diff --git a/.github/workflows/build-rust-injector.yml b/.github/workflows/build-rust-injector.yml index 375dc62bb3..749301eb59 100644 --- a/.github/workflows/build-rust-injector.yml +++ b/.github/workflows/build-rust-injector.yml @@ -37,7 +37,7 @@ jobs: shasum zarf-injector-arm64 >> checksums.txt - name: Set AWS Credentials - uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_GOV_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_GOV_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/nightly-ecr.yml b/.github/workflows/nightly-ecr.yml index 655d3c4dd1..5b4b416e31 100644 --- a/.github/workflows/nightly-ecr.yml +++ b/.github/workflows/nightly-ecr.yml @@ -29,7 +29,7 @@ jobs: run: make build-cli-linux-amd - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: role-to-assume: ${{ secrets.AWS_NIGHTLY_ROLE }} aws-region: us-east-1 diff --git a/.github/workflows/nightly-eks.yml b/.github/workflows/nightly-eks.yml index 5ec53f5a7a..c74b28e9af 100644 --- a/.github/workflows/nightly-eks.yml +++ b/.github/workflows/nightly-eks.yml @@ -37,7 +37,7 @@ jobs: uses: ./.github/actions/packages - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: role-to-assume: ${{ secrets.AWS_NIGHTLY_ROLE }} aws-region: us-east-1 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 337d2f7e34..5fb5acbff6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -140,7 +140,7 @@ jobs: # Set up AWS credentials for GoReleaser to upload backups of artifacts to S3 - name: Set AWS Credentials - uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_GOV_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_GOV_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/scan-codeql.yml b/.github/workflows/scan-codeql.yml index 5fbbd757bb..9278f84788 100644 --- a/.github/workflows/scan-codeql.yml +++ b/.github/workflows/scan-codeql.yml @@ -43,7 +43,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 + uses: github/codeql-action/init@e675ced7a7522a761fc9c8eb26682c8b27c42b2b # v3.24.1 env: CODEQL_EXTRACTOR_GO_BUILD_TRACING: on with: @@ -54,6 +54,6 @@ jobs: run: make build-cli-linux-amd - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 + uses: github/codeql-action/analyze@e675ced7a7522a761fc9c8eb26682c8b27c42b2b # v3.24.1 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index 1dcc7704ac..8363574077 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -45,6 +45,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 + uses: github/codeql-action/upload-sarif@e675ced7a7522a761fc9c8eb26682c8b27c42b2b # v3.24.1 with: sarif_file: results.sarif diff --git a/examples/argocd/zarf.yaml b/examples/argocd/zarf.yaml index 597ba99e1d..4c23afc98d 100644 --- a/examples/argocd/zarf.yaml +++ b/examples/argocd/zarf.yaml @@ -8,7 +8,7 @@ components: required: true charts: - name: argo-cd - version: 5.54.0 + version: 5.55.0 namespace: argocd url: https://argoproj.github.io/argo-helm releaseName: argocd-baseline diff --git a/examples/big-bang/yolo/zarf.yaml b/examples/big-bang/yolo/zarf.yaml index 80caf3bfd1..c5525bd4e3 100644 --- a/examples/big-bang/yolo/zarf.yaml +++ b/examples/big-bang/yolo/zarf.yaml @@ -4,7 +4,7 @@ metadata: name: yolo-big-bang description: Deploy Big Bang Core in YOLO mode # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/ - version: 2.19.2 + version: 2.20.0 url: https://p1.dso.mil/products/big-bang architecture: amd64 yolo: true @@ -33,7 +33,7 @@ components: extensions: bigbang: # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/ - version: 2.19.2 + version: 2.20.0 valuesFiles: - credentials.yaml - ../config/ingress.yaml diff --git a/examples/big-bang/zarf.yaml b/examples/big-bang/zarf.yaml index ba1dda61b3..8f0368a493 100644 --- a/examples/big-bang/zarf.yaml +++ b/examples/big-bang/zarf.yaml @@ -3,7 +3,7 @@ metadata: name: big-bang-example description: Deploy Big Bang Core # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/ - version: 2.19.2 + version: 2.20.0 url: https://p1.dso.mil/products/big-bang # Big Bang / Iron Bank are only amd64 architecture: amd64 @@ -44,7 +44,7 @@ components: extensions: bigbang: # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/ - version: 2.19.2 + version: 2.20.0 valuesFiles: # Istio configs - config/ingress.yaml diff --git a/examples/helm-charts/chart/values.yaml b/examples/helm-charts/chart/values.yaml index 89b2bd9129..b77766bafa 100644 --- a/examples/helm-charts/chart/values.yaml +++ b/examples/helm-charts/chart/values.yaml @@ -8,7 +8,7 @@ backends: [] image: repository: ghcr.io/stefanprodan/podinfo - tag: 6.4.0 + tag: 6.5.4 pullPolicy: IfNotPresent ui: diff --git a/examples/longhorn/zarf.yaml b/examples/longhorn/zarf.yaml index b447e8debe..ef1880b1c9 100644 --- a/examples/longhorn/zarf.yaml +++ b/examples/longhorn/zarf.yaml @@ -41,7 +41,7 @@ components: charts: - name: longhorn url: https://charts.longhorn.io - version: 1.4.0 + version: 1.6.0 namespace: longhorn-system valuesFiles: - values.yaml diff --git a/examples/variables/simple-terraform.tf b/examples/variables/simple-terraform.tf index 0640992f2e..859d6cada4 100644 --- a/examples/variables/simple-terraform.tf +++ b/examples/variables/simple-terraform.tf @@ -8,7 +8,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "~> 5.30.0" + version = "~> 5.36.0" } } } diff --git a/go.mod b/go.mod index 2318894914..29ae4f9581 100644 --- a/go.mod +++ b/go.mod @@ -1,19 +1,19 @@ module github.com/defenseunicorns/zarf -go 1.21.6 +go 1.22.0 // TODO (@AABRO): Pending merge into github.com/gojsonschema/gojsonschema (https://github.com/gojsonschema/gojsonschema/pull/5) replace github.com/xeipuuv/gojsonschema => github.com/defenseunicorns/gojsonschema v0.0.0-20231116163348-e00f069122d6 require ( - cuelang.org/go v0.7.0 + cuelang.org/go v0.7.1 github.com/AlecAivazis/survey/v2 v2.3.7 github.com/Masterminds/semver/v3 v3.2.1 github.com/alecthomas/jsonschema v0.0.0-20220216202328-9eeeec9d044b github.com/anchore/clio v0.0.0-20240209204744-cb94e40a4f65 github.com/anchore/stereoscope v0.0.1 - github.com/anchore/syft v0.100.0 - github.com/derailed/k9s v0.31.7 + github.com/anchore/syft v0.104.0 + github.com/derailed/k9s v0.31.8 github.com/distribution/reference v0.5.0 github.com/docker/cli v24.0.9+incompatible github.com/fairwindsops/pluto/v5 v5.18.4 @@ -32,7 +32,7 @@ require ( github.com/otiai10/copy v1.14.0 github.com/pkg/errors v0.9.1 github.com/prometheus/client_golang v1.18.0 - github.com/pterm/pterm v0.12.78 + github.com/pterm/pterm v0.12.79 github.com/sergi/go-diff v1.3.1 github.com/sigstore/cosign/v2 v2.2.3 github.com/sigstore/sigstore/pkg/signature/kms/aws v1.8.1 @@ -44,7 +44,7 @@ require ( github.com/spf13/viper v1.18.2 github.com/stretchr/testify v1.8.4 github.com/xeipuuv/gojsonschema v1.2.0 - golang.org/x/crypto v0.18.0 + golang.org/x/crypto v0.19.0 golang.org/x/sync v0.6.0 golang.org/x/term v0.17.0 helm.sh/helm/v3 v3.14.0 diff --git a/packages/distros/eks/zarf.yaml b/packages/distros/eks/zarf.yaml index 2171feaff4..0c6fbbe753 100644 --- a/packages/distros/eks/zarf.yaml +++ b/packages/distros/eks/zarf.yaml @@ -32,17 +32,17 @@ components: files: - source: eks.yaml target: eks.yaml - - source: https://github.com/weaveworks/eksctl/releases/download/v0.170.0/eksctl_Darwin_amd64.tar.gz + - source: https://github.com/weaveworks/eksctl/releases/download/v0.171.0/eksctl_Darwin_amd64.tar.gz target: binaries/eksctl_Darwin_x86_64 executable: true shasum: 88297c757fb1bc731f9ea29931c463a4575eb37f4cee27625774c88d5e8c95e2 extractPath: eksctl - - source: https://github.com/weaveworks/eksctl/releases/download/v0.170.0/eksctl_Darwin_arm64.tar.gz + - source: https://github.com/weaveworks/eksctl/releases/download/v0.171.0/eksctl_Darwin_arm64.tar.gz target: binaries/eksctl_Darwin_arm64 executable: true shasum: ad97a3196dc8fcbba5c501cf386ab8637663bb6a3876e20bc991a1de07a0831e extractPath: eksctl - - source: https://github.com/weaveworks/eksctl/releases/download/v0.170.0/eksctl_Linux_amd64.tar.gz + - source: https://github.com/weaveworks/eksctl/releases/download/v0.171.0/eksctl_Linux_amd64.tar.gz target: binaries/eksctl_Linux_x86_64 executable: true shasum: 790b540f8931424d8c89c10dee4cb5567bff44a5e8ed018c7c3a0ac818cf2e05 diff --git a/packages/distros/k3s/zarf.yaml b/packages/distros/k3s/zarf.yaml index 0813b1ee38..9dbfea7bec 100644 --- a/packages/distros/k3s/zarf.yaml +++ b/packages/distros/k3s/zarf.yaml @@ -14,7 +14,7 @@ components: architecture: amd64 files: # Include the actual K3s binary - - source: https://github.com/k3s-io/k3s/releases/download/v1.28.4+k3s2/k3s + - source: https://github.com/k3s-io/k3s/releases/download/v1.29.1+k3s2/k3s shasum: 9014535a4cd20c788282d60398a06279983562093455b53ab76701539ce67acf target: /usr/sbin/k3s executable: true @@ -24,7 +24,7 @@ components: - /usr/sbin/ctr - /usr/sbin/crictl # Transfer the K3s images for containerd to pick them up - - source: https://github.com/k3s-io/k3s/releases/download/v1.28.4+k3s2/k3s-airgap-images-amd64.tar.zst + - source: https://github.com/k3s-io/k3s/releases/download/v1.29.1+k3s2/k3s-airgap-images-amd64.tar.zst shasum: bc4d05bad56a583c80ff443d60e8277a136cc4357dc8527702d38b5cca28880d target: /var/lib/rancher/k3s/agent/images/k3s.tar.zst actions: @@ -44,7 +44,7 @@ components: architecture: arm64 files: # Include the actual K3s binary - - source: https://github.com/k3s-io/k3s/releases/download/v1.28.4+k3s2/k3s-arm64 + - source: https://github.com/k3s-io/k3s/releases/download/v1.29.1+k3s2/k3s-arm64 shasum: 1ae72ca06d3302f3e86ef92e6e8f84e14a084da69564e87d6e2e75f62e72388d target: /usr/sbin/k3s executable: true @@ -54,7 +54,7 @@ components: - /usr/sbin/ctr - /usr/sbin/crictl # Transfer the K3s images for containerd to pick them up - - source: https://github.com/k3s-io/k3s/releases/download/v1.28.4+k3s2/k3s-airgap-images-arm64.tar.zst + - source: https://github.com/k3s-io/k3s/releases/download/v1.29.1+k3s2/k3s-airgap-images-arm64.tar.zst shasum: 50621ae1391aec7fc66ca66a46a0e9fd48ce373a58073000efdc278233adc64b target: /var/lib/rancher/k3s/agent/images/k3s.tar.zst actions: