Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the all group across 1 directory with 8 updates #1784

Merged
merged 2 commits into from
Jul 26, 2024
Merged

build(deps): bump the all group across 1 directory with 8 updates #1784

merged 2 commits into from
Jul 26, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 24, 2024

Bumps the all group with 4 updates in the /acceptance directory: github.com/enterprise-contract/enterprise-contract-controller/api, github.com/gkampitakis/go-snaps, github.com/google/go-containerregistry and sigs.k8s.io/kustomize/api.

Updates github.com/enterprise-contract/enterprise-contract-controller/api from 0.1.48 to 0.1.50

Release notes

Sourced from github.com/enterprise-contract/enterprise-contract-controller/api's releases.

API Release api/v0.1.50

What's Changed

Full Changelog: enterprise-contract/enterprise-contract-controller@api/v0.1.49...api/v0.1.50

API Release api/v0.1.49

What's Changed

Full Changelog: enterprise-contract/enterprise-contract-controller@api/v0.1.48...api/v0.1.49

Commits
  • c4e5c05 Merge pull request #369 from enterprise-contract/dependabot/github_actions/so...
  • a96b8d8 Merge pull request #368 from enterprise-contract/dependabot/github_actions/st...
  • c7f9eee Merge pull request #367 from enterprise-contract/dependabot/github_actions/gi...
  • 5ed0b88 Merge pull request #363 from enterprise-contract/dependabot/go_modules/api/k8...
  • 988f770 Bump k8s.io/apiextensions-apiserver from 0.29.6 to 0.29.7 in /api
  • aeff6c0 Bump softprops/action-gh-release from 2.0.6 to 2.0.8
  • c45b339 Bump step-security/harden-runner from 2.8.1 to 2.9.0
  • d9430ab Bump github/codeql-action from 3.25.12 to 3.25.13
  • 8a7c6e7 Merge pull request #362 from enterprise-contract/dependabot/github_actions/gi...
  • d89d6f5 Bump github/codeql-action from 3.25.11 to 3.25.12
  • Additional commits viewable in compare view

Updates github.com/gkampitakis/go-snaps from 0.5.4 to 0.5.5

Commits

Updates github.com/google/go-containerregistry from 0.19.2 to 0.20.1

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.1

What's Changed

Full Changelog: google/go-containerregistry@v0.20.0...v0.20.1

v0.20.0

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.19.2...v0.20.0

Commits

Updates k8s.io/api from 0.29.6 to 0.29.7

Commits

Updates k8s.io/apimachinery from 0.29.6 to 0.29.7

Commits

Updates k8s.io/client-go from 0.29.6 to 0.29.7

Commits

Updates sigs.k8s.io/kustomize/api from 0.17.2 to 0.17.3

Release notes

Sourced from sigs.k8s.io/kustomize/api's releases.

api/v0.17.3

chore

#5506: fix some comments #5693: fix: always show accumulation errors #5699: chore: add deprecation comment to commonLabels #5698: fix(namereference): add configuration for new admission API

Dependencies

#5734: Update kyaml to v0.17.2

Commits
  • ddeb572 Merge pull request #5735 from koba1t/pinToCmdConfig
  • 36d78f6 Update cmd/config to v0.14.2
  • 4e52632 Merge pull request #5734 from koba1t/pinToKyaml
  • 8eacab0 Update kyaml to v0.17.2
  • 1a41303 Merge pull request #5628 from antoooks/release-helper-script
  • 7cbaf78 fix:kustomize cfg grep with no arguments causes panic (#5707)
  • 735ad0b Merge pull request #5682 from kozjan/add-label-include-templates
  • c1de030 Merge pull request #5413 from crenshaw-dev/patch-1
  • 5cfd3ab Merge pull request #5725 from kubernetes-sigs/dependabot/go_modules/hack/gola...
  • dfb3064 build(deps): bump golang.org/x/image from 0.13.0 to 0.18.0 in /hack
  • Additional commits viewable in compare view

Updates sigs.k8s.io/kustomize/kyaml from 0.17.1 to 0.17.2

Release notes

Sourced from sigs.k8s.io/kustomize/kyaml's releases.

api/v0.17.2

Feature

#5294: feat: localize absolute paths #5556: feat: support labels key in transformer configuration

Bug fixes/Performance improvements

#5079: perf: improve applyOrdering by avoid call to GetByCurrentId #5500: add testcase that check yield malformed yaml errors

chore

#5625: fix: return error instead of log.Fatalf() #5651: fix: use fmt.Errorf instead of non-existing errors.New

Dependencies

#5672: chore(deps): bump dependencies of kustomize + sync go workspace #5680: chore: restore version for github.com/asaskevich/govalidator #5702: Update kyaml to v0.17.1

kyaml/v0.17.2

chore

#5413: chore(docs): fix grammar error in comment #5506: fix some comments

Commits
  • 9cc25a5 Merge pull request #5703 from koba1t/pinToCmdConfig
  • f6ad718 Update cmd/config to v0.14.1
  • da14e76 Merge pull request #5702 from koba1t/pinToKyaml
  • 7424956 Update kyaml to v0.17.1
  • e244b83 Merge pull request #5688 from emirot/refactor/indexOf
  • f983846 refactor: function in stdlib now
  • 49a645f Merge pull request #5294 from typeid/localize_absolute_paths
  • e7a1549 fix: use fmt.Errorf instead of non-existing errors.New (#5651)
  • 0d7d830 Merge pull request #5681 from emirot/remove-string-in-slice
  • e676d05 Merge pull request #5500 from charles-chenzz/kust-target-tc
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
k8s.io/api [>= 0.30.a, < 0.31]
k8s.io/client-go [>= 0.30.a, < 0.31]
k8s.io/apimachinery [>= 0.30.a, < 0.31]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 24, 2024
@github-actions github-actions bot enabled auto-merge July 24, 2024 08:48
@simonbaird
Copy link
Member

/retest

@zregvart
Copy link
Member

This failed at least twice in acceptance tests with:


--- Failed steps:

  Scenario: OLM manifests # /tmp/tmp.Fuo7vzGQA5/features/validate_image.feature:907
    And the image "acceptance/image" has labels: # /tmp/tmp.Fuo7vzGQA5/features/validate_image.feature:912
      Error: PUT http://localhost:32982/v2/acceptance/image/manifests/latest: MANIFEST_BLOB_UNKNOWN: blob unknown to registry; sha256:e2ca774d64470e404e975d9cc0654e8cf2705e20f234e7ba745fd55488dc24ce

  Scenario: Red Hat manifests # /tmp/tmp.Fuo7vzGQA5/features/validate_image.feature:927
    And the image "acceptance/image" has labels: # /tmp/tmp.Fuo7vzGQA5/features/validate_image.feature:932
      Error: PUT http://localhost:32878/v2/acceptance/image/manifests/latest: MANIFEST_BLOB_UNKNOWN: blob unknown to registry; sha256:2e230c132dace70f7f23a5a8830cbb401fb577d6b9fa27a2ffe25d2b89477d32

dependabot bot and others added 2 commits July 26, 2024 12:34
@dependabot @zregvart
build(deps): bump the all group across 1 directory with 8 updates
6eec165 
Bumps the all group with 4 updates in the /acceptance directory: [github.com/enterprise-contract/enterprise-contract-controller/api](https://github.com/enterprise-contract/enterprise-contract-controller), [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps), [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) and [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize).


Updates `github.com/enterprise-contract/enterprise-contract-controller/api` from 0.1.48 to 0.1.50
- [Release notes](https://github.com/enterprise-contract/enterprise-contract-controller/releases)
- [Commits](enterprise-contract/enterprise-contract-controller@api/v0.1.48...api/v0.1.50)

Updates `github.com/gkampitakis/go-snaps` from 0.5.4 to 0.5.5
- [Release notes](https://github.com/gkampitakis/go-snaps/releases)
- [Commits](gkampitakis/go-snaps@v0.5.4...v0.5.5)

Updates `github.com/google/go-containerregistry` from 0.19.2 to 0.20.1
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](google/go-containerregistry@v0.19.2...v0.20.1)

Updates `k8s.io/api` from 0.29.6 to 0.29.7
- [Commits](kubernetes/api@v0.29.6...v0.29.7)

Updates `k8s.io/apimachinery` from 0.29.6 to 0.29.7
- [Commits](kubernetes/apimachinery@v0.29.6...v0.29.7)

Updates `k8s.io/client-go` from 0.29.6 to 0.29.7
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.29.6...v0.29.7)

Updates `sigs.k8s.io/kustomize/api` from 0.17.2 to 0.17.3
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](kubernetes-sigs/kustomize@api/v0.17.2...api/v0.17.3)

Updates `sigs.k8s.io/kustomize/kyaml` from 0.17.1 to 0.17.2
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](kubernetes-sigs/kustomize@api/v0.17.1...api/v0.17.2)

---
updated-dependencies:
- dependency-name: github.com/enterprise-contract/enterprise-contract-controller/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/gkampitakis/go-snaps
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: sigs.k8s.io/kustomize/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: sigs.k8s.io/kustomize/kyaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
@zregvart
Use remote.Push instead of remote.Put
d5bea93 
For adding labels, which are part of the config blob of a image we need
to use `remote.Push` instead of `remote.Put` due to a change in
go-containerregistry[1]. Now `remote.Put` will not upload any changed
blobs, it will just update the manifest, so the mutated config blob will
not be present in the registry and the update of the manifest would
fail.

[1] google/go-containerregistry#1970
@zregvart zregvart force-pushed the dependabot/go_modules/acceptance/all-12afe0b53a branch from cb09dc3 to d5bea93 Compare July 26, 2024 11:02
@codecov Codecov
Copy link

codecov bot commented Jul 26, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 80.74%. Comparing base (152095c) to head (d5bea93).
Report is 1 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #1784   +/-   ##
=======================================
  Coverage   80.74%   80.74%           
=======================================
  Files          68       68           
  Lines        4954     4954           
=======================================
  Hits         4000     4000           
  Misses        954      954
Flag Coverage Δ
generative 80.74% <ø> (ø)
integration 80.74% <ø> (ø)
unit 80.74% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

zregvart added a commit to zregvart/ec-cli that referenced this pull request Jul 26, 2024
@zregvart
Update forked version of go-containerregistry
0d4f093 
The fork has been rebased so this brings in the latest changes to
go-containerregistry to make it on par with the changes in acceptance
tests in enterprise-contract#1784
@zregvart zregvart mentioned this pull request Jul 26, 2024
Merged
@zregvart
Copy link
Member

Added d5bea93 to fix the issue

@github-actions github-actions bot merged commit 5e40b23 into main Jul 26, 2024
11 checks passed
@dependabot dependabot bot deleted the dependabot/go_modules/acceptance/all-12afe0b53a branch July 26, 2024 11:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zregvart zregvart zregvart approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@simonbaird @zregvart