From a3ec4d85d83e44c8b1ea4eff1cb99020ddb4b9ac Mon Sep 17 00:00:00 2001 From: Mark Young Date: Mon, 3 Nov 2025 11:12:14 -0600 Subject: [PATCH 01/24] Use latest git-lfs and not hardcode --- Dockerfile.base | 4 ---- build/tools.sh | 3 +++ 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/Dockerfile.base b/Dockerfile.base index 76744425..564eb0d8 100644 --- a/Dockerfile.base +++ b/Dockerfile.base @@ -1,10 +1,6 @@ FROM ubuntu:focal LABEL maintainer="myoung34@my.apsu.edu" -ARG DUMB_INIT_VERSION="1.2.2" -# TODO: remove git PPA and skopeo customizations for focal when focal hits EOL -ENV GIT_LFS_VERSION="3.2.0" - ENV LANG=en_US.UTF-8 ENV LANGUAGE=en_US.UTF-8 ENV LC_ALL=en_US.UTF-8 diff --git a/build/tools.sh b/build/tools.sh index 4f5a2220..3ed5b418 100644 --- a/build/tools.sh +++ b/build/tools.sh @@ -28,6 +28,9 @@ function install_aws-cli() { function install_git-lfs() { local DPKG_ARCH DPKG_ARCH="$(dpkg --print-architecture)" + GIT_LFS_VERSION=$(curl -sL -H "Accept: application/vnd.github+json" \ + https://api.github.com/repos/git-lfs/git-lfs/releases/latest \ + | jq -r '.tag_name' | sed 's/^v//g') curl -s "https://github.com/git-lfs/git-lfs/releases/download/v${GIT_LFS_VERSION}/git-lfs-linux-${DPKG_ARCH}-v${GIT_LFS_VERSION}.tar.gz" -L -o /tmp/lfs.tar.gz tar -xzf /tmp/lfs.tar.gz -C /tmp From d797173e2280b78da745511d9dfa945973a24f69 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 5 Nov 2025 16:06:51 +0000 Subject: [PATCH 02/24] chore(deps): update docker/setup-qemu-action action to v3.7.0 --- .github/workflows/base.yml | 10 +++++----- .github/workflows/deploy.yml | 10 +++++----- .github/workflows/release.yml | 6 +++--- .github/workflows/test.yml | 4 ++-- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/base.yml b/.github/workflows/base.yml index a3f35334..9dcebc87 100644 --- a/.github/workflows/base.yml +++ b/.github/workflows/base.yml @@ -26,7 +26,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx @@ -90,7 +90,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx @@ -151,7 +151,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx @@ -189,7 +189,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx @@ -229,7 +229,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index c9c07250..5ec6a248 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -29,7 +29,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx @@ -141,7 +141,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx @@ -240,7 +240,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx @@ -288,7 +288,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx @@ -336,7 +336,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 10d77666..db20af13 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,7 +37,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx @@ -87,7 +87,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx @@ -136,7 +136,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2d72ea29..0ff43ede 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -27,7 +27,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx @@ -141,7 +141,7 @@ jobs: - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx From 2721f3864be7bda554ef33cb0f2c7f7581c898cc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 14 Nov 2025 04:28:41 +0000 Subject: [PATCH 03/24] chore(deps): update github/codeql-action action to v4.31.3 --- .github/workflows/codeql.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 3b6bd63d..63b514a8 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -18,13 +18,13 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - name: Initialize CodeQL - uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 with: languages: "actions" queries: security-extended config-file: .github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 with: category: "/language:actions" From 7a92f07e5d8af8e4860258e24d2117d7f8199469 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 17 Nov 2025 16:34:43 +0000 Subject: [PATCH 04/24] chore(deps): update actions/checkout action to v5.0.1 --- .github/workflows/base.yml | 10 +++++----- .github/workflows/codeql.yaml | 2 +- .github/workflows/deploy.yml | 10 +++++----- .github/workflows/release.yml | 8 ++++---- .github/workflows/test.yml | 6 +++--- 5 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/base.yml b/.github/workflows/base.yml index 9dcebc87..0811d3e9 100644 --- a/.github/workflows/base.yml +++ b/.github/workflows/base.yml @@ -22,7 +22,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -86,7 +86,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -147,7 +147,7 @@ jobs: needs: ubuntu_base_tests steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -185,7 +185,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -225,7 +225,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 3b6bd63d..7a5cc289 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -15,7 +15,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Initialize CodeQL uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 5ec6a248..2013e3a9 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -25,7 +25,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -137,7 +137,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -236,7 +236,7 @@ jobs: needs: ubuntu_tests steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -284,7 +284,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -332,7 +332,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index db20af13..25a1cfb6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Create Release id: create_release uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e # v1.1.4 @@ -31,7 +31,7 @@ jobs: needs: create-release steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user @@ -81,7 +81,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user @@ -130,7 +130,7 @@ jobs: needs: create-release steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0ff43ede..b0e37e27 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -8,7 +8,7 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6 - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 - name: Run ShellCheck @@ -23,7 +23,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -137,7 +137,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU From 1965fcf54a0742c4c9a68fe57eb613632802f604 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 19 Nov 2025 02:38:03 +0000 Subject: [PATCH 05/24] chore(deps): update github/codeql-action action to v4.31.4 (#519) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/codeql.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 73f60ef2..e3bd9259 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -18,13 +18,13 @@ jobs: uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Initialize CodeQL - uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/init@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: languages: "actions" queries: security-extended config-file: .github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/analyze@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: category: "/language:actions" From 99ddf3deb5d6701bf5fe292c5d37ff1d74e0111f Mon Sep 17 00:00:00 2001 From: Marcus Young Date: Wed, 19 Nov 2025 08:39:26 -0600 Subject: [PATCH 06/24] [Automated :robot: ] Bump to version 2.330.0 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f07d9ea9..80751940 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ LABEL maintainer="myoung34@my.apsu.edu" ENV AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache RUN mkdir -p /opt/hostedtoolcache -ARG GH_RUNNER_VERSION="2.329.0" +ARG GH_RUNNER_VERSION="2.330.0" ARG TARGETPLATFORM From 3106b3b8720a707da02f6b6855dd24991df1d6d3 Mon Sep 17 00:00:00 2001 From: Mark Young Date: Wed, 19 Nov 2025 09:00:18 -0600 Subject: [PATCH 07/24] Refresh app tokens before deregistration --- entrypoint.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/entrypoint.sh b/entrypoint.sh index 1a637f68..3dda07fe 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -22,6 +22,19 @@ trap_with_arg() { deregister_runner() { echo "Caught $1 - Deregistering runner" if [[ -n "${ACCESS_TOKEN}" ]]; then + # If using GitHub App authentication, refresh the access token before deregistration + if [[ -n "${APP_ID}" ]] && [[ -n "${APP_PRIVATE_KEY}" ]] && [[ -n "${APP_LOGIN}" ]]; then + echo "Refreshing access token for deregistration" + nl=" +" + NEW_ACCESS_TOKEN=$(APP_ID="${APP_ID}" APP_PRIVATE_KEY="${APP_PRIVATE_KEY//\\n/${nl}}" APP_LOGIN="${APP_LOGIN}" bash /app_token.sh) + if [[ -z "${NEW_ACCESS_TOKEN}" ]] || [[ "${NEW_ACCESS_TOKEN}" == "null" ]]; then + echo "ERROR: Failed to refresh access token for deregistration" + exit 1 + fi + ACCESS_TOKEN="${NEW_ACCESS_TOKEN}" + echo "Access token refreshed successfully" + fi _TOKEN=$(ACCESS_TOKEN="${ACCESS_TOKEN}" bash /token.sh) RUNNER_TOKEN=$(echo "${_TOKEN}" | jq -r .token) fi From e20053eee09cf7e36bbb0d2430077d9073969527 Mon Sep 17 00:00:00 2001 From: Mark Young Date: Wed, 19 Nov 2025 20:27:42 -0600 Subject: [PATCH 08/24] Base has been testing the wrong file --- .github/workflows/base.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/base.yml b/.github/workflows/base.yml index 0811d3e9..a955dd13 100644 --- a/.github/workflows/base.yml +++ b/.github/workflows/base.yml @@ -55,7 +55,7 @@ jobs: max_attempts: 3 command: | docker buildx build \ - --file Dockerfile \ + --file Dockerfile.base.ubuntu-${{ matrix.release }} \ --platform linux/${{ matrix.platform }} \ --tag ${{ env.GH_RUNNER_IMAGE }} \ --load \ From b1fc7ef2fafc8e11061cfc27d92c88caa412090e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 20 Nov 2025 17:34:10 +0000 Subject: [PATCH 09/24] chore(deps): update actions/checkout action to v6 --- .github/workflows/base.yml | 10 +++++----- .github/workflows/codeql.yaml | 2 +- .github/workflows/deploy.yml | 10 +++++----- .github/workflows/release.yml | 8 ++++---- .github/workflows/test.yml | 6 +++--- 5 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/base.yml b/.github/workflows/base.yml index a955dd13..a0bdb881 100644 --- a/.github/workflows/base.yml +++ b/.github/workflows/base.yml @@ -22,7 +22,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -86,7 +86,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -147,7 +147,7 @@ jobs: needs: ubuntu_base_tests steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -185,7 +185,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -225,7 +225,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index e3bd9259..a26b1e20 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -15,7 +15,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Initialize CodeQL uses: github/codeql-action/init@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 2013e3a9..28e25f10 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -25,7 +25,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -137,7 +137,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -236,7 +236,7 @@ jobs: needs: ubuntu_tests steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -284,7 +284,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -332,7 +332,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 25a1cfb6..9ab3f77a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Create Release id: create_release uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e # v1.1.4 @@ -31,7 +31,7 @@ jobs: needs: create-release steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user @@ -81,7 +81,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user @@ -130,7 +130,7 @@ jobs: needs: create-release steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b0e37e27..749c50c3 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -8,7 +8,7 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6 - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 - name: Run ShellCheck @@ -23,7 +23,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -137,7 +137,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU From ddaa37c0295a92eb119932f5d708e54129d5d03b Mon Sep 17 00:00:00 2001 From: chorbea Date: Sun, 23 Nov 2025 21:15:17 +0000 Subject: [PATCH 10/24] Set fixed Docker GID to avoid collisions with some groups --- build/config.json | 3 ++- build/config.sh | 4 ++++ build/tools.sh | 14 ++++++++++++++ 3 files changed, 20 insertions(+), 1 deletion(-) diff --git a/build/config.json b/build/config.json index 7ff3ee17..ba14b588 100644 --- a/build/config.json +++ b/build/config.json @@ -1,7 +1,8 @@ { "user": { "user-id": 1001, - "group-id": 121 + "group-id": 121, + "docker-group-id": 500 }, "install": [ { diff --git a/build/config.sh b/build/config.sh index 8f3ce56f..8fbbc4d8 100644 --- a/build/config.sh +++ b/build/config.sh @@ -13,6 +13,10 @@ function group_id() { jq -r '.user."group-id"' "$(config_file)" } +function docker_group_id() { + jq -r '.user."docker-group-id"' "$(config_file)" +} + function apt_packages() { jq -r '.install[] | select(.source == "apt") | .packages[]' "$(config_file)" | paste -sd ' ' - } diff --git a/build/tools.sh b/build/tools.sh index 3ed5b418..ac4a0734 100644 --- a/build/tools.sh +++ b/build/tools.sh @@ -38,11 +38,25 @@ function install_git-lfs() { rm -rf /tmp/lfs.tar.gz "/tmp/git-lfs-${GIT_LFS_VERSION}" } +function configure_docker_group_id() { + local desired_gid="$(docker_group_id)" + local current_gid=$(getent group docker | cut -d: -f3) + + if [[ "$current_gid" != "$desired_gid" ]]; then + # Expected to fail if the group already exists or the GID is already in use + groupadd --system --gid "$desired_gid" docker 2>/dev/null || true + fi +} + function install_docker-cli() { + configure_docker_group_id + apt-get install -y docker-ce-cli --no-install-recommends --allow-unauthenticated } function install_docker() { + configure_docker_group_id + apt-get install -y docker-ce docker-ce-cli docker-buildx-plugin containerd.io docker-compose-plugin --no-install-recommends --allow-unauthenticated echo -e '#!/bin/sh\ndocker compose --compatibility "$@"' > /usr/local/bin/docker-compose From 86ce2640ba7a1fce7bd8de15df6be970bf5b65eb Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 24 Nov 2025 13:53:03 +0000 Subject: [PATCH 11/24] chore(deps): update github/codeql-action action to v4.31.5 --- .github/workflows/codeql.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index a26b1e20..b835f424 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -18,13 +18,13 @@ jobs: uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Initialize CodeQL - uses: github/codeql-action/init@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 + uses: github/codeql-action/init@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 with: languages: "actions" queries: security-extended config-file: .github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 + uses: github/codeql-action/analyze@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 with: category: "/language:actions" From 85021afac43456607cecd0366befbe7c9dc7fdb5 Mon Sep 17 00:00:00 2001 From: chorbea Date: Mon, 24 Nov 2025 15:00:22 +0000 Subject: [PATCH 12/24] Set fixed Docker GID to avoid collisions with some groups --- build/install_base.sh | 2 ++ build/tools.sh | 14 -------------- 2 files changed, 2 insertions(+), 14 deletions(-) diff --git a/build/install_base.sh b/build/install_base.sh index f0da0634..c79dbc39 100644 --- a/build/install_base.sh +++ b/build/install_base.sh @@ -50,6 +50,8 @@ install_essentials configure_sources apt-get update +# The docker group needs to run before installers +groupadd -g "$(docker_group_id)" docker || : install_tools_apt install_tools diff --git a/build/tools.sh b/build/tools.sh index ac4a0734..3ed5b418 100644 --- a/build/tools.sh +++ b/build/tools.sh @@ -38,25 +38,11 @@ function install_git-lfs() { rm -rf /tmp/lfs.tar.gz "/tmp/git-lfs-${GIT_LFS_VERSION}" } -function configure_docker_group_id() { - local desired_gid="$(docker_group_id)" - local current_gid=$(getent group docker | cut -d: -f3) - - if [[ "$current_gid" != "$desired_gid" ]]; then - # Expected to fail if the group already exists or the GID is already in use - groupadd --system --gid "$desired_gid" docker 2>/dev/null || true - fi -} - function install_docker-cli() { - configure_docker_group_id - apt-get install -y docker-ce-cli --no-install-recommends --allow-unauthenticated } function install_docker() { - configure_docker_group_id - apt-get install -y docker-ce docker-ce-cli docker-buildx-plugin containerd.io docker-compose-plugin --no-install-recommends --allow-unauthenticated echo -e '#!/bin/sh\ndocker compose --compatibility "$@"' > /usr/local/bin/docker-compose From a9e86affb11af62f3aaf1826e8a4ce6e475c0123 Mon Sep 17 00:00:00 2001 From: chorbea Date: Mon, 24 Nov 2025 15:10:58 +0000 Subject: [PATCH 13/24] Add verification docker group exists with GID 500 --- goss_base.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/goss_base.yaml b/goss_base.yaml index 48569e92..4d639d30 100644 --- a/goss_base.yaml +++ b/goss_base.yaml @@ -87,3 +87,6 @@ group: runner: exists: true gid: 121 + docker: + exists: true + gid: 500 From 173936ebb1714a4c1946c6f37c55c3153478626d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 25 Nov 2025 09:40:10 +0000 Subject: [PATCH 14/24] chore(deps): update actions/setup-python digest to 83679a8 (#525) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 749c50c3..36b06291 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6 + - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6 - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 - name: Run ShellCheck uses: ludeeus/action-shellcheck@00b27aa7cb85167568cb48a3838b75f4265f2bca # master From f0002ffe943779f12e80e449c7619fa308ae1346 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 25 Nov 2025 09:40:17 +0000 Subject: [PATCH 15/24] chore(deps): update actions/setup-python action to v6.1.0 --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 36b06291..eaecd344 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6 + - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 - name: Run ShellCheck uses: ludeeus/action-shellcheck@00b27aa7cb85167568cb48a3838b75f4265f2bca # master From 7cc25da08aee1db8e719d83759042a7a227e89dd Mon Sep 17 00:00:00 2001 From: Mark Young Date: Thu, 27 Nov 2025 10:36:21 -0600 Subject: [PATCH 16/24] Add lsb-release package --- build/config.json | 1 + goss_base.yaml | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/build/config.json b/build/config.json index ba14b588..47b3b33f 100644 --- a/build/config.json +++ b/build/config.json @@ -17,6 +17,7 @@ "source": "apt", "packages": [ "build-essential", + "lsb-release", "zlib1g-dev", "zstd", "gettext", diff --git a/goss_base.yaml b/goss_base.yaml index 4d639d30..2603d508 100644 --- a/goss_base.yaml +++ b/goss_base.yaml @@ -11,8 +11,8 @@ package: installed: false jq: installed: true - lsb_release: - installed: false + lsb-release: + installed: true make: installed: true pwsh: From 651ebf98c16f2d54a9e1f8587be69f9dad9631d3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 1 Dec 2025 17:59:26 +0000 Subject: [PATCH 17/24] chore(deps): update github/codeql-action action to v4.31.6 (#530) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/codeql.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index b835f424..14680abc 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -18,13 +18,13 @@ jobs: uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Initialize CodeQL - uses: github/codeql-action/init@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 + uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 with: languages: "actions" queries: security-extended config-file: .github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 + uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 with: category: "/language:actions" From 66b14e7cb00035e250b70cbadaa15a174fa41f9a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 2 Dec 2025 21:49:21 +0000 Subject: [PATCH 18/24] chore(deps): update actions/checkout digest to 8e8c483 (#531) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/base.yml | 10 +++++----- .github/workflows/codeql.yaml | 2 +- .github/workflows/deploy.yml | 10 +++++----- .github/workflows/release.yml | 8 ++++---- .github/workflows/test.yml | 6 +++--- 5 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/base.yml b/.github/workflows/base.yml index a0bdb881..21474f78 100644 --- a/.github/workflows/base.yml +++ b/.github/workflows/base.yml @@ -22,7 +22,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -86,7 +86,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -147,7 +147,7 @@ jobs: needs: ubuntu_base_tests steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -185,7 +185,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -225,7 +225,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 14680abc..b5a36668 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -15,7 +15,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Initialize CodeQL uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 28e25f10..ff151e8e 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -25,7 +25,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -137,7 +137,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -236,7 +236,7 @@ jobs: needs: ubuntu_tests steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -284,7 +284,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -332,7 +332,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9ab3f77a..37fc8491 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Create Release id: create_release uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e # v1.1.4 @@ -31,7 +31,7 @@ jobs: needs: create-release steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user @@ -81,7 +81,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user @@ -130,7 +130,7 @@ jobs: needs: create-release steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index eaecd344..01d5656c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -8,7 +8,7 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 - name: Run ShellCheck @@ -23,7 +23,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -137,7 +137,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU From 49885fa39367cb26471339ce4df37cfd6612a981 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 3 Dec 2025 03:25:28 +0000 Subject: [PATCH 19/24] chore(deps): update actions/checkout action to v6.0.1 (#532) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/base.yml | 10 +++++----- .github/workflows/codeql.yaml | 2 +- .github/workflows/deploy.yml | 10 +++++----- .github/workflows/release.yml | 8 ++++---- .github/workflows/test.yml | 6 +++--- 5 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/base.yml b/.github/workflows/base.yml index 21474f78..7b34b665 100644 --- a/.github/workflows/base.yml +++ b/.github/workflows/base.yml @@ -22,7 +22,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -86,7 +86,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -147,7 +147,7 @@ jobs: needs: ubuntu_base_tests steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -185,7 +185,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -225,7 +225,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index b5a36668..1ab02c0c 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -15,7 +15,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Initialize CodeQL uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index ff151e8e..b80c84e5 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -25,7 +25,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -137,7 +137,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -236,7 +236,7 @@ jobs: needs: ubuntu_tests steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -284,7 +284,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -332,7 +332,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 37fc8491..7eb2d44f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Create Release id: create_release uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e # v1.1.4 @@ -31,7 +31,7 @@ jobs: needs: create-release steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user @@ -81,7 +81,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user @@ -130,7 +130,7 @@ jobs: needs: create-release steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: get version run: echo 'TAG='${GITHUB_REF#refs/tags/} >> $GITHUB_ENV - name: Get GitHub organization or user diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 01d5656c..d2b52fab 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -8,7 +8,7 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 - name: Run ShellCheck @@ -23,7 +23,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU @@ -137,7 +137,7 @@ jobs: fail-fast: false steps: - name: Copy Repo Files - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Get GitHub organization or user run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV - name: Set up QEMU From 5bdaf6246ca1a4157aba875c1c6233ea1fb944ce Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 3 Dec 2025 10:48:43 +0000 Subject: [PATCH 20/24] chore(deps): update actions/stale action to v10.1.1 (#533) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 4c4e3180..3525a971 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -12,7 +12,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # v10.1.0 + - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1 with: stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.' stale-pr-message: 'This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 10 days.' From fa8b40834e17aa6c45573ead1b7f1c4f39cbc1ff Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 5 Dec 2025 21:45:39 +0000 Subject: [PATCH 21/24] chore(deps): update github/codeql-action action to v4.31.7 (#534) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/codeql.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 1ab02c0c..e50a00d3 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -18,13 +18,13 @@ jobs: uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Initialize CodeQL - uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 + uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 with: languages: "actions" queries: security-extended config-file: .github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 + uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 with: category: "/language:actions" From f8063d8de2dbee49accd884ea797fdb1d9ee184f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 12 Dec 2025 16:45:32 +0000 Subject: [PATCH 22/24] chore(deps): update github/codeql-action action to v4.31.8 (#535) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/codeql.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index e50a00d3..8f3d41bc 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -18,13 +18,13 @@ jobs: uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Initialize CodeQL - uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 + uses: github/codeql-action/init@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 with: languages: "actions" queries: security-extended config-file: .github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 + uses: github/codeql-action/analyze@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 with: category: "/language:actions" From 003c164c266ee23a9bbbf47641169c9f909e72a6 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 16 Dec 2025 23:49:36 +0000 Subject: [PATCH 23/24] chore(deps): update github/codeql-action action to v4.31.9 (#536) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/codeql.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 8f3d41bc..1d70024f 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -18,13 +18,13 @@ jobs: uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Initialize CodeQL - uses: github/codeql-action/init@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 + uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 with: languages: "actions" queries: security-extended config-file: .github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 + uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 with: category: "/language:actions" From 26e27c48710200a7fb1f50e4b6afe59a4966d3b1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 19 Dec 2025 18:42:18 +0000 Subject: [PATCH 24/24] chore(deps): update docker/setup-buildx-action action to v3.12.0 (#537) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/base.yml | 10 +++++----- .github/workflows/deploy.yml | 10 +++++----- .github/workflows/release.yml | 6 +++--- .github/workflows/test.yml | 4 ++-- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/base.yml b/.github/workflows/base.yml index 7b34b665..3e770a70 100644 --- a/.github/workflows/base.yml +++ b/.github/workflows/base.yml @@ -30,7 +30,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Copy Dockerfile run: cp Dockerfile.base Dockerfile.base.ubuntu-${{ matrix.release }}; sed -i.bak 's/FROM.*/FROM ubuntu:${{ matrix.release }}/' Dockerfile.base.ubuntu-${{ matrix.release }} - name: Install Goss and dgoss @@ -94,7 +94,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Copy Dockerfile run: cp Dockerfile.base Dockerfile.base.debian-${{ matrix.release }}; sed -i.bak 's/FROM.*/FROM debian:${{ matrix.release }}/' Dockerfile.base.debian-${{ matrix.release }} - name: Install Goss and dgoss @@ -155,7 +155,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to DockerHub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: @@ -193,7 +193,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Copy Dockerfile run: cp Dockerfile.base Dockerfile.base.ubuntu-${{ matrix.release }}; sed -i.bak 's/FROM.*/FROM ubuntu:${{ matrix.release }}/' Dockerfile.base.ubuntu-${{ matrix.release }} - name: Login to DockerHub @@ -233,7 +233,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Copy Dockerfile run: cp Dockerfile.base Dockerfile.base.debian-${{ matrix.release }}; sed -i.bak 's/FROM.*/FROM debian:${{ matrix.release }}/' Dockerfile.base.debian-${{ matrix.release }} - name: Login to DockerHub diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b80c84e5..244aed41 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -33,7 +33,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Copy Dockerfile run: cp Dockerfile Dockerfile.ubuntu-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:ubuntu-${{ matrix.release }}/" Dockerfile.ubuntu-${{ matrix.release }} - name: Install Goss and dgoss @@ -145,7 +145,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Copy Dockerfile run: cp Dockerfile Dockerfile.debian-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:debian-${{ matrix.release }}/" Dockerfile.debian-${{ matrix.release }} - name: Install Goss and dgoss @@ -244,7 +244,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Update Dockerfile FROM org run: sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:latest/" Dockerfile - name: Login to DockerHub @@ -292,7 +292,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Copy Dockerfile run: cp Dockerfile Dockerfile.ubuntu-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:ubuntu-${{ matrix.release }}/" Dockerfile.ubuntu-${{ matrix.release }} - name: Login to DockerHub @@ -340,7 +340,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Copy Dockerfile run: cp Dockerfile Dockerfile.debian-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:debian-${{ matrix.release }}/" Dockerfile.debian-${{ matrix.release }} - name: Login to DockerHub diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7eb2d44f..b22a46e4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -41,7 +41,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Update Dockerfile FROM org run: sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:latest/" Dockerfile - name: Login to DockerHub @@ -91,7 +91,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Copy Dockerfile run: cp Dockerfile Dockerfile.ubuntu-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:ubuntu-${{ matrix.release }}/" Dockerfile.ubuntu-${{ matrix.release }} - name: Login to DockerHub @@ -140,7 +140,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Copy Dockerfile run: cp Dockerfile Dockerfile.debian-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:debian-${{ matrix.release }}/" Dockerfile.debian-${{ matrix.release }} - name: Login to DockerHub diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d2b52fab..d88f3402 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -31,7 +31,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Install Goss and dgoss run: | curl -fsSL https://goss.rocks/install | sh @@ -145,7 +145,7 @@ jobs: with: image: tonistiigi/binfmt:qemu-v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Install Goss and dgoss run: | curl -fsSL https://goss.rocks/install | sh