From d0ee33ca8b64f8845fdbf70ea90d911ef9ab203f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 13 Feb 2025 08:49:29 +0000
Subject: [PATCH] Bump the github-actions group across 1 directory with 4
updates (#207)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps the github-actions group with 4 updates in the / directory:
[google-github-actions/get-secretmanager-secrets](https://github.com/google-github-actions/get-secretmanager-secrets),
[actions/attest-build-provenance](https://github.com/actions/attest-build-provenance),
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
and
[docker/build-push-action](https://github.com/docker/build-push-action).
Updates `google-github-actions/get-secretmanager-secrets` from 2.2.2 to
2.2.3
Release notes
Sourced from google-github-actions/get-secretmanager-secrets's
releases.
v2.2.3
What's Changed
Full Changelog: https://github.com/google-github-actions/get-secretmanager-secrets/compare/v2...v2.2.3
Commits
Updates `actions/attest-build-provenance` from 2.1.0 to 2.2.0
Release notes
Sourced from actions/attest-build-provenance's
releases.
v2.2.0
What's Changed
Full Changelog: https://github.com/actions/attest-build-provenance/compare/v2.1.0...v2.2.0
Commits
520d128
bump actions/attest from v2.1.0 to v2.2.0 (#449)5d2ced9
Add example of upload-artifaction integration (#450)3c016c1
bump actions/attest from v2.1.0 to v2.2.0 (#449)e06bbaf
Bump the npm-development group with 3 updates (#447)47c6e87
Bump the npm-development group with 4 updates (#444)c083b46
Bump the npm-development group with 2 updates (#438)1b4b366
Bump typescript-eslint in the npm-development group (#434)963f8a0
Bump the npm-development group with 2 updates (#429)4ecada3
Bump the npm-development group across 1 directory with 3 updates (#422)f4b7552
bump eslint from 8.57.1 to 9.16.0 (#418)- See full diff in compare
view
Updates `docker/setup-buildx-action` from 3.8.0 to 3.9.0
Release notes
Sourced from docker/setup-buildx-action's
releases.
v3.9.0
Full Changelog: https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0
Commits
f7ce87c
Merge pull request #404
from docker/dependabot/npm_and_yarn/docker/actions-to...aa1e2a0
chore: update generated content673e008
build(deps): bump @docker/actions-toolkit from 0.53.0 to
0.54.0ba31df4
Merge pull request #402
from docker/dependabot/npm_and_yarn/docker/actions-to...5475af1
chore: update generated contentacacad9
build(deps): bump @docker/actions-toolkit from 0.48.0 to
0.53.06a25f98
Merge pull request #396
from crazy-max/bake-v6ca1af17
update bake-action to v6- See full diff in compare
view
Updates `docker/build-push-action` from 6.10.0 to 6.13.0
Release notes
Sourced from docker/build-push-action's
releases.
v6.13.0
Full Changelog: https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0
v6.12.0
Full Changelog: https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0
v6.11.0
Full Changelog: https://github.com/docker/build-push-action/compare/v6.10.0...v6.11.0
Commits
ca877d9
Merge pull request #1308
from docker/dependabot/npm_and_yarn/docker/actions-t...d2fe919
chore: update generated contentf0fc9ec
chore(deps): Bump @docker/actions-toolkit from 0.51.0 to
0.53.067a2d40
Merge pull request #1300
from docker/dependabot/npm_and_yarn/docker/actions-t...0b1b1c9
chore: update generated contentb6a7c2c
chore(deps): Bump @docker/actions-toolkit from 0.49.0 to
0.51.031ca4e5
Merge pull request #1296
from crazy-max/bake-v6e613db9
update bake-action to v6b32b51a
Merge pull request #1281
from docker/dependabot/npm_and_yarn/docker/actions-t...594bf46
Merge pull request #1294
from crazy-max/fix-e2e- Additional commits viewable in compare
view
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore ` will
remove the ignore condition of the specified dependency and ignore
conditions
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
.github/workflows/e2e.yml | 2 +-
.github/workflows/prerelease.yml | 4 ++--
.github/workflows/release.yml | 10 +++++-----
3 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
index 5ea50ad..95443cd 100644
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -60,7 +60,7 @@ jobs:
github-token: ${{ steps.get_token.outputs.token }}
cluster-name: ${{ env.SERVERLESS_PROJECT }}
- - uses: google-github-actions/get-secretmanager-secrets@e5bb06c2ca53b244f978d33348d18317a7f263ce # v2.2.2
+ - uses: google-github-actions/get-secretmanager-secrets@a8440875e1c2892062aef9061228d4f1af8f919b # v2.2.3
with:
export_to_environment: true
secrets: |-
diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml
index f6e4f0f..ff082cd 100644
--- a/.github/workflows/prerelease.yml
+++ b/.github/workflows/prerelease.yml
@@ -33,12 +33,12 @@ jobs:
name: Release
- name: Generate build provenance (Distribution)
- uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0
+ uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4 # v2.2.0
with:
subject-path: "${{ github.workspace }}/${{ env.RELEASE_DISTRO }}"
- name: Generate build provenance (Packages)
- uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0
+ uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4 # v2.2.0
with:
subject-path: "${{ github.workspace }}/${{ env.RELEASE_PACKAGES }}"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 67909b4..21a327e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -41,17 +41,17 @@ jobs:
run: ls -al ${{ env.RELEASE_DISTRO }}
- name: Generate build provenance (Distribution)
- uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0
+ uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4 # v2.2.0
with:
subject-path: "${{ github.workspace }}/${{ env.RELEASE_DISTRO }}"
- name: Generate build provenance (Packages)
- uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0
+ uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4 # v2.2.0
with:
subject-path: "${{ github.workspace }}/${{ env.RELEASE_PACKAGES }}"
- name: Set up Docker Buildx
- uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
+ uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0
- name: Log in to the Elastic Container registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
@@ -80,7 +80,7 @@ jobs:
- name: Build and Push Profiler Docker Image
id: docker-push
continue-on-error: true # continue for now until we see it working in action
- uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
+ uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
with:
cache-from: type=gha
cache-to: type=gha,mode=max
@@ -91,7 +91,7 @@ jobs:
labels: ${{ steps.docker-meta.outputs.labels }}
- name: Attest image
- uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0
+ uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4 # v2.2.0
continue-on-error: true # continue for now until we see it working in action
with:
subject-name: ${{ env.DOCKER_IMAGE_NAME }}