Bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 #313

dependabot · 2023-09-04T04:15:06Z

Bumps aquasecurity/trivy-action from 0.11.2 to 0.12.0.

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.12.0

What's Changed

chore(deps): Update trivy to v0.43.1 by @simar7 in aquasecurity/trivy-action#243

ci: add workflow to bump trivy by @nikpivkin in aquasecurity/trivy-action#245

Update README.md to change the example to the new default brach name … by @jdsmithit in aquasecurity/trivy-action#234

feat(trivy): Bump to v0.45.0 by @simar7 in aquasecurity/trivy-action#256

New Contributors

@nikpivkin made their first contribution in aquasecurity/trivy-action#245

@jdsmithit made their first contribution in aquasecurity/trivy-action#234

Full Changelog: aquasecurity/trivy-action@0.11.2...0.12.0

Commits

fbd1636 feat(trivy): Bump to v0.45.0 (#256)
559eb12 Merge pull request #234 from jdsmithit/patch-1
e602665 ci: add workflow to bump trivy (#245)
3dd517d chore(deps): Update trivy to v0.43.1 (#243)
463f27e Update README.md to change the example to the new default brach name main fro...
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

nutanix-cn-prow-bot · 2023-09-04T04:16:00Z

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a nutanix-cloud-native member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

codecov-commenter · 2023-09-04T04:19:10Z

Codecov Report

Merging #313 (33d633c) into main (47f2bbf) will not change coverage.
The diff coverage is n/a.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the GitHub App Integration for your organization. Read more.

@@          Coverage Diff          @@
##            main    #313   +/-   ##
=====================================
  Coverage   2.61%   2.61%           
=====================================
  Files          4       4           
  Lines        995     995           
=====================================
  Hits          26      26           
  Misses       969     969

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.11.2 to 0.12.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.11.2...0.12.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.11.2 to 0.12.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.11.2...0.12.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…3.0 (#424) * Fix credentials delete logic (#301) - check if no delete attempt occured - check if no secret present in cluster - add integration test case in e2e suite - change Makefile test-e2e target to make able to run selected tests using GINKGO_FOCUS env variable - code grooming * Bump docker/metadata-action from 4 to 5 (#317) Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4 to 5. - [Release notes](https://github.com/docker/metadata-action/releases) - [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md) - [Commits](docker/metadata-action@v4...v5) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump docker/login-action from 2 to 3 (#316) Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v2...v3) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 (#313) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.11.2 to 0.12.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.11.2...0.12.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/checkout from 3 to 4 (#314) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(manager): remove CPU limit and increase memory limit (#319) * E2E for Cilium CNI without Kubeproxy (#310) - add manifest scripts - change makefile * Bump aquasecurity/trivy-action from 0.12.0 to 0.13.0 (#324) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.12.0 to 0.13.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.12.0...0.13.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump aquasecurity/trivy-action from 0.13.0 to 0.13.1 (#326) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.13.0 to 0.13.1. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.13.0...0.13.1) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump aquasecurity/trivy-action from 0.13.1 to 0.14.0 (#327) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.13.1 to 0.14.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.13.1...0.14.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix CVE-2023-39325 (#329) * update kube-vip to v0.6.3 (#320) * Add codecov.yml to ensure adequate patch coverage (#328) This sets the minimum patch coverage required for changes to repo to 75%. * Add last git commit hash to build flags (#332) This ensures we have the git hash of the changes in our CI logs so we can correlate the code changes being executed. * Cleanup for passing the linter (#336) * Delete unused code from pkg/context * Run gofumpt on the code * Add lint fixes to test package * Skip linting the conversion functions The conversion functions are infinitely recursive and cause linting errors. * Remove unnecessary statement in lint target * Revert file-scope licenses * Bump aquasecurity/trivy-action from 0.14.0 to 0.15.0 (#337) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.14.0 to 0.15.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.14.0...0.15.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update controller-gen to v0.14.0 Peg go version in build job to go1.21 Update manifests Run `make manifests` --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Ilya Alekseyev <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Frederic M <[email protected]> Co-authored-by: Christophe Jauffret <[email protected]>

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.11.2 to 0.12.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.11.2...0.12.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Sep 4, 2023

nutanix-cn-prow-bot bot requested review from adiantum and tuxtof September 4, 2023 04:15

nutanix-cn-prow-bot bot added the needs-ok-to-test label Sep 4, 2023

dependabot bot force-pushed the dependabot/github_actions/aquasecurity/trivy-action-0.12.0 branch from 33d633c to c2a5e5f Compare September 18, 2023 10:09

dependabot bot force-pushed the dependabot/github_actions/aquasecurity/trivy-action-0.12.0 branch from c2a5e5f to 915d58c Compare September 18, 2023 10:16

tuxtof merged commit f3ae2ec into main Sep 18, 2023

tuxtof deleted the dependabot/github_actions/aquasecurity/trivy-action-0.12.0 branch September 18, 2023 10:18

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 #313

Bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 #313

dependabot bot commented on behalf of github Sep 4, 2023 •

edited

Loading

nutanix-cn-prow-bot bot commented Sep 4, 2023

codecov-commenter commented Sep 4, 2023

Bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 #313

Bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 #313

Conversation

dependabot bot commented on behalf of github Sep 4, 2023 • edited Loading

v0.12.0

What's Changed

New Contributors

nutanix-cn-prow-bot bot commented Sep 4, 2023

codecov-commenter commented Sep 4, 2023

Codecov Report

dependabot bot commented on behalf of github Sep 4, 2023 •

edited

Loading