dependabot[bot]
cf9ebf7810
rebase: bump github/codeql-action from 3.27.6 to 3.27.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.6 to 3.27.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](aa57810251...df409f7d92
2024-12-17 15:47:36 +00:00
dependabot[bot]
3c63fea23a
rebase: bump github/codeql-action from 3.27.5 to 3.27.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.5 to 3.27.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f09c1c0a94...aa57810251
2024-12-12 05:47:23 +00:00
Madhu Rajanna
a32ba13045
ci: update github action commenter
...
updating the github action pull
request commentor to drop
older unsupported release and support
3.13 release.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-12-03 15:34:13 +00:00
dependabot[bot]
18ecbfd9c7
rebase: bump actions/dependency-review-action from 4.4.0 to 4.5.0
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](4081bf99e2...3b139cfc5f
2024-11-26 08:40:26 +00:00
dependabot[bot]
efc58ed742
rebase: bump github/codeql-action from 3.27.4 to 3.27.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.4 to 3.27.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ea9e4e3799...f09c1c0a94
2024-11-26 08:19:56 +00:00
dependabot[bot]
86baab7322
rebase: bump github/codeql-action from 3.27.1 to 3.27.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.1 to 3.27.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4f3212b617...ea9e4e3799
2024-11-20 09:50:33 +00:00
dependabot[bot]
1981d7fb38
rebase: bump github/codeql-action from 3.27.0 to 3.27.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.0 to 3.27.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](662472033e...4f3212b617
2024-11-12 09:35:15 +00:00
dependabot[bot]
c3c00b0e61
rebase: bump github/codeql-action from 3.26.13 to 3.27.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.13 to 3.27.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f779452ac5...662472033e
2024-10-29 07:10:48 +00:00
dependabot[bot]
2f0af46080
rebase: bump actions/dependency-review-action from 4.3.4 to 4.4.0
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.3.4 to 4.4.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](5a2ce3f5b9...4081bf99e2
2024-10-29 06:40:42 +00:00
dependabot[bot]
710e3340ee
rebase: bump actions/checkout from 4.2.1 to 4.2.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](eef61447b9...11bd71901b
2024-10-29 06:09:06 +00:00
dependabot[bot]
0c5619b2a2
rebase: bump github/codeql-action from 3.26.12 to 3.26.13
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.12 to 3.26.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c36620d31a...f779452ac5
2024-10-15 08:29:11 +00:00
Nikhil-Ladha
396a475909
ci: fix Dockerfile path for snyk container action
...
update the Dockerfile path for the snyk github action
Signed-off-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-10-10 13:06:10 +00:00
dependabot[bot]
71193bcaa1
rebase: bump github/codeql-action from 3.26.10 to 3.26.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.10 to 3.26.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e2b3eafc8d...c36620d31a
2024-10-08 06:18:15 +00:00
dependabot[bot]
b94a55c0d3
rebase: bump actions/checkout from 4.2.0 to 4.2.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...eef61447b9
2024-10-08 05:47:27 +00:00
Nikhil-Ladha
44368bfeb4
ci: use private retest github action
...
use private retest github action instead of pinning
to a single branch/commit hash.
Signed-off-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-10-02 09:11:19 +00:00
dependabot[bot]
5aec13d7e6
rebase: bump actions/checkout from 4.1.7 to 4.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
2024-10-01 09:37:48 +00:00
dependabot[bot]
b18f5b4654
rebase: bump github/codeql-action from 3.26.8 to 3.26.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.8 to 3.26.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](294a9d9291...e2b3eafc8d
2024-10-01 09:16:31 +00:00
dependabot[bot]
ecf25038f2
rebase: bump github/codeql-action from 3.26.7 to 3.26.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.7 to 3.26.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8214744c54...294a9d9291
2024-09-25 07:43:09 +00:00
StepSecurity Bot
56d08e1b4d
ci: Harden GitHub Actions
...
Update GitHub actions to use full length commit ids for
third-party actions to reduce security risk in case of vulnerabilities.
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-09-19 11:00:39 +00:00
Niels de Vos
cde5048dd2
ci: pass the correct account token for Snyk jobs
...
The secret in the project settings has a typo and is called `SYNK_TOKEN`
instead of `SNYK_TOKEN`. Changing the name of the secret does not seem
to be trivial; it needs to be deleted and re-created, which requires
obtaining a new token, somehow. Adopting the name with the typo in the
GitHub Workflow is easier.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-08-27 09:58:24 +00:00
Madhu Rajanna
b0751cb06e
ci: update rules for 3.12 release
...
updating release for 3.12 release
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-08-14 15:11:41 +00:00
Nikhil-Ladha
71cbf3d7eb
ci: add test for uncommitted changes in deploy directory
...
added test for uncommitted changes in deploy directory under go-test GH action.
Also, created a new make target named `make check-deploy-committed` that
can be used to verify the uncommitted changes.
Signed-off-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-08-13 12:17:43 +00:00
Niels de Vos
6f043698d1
ci: add e2e-build-test for compiling the e2e testsuite
...
When Go modules get updated, golangci-lint sometimes fails with weird
errors. One of the common causes seems to be that there is a dependency
breakage between modules that are only used within the e2e test suite. A
normal build of the cephcsi executable succeeds, but building ./e2e
would fail.
By adding a job to build the e2e.test executable, a clear error message
will be reported when there are package dependency conflicts.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-06-28 08:38:54 +00:00
Niels de Vos
c558588bd8
ci: trigger k8s-1.30 jobs for current Ceph-CSI versions
...
Run CI jobs with Kubernetes 1.30 for the devel branch and upcoming
releases.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-05-02 15:25:58 +00:00
Niels de Vos
6009c28c30
ci: do not run k8s-1.26 tests for release-v3.11 and devel
...
The k8s-external-storage/1.26 CI job does not work with the versions
that are part of the release-v3.11 and devel branches.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-05-02 15:25:58 +00:00
Rakshith R
97bc20ae5a
ci: update pr-commentor rules matrix
...
This commit adds rules for release-v3.11
and removes rules for release-v3.9.
Signed-off-by: Rakshith R <rar@redhat.com>
2024-04-02 08:07:30 +00:00
Niels de Vos
fe050557c9
ci: no need to test the devel branch with k8s v1.26
...
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-02-15 08:22:16 +00:00
dependabot[bot]
6e20a7d062
rebase: bump peter-evans/create-or-update-comment from 3 to 4
...
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment ) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases )
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: peter-evans/create-or-update-comment
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 11:58:48 +00:00
dependabot[bot]
43d2f86dc7
rebase: bump actions/dependency-review-action from 3 to 4
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3 to 4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-24 08:48:11 +00:00
Riya Singhal
c807059618
ci: update github actions for k8s-1.29
...
kubernetes 1.29 is release recently, updating the
github action for the same.
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2024-01-04 13:02:44 +00:00
dependabot[bot]
4c97bbb2e4
rebase: bump github/codeql-action from 2 to 3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-19 08:29:02 +00:00
dependabot[bot]
6cab5bfd42
rebase: bump actions/stale from 8 to 9
...
Bumps [actions/stale](https://github.com/actions/stale ) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v8...v9 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-12 08:44:36 +00:00
Rakshith R
788b6629ec
ci: update pr-commentor rules matrix
...
This commit adds rules for release-v3.10
and removes rules for release-v3.8.
Signed-off-by: Rakshith R <rar@redhat.com>
2023-11-30 10:21:27 +01:00
Riya Singhal
aa55317c74
ci: add ci bot for auto assigning issue
...
this will auto assign the issue to the user who
commented /assign
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-11-22 13:19:26 +00:00
Madhu Rajanna
63f48874ad
ci: add snyk for container image
...
adding a github action to do security
scanning for the cephcsi container image
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-16 10:23:13 +00:00
Madhu Rajanna
6b3665b80c
ci: add snyk scanning
...
adding snyk github action to
run when a PR is merged to the release
branch or when a new release is done.
Run snyk weekly on the devel branch.
This will help us to track the security
scanning results and fix if anything is
required and also it serves as a placeholder
for security scanning result for a while.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-16 05:23:19 +00:00
dependabot[bot]
7f96dc8a64
rebase: bump actions/github-script from 6 to 7
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-11-14 09:12:35 +00:00
Niels de Vos
ba37ff73ac
ci: run tickgit after merging a PR in the devel branch
...
The `tickgit.com` webservice seems to not update itself anymore, but
having a list of TODO's is very useful. Use the tickgit project to
gather the TODO's, bit in a GitHub Workflow.
Developers can also run `make containerized-test TARGET=tickgit` to get
the result locally.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-11-08 08:29:10 +00:00
dependabot[bot]
5677834d24
rebase: bump docker/login-action from 2 to 3
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-20 10:03:37 +00:00
dependabot[bot]
b3ef8672a4
rebase: Bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 08:47:25 +00:00
Niels de Vos
ee843e6ffd
ci: only add /test .. comment if the branch for the PR matches
...
By adding an if-statement for each step of the matrix job, only those
steps are executed where the base ref of the PR matches the branch in
the matrix parameters.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-22 11:28:37 +00:00
Niels de Vos
2d120f2e10
ci: exclude branches from the testing matrix for ok-to-test comments
...
It seems that `matrix.*` parameters can not be used in the if-statement
for a job. Now using the `exclude:` parameter with a more dynamically
constructed value for the branch. If the value for the branch is not
part of the initial branch list, the value will not be excluded, so the
jobs are expected to run.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-22 11:09:14 +00:00
Niels de Vos
a57fe08e7d
ci: run versioned k8s jobs only on selected branches
...
By using a matrix strategy with excluding certain branches and
Kubernetes versions, the number of CI jobs per PullRequest should stay
limited.
Closes : #4060
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-21 11:06:29 +00:00
Madhu Rajanna
9ffd3ffd98
ci: update pull request commentor for kube 1.28.0
...
updating pull request commentor to
run tests with kubernetes 1.28.0
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-08-21 09:32:25 +02:00
Niels de Vos
f371aa2677
ci: use podman for simple GitHub workflows
...
`podman` is installed by default on the Ubuntu runners. Podman is
recommended for developers and contributors, as there are no elevated
privileges required to run it. Docker requires extra permissions to
build and or run container images, and contributors to Ceph-CSI should
not need to spend time working with that (several developers run the
`docker` command with `sudo`, which is discouraged).
Only the multi-arch Workflows require Docker, for the time being.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-07 16:34:44 +00:00
Niels de Vos
ce26b0e212
ci: allow CVE-2019-11255 in Kubernetes module dependency
...
It is unclear how a module for utility functions can have the same
problem as a separate side-car that is expected to do the input
validation. The side-cars have been fixed already, no further details
are in the CVE description (from 2019).
See-also: https://github.com/advisories/GHSA-f4w6-3rh6-6q4
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-07-26 13:34:23 +00:00
Rakshith R
37f1d722d3
ci: remove checks for k8s 1.24 ci tests
...
K8s 1.24 will be End of Life on 2023-07-28.
Therefore, removing checks for ci tests on
that version.
refer:
https://kubernetes.io/releases/#release-v1-24
Signed-off-by: Rakshith R <rar@redhat.com>
2023-06-16 09:07:18 +02:00
Rakshith R
40888f01b6
ci: fix pr-commentor for merge queue draft pr
...
The mergify label copier used github-actions bot
to add labels. Actions performed by github-actions
bot do not trigger a workflow and hence
pull-request-commentor was not working as expected.
This commit modifies mergify label copier to use
Cephcsi-bot to copy labels which then will be
able to trigger action to add pr comments.
Signed-off-by: Rakshith R <rar@redhat.com>
2023-06-14 10:23:12 +00:00
Niels de Vos
0e79135419
ci: prevent Retest Workflow from running on forked repos
...
Forked repositories contain the the `.github/workflows/` directory, and
therefore run all the GitHub Workflows located there. Some of the
workflows need additional configuration, like providing access to the
standard `GITHUB_TOKEN`. If the extra configuration is not done, the
GitHub Workflow will fail, and the owner of the forked repository will
receive regular notifications about that.
There is no need to run the "retest" workflow on forked repositories, so
it can be skipped by default.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-06-05 08:56:40 +00:00
Niels de Vos
6a5d7f57e5
ci: use the "ceph-csi-bot" account for commenting on PRs
...
By default the `GITHUB_TOKEN` is used for the actions, and the name of
the account that comments is "github-actions[bot]". It is a nice touch
to use the Ceph-CSI Bot account instead.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-06-05 07:37:51 +00:00
