diff --git a/.github/actions/e2e/action.yml b/.github/actions/e2e/action.yml index 47fa786..3360c2f 100644 --- a/.github/actions/e2e/action.yml +++ b/.github/actions/e2e/action.yml @@ -86,7 +86,7 @@ runs: run: echo "tf_version=$(grep 'terraform ' .tool-versions)" >> $GITHUB_OUTPUT - name: Configure AWS Credentials for Commercial - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: ${{ inputs.role-to-assume }} role-session-name: ${{ github.event.client_payload.pull_request.head.sha || github.sha }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index f00f9ce..00c8bb1 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Init zarf cache uses: actions/cache@v3 @@ -28,20 +28,20 @@ jobs: uses: supplypike/setup-bin@v3 with: # renovate: zarf-uri datasource=github-tags depName=defenseunicorns/zarf - uri: 'https://github.com/defenseunicorns/zarf/releases/download/v0.29.2/zarf_v0.29.2_Linux_amd64' + uri: 'https://github.com/defenseunicorns/zarf/releases/download/v0.30.1/zarf_v0.30.1_Linux_amd64' name: 'zarf' # renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=semver - version: 'v0.29.2' + version: 'v0.30.1' - name: Login to GHCR - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Login to registry1 - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: registry1.dso.mil username: ${{ secrets.REGISTRY1_USERNAME }} diff --git a/.github/workflows/test-command.yml b/.github/workflows/test-command.yml index 71a0d41..ad14a25 100644 --- a/.github/workflows/test-command.yml +++ b/.github/workflows/test-command.yml @@ -28,7 +28,7 @@ jobs: run-e2e: ${{ steps.parse.outputs.run-e2e }} steps: - name: Checkout Repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.PAT }} repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }} @@ -43,7 +43,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.PAT }} repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }} @@ -60,7 +60,7 @@ jobs: if: needs.parse.outputs.run-ping == 'true' steps: - name: Checkout Repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.PAT }} repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }} @@ -77,7 +77,7 @@ jobs: if: needs.parse.outputs.run-e2e == 'true' steps: - name: Checkout Repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.PAT }} repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index eeff246..6b0af79 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.4.0 + rev: v4.5.0 hooks: - id: check-added-large-files args: ["--maxkb=1024"] @@ -31,7 +31,7 @@ repos: hooks: - id: fix-smartquotes - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.24.1 + rev: 0.27.0 hooks: - id: check-jsonschema name: "Validate Zarf Configs Against Schema" @@ -44,10 +44,10 @@ repos: "--no-cache" ] - repo: https://github.com/golangci/golangci-lint - rev: v1.54.1 + rev: v1.55.1 hooks: - id: golangci-lint - repo: https://github.com/renovatebot/pre-commit-hooks - rev: 36.44.1 + rev: 37.33.6 hooks: - id: renovate-config-validator diff --git a/.tool-versions b/.tool-versions index ed5324b..5131ee6 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1,7 +1,7 @@ -golang 1.21.0 -golangci-lint 1.54.1 -pre-commit 3.3.3 -terraform 1.5.5 -tflint 0.47.0 -tfsec 1.28.1 -sops 3.7.3 +golang 1.21.3 +golangci-lint 1.55.1 +pre-commit 3.5.0 +terraform 1.6.2 +tflint 0.48.0 +tfsec 1.28.4 +sops 3.8.1 diff --git a/Makefile b/Makefile index ccb1b70..f77ae28 100755 --- a/Makefile +++ b/Makefile @@ -1,14 +1,14 @@ # The version of Zarf to use. To keep this repo as portable as possible the Zarf binary will be downloaded and added to # the build folder. # renovate: datasource=github-tags depName=defenseunicorns/zarf -ZARF_VERSION := v0.29.2 +ZARF_VERSION := v0.30.1 # The version of the build harness container to use BUILD_HARNESS_REPO := ghcr.io/defenseunicorns/build-harness/build-harness # renovate: datasource=docker depName=ghcr.io/defenseunicorns/build-harness/build-harness -BUILD_HARNESS_VERSION := 1.10.2 +BUILD_HARNESS_VERSION := 1.13.2 # renovate: datasource=docker depName=ghcr.io/defenseunicorns/packages/dubbd-k3d extractVersion=^(?\d+\.\d+\.\d+) -DUBBD_K3D_VERSION := 0.9.0 +DUBBD_K3D_VERSION := 0.11.1 # Figure out which Zarf binary we should use based on the operating system we are on ZARF_BIN := zarf diff --git a/go.mod b/go.mod index 2383456..ad502c1 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/defenseunicorns/uds-capability-mattermost-operator go 1.21.1 require ( - github.com/gruntwork-io/terratest v0.44.0 + github.com/gruntwork-io/terratest v0.46.1 github.com/stretchr/testify v1.8.4 ) @@ -69,12 +69,12 @@ require ( github.com/urfave/cli v1.22.2 // indirect github.com/zclconf/go-cty v1.9.1 // indirect go.opencensus.io v0.24.0 // indirect - golang.org/x/crypto v0.1.0 // indirect - golang.org/x/net v0.8.0 // indirect + golang.org/x/crypto v0.14.0 // indirect + golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.1.0 // indirect - golang.org/x/sys v0.6.0 // indirect - golang.org/x/term v0.6.0 // indirect - golang.org/x/text v0.8.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/term v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/api v0.103.0 // indirect diff --git a/go.sum b/go.sum index db4f0f5..229e2e9 100644 --- a/go.sum +++ b/go.sum @@ -376,6 +376,8 @@ github.com/gruntwork-io/go-commons v0.8.0 h1:k/yypwrPqSeYHevLlEDmvmgQzcyTwrlZGRa github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwiQZze678hvDXof78= github.com/gruntwork-io/terratest v0.44.0 h1:3k7lglJFAtw77p2HnR5vaZBCBnlHmu3DuLjVyuCZXJ0= github.com/gruntwork-io/terratest v0.44.0/go.mod h1:EAEuzSjvxAzQoJCEQ06bJPTmdC9HikzgvhmxnAYuExM= +github.com/gruntwork-io/terratest v0.46.1 h1:dJ/y2/Li6yCDIc8KXY8PfydtrMRiXFb3UZm4LoPShPI= +github.com/gruntwork-io/terratest v0.46.1/go.mod h1:gl//tb5cLnbpQs1FTSNwhsrbhsoG00goCJPfOnyliiU= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= @@ -538,6 +540,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= +golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -624,6 +628,8 @@ golang.org/x/net v0.0.0-20221014081412-f15817d10f9b/go.mod h1:YDH+HFinaLZZlnHAfS golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -733,11 +739,15 @@ golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= +golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -750,6 +760,8 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= diff --git a/mattermost-flux-values.yaml b/mattermost-flux-values.yaml index a5dc0d9..ae21351 100644 --- a/mattermost-flux-values.yaml +++ b/mattermost-flux-values.yaml @@ -6,7 +6,7 @@ application: repository: https://repo1.dso.mil/big-bang/product/packages/mattermost.git ref: # renovate: datasource=gitlab-tags depName=big-bang/product/packages/mattermost versioning=loose registryUrl=https://repo1.dso.mil - tag: 9.0.0-bb.0 + tag: 9.1.0-bb.0 dependsOn: ###ZARF_VAR_MATTERMOST_DEPENDS_ON### baseValues: diff --git a/utils/calico/calico.yaml b/utils/calico/calico.yaml index f734b1d..3f80d0e 100644 --- a/utils/calico/calico.yaml +++ b/utils/calico/calico.yaml @@ -4642,7 +4642,7 @@ spec: # It can be deleted if this is a fresh installation, or if you have already # upgraded to use calico-ipam. - name: upgrade-ipam - image: docker.io/calico/cni:v3.26.1 + image: docker.io/calico/cni:v3.26.3 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/calico-ipam", "-upgrade"] envFrom: @@ -4670,7 +4670,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: docker.io/calico/cni:v3.26.1 + image: docker.io/calico/cni:v3.26.3 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/install"] envFrom: @@ -4713,7 +4713,7 @@ spec: # i.e. bpf at /sys/fs/bpf and cgroup2 at /run/calico/cgroup. Calico-node initialisation is executed # in best effort fashion, i.e. no failure for errors, to not disrupt pod creation in iptable mode. - name: "mount-bpffs" - image: docker.io/calico/node:v3.26.1 + image: docker.io/calico/node:v3.26.3 imagePullPolicy: IfNotPresent command: ["calico-node", "-init", "-best-effort"] volumeMounts: @@ -4739,7 +4739,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: docker.io/calico/node:v3.26.1 + image: docker.io/calico/node:v3.26.3 imagePullPolicy: IfNotPresent envFrom: - configMapRef: @@ -4956,7 +4956,7 @@ spec: priorityClassName: system-cluster-critical containers: - name: calico-kube-controllers - image: docker.io/calico/kube-controllers:v3.26.1 + image: docker.io/calico/kube-controllers:v3.26.3 imagePullPolicy: IfNotPresent env: # Choose which controllers to run. diff --git a/utils/k3d/k3d-config.yaml b/utils/k3d/k3d-config.yaml index 0def3b3..0b971fa 100644 --- a/utils/k3d/k3d-config.yaml +++ b/utils/k3d/k3d-config.yaml @@ -3,7 +3,7 @@ kind: Simple metadata: name: ci servers: 1 -image: rancher/k3s:v1.26.5-k3s1 +image: rancher/k3s:v1.28.2-k3s1 options: k3s: extraArgs: diff --git a/zarf.yaml b/zarf.yaml index f40bfbd..4c8c53b 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -70,7 +70,7 @@ components: repos: - https://repo1.dso.mil/big-bang/product/packages/mattermost.git@9.0.0-bb.0 images: - - "registry1.dso.mil/ironbank/opensource/mattermost/mattermost:9.0.0" + - "registry1.dso.mil/ironbank/opensource/mattermost/mattermost:9.1.0" - "registry1.dso.mil/ironbank/opensource/postgres/postgresql12:12.16" actions: onDeploy: