chore(deps): update all github action dependencies (main) #36140

cilium-renovate · 2024-11-25T08:15:35Z

This PR contains the following updates:

Package	Type	Update	Change
actions/checkout	action	minor	`v4.1.7` -> `v4.2.2`
actions/checkout	action	patch	`v4.2.1` -> `v4.2.2`
anchore/sbom-action	action	patch	`v0.17.6` -> `v0.17.8`
cert-manager/cert-manager		patch	`v1.16.1` -> `v1.16.2`
cilium/scale-tests-action	action	digest	`746605a` -> `d3ecfd8`
gcr.io/etcd-development/etcd		patch	`v3.5.16` -> `v3.5.17`
google-github-actions/auth	action	patch	`v2.1.5` -> `v2.1.7`
google-github-actions/setup-gcloud	action	patch	`v2.1.1` -> `v2.1.2`
google/cloud-sdk (changelog)		major	`499.0.0` -> `502.0.0`
google/cloud-sdk (changelog)		major	`492.0.0` -> `502.0.0`
https://github.com/cilium/scaffolding		digest	`aef7e18` -> `8158e8b`
kubernetes-sigs/kind		minor	`v0.24.0` -> `v0.25.0`
kubernetes/kubernetes		patch	`v1.31.2` -> `v1.31.3`
renovatebot/github-action	action	major	`v40.3.5` -> `v41.0.3`
renovatebot/renovate		major	`38.142.6` -> `39.28.0`

Release Notes

actions/checkout (actions/checkout)

`v4.2.2`

Compare Source

url-helper.ts now leverages well-known environment variables by @jww3 in https://github.com/actions/checkout/pull/1941
Expand unit test coverage for isGhes by @jww3 in https://github.com/actions/checkout/pull/1946

`v4.2.1`

Compare Source

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in https://github.com/actions/checkout/pull/1924

`v4.2.0`

Compare Source

Add Ref and Commit outputs by @lucacome in https://github.com/actions/checkout/pull/1180
Dependency updates by @dependabot- https://github.com/actions/checkout/pull/1777, https://github.com/actions/checkout/pull/1872

anchore/sbom-action (anchore/sbom-action)

`v0.17.8`

Compare Source

Changes in v0.17.8

chore(deps): update Syft to v1.17.0 (#507) [anchore-actions-token-generator]

`v0.17.7`

Compare Source

Changes in v0.17.7

chore(deps): update Syft to v1.16.0 (#506) [anchore-actions-token-generator]

cert-manager/cert-manager (cert-manager/cert-manager)

`v1.16.2`

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

This patch release of cert-manager 1.16 makes several changes to how PEM input is validated, adding maximum sizes appropriate to the type of PEM data which is being parsed.

This is to prevent an unacceptable slow-down in parsing specially crafted PEM data. The issue was found by Google's OSS-Fuzz project.

The issue is low severity; to exploit the PEM issue would require privileged access which would likely allow Denial-of-Service through other methods.

Note also that since most PEM data parsed by cert-manager comes from ConfigMap or Secret resources which have a max size limit of approximately 1MB, it's difficult to force cert-manager to parse large amounts of PEM data.

Further information is available in GHSA-r4pg-vg54-wxx4

In addition, the version of Go used to build cert-manager 1.16 was updated along with the base images.

Changes by Kind

Bug or Regression

Set a maximum size for PEM inputs which cert-manager will accept to remove possibility of taking a long time to process an input (#7401, @SgtCoDFish)

Other (Cleanup or Flake)

Bump go to 1.23.3 and bump base images to latest available (#7431, @SgtCoDFish)

google-github-actions/auth (google-github-actions/auth)

google-github-actions/setup-gcloud (google-github-actions/setup-gcloud)

`v2.1.2`

Compare Source

What's Changed

fix: update release workflows by @verbanicm in https://github.com/google-github-actions/setup-gcloud/pull/698
Release: v2.1.2 by @google-github-actions-bot in https://github.com/google-github-actions/setup-gcloud/pull/699

Full Changelog: google-github-actions/setup-gcloud@v2.1.1...v2.1.2

kubernetes-sigs/kind (kubernetes-sigs/kind)

`v0.25.0`

Compare Source

This release contains a number of small networking fixes and the latest Kubernetes releases. Happy KubeCon!

Breaking Changes

The default node image is now Kubernetes v1.31.2: kindest/node:v1.31.2@sha256:18fbefc20a7113353c7b75b5c869d7145a6abd6269154825872dc59c1329912e

New Features

Improved documentation for Ingress installation
Updated to latest go 1.22.x (1.22.9)

Images pre-built for this release:

v1.31.2: kindest/node:v1.31.2@sha256:18fbefc20a7113353c7b75b5c869d7145a6abd6269154825872dc59c1329912e
v1.30.6: kindest/node:v1.30.6@sha256:b6d08db72079ba5ae1f4a88a09025c0a904af3b52387643c285442afb05ab994
v1.29.10: kindest/node:v1.29.10@sha256:3b2d8c31753e6c8069d4fc4517264cd20e86fd36220671fb7d0a5855103aa84b
v1.28.15: kindest/node:v1.28.15@sha256:a7c05c7ae043a0b8c818f5a06188bc2c4098f6cb59ca7d1856df00375d839251
v1.27.16: kindest/node:v1.27.16@sha256:2d21a61643eafc439905e18705b8186f3296384750a835ad7a005dceb9546d20
v1.26.15: kindest/node:v1.26.15@sha256:c79602a44b4056d7e48dc20f7504350f1e87530fe953428b792def00bc1076dd

NOTE: You must use the @sha256 digest to guarantee an image built for this release, until such a time as we switch to a different tagging scheme. Even then we will highly encourage digest pinning for security and reproducibility reasons.

Fixes

Updated kube-network-policies with a DNS fix for network policies
Fix conflict with developing kube-network-policies
Detect new docker ipv6 failure message and fallback to ipv4 only gracefully
- Fixes github codespaces, however we recommend ensuring ip6tables works on your host or at least disabling ipv6 in the docker daemon settings then: https://docs.docker.com/engine/release-notes/27/#ipv6
Workaround podman no longer returning host IP for portmaps
Aggregate ipmasq sync errors in kindnetd

Contributors

Thank you to everyone who contributed to this release!

Users whose commits are in this release (alphabetically by user name)

Thank you to everyone who contributed in any way.

A special thank you to @neolit123 for all your help over the years, and stepping down when you no longer had the time.
Thank you!

kubernetes/kubernetes (kubernetes/kubernetes)

`v1.31.3`: Kubernetes v1.31.3

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

renovatebot/github-action (renovatebot/github-action)

`v41.0.3`

Compare Source

Documentation

update references to ghcr.io/renovatebot/renovate to v39.8.0 (48bf067)
update references to ghcr.io/renovatebot/renovate to v39.9.5 (4d3c902)
update references to renovatebot/github-action to v41 (8c2d373)

Miscellaneous Chores

deps: update dependency @semantic-release/github to v11.0.1 (5150429)
deps: update dependency @types/node to v20.17.6 (b26f47a)
deps: update dependency eslint to v9.14.0 (2520727)

Build System

deps: lock file maintenance (2a30dff)

Continuous Integration

deps: update renovate docker tag to v39.10.0 (0b0c661)
deps: update renovate docker tag to v39.11.5 (ac5eabb)
deps: update renovate docker tag to v39.11.7 (083a7cb)
deps: update renovate docker tag to v39.12.0 (6ee41b5)
deps: update renovate docker tag to v39.13.0 (0741565)
deps: update renovate docker tag to v39.13.1 (d168b7a)
deps: update renovate docker tag to v39.15.2 (f235ae8)
deps: update renovate docker tag to v39.15.3 (dd402a8)
deps: update renovate docker tag to v39.17.0 (5033ef1)
deps: update renovate docker tag to v39.17.1 (2935695)
deps: update renovate docker tag to v39.18.1 (c0a0230)
deps: update renovate docker tag to v39.9.0 (962c37a)
deps: update renovate docker tag to v39.9.1 (7c22503)
deps: update renovate docker tag to v39.9.5 (47301d4)

`v41.0.2`

Compare Source

Build System

compile as esm (#888) (e8fc25c)

`v41.0.1`

Compare Source

Miscellaneous Chores

deps: update dependency eslint to v9 (#881) (d4f5ed0)
renovate: fix config (#884) (1eb9d9b)

Tests

e2e: test with default version (#886) (d16f12d)

Build System

use esbuild (#887) (4a407be)

Continuous Integration

deps: update renovate docker tag to v39 (#885) (f8106c1)
simplify (#883) (a060887)
use github-actions[bot] for merge commit (#882) (4c22a10)

`v41.0.0`

Compare Source

⚠ BREAKING CHANGES

Renovate is now pinned to v39.

Features

pin renovate major version (#880) (c31251b)

`v40.3.6`

Compare Source

Bug Fixes

refactor: use named imports (#879) (4d91b7f)

Documentation

Fix permissions for Renovate 39 (#873) (80524aa)
update references to ghcr.io/renovatebot/renovate to v39 (fa742b7)

Miscellaneous Chores

deps: update dependency @semantic-release/github to v11 (#876) (03986b7)
deps: update dependency @types/node to v20.17.2 (9b8168b)
deps: update dependency @types/node to v20.17.3 (62e9650)
deps: update dependency @types/node to v20.17.4 (b274faf)
deps: update dependency @types/node to v20.17.5 (de0fb82)
deps: update dependency eslint-plugin-json to v4 (#874) (205c9ef)
deps: update dependency npm-run-all2 to v7 (#877) (7b3e4ff)
deps: update typescript-eslint monorepo to v8 (major) (#878) (5343762)
husky migration (#875) (c884ed2)

Continuous Integration

deps: update renovate docker tag to v38.142.7 (5bf87b6)

renovatebot/renovate (renovatebot/renovate)

`v39.28.0`

Compare Source

Features

bitbucket: support fetching changelogs with source directory (#32691) (1234169)

Code Refactoring

maven: Fix types for util functions (#32702) (e5655a8)

`v39.27.0`

Compare Source

Features

deps: update ghcr.io/renovatebot/base-image docker tag to v9.10.0 (#32698) (5367a7a)

Miscellaneous Chores

deps: lock file maintenance (#32686) (324b9f6)
deps: update codecov/codecov-action action to v5 (#32683) (67ea5ba)

`v39.26.3`

Compare Source

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.9.6 (#32681) (6cabf3d)
Revert "fix(bitbucket): source link root path" (#32680) (021db4b)

`v39.26.2`

Compare Source

Bug Fixes

bitbucket: source link root path (#32676) (b7951c3)

Code Refactoring

platform/gitlab: fix api reponse type in createPr fn (#32428) (e3b97c1)

`v39.26.1`

Compare Source

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.9.5 (#32668) (e94172e)

Miscellaneous Chores

deps: update dependency type-fest to v4.27.0 (#32669) (e9588f1)

`v39.26.0`

Compare Source

Features

manager/asdf: add asdf protoc support (#32646) (22e7984)

Miscellaneous Chores

deps: update pnpm to v9.13.2 (#32667) (2b8cd76)

`v39.25.5`

Compare Source

Build System

deps: update dependency google-auth-library to v9.15.0 (#32666) (e02ccd1)

`v39.25.4`

Compare Source

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.9.4 (#32664) (e5d1d6f)

Miscellaneous Chores

deps: update pnpm to v9.13.1 (#32663) (4ce73ba)

`v39.25.3`

Compare Source

Bug Fixes

datasource/maven: make cache key extractedVersion specific (#32658) (6e36262)

`v39.25.2`

Compare Source

Bug Fixes

Revert "feat(manager/asdf): add support for java semeru and semeru-jre" (#32656) (3660a50)

`v39.25.1`

Compare Source

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.9.3 (#32655) (f6a00e1)

`v39.25.0`

Compare Source

Features

manager: Cloud Native Buildpacks project descriptor manager (#30799) (bbedb2d)

Code Refactoring

platform/gitlab: consolidate duplicate code (#32566) (6bdd27a)

`v39.24.0`

Compare Source

Features

gradle: add support for java.toolchain.languageVersion detection in build.gradle(.kts) files (#32461) (0ff6e98)

`v39.23.1`

Compare Source

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.9.2 (#32647) (7c2c539)
docker: chmod the renovate cache dir to allow custom uids (#32649) (a4d8bff)

Miscellaneous Chores

deps: update actions/dependency-review-action action to v4.5.0 (#32648) (910716b)

`v39.23.0`

Compare Source

Features

deps: update ghcr.io/renovatebot/base-image docker tag to v9.9.0 (#32643) (fa947a8)

`v39.22.0`

Compare Source

Features

deps: update ghcr.io/renovatebot/base-image docker tag to v9.8.0 (#32642) (07ffefc)

Documentation

updated encrypted secrets deprecation messaging (#32634) (e732e8e)

Miscellaneous Chores

deps: update github/codeql-action action to v3.27.5 (#32641) (8deacdc)
deps: update pnpm to v9.13.0 (#32637) (c9033ac)

`v39.21.1`

Compare Source

Bug Fixes

deps: update dependency mkdocs-material to v9.5.45 (#32631) (9f889fb)

Miscellaneous Chores

deps: update aquasecurity/trivy-action action to v0.29.0 (#32628) (b8d7e15)

Build System

deps: update dependency graph-data-structure to v4 (#32320) (cb20666)

`v39.21.0`

Compare Source

Features

bundler: add inline source support (#32600) (8e52625)

`v39.20.6`

Compare Source

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.7.12 (#32627) (55c0751)

Documentation

config-presets: use inline code for preset patterns (#32622) (865ce91)

Miscellaneous Chores

deps: update otel/opentelemetry-collector-contrib docker tag to v0.114.0 (#32624) (c34ce2a)

`v39.20.5`

Compare Source

Documentation

add documentation for the Developer Portal host rules credentials (#32542) (c80a052)

Miscellaneous Chores

deps: lock file maintenance (#32618) (3f6b74d)

Build System

deps: update dependency @renovatebot/kbpgp to v4.0.1 (#32619) (741488f)

`v39.20.4`

Compare Source

Bug Fixes

docker-image: ensure base & cache dir at build time (#32594) (1f71981)

Documentation

rust: hostType should be "crate" instead of "cargo" (#32591) (743fed0)

`v39.20.3`

Compare Source

Bug Fixes

deps: update ghcr.io/containerbase/sidecar docker tag to v13.0.21 (#32602) (4619411)

Miscellaneous Chores

deps: update ghcr.io/containerbase/devcontainer docker tag to v13.0.21 (#32601) (e90a581)

`v39.20.2`

Compare Source

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.7.11 (#32603) (955c3a9)

Build System

deps: update dependency @cdktf/hcl2json to v0.20.10 (#32593) (84d384a)

`v39.20.1`

Compare Source

Bug Fixes

terraform: correct hostname regex and add tests (#32565) (dd1b316)

`v39.20.0`

Compare Source

Features

manager/asdf: add supported tools (#32333) (d76a53d)

Documentation

update references to renovate/renovate (#32587) (95d8ee3)

Miscellaneous Chores

deps: lock file maintenance (#32588) (931bb73)
deps: update containerbase/internal-tools action to v3.4.45 (#32589) (1f47645)
deps: update dependency @swc/core to v1.9.2 (#32590) (66f4af8)

`v39.19.1`

Compare Source

Bug Fixes

deps: update ghcr.io/containerbase/sidecar docker tag to v13.0.20 (#32583) (2375e5d)
deps: update ghcr.io/renovatebot/base-image docker tag to v9.7.10 (#32584) (7b629e9)

Miscellaneous Chores

deps: update containerbase/internal-tools action to v3.4.43 (#32580) (3e98cea)
deps: update ghcr.io/containerbase/devcontainer docker tag to v13.0.19 (#32581) (3d1c96d)
deps: update ghcr.io/containerbase/devcontainer docker tag to v13.0.20 (#32582) (e2e05be)

`v39.19.0`

Compare Source

Features

uv: support GCloud credentials for Google Artifact Registry when locking (#32545) (80f03a8)

`v39.18.4`

Compare Source

Bug Fixes

deps: update ghcr.io/containerbase/sidecar docker tag to v13.0.18 (#32578) (6f0ae0c)

Miscellaneous Chores

deps: lock file maintenance (#32579) (dc1be85)
deps: update ghcr.io/containerbase/devcontainer docker tag to v13.0.18 (#32577) (a39e0ac)

`v39.18.3`

Compare Source

Bug Fixes

deps: update ghcr.io/containerbase/sidecar docker tag to v13.0.16 (#32576) (8c4977f)

Miscellaneous Chores

deps: update dependency markdownlint-cli2 to v0.15.0 (#32574) (54996ba)
deps: update dependency nock to v13.5.6 (#32571) (27841b4)
deps: update dependency renovatebot/github-action to v41.0.3 (#32572) (7697923)
deps: update ghcr.io/containerbase/devcontainer docker tag to v13.0.16 (#32575) (e4b6e62)

`v39.18.2`

Compare Source

Bug Fixes

ensure packageFiles isn't null during dependency extraction (#32570) (ebdf819)

`v39.18.1`

Compare Source

Bug Fixes

git: fix gpg commit signing (#32483) (#32543) (9b45b6b)
Handle extractVersion with release post-processing (#32540) (cb7c10b)

`v39.18.0`

Compare Source

Features

manager/conan: Conan 1 package name compatibility (#32425) (dbfa6b2)

`v39.17.1`

Compare Source

Bug Fixes

logs: don't log all packageFiles when checking for deprecated (#32563) (a413b75)

`v39.17.0`

Compare Source

Features

bundler: add source variables support (#32337) (a1c5150)

Miscellaneous Chores

manager/gomod: Update go toolchain specifier in test (#32546) (0cc330e)

`v39.16.0`

Compare Source

Features

datasource/go: support gitea tags (#32555) (85dd149)

`v39.15.4`

Compare Source

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.7.6 (#32557) (a79fd60)

Miscellaneous Chores

deps: update python:3.13 docker digest to bc78d3c (#32553) (af7d6c6)
deps: update slackapi/slack-github-action action to v1.27.1 (#32554) (7877afc)

`v39.15.3`

Compare Source

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.7.5 (#32548) (6c75b77)

Documentation

release notes for Renovate v39 (#32504) (5b1b97b)

Miscellaneous Chores

deps: update github/codeql-action action to v3.27.4 (#32541) (9f9c2d4)

`v39.15.2`

Compare Source

Documentation

gradle: correct requirements to process verification-metadata (#32534) (c238db0)

Build System

deps: update opentelemetry-js monorepo to v0.54.2 (#32538) (1d8ca5c)

`v39.15.1`

Compare Source

Build System

deps: update dependency openpgp to v6 (#32479) (d4b1502)

`v39.15.0`

Compare Source

Features

manager/cargo: support reading package version from workspace (local only) (#32533) (6de1322)

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.7.4 (#32532) (7e6d11a)

`v39.14.1`

Compare Source

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.7.3 (#32525) (89ebb35)

`v39.14.0`

Compare Source

Features

pep621: set Git insteadOf directives when updating pdm/uv locks (#32378) (22880e9)

Miscellaneous Chores

deps: update python:3.13 docker digest to a6ed02f (#32524) (2862f76)

`v39.13.1`

Compare Source

Bug Fixes

deps: update ghcr.io/renovatebot/base-image docker tag to v9.7.2 (#32520) (c1c45dc)

`v39.13.0`

Compare Source

Features

logger: prefix log env settings with RENOVATE_ (#32499) (42b448b)

Bug Fixes

gradle: Increase tree parsing depth (#32516) (84f5d2a)
overide punycode built-in module (#32502) (41ba7c3)

Miscellaneous Chores

deps: update python:3.13 docker digest to f605a30 (#32518) (bf07498)
manager/gomod: Update go version to 1.23.3 in tests/examples (#32514) (894250d)

`v39.12.0`

Compare Source

Features

config: Log unknown parsing error at debug level (#32512) (de518af)

Documentation

faq: update Renovate version in example (#32503) (b6acbff)
gitlab: Fix link to gitlab codeowners documentation (#32508) (40a6004)

Miscellaneous Chores

deps: update dependency @swc/core to v1.9.1 ([#3250

Configuration

📅 Schedule: Branch creation - "on sunday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

Signed-off-by: cilium-renovate[bot] <134692979+cilium-renovate[bot]@users.noreply.github.com>

chore(deps): update all github action dependencies

0d89904

Signed-off-by: cilium-renovate[bot] <134692979+cilium-renovate[bot]@users.noreply.github.com>

cilium-renovate bot requested a review from a team as a code owner November 25, 2024 08:15

cilium-renovate bot added kind/enhancement This would improve or streamline existing functionality. release-note/misc This PR makes changes that have no direct user impact. renovate/stop-updating Tell Renovate to stop updating PR labels Nov 25, 2024

cilium-renovate bot requested review from a team as code owners November 25, 2024 08:15

cilium-renovate bot requested review from dlapcevic and ciliumbot November 25, 2024 08:15

cilium-renovate bot temporarily deployed to auto-approve November 25, 2024 08:15 Inactive

github-actions bot added the kind/community-contribution This was a contribution made by a community member. label Nov 25, 2024

ciliumbot approved these changes Nov 25, 2024

View reviewed changes

julianwiedmann added this pull request to the merge queue Nov 25, 2024

Merged via the queue into main with commit 00b32ab Nov 25, 2024
317 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): update all github action dependencies (main) #36140

chore(deps): update all github action dependencies (main) #36140

Uh oh!

cilium-renovate bot commented Nov 25, 2024

Uh oh!

Uh oh!

Uh oh!

chore(deps): update all github action dependencies (main) #36140

chore(deps): update all github action dependencies (main) #36140

Uh oh!

Conversation

cilium-renovate bot commented Nov 25, 2024

Release Notes

Changes in v0.17.8

Changes in v0.17.7

Changes by Kind

Bug or Regression

Other (Cleanup or Flake)

What's Changed

What's Changed

What's Changed

Breaking Changes

New Features

Fixes

Contributors

v1.31.3: Kubernetes v1.31.3

Documentation

Miscellaneous Chores

Build System

Continuous Integration

Build System

Miscellaneous Chores

Tests

Build System

Continuous Integration

⚠ BREAKING CHANGES

Features

Bug Fixes

Documentation

Miscellaneous Chores

Continuous Integration

Features

Code Refactoring

Features

Miscellaneous Chores

Bug Fixes

Bug Fixes

Code Refactoring

Bug Fixes

Miscellaneous Chores

Features

Miscellaneous Chores

Build System

Bug Fixes

Miscellaneous Chores

Bug Fixes

Bug Fixes

Bug Fixes

Features

Code Refactoring

Features

Bug Fixes

Miscellaneous Chores

Features

Features

Documentation

Miscellaneous Chores

Bug Fixes

Miscellaneous Chores

Build System

Features

Bug Fixes

Documentation

Miscellaneous Chores

Documentation

Miscellaneous Chores

Build System

Bug Fixes

Documentation

Bug Fixes

Miscellaneous Chores

Bug Fixes

Build System

Bug Fixes

Features

Documentation

Miscellaneous Chores

`v1.31.3`: Kubernetes v1.31.3