From cd4650c4073263208ae9ec2f7ad30cd3848acedc Mon Sep 17 00:00:00 2001 From: Bob Callaway Date: Wed, 7 Aug 2024 07:41:23 -0400 Subject: [PATCH 1/2] bump terraform and tweak dependabot config Signed-off-by: Bob Callaway --- .github/dependabot.yml | 55 +++---------------- terraform/gcp/modules/argocd/versions.tf | 2 +- terraform/gcp/modules/audit/versions.tf | 4 +- terraform/gcp/modules/bastion/versions.tf | 4 +- terraform/gcp/modules/ca/versions.tf | 4 +- terraform/gcp/modules/ctlog/versions.tf | 4 +- terraform/gcp/modules/dex/versions.tf | 4 +- .../gcp/modules/external_secrets/versions.tf | 4 +- terraform/gcp/modules/fulcio/versions.tf | 4 +- terraform/gcp/modules/gke_cluster/versions.tf | 6 +- .../gcp/modules/monitoring/dex/versions.tf | 4 +- .../gcp/modules/monitoring/fulcio/versions.tf | 4 +- .../gcp/modules/monitoring/infra/versions.tf | 4 +- .../gcp/modules/monitoring/prober/versions.tf | 4 +- .../gcp/modules/monitoring/rekor/versions.tf | 4 +- .../gcp/modules/monitoring/slo/versions.tf | 4 +- terraform/gcp/modules/monitoring/versions.tf | 4 +- terraform/gcp/modules/mysql-shard/versions.tf | 4 +- terraform/gcp/modules/mysql/versions.tf | 4 +- terraform/gcp/modules/network/versions.tf | 4 +- terraform/gcp/modules/oslogin/versions.tf | 4 +- .../gcp/modules/project_roles/versions.tf | 4 +- terraform/gcp/modules/redis/versions.tf | 4 +- terraform/gcp/modules/rekor/versions.tf | 4 +- terraform/gcp/modules/sigstore/versions.tf | 6 +- terraform/gcp/modules/timestamp/versions.tf | 4 +- terraform/gcp/modules/tuf/versions.tf | 4 +- 27 files changed, 60 insertions(+), 101 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 516f70a5a..319375b34 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,65 +1,24 @@ version: 2 updates: - package-ecosystem: docker - directory: "/" - schedule: - interval: daily -- package-ecosystem: docker - directory: "/config/fulcio/fulcio" - schedule: - interval: daily -- package-ecosystem: docker - directory: "/config/rekor/rekor" - schedule: - interval: daily -- package-ecosystem: docker - directory: "/config/trillian/trillian-log-server" - schedule: - interval: daily -- package-ecosystem: docker - directory: "/config/trillian/trillian-log-signer" - schedule: - interval: daily -- package-ecosystem: docker - directory: "/config/tsa/tsa" - schedule: - interval: daily + directories: + - "/" + - "/config/**/*" + - package-ecosystem: gomod directory: "/" schedule: interval: weekly open-pull-requests-limit: 10 + - package-ecosystem: "github-actions" directory: "/" schedule: interval: weekly - package-ecosystem: "terraform" - directory: "/terraform/gcp/modules/argocd" - schedule: - interval: monthly - groups: - terraform: - patterns: - - "*" -- package-ecosystem: "terraform" - directory: "/terraform/gcp/modules/external_secrets" - schedule: - interval: monthly - groups: - terraform: - patterns: - - "*" -- package-ecosystem: "terraform" - directory: "/terraform/gcp/modules/monitoring/slo" - schedule: - interval: monthly - groups: - terraform: - patterns: - - "*" -- package-ecosystem: "terraform" - directory: "/terraform/gcp/modules/sigstore" + directories: + - "/terraform/gcp/modules/**/*" schedule: interval: monthly groups: diff --git a/terraform/gcp/modules/argocd/versions.tf b/terraform/gcp/modules/argocd/versions.tf index 0156b6f05..678339346 100644 --- a/terraform/gcp/modules/argocd/versions.tf +++ b/terraform/gcp/modules/argocd/versions.tf @@ -15,7 +15,7 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { kubectl = { diff --git a/terraform/gcp/modules/audit/versions.tf b/terraform/gcp/modules/audit/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/audit/versions.tf +++ b/terraform/gcp/modules/audit/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/bastion/versions.tf b/terraform/gcp/modules/bastion/versions.tf index da79fc732..a384bb256 100644 --- a/terraform/gcp/modules/bastion/versions.tf +++ b/terraform/gcp/modules/bastion/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } random = { diff --git a/terraform/gcp/modules/ca/versions.tf b/terraform/gcp/modules/ca/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/ca/versions.tf +++ b/terraform/gcp/modules/ca/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/ctlog/versions.tf b/terraform/gcp/modules/ctlog/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/ctlog/versions.tf +++ b/terraform/gcp/modules/ctlog/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/dex/versions.tf b/terraform/gcp/modules/dex/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/dex/versions.tf +++ b/terraform/gcp/modules/dex/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/external_secrets/versions.tf b/terraform/gcp/modules/external_secrets/versions.tf index c337d2369..b674e2b06 100644 --- a/terraform/gcp/modules/external_secrets/versions.tf +++ b/terraform/gcp/modules/external_secrets/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.39.1" + version = "5.40.0" source = "hashicorp/google" } kubectl = { diff --git a/terraform/gcp/modules/fulcio/versions.tf b/terraform/gcp/modules/fulcio/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/fulcio/versions.tf +++ b/terraform/gcp/modules/fulcio/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/gke_cluster/versions.tf b/terraform/gcp/modules/gke_cluster/versions.tf index 023f68b8c..2955aa17b 100644 --- a/terraform/gcp/modules/gke_cluster/versions.tf +++ b/terraform/gcp/modules/gke_cluster/versions.tf @@ -15,15 +15,15 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } google-beta = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google-beta" } random = { diff --git a/terraform/gcp/modules/monitoring/dex/versions.tf b/terraform/gcp/modules/monitoring/dex/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/monitoring/dex/versions.tf +++ b/terraform/gcp/modules/monitoring/dex/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/monitoring/fulcio/versions.tf b/terraform/gcp/modules/monitoring/fulcio/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/monitoring/fulcio/versions.tf +++ b/terraform/gcp/modules/monitoring/fulcio/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/monitoring/infra/versions.tf b/terraform/gcp/modules/monitoring/infra/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/monitoring/infra/versions.tf +++ b/terraform/gcp/modules/monitoring/infra/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/monitoring/prober/versions.tf b/terraform/gcp/modules/monitoring/prober/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/monitoring/prober/versions.tf +++ b/terraform/gcp/modules/monitoring/prober/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/monitoring/rekor/versions.tf b/terraform/gcp/modules/monitoring/rekor/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/monitoring/rekor/versions.tf +++ b/terraform/gcp/modules/monitoring/rekor/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/monitoring/slo/versions.tf b/terraform/gcp/modules/monitoring/slo/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/monitoring/slo/versions.tf +++ b/terraform/gcp/modules/monitoring/slo/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/monitoring/versions.tf b/terraform/gcp/modules/monitoring/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/monitoring/versions.tf +++ b/terraform/gcp/modules/monitoring/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/mysql-shard/versions.tf b/terraform/gcp/modules/mysql-shard/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/mysql-shard/versions.tf +++ b/terraform/gcp/modules/mysql-shard/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/mysql/versions.tf b/terraform/gcp/modules/mysql/versions.tf index da79fc732..a384bb256 100644 --- a/terraform/gcp/modules/mysql/versions.tf +++ b/terraform/gcp/modules/mysql/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } random = { diff --git a/terraform/gcp/modules/network/versions.tf b/terraform/gcp/modules/network/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/network/versions.tf +++ b/terraform/gcp/modules/network/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/oslogin/versions.tf b/terraform/gcp/modules/oslogin/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/oslogin/versions.tf +++ b/terraform/gcp/modules/oslogin/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/project_roles/versions.tf b/terraform/gcp/modules/project_roles/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/project_roles/versions.tf +++ b/terraform/gcp/modules/project_roles/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/redis/versions.tf b/terraform/gcp/modules/redis/versions.tf index da79fc732..a384bb256 100644 --- a/terraform/gcp/modules/redis/versions.tf +++ b/terraform/gcp/modules/redis/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } random = { diff --git a/terraform/gcp/modules/rekor/versions.tf b/terraform/gcp/modules/rekor/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/rekor/versions.tf +++ b/terraform/gcp/modules/rekor/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/sigstore/versions.tf b/terraform/gcp/modules/sigstore/versions.tf index 7a7c28816..e690d1055 100644 --- a/terraform/gcp/modules/sigstore/versions.tf +++ b/terraform/gcp/modules/sigstore/versions.tf @@ -15,15 +15,15 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } google-beta = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google-beta" } } diff --git a/terraform/gcp/modules/timestamp/versions.tf b/terraform/gcp/modules/timestamp/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/timestamp/versions.tf +++ b/terraform/gcp/modules/timestamp/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } diff --git a/terraform/gcp/modules/tuf/versions.tf b/terraform/gcp/modules/tuf/versions.tf index 2571fbe66..fbf4dd4ff 100644 --- a/terraform/gcp/modules/tuf/versions.tf +++ b/terraform/gcp/modules/tuf/versions.tf @@ -15,11 +15,11 @@ */ terraform { - required_version = "1.9.3" + required_version = "1.9.4" required_providers { google = { - version = "5.38.0" + version = "5.40.0" source = "hashicorp/google" } } From 04504955b5a271c3fecbcc42c7287cc0d8e9fa48 Mon Sep 17 00:00:00 2001 From: Bob Callaway Date: Wed, 7 Aug 2024 07:47:55 -0400 Subject: [PATCH 2/2] bump action version Signed-off-by: Bob Callaway --- .github/workflows/terraform.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 8bad532c2..71c08bca7 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -26,7 +26,7 @@ jobs: - uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v2.0.0 with: # TODO: extract terraform from the tf file when we have pinned - terraform_version: 1.9.3 + terraform_version: 1.9.4 - name: Terraform fmt id: fmt @@ -46,7 +46,7 @@ jobs: - uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v2.0.0 with: # TODO: extract terraform from the tf file when we have pinned - terraform_version: 1.9.3 + terraform_version: 1.9.4 - name: Terraform init id: init