dependabot[bot]
d46595eed8
build(deps): bump softprops/action-gh-release from 2.0.8 to 2.0.9
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.8 to 2.0.9.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](c062e08bd5...e7a8f85e1c
2024-10-31 18:34:55 +00:00
Tõnis Tiigi
62407927fa
Merge pull request #2757 from dvdksn/pprof-dev-docs
...
docs: add dev instructions on generating/analyzing pprof samples
2024-10-30 15:09:19 -07:00
CrazyMax
e26911f403
ci: keep contents read permissions in jobs
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-10-29 18:48:42 +01:00
CrazyMax
6b2dc8ce56
ci: fix workflow permissions
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-10-29 09:48:47 +01:00
David Karlsson
ca502cc9a5
docs: add dev instructions on generating/analyzing pprof samples
...
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2024-10-28 17:15:27 +01:00
Tõnis Tiigi
1de332530f
Merge pull request #2729 from thaJeztah/touchup_security
...
touch-up security policy
2024-10-10 09:57:55 -07:00
Sebastiaan van Stijn
1ce3e6a221
touch-up security policy
...
Touch-up the security policy to make the OpenSSF scorecard
slightly happier;
https://securityscorecards.dev/viewer/?uri=github.com/docker/buildx
Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-10-09 01:22:26 +02:00
Sebastiaan van Stijn
b1a13bb740
gha: set default permissions to "contents: read"
...
make the OpenSSF scorecard slightly happier;
https://securityscorecards.dev/viewer/?uri=github.com/docker/buildx
Warn: no topLevel permission defined: .github/workflows/build.yml:1
Warn: topLevel 'security-events' permission set to 'write': .github/workflows/codeql.yml:13
Warn: no topLevel permission defined: .github/workflows/docs-release.yml:1
Warn: no topLevel permission defined: .github/workflows/docs-upstream.yml:1
Warn: no topLevel permission defined: .github/workflows/e2e.yml:1
Warn: no topLevel permission defined: .github/workflows/labeler.yml:1
Warn: no topLevel permission defined: .github/workflows/validate.yml:1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-10-09 01:07:18 +02:00
dependabot[bot]
61d9f1d981
build(deps): bump peter-evans/create-pull-request from 7.0.3 to 7.0.5
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 7.0.3 to 7.0.5.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](6cd32fd936...5e914681df
2024-09-18 18:49:37 +00:00
dependabot[bot]
30e60628bf
build(deps): bump peter-evans/create-pull-request from 7.0.2 to 7.0.3
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 7.0.2 to 7.0.3.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](d121e62763...6cd32fd936
2024-09-16 18:36:21 +00:00
dependabot[bot]
15c596a091
build(deps): bump peter-evans/create-pull-request from 7.0.1 to 7.0.2
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 7.0.1 to 7.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](8867c4aba1...d121e62763
2024-09-12 18:30:42 +00:00
CrazyMax
120578091f
ci: fix golvulncheck job permissions
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-09-12 15:23:33 +02:00
CrazyMax
66ed7d6162
dockerfile, ci: update buildkit to latest stable
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-09-11 12:51:20 +02:00
dependabot[bot]
ad9a5196b3
build(deps): bump peter-evans/create-pull-request from 7.0.0 to 7.0.1
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 7.0.0 to 7.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](4320041ed3...8867c4aba1
2024-09-05 18:55:59 +00:00
dependabot[bot]
b920b08ad3
build(deps): bump peter-evans/create-pull-request from 6.1.0 to 7.0.0
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.1.0 to 7.0.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](c5a7806660...4320041ed3
2024-09-03 18:50:45 +00:00
CrazyMax
d391b1d3e6
ci: sync labels when files are reverted or no longer changed with labeler
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-07-30 12:48:31 +02:00
CrazyMax
386d599309
govulncheck to report known vulnerabilities
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-07-26 16:45:45 +02:00
CrazyMax
6efb1d7cdc
ci: skip scout job on forked repo
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-07-25 14:35:39 +02:00
CrazyMax
bc2748da59
ci: checkout step for scout job
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-07-25 14:15:31 +02:00
CrazyMax
a47f761c55
ci: scan bin image with docker scout
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-07-23 16:26:38 +02:00
dependabot[bot]
9f00a9eafa
build(deps): bump softprops/action-gh-release from 2.0.6 to 2.0.8
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.6 to 2.0.8.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](a74c6b72af...c062e08bd5
2024-07-19 13:54:21 +00:00
CrazyMax
466006849a
chore: update dependabot labels
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-07-19 11:39:51 +02:00
Tonis Tiigi
cbe7901667
update Go to 1.22
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2024-07-02 22:27:43 -07:00
Sebastiaan van Stijn
92a6799514
dockerfile, gha: update buildkit to 0.13.2, 0.14.1
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-26 15:52:28 +02:00
CrazyMax
f7bcafed21
build: opt to set progress warnings in response
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-06-26 06:53:35 +02:00
dependabot[bot]
0dfd315daa
build(deps): bump softprops/action-gh-release from 2.0.5 to 2.0.6
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.5 to 2.0.6.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](69320dbe05...a74c6b72af
2024-06-20 18:46:57 +00:00
CrazyMax
9b100c2552
Merge pull request #2541 from docker/dependabot/github_actions/peter-evans/create-pull-request-6.1.0
...
build(deps): bump peter-evans/create-pull-request from 6.0.5 to 6.1.0
2024-06-20 19:28:48 +02:00
CrazyMax
66b0abf078
Merge pull request #2536 from thompson-shaun/pr-labeler
...
ci: add pr-labeler
2024-06-20 15:26:28 +02:00
dependabot[bot]
009f318bbd
build(deps): bump peter-evans/create-pull-request from 6.0.5 to 6.1.0
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.5 to 6.1.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](6d6857d369...c5a7806660
2024-06-18 19:03:17 +00:00
Shaun Thompson
4d7365018c
ci: add pr-labeler
...
Signed-off-by: Shaun Thompson <shaun.thompson@docker.com>
2024-06-18 09:10:01 -04:00
dependabot[bot]
4c2e0c4307
build(deps): bump docker/bake-action from 4 to 5
...
Bumps [docker/bake-action](https://github.com/docker/bake-action ) from 4 to 5.
- [Release notes](https://github.com/docker/bake-action/releases )
- [Commits](https://github.com/docker/bake-action/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: docker/bake-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-17 18:12:10 +00:00
Tõnis Tiigi
e423d096a6
Merge pull request #2508 from crazy-max/integration-tests-coverage
...
test: setup integration tests coverage
2024-06-13 10:10:32 -07:00
CrazyMax
41d369120b
ci: enable disable_file_fixes in codecov action
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-06-12 08:47:48 +02:00
CrazyMax
6d5823beb1
test: setup integration tests coverage
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-06-12 08:46:49 +02:00
CrazyMax
ee3baa54f7
dockerfile: update buildkit to 0.14.0
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-06-11 20:38:39 +02:00
CrazyMax
24cedc6c0f
ci: switch to ubuntu-24.04 runner
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-06-11 14:32:54 +02:00
dependabot[bot]
480b53f529
build(deps): bump softprops/action-gh-release from 2.0.4 to 2.0.5
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](9d7c94cfd0...69320dbe05
2024-05-07 18:47:50 +00:00
CrazyMax
6d95fb586e
ci(validate): split lint
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-04-30 10:19:06 +02:00
dependabot[bot]
d2d21577fb
build(deps): bump peter-evans/create-pull-request from 6.0.4 to 6.0.5
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.4 to 6.0.5.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](9153d834b6...6d6857d369
2024-04-25 18:36:26 +00:00
Tonis Tiigi
d0cc9ed0cb
hack: add gopls based linters
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2024-04-24 18:11:30 -07:00
dependabot[bot]
bdf27ee797
build(deps): bump peter-evans/create-pull-request from 6.0.3 to 6.0.4
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](c55203cfde...9153d834b6
2024-04-17 18:53:16 +00:00
Tõnis Tiigi
ac331d3569
Merge pull request #2401 from crazy-max/ci-k3s-update
...
ci: switch to reusable workflow to install k3s
2024-04-15 16:00:55 -07:00
dependabot[bot]
1a0f9fa96c
build(deps): bump peter-evans/create-pull-request from 6.0.2 to 6.0.3
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](70a41aba78...c55203cfde
2024-04-12 18:33:29 +00:00
CrazyMax
54a5c1ff93
ci: switch to reusable workflow to install k3s
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-04-11 10:15:37 +02:00
CrazyMax
2e2f9f571f
build: set record provenance in response
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-04-11 10:11:27 +02:00
CrazyMax
7e3acad9f4
ci: remove buildkit-edge job
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-04-11 09:55:00 +02:00
CrazyMax
e04637cf34
ci: use string type for experimental so it can appear on actions page
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-04-11 09:55:00 +02:00
CrazyMax
b9c5f9f1ee
ci: run docker worker in dedicated matrix
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-04-11 09:48:32 +02:00
CrazyMax
92ab188781
dockerfile: update buildkit to 0.13.1
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-04-11 09:43:14 +02:00
CrazyMax
6e3164dc6f
tests: matrix with buildkit versions
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-04-11 09:42:19 +02:00
