.provenance.result == 'success' || needs.build_publish.result == 'success' }}
uses: cloudsmith-io/action@8c47c26142749129401332a44d0aeac87243c40d # v0.6.10
with:
api-key: ${{ secrets.CLOUDSMITH_API_KEY }}
command: "push"
format: "raw"
owner: "kong"
repo: "${{ needs.check.outputs.CLOUDSMITH_REPOSITORY }}"
version: "${{ needs.check.outputs.VERSION_NAME }}"
file: "${{ env.SECURITY_ASSETS_DOWNLOAD_PATH }}/${{ env.SECURITY_ASSETS_PACKAGE_NAME }}.tar.gz"
name: "${{ env.SECURITY_ASSETS_PACKAGE_NAME }}"
summary: "SLSA security artifacts for ${{ github.repository }}"
description: "SBOM and Binary artifact Provenance for ${{ github.repository }}"
2 changes: 1 addition & 1 deletion .github/workflows/check.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
timeout-minutes: 10
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Check PR title
# This job checks the PR title using
# https://github.com/conventional-changelog/commitlint
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/codeql.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,18 +19,18 @@ jobs:
matrix:
language: ['go']
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: go.mod
- name: Initialize CodeQL
uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
uses: github/codeql-action/init@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
with:
config-file: ./.github/codeql/codeql-config.yml
languages: ${{ matrix.language }}
- name: Autobuild
uses: github/codeql-action/autobuild@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
uses: github/codeql-action/autobuild@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
uses: github/codeql-action/analyze@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
with:
category: "/language:${{matrix.language}}"
4 changes: 2 additions & 2 deletions .github/workflows/helm-release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
outputs:
filename: ${{ steps.package.outputs.filename }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
Expand Down Expand Up @@ -71,7 +71,7 @@ jobs:
- name: Generate GitHub app token
id: github-app-token
if: github.event.inputs.release == 'true'
uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1.10.0
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/merge-release-to-master.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
ref: "master"
fetch-depth: 0
Expand Down Expand Up @@ -44,7 +44,7 @@ jobs:
fi
- name: Generate GitHub app token
id: github-app-token
uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1.10.0
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/pr-comments.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
steps:
- name: Generate GitHub app token
id: github-app-token
uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1.10.0
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
Expand All @@ -38,7 +38,7 @@ jobs:
echo "REPO=$(gh pr view ${{ github.event.issue.number }} --repo ${{ github.repository }} --json headRepository,headRepositoryOwner --jq '[.headRepositoryOwner.login,.headRepository.name] | join("/")')" >> $GITHUB_ENV
env:
GITHUB_TOKEN: ${{ steps.github-app-token.outputs.token }}
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
repository: ${{ env.REPO }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
timeout-minutes: 30
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
ref: "master"
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
Expand All @@ -45,10 +45,10 @@ jobs:
- name: install-kuma-ci-tools
run: |
echo $(go env GOPATH)/bin >> $GITHUB_PATH
go install github.com/kumahq/ci-tools/cmd/release-tool@v0.12.0
go install github.com/kumahq/ci-tools/cmd/release-tool@v0.13.1
- name: Generate GitHub app token
id: github-app-token
uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1.10.0
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/scorecard.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,11 +25,11 @@ jobs:
# actions: read
steps:
- name: "Checkout code"
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
- name: "Run analysis"
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
with:
results_file: results.sarif
results_format: sarif
Expand Down Expand Up @@ -57,6 +57,6 @@ jobs:
retention-days: 5
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
with:
sarif_file: results.sarif
Loading
Loading