Bump github.com/palantir/go-githubapp from 0.24.1 to 0.26.0 (#448)

* Bump github.com/palantir/go-githubapp from 0.24.1 to 0.26.0 Bumps [github.com/palantir/go-githubapp](https://github.com/palantir/go-githubapp) from 0.24.1 to 0.26.0. - [Release notes](https://github.com/palantir/go-githubapp/releases) - [Commits](palantir/go-githubapp@v0.24.1...v0.26.0) --- updated-dependencies: - dependency-name: github.com/palantir/go-githubapp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * search and replace Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com> * go mod tidy Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com> * formatting Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
BESTSELLER · Jun 6, 2024 · 056b97b · 056b97b
1 parent cd86cd5
commit 056b97b
Show file tree

Hide file tree

Showing 30 changed files with 51 additions and 50 deletions.
diff --git a/.github/bulldozer.yml b/.github/bulldozer.yml
@@ -8,4 +8,4 @@ merge:
     squash:
       body: summarize_commits
   delete_after_merge: true
-  allow_merge_with_no_checks: false
+  allow_merge_with_no_checks: false
diff --git a/.github/dependabot-circleci.yml b/.github/dependabot-circleci.yml
@@ -1,4 +1,4 @@
-reviewers: 
+reviewers:
   - BESTSELLER/engineering-services
 labels:
-  - automerge
+  - automerge
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -13,7 +13,7 @@ updates:
     labels:
       - "automerge"
       - "dependencies"
-    reviewers: 
+    reviewers:
       - BESTSELLER/engineering-services
   - package-ecosystem: "docker" # See documentation for possible values
     directory: "/" # Location of package manifests
@@ -23,14 +23,14 @@ updates:
     labels:
       - "automerge"
       - "dependencies"
-    reviewers: 
+    reviewers:
       - BESTSELLER/engineering-services
   - package-ecosystem: "terraform" # See documentation for possible values
     directory: "/terraform" # Location of package manifests
     open-pull-requests-limit: 10
     schedule:
       interval: "monthly"
-    reviewers: 
+    reviewers:
       - BESTSELLER/engineering-services
   - package-ecosystem: "github-actions" # See documentation for possible values
     directory: "/" # Location of package manifests
@@ -40,6 +40,5 @@ updates:
     labels:
       - "automerge"
       - "dependencies"
-    reviewers: 
+    reviewers:
       - BESTSELLER/engineering-services
-
diff --git a/.github/policy.yml b/.github/policy.yml
@@ -33,4 +33,4 @@ approval_rules:
           - "dependabot[bot]"
           - "dependabot-circleci[bot]"
     requires:
-      count: 0
+      count: 0
diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml
@@ -33,4 +33,4 @@ template: |
   ## Changes
   $CHANGES
 
-  **Full Changelog**: https://github.com/$OWNER/$REPOSITORY/compare/$PREVIOUS_TAG...$RESOLVED_VERSION
+  **Full Changelog**: https://github.com/$OWNER/$REPOSITORY/compare/$PREVIOUS_TAG...$RESOLVED_VERSION
diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml
@@ -29,4 +29,4 @@ jobs:
         #   config-name: my-config.yml
         #   disable-autolabeler: true
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.test_cases/1_docker_quay.yml b/.test_cases/1_docker_quay.yml
@@ -3,4 +3,4 @@ jobs:
   build:
     docker:
       - image: quay.io/jetstack/cert-manager-controller:v0.16.1
-        command: [--smallfiles]
+        command: [--smallfiles]
diff --git a/.test_cases/2_docker_gcr.yml b/.test_cases/2_docker_gcr.yml
@@ -3,4 +3,4 @@ jobs:
   build:
     docker:
       - image: gcr.io/google-containers/debian-iptables:v11.0.1
-        command: ["echo hej"]
+        command: ["echo hej"]
diff --git a/.test_cases/3_orb_regular.yml b/.test_cases/3_orb_regular.yml
@@ -1,3 +1,3 @@
 version: 2.1
 orbs:
-  secret-injector: bestsellerit/secret-injector@1.0.3
+  secret-injector: bestsellerit/secret-injector@1.0.3
diff --git a/.test_cases/4_orb_volatile.yml b/.test_cases/4_orb_volatile.yml
@@ -1,3 +1,3 @@
 version: 2.1
 orbs:
-  secret-injector: bestsellerit/secret-injector@volatile
+  secret-injector: bestsellerit/secret-injector@volatile
diff --git a/.test_cases/5_docker_latest.yml b/.test_cases/5_docker_latest.yml
@@ -3,4 +3,4 @@ jobs:
   build:
     docker:
       - image: alpine:latest
-        command: [--smallfiles]
+        command: [--smallfiles]
diff --git a/.test_cases/6_docker_notag.yml b/.test_cases/6_docker_notag.yml
@@ -3,4 +3,4 @@ jobs:
   build:
     docker:
       - image: alpine
-        command: [--smallfiles]
+        command: [--smallfiles]
diff --git a/.test_cases/7_docker_mcr.yml b/.test_cases/7_docker_mcr.yml
@@ -3,4 +3,4 @@ jobs:
   build:
     docker:
       - image: mcr.microsoft.com/dotnet/sdk:5.0
-        command: ["echo hej"]
+        command: ["echo hej"]
diff --git a/CODEOWNERS b/CODEOWNERS
@@ -1 +1 @@
-*   @BESTSELLER/engineering-services
+*   @BESTSELLER/engineering-services
diff --git a/Dockerfile b/Dockerfile
@@ -8,4 +8,4 @@ FROM alpine
 COPY --from=builder /tmp/dependabot-circleci /dependabot-circleci
 
 ENTRYPOINT ["/dependabot-circleci"]
-EXPOSE 3000
+EXPOSE 3000
diff --git a/README.md b/README.md
@@ -53,14 +53,14 @@ dependabot-circleci will recursively scan all the files and folders in the direc
 The `dependabot-circleci` configuration file, dependabot-circleci.yml, uses YAML syntax.
 You must store this file in the .github directory of your repository.
 
-| Option                            | Required | Description                                                                                    | Default                    |
-|:----------------------------------|:--------:|:-----------------------------------------------------------------------------------------------|----------------------------|
-| [`assignees`](#assignees)         |          | Assignees to set on pull requests                                                              | n/a                        |
-| [`labels`](#labels)               |          | Labels to set on pull requests                                                                 | n/a                        |
-| [`reviewers`](#reviewers)         |          | Reviewers to set on pull requests                                                              | n/a                        |
-| [`target-branch`](#target-branch) |          | Branch to create pull requests against                                                         | Default branch in the repo |
-| [`directory`](#directory)         |          | Path to the circleci config file, or folder to be scanned                                      | `/.circleci/config.yml`    |
-| [`schedule`](#schedule)           |          | When to look for updates                                                                       | daily                      |
+| Option                            | Required | Description                                               | Default                    |
+| :-------------------------------- | :------: | :-------------------------------------------------------- | -------------------------- |
+| [`assignees`](#assignees)         |          | Assignees to set on pull requests                         | n/a                        |
+| [`labels`](#labels)               |          | Labels to set on pull requests                            | n/a                        |
+| [`reviewers`](#reviewers)         |          | Reviewers to set on pull requests                         | n/a                        |
+| [`target-branch`](#target-branch) |          | Branch to create pull requests against                    | Default branch in the repo |
+| [`directory`](#directory)         |          | Path to the circleci config file, or folder to be scanned | `/.circleci/config.yml`    |
+| [`schedule`](#schedule)           |          | When to look for updates                                  | daily                      |
 
 ---
 <br/>
@@ -72,11 +72,11 @@ We are open for issues, pull requests etc.
 ## Running locally
 
 1. Clone the repository
-2. Make sure to have your secrets file in place  
+2. Make sure to have your secrets file in place
    2.1 BESTSELLER folks can use Harpocrates to get them from Vault.
       ```bash
       harpocrates -f secrets-local.yaml --vault-token $(vault token create -format=json | jq -r '.auth.client_token')
-      ```  
+      ```
    2.2 Others will have to fill out this template in any other way.
       ```json
       {
@@ -119,6 +119,6 @@ We are open for issues, pull requests etc.
    --header 'Content-Type: application/json' \
    --data '{"Org":"BESTSELLER","Repos": ["dependabot-circleci"]}'
    ```
-5. If you want to debug the worker without docker: 
+5. If you want to debug the worker without docker:
    1. Add the env vars from the docker-compose file to your local environment to match the worker
    2. Run/Debug in your IDE with the `-worker` flag
diff --git a/api/config_check.go b/api/config_check.go
@@ -10,7 +10,7 @@ import (
 	"github.com/BESTSELLER/dependabot-circleci/datadog"
 	"github.com/BESTSELLER/dependabot-circleci/db"
 	"github.com/BESTSELLER/dependabot-circleci/gh"
-	"github.com/google/go-github/v60/github"
+	"github.com/google/go-github/v62/github"
 	"github.com/palantir/go-githubapp/githubapp"
 	"github.com/pkg/errors"
 	"github.com/rs/zerolog/log"

diff --git a/dependabot/dependabot.go b/dependabot/dependabot.go
@@ -12,7 +12,7 @@ import (
 	"github.com/BESTSELLER/dependabot-circleci/config"
 	"github.com/BESTSELLER/dependabot-circleci/datadog"
 	"github.com/BESTSELLER/dependabot-circleci/gh"
-	"github.com/google/go-github/v60/github"
+	"github.com/google/go-github/v62/github"
 	"github.com/rs/zerolog/log"
 )
 

diff --git a/gh/client.go b/gh/client.go
@@ -6,7 +6,7 @@ import (
 	"net/http"
 	"time"
 
-	"github.com/google/go-github/v60/github"
+	"github.com/google/go-github/v62/github"
 	"github.com/gregjones/httpcache"
 	"github.com/palantir/go-githubapp/githubapp"
 

diff --git a/gh/commit.go b/gh/commit.go
@@ -6,7 +6,7 @@ import (
 	"net/http"
 	"strings"
 
-	"github.com/google/go-github/v60/github"
+	"github.com/google/go-github/v62/github"
 	"github.com/rs/zerolog/log"
 )
 

diff --git a/gh/repos.go b/gh/repos.go
@@ -3,7 +3,7 @@ package gh
 import (
 	"context"
 
-	"github.com/google/go-github/v60/github"
+	"github.com/google/go-github/v62/github"
 )
 
 // GetRepos returns a list of repos for an orginasation

diff --git a/gh/transport.go b/gh/transport.go
@@ -7,7 +7,7 @@ import (
 	"sync"
 	"time"
 
-	"github.com/google/go-github/v60/github"
+	"github.com/google/go-github/v62/github"
 	"github.com/rs/zerolog/log"
 )
 

diff --git a/go.mod b/go.mod
@@ -5,12 +5,12 @@ go 1.22
 require (
 	github.com/CircleCI-Public/circleci-cli v0.1.30549
 	github.com/google/go-containerregistry v0.19.1
-	github.com/google/go-github/v60 v60.0.0
+	github.com/google/go-github/v62 v62.0.0
 	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79
 	github.com/hashicorp/go-version v1.6.0
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/palantir/go-baseapp v0.5.2
-	github.com/palantir/go-githubapp v0.24.1
+	github.com/palantir/go-githubapp v0.26.0
 	github.com/pkg/errors v0.9.1
 	github.com/rs/zerolog v1.33.0
 	github.com/stretchr/testify v1.9.0
@@ -55,6 +55,7 @@ require (
 	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/go-github/v60 v60.0.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/s2a-go v0.1.7 // indirect
 	github.com/google/uuid v1.6.0 // indirect
@@ -79,7 +80,7 @@ require (
 	github.com/rogpeppe/go-internal v1.11.0 // indirect
 	github.com/rs/xid v1.5.0 // indirect
 	github.com/secure-systems-lab/go-securesystemslib v0.7.0 // indirect
-	github.com/shurcooL/githubv4 v0.0.0-20240120211514-18a1ae0e79dc // indirect
+	github.com/shurcooL/githubv4 v0.0.0-20240429030203-be2daab69064 // indirect
 	github.com/shurcooL/graphql v0.0.0-20181231061246-d48a9a75455f // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/spf13/afero v1.11.0 // indirect

diff --git a/go.sum b/go.sum
@@ -116,6 +116,8 @@ github.com/google/go-containerregistry v0.19.1 h1:yMQ62Al6/V0Z7CqIrrS1iYoA5/oQCm
 github.com/google/go-containerregistry v0.19.1/go.mod h1:YCMFNQeeXeLF+dnhhWkqDItx/JSkH01j1Kis4PsjzFI=
 github.com/google/go-github/v60 v60.0.0 h1:oLG98PsLauFvvu4D/YPxq374jhSxFYdzQGNCyONLfn8=
 github.com/google/go-github/v60 v60.0.0/go.mod h1:ByhX2dP9XT9o/ll2yXAu2VD8l5eNVg8hD4Cr0S/LmQk=
+github.com/google/go-github/v62 v62.0.0 h1:/6mGCaRywZz9MuHyw9gD1CwsbmBX8GWsbFkwMmHdhl4=
+github.com/google/go-github/v62 v62.0.0/go.mod h1:EMxeUqGJq2xRu9DYBMwel/mr7kZrzUOfQmmpYrZn2a4=
 github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
 github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
@@ -174,8 +176,8 @@ github.com/outcaste-io/ristretto v0.2.3 h1:AK4zt/fJ76kjlYObOeNwh4T3asEuaCmp26pOv
 github.com/outcaste-io/ristretto v0.2.3/go.mod h1:W8HywhmtlopSB1jeMg3JtdIhf+DYkLAr0VN/s4+MHac=
 github.com/palantir/go-baseapp v0.5.2 h1:b1ukx7AXo2/E4NkUvTFlW+185uwCcifzd2XzLrG4oS8=
 github.com/palantir/go-baseapp v0.5.2/go.mod h1:uijQMPfmgV69oiMu2jkskum/4HiYuEP/gzrnphD+/Co=
-github.com/palantir/go-githubapp v0.24.1 h1:LiqaDq587M0Sq0EqwSsme/HTkQTh4wcTd2pgWiBMBf8=
-github.com/palantir/go-githubapp v0.24.1/go.mod h1:x3vs+HLKMnRj3/Ut4vq8Q8idHqPforP2OsZrdGiCltM=
+github.com/palantir/go-githubapp v0.26.0 h1:YWHqsVWXLED3nXsXLGVKXK6DNPWFytPqcDKU6hBFHUE=
+github.com/palantir/go-githubapp v0.26.0/go.mod h1:e4aVb0zbw7+cnIWQg6uQxRVJY4m0JaivRiJ0k/9Rz7o=
 github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc=
 github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
 github.com/philhofer/fwd v1.1.2 h1:bnDivRJ1EWPjUIRXV5KfORO897HTbpFAQddBdE8t7Gw=
@@ -201,8 +203,8 @@ github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWR
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/secure-systems-lab/go-securesystemslib v0.7.0 h1:OwvJ5jQf9LnIAS83waAjPbcMsODrTQUpJ02eNLUoxBg=
 github.com/secure-systems-lab/go-securesystemslib v0.7.0/go.mod h1:/2gYnlnHVQ6xeGtfIqFy7Do03K4cdCY0A/GlJLDKLHI=
-github.com/shurcooL/githubv4 v0.0.0-20240120211514-18a1ae0e79dc h1:vH0NQbIDk+mJLvBliNGfcQgUmhlniWBDXC79oRxfZA0=
-github.com/shurcooL/githubv4 v0.0.0-20240120211514-18a1ae0e79dc/go.mod h1:zqMwyHmnN/eDOZOdiTohqIUKUrTFX62PNlu7IJdu0q8=
+github.com/shurcooL/githubv4 v0.0.0-20240429030203-be2daab69064 h1:RCQBSFx5JrsbHltqTtJ+kN3U0Y3a/N/GlVdmRSoxzyE=
+github.com/shurcooL/githubv4 v0.0.0-20240429030203-be2daab69064/go.mod h1:zqMwyHmnN/eDOZOdiTohqIUKUrTFX62PNlu7IJdu0q8=
 github.com/shurcooL/graphql v0.0.0-20181231061246-d48a9a75455f h1:tygelZueB1EtXkPI6mQ4o9DQ0+FKW41hTbunoXZCTqk=
 github.com/shurcooL/graphql v0.0.0-20181231061246-d48a9a75455f/go.mod h1:AuYgA5Kyo4c7HfUmvRGs/6rGlMMV/6B1bVnB9JxJEEg=
 github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=

diff --git a/secrets-ci.yaml b/secrets-ci.yaml
@@ -4,4 +4,4 @@ secrets:
       saveAsFile: true
       fileName: cloudrun_token
       format: json
-  - ES/data/$CIRCLE_PROJECT_REPONAME/db
+  - ES/data/$CIRCLE_PROJECT_REPONAME/db
diff --git a/secrets-local.yaml b/secrets-local.yaml
@@ -4,4 +4,4 @@ secrets:
   - ES/data/dependabot-circleci/prod:
       filename: app-secrets
   - ES/data/dependabot-circleci/db:
-      filename: db-secrets
+      filename: db-secrets
diff --git a/secrets.yml b/secrets.yml
@@ -1,4 +1,4 @@
 format: json
 output: "/secrets"
 secrets:
-  - ES/data/$CIRCLE_PROJECT_REPONAME/v2
+  - ES/data/$CIRCLE_PROJECT_REPONAME/v2
diff --git a/terraform/modules/cloud_run/main.tf b/terraform/modules/cloud_run/main.tf
@@ -125,7 +125,7 @@ resource "google_cloud_run_v2_service" "main" {
     volumes {
       name = "secrets"
       empty_dir {
-        medium = "MEMORY"
+        medium     = "MEMORY"
         size_limit = "1Mi"
       }
     }

diff --git a/terraform/modules/cloud_run/outputs.tf b/terraform/modules/cloud_run/outputs.tf
@@ -1,4 +1,3 @@
 output "url" {
   value = google_cloud_run_v2_service.main.uri
 }
-
diff --git a/terraform/modules/logs/variables.tf b/terraform/modules/logs/variables.tf
@@ -4,4 +4,4 @@ variable "project_id" {
 
 variable "monitor_project_id" {
   type = string
-}
+}