This repository has been archived by the owner on Mar 22, 2024. It is now read-only.
Bump sigstore/cosign-installer from 3.0.3 to 3.0.4 #286
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.3 to 3.0.4. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@v3.0.3...v3.0.4) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
requested review from
marcofranssen,
kfox1111,
developer-guy and
dfeldman
as code owners
dependabot
bot
added
the
dependencies
dependabot
bot
requested review from
faisal-memon,
mrsabath and
edwbuck
as code owners
faisal-memon
approved these changes
May 17, 2023
faisal-memon
deleted the
dependabot/github_actions/sigstore/cosign-installer-3.0.4
branch
marcofranssen
added a commit
that referenced
this pull request
May 25, 2023
* c1c5b11 Merge pull request #306 from spiffe/remove-1.21 * 0df45e3 Fix up docs * ed038fe Upgrade to spire 1.6.4 (#308) * dc5d9cf Fix root README.md * e4447fd Upgrade Tornjak to new image v1.2.1 (#299) * 69f402e Update docs * 38d51d5 Apply suggestions from code review * a1ba235 Update docs * 1922085 Fix hooks for K3s (#305) * 4fb549e Remove 1.21.x testing * 88efc77 Allow to use spire-server as an upstream authority (#304) * 0ba0388 Add support for spire-server ingress (#68) * 4777a30 Bump test chart dependencies (#301) * 00c2c1a Fix the generated pr so that it runs jobs too (#303) * dd1ad49 Update images for cve's found by the cronjob (#290) * 1c69470 Updated Tornjak documenation with Not-for-production labels (#297) * 7809637 Merge pull request #296 from spiffe/dependabot/github_actions/helm/kind-action-1.7.0 * e61ed17 Merge pull request #295 from spiffe/dependabot/github_actions/sigstore/cosign-installer-3.0.5 * 9975e58 Merge pull request #245 from spiffe/tags * 7bb7ece Bump helm/kind-action from 1.6.0 to 1.7.0 * f1623a5 Bump sigstore/cosign-installer from 3.0.4 to 3.0.5 * f8db5a3 Fix Tornjak persistence issue (#294) * b30b412 Tornjak reuse spire-lib.cluster-domain macro (#292) * 90c9eb5 Fix kubectl-image macro to handle version deprecation * 300d1cc Apply deprecation of image.version to Tornjak * d850486 Instead of removing version, first deprecate version * 59e422b Add documentation for all image.tag values * d1f3cdb Switch image.version to image.tag * 31ce704 Cleanup maintainer handbook (#287) * a2da943 Remove manual dispatch from dummy workflow (#288) * 807558b Bump helm/kind-action from 1.5.0 to 1.6.0 (#285) * 3df67db Bump sigstore/cosign-installer from 3.0.3 to 3.0.4 (#286) * 5505d41 Merge pull request #283 from spiffe/additional-k8s-native-feature-tornjak-frontend * 391f093 Allow to configure topologySpreadConstraints for tornjak-frontend * 5cc26d3 Allow to configure tolerations for tornjak-frontend * 3537161 Allow to configure affinity for tornjak-frontend * aed6fdf Use the correct kubectl for the cluster (#248) * ee43c5e Add nodeSelector for tornjak * fc13cbd Merge pull request #234 from spiffe/tornjak * ed472aa Update documentation * a11cfc9 Allow to define the resources for tornjak backend * 382e0d4 Upgrade Tornjak image to version v1.2.0 (#259) * 657c460 Update charts/spire/charts/tornjak-frontend/templates/service.yaml * 7521caf Update charts/spire/charts/spire-server/templates/tornjak-config.yaml * b64c352 Update charts/spire/charts/spire-server/templates/tests/test-tornjak-connection.yaml * 6ddf6ab Improve tornjak docs (#276) * 80d34f0 Use common post-install scripts for testing * f5efa0c Remove dead macros * bd86518 Fixing shellcheck * 91bdea2 Provide minimal resources to prevent accidental crashes due to resource exhaustion * 1675997 Tornjak global image fix (#228) * 5e827ee Add Tornjak Tests (#220) * bdba97b Add empty directory to Tornjak to support npm cache (#224) * da186c5 Split Tornjak Frontend into separate subchart (#179) * 6d22126 Add Tornjak * 2669d8b Add maintainer's handbook. (#265) * 72596ae Skip tests for docs folders (#281) * 7c71738 Bump test chart dependencies (#279) * 05addae Add json to test path (#280) * 8d9b734 Switch the spire tests to always run (#250) Signed-off-by: Marco Franssen <marco.franssen@gmail.com>
marcofranssen
added a commit
that referenced
this pull request
May 25, 2023
* c1c5b11 Merge pull request #306 from spiffe/remove-1.21 * 0df45e3 Fix up docs * ed038fe Upgrade to spire 1.6.4 (#308) * dc5d9cf Fix root README.md * e4447fd Upgrade Tornjak to new image v1.2.1 (#299) * 69f402e Update docs * 38d51d5 Apply suggestions from code review * a1ba235 Update docs * 1922085 Fix hooks for K3s (#305) * 4fb549e Remove 1.21.x testing * 88efc77 Allow to use spire-server as an upstream authority (#304) * 0ba0388 Add support for spire-server ingress (#68) * 4777a30 Bump test chart dependencies (#301) * 00c2c1a Fix the generated pr so that it runs jobs too (#303) * dd1ad49 Update images for cve's found by the cronjob (#290) * 1c69470 Updated Tornjak documenation with Not-for-production labels (#297) * 7809637 Merge pull request #296 from spiffe/dependabot/github_actions/helm/kind-action-1.7.0 * e61ed17 Merge pull request #295 from spiffe/dependabot/github_actions/sigstore/cosign-installer-3.0.5 * 9975e58 Merge pull request #245 from spiffe/tags * 7bb7ece Bump helm/kind-action from 1.6.0 to 1.7.0 * f1623a5 Bump sigstore/cosign-installer from 3.0.4 to 3.0.5 * f8db5a3 Fix Tornjak persistence issue (#294) * b30b412 Tornjak reuse spire-lib.cluster-domain macro (#292) * 90c9eb5 Fix kubectl-image macro to handle version deprecation * 300d1cc Apply deprecation of image.version to Tornjak * d850486 Instead of removing version, first deprecate version * 59e422b Add documentation for all image.tag values * d1f3cdb Switch image.version to image.tag * 31ce704 Cleanup maintainer handbook (#287) * a2da943 Remove manual dispatch from dummy workflow (#288) * 807558b Bump helm/kind-action from 1.5.0 to 1.6.0 (#285) * 3df67db Bump sigstore/cosign-installer from 3.0.3 to 3.0.4 (#286) * 5505d41 Merge pull request #283 from spiffe/additional-k8s-native-feature-tornjak-frontend * 391f093 Allow to configure topologySpreadConstraints for tornjak-frontend * 5cc26d3 Allow to configure tolerations for tornjak-frontend * 3537161 Allow to configure affinity for tornjak-frontend * aed6fdf Use the correct kubectl for the cluster (#248) * ee43c5e Add nodeSelector for tornjak * fc13cbd Merge pull request #234 from spiffe/tornjak * ed472aa Update documentation * a11cfc9 Allow to define the resources for tornjak backend * 382e0d4 Upgrade Tornjak image to version v1.2.0 (#259) * 657c460 Update charts/spire/charts/tornjak-frontend/templates/service.yaml * 7521caf Update charts/spire/charts/spire-server/templates/tornjak-config.yaml * b64c352 Update charts/spire/charts/spire-server/templates/tests/test-tornjak-connection.yaml * 6ddf6ab Improve tornjak docs (#276) * 80d34f0 Use common post-install scripts for testing * f5efa0c Remove dead macros * bd86518 Fixing shellcheck * 91bdea2 Provide minimal resources to prevent accidental crashes due to resource exhaustion * 1675997 Tornjak global image fix (#228) * 5e827ee Add Tornjak Tests (#220) * bdba97b Add empty directory to Tornjak to support npm cache (#224) * da186c5 Split Tornjak Frontend into separate subchart (#179) * 6d22126 Add Tornjak * 2669d8b Add maintainer's handbook. (#265) * 72596ae Skip tests for docs folders (#281) * 7c71738 Bump test chart dependencies (#279) * 05addae Add json to test path (#280) * 8d9b734 Switch the spire tests to always run (#250) Signed-off-by: Marco Franssen <marco.franssen@gmail.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps sigstore/cosign-installer from 3.0.3 to 3.0.4.
Release notes
Sourced from sigstore/cosign-installer's releases.
Commits
03d0fecFix unsafe evaluation of inputs.use-sudo (#124)46b5db7use intermediate environment variables to avoid risks of script injection (#122)84448bawe should rely upon the digests not the tags, typos (#121)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)