Commit graph

472 commits

Author SHA1 Message Date
dependabot[bot]
269f3fce63
Bump alpine from 3.15.0 to 3.15.1 (#2648)
Bumps alpine from 3.15.0 to 3.15.1.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2022-03-24 10:31:03 -05:00
dependabot[bot]
3c912d459f
Bump zricethezav/gitleaks from v8.3.0 to v8.4.0 (#2619)
Bumps zricethezav/gitleaks from v8.3.0 to v8.4.0.

---
updated-dependencies:
- dependency-name: zricethezav/gitleaks
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 10:49:04 -05:00
dependabot[bot]
cfe591504d
Bump rhysd/actionlint from 1.6.9 to 1.6.10 (#2620)
Bumps rhysd/actionlint from 1.6.9 to 1.6.10.

---
updated-dependencies:
- dependency-name: rhysd/actionlint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 10:48:57 -05:00
Lea Waller
40963a5747
Copy over Python headers during staged build (#2607)
- Allow the installation of Python packages that require compilation
  inside the container
2022-03-14 09:23:47 -05:00
dependabot[bot]
a1e55fad90
Bump cljkondo/clj-kondo from 2022.02.09-alpine to 2022.03.09-alpine (#2609)
Bumps cljkondo/clj-kondo from 2022.02.09-alpine to 2022.03.09-alpine.

---
updated-dependencies:
- dependency-name: cljkondo/clj-kondo
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-09 14:48:02 +01:00
dependabot[bot]
04c9bda14a Bump alpine/terragrunt from 1.1.6 to 1.1.7
Bumps alpine/terragrunt from 1.1.6 to 1.1.7.

---
updated-dependencies:
- dependency-name: alpine/terragrunt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-07 12:53:20 -05:00
dependabot[bot]
8908116633 Bump hashicorp/terraform from 1.1.6 to 1.1.7
Bumps hashicorp/terraform from 1.1.6 to 1.1.7.

---
updated-dependencies:
- dependency-name: hashicorp/terraform
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-07 12:53:02 -05:00
dependabot[bot]
908a9ebb41 Bump zricethezav/gitleaks from v8.2.7 to v8.3.0
Bumps zricethezav/gitleaks from v8.2.7 to v8.3.0.

---
updated-dependencies:
- dependency-name: zricethezav/gitleaks
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-01 10:52:53 -05:00
dependabot[bot]
89c1eb3d4c Bump accurics/terrascan from 1.13.1 to 1.13.2
Bumps accurics/terrascan from 1.13.1 to 1.13.2.

---
updated-dependencies:
- dependency-name: accurics/terrascan
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-01 10:52:46 -05:00
dependabot[bot]
6eed012d2d
Bump yoheimuta/protolint from v0.37.0 to v0.37.1 (#2560)
Bumps yoheimuta/protolint from v0.37.0 to v0.37.1.

---
updated-dependencies:
- dependency-name: yoheimuta/protolint
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-28 14:46:24 -06:00
dependabot[bot]
e5597b1e94
Bump rhysd/actionlint from 1.6.8 to 1.6.9 (#2554)
Bumps rhysd/actionlint from 1.6.8 to 1.6.9.

---
updated-dependencies:
- dependency-name: rhysd/actionlint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-28 15:24:35 +01:00
Brett Logan
366889a844 Update Docker 2022-02-21 13:49:41 -05:00
Brett Logan
ffcb973a71
update extra deps (#2498)
* update extra deps

* Update ruby lockfile

* Fix lockfile

* Update scala template

Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2022-02-14 15:45:11 -06:00
dependabot[bot]
4dd4d1deef
Bump cljkondo/clj-kondo from 2022.01.15-alpine to 2022.02.09-alpine (#2467)
Bumps cljkondo/clj-kondo from 2022.01.15-alpine to 2022.02.09-alpine.

---
updated-dependencies:
- dependency-name: cljkondo/clj-kondo
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-14 15:20:19 -06:00
Colwyn Fritze-Moor
eb4aad643b
feat: add SSH key support (#2454)
* feat: add support for ssh keys and github.com connections

* refactor: allow github.com setup and update docs

* docs: add note about using ssh_key

* fix: run shfmt

* fix: add language to ssh key fence

* fix: make ssh setup script executable

* fix: gitleaks wins, openssh example removed

* notes

* docs: make the docs a little more clear

Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>
2022-02-09 15:24:57 -06:00
dependabot[bot]
feb45bb035
Bump scalameta/scalafmt from v3.3.1 to v3.3.3 (#2369)
* Bump scalameta/scalafmt from v3.3.1 to v3.3.3

Bumps scalameta/scalafmt from v3.3.1 to v3.3.3.

---
updated-dependencies:
- dependency-name: scalameta/scalafmt
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update .scalafmt.conf

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2022-01-25 09:43:14 -06:00
dependabot[bot]
5cae663805
Bump yoheimuta/protolint from v0.35.2 to v0.36.0 (#2371)
Bumps yoheimuta/protolint from v0.35.2 to v0.36.0.

---
updated-dependencies:
- dependency-name: yoheimuta/protolint
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-25 09:15:37 -06:00
dependabot[bot]
7a4562e70a
Bump hashicorp/terraform from 1.1.3 to 1.1.4 (#2370)
Bumps hashicorp/terraform from 1.1.3 to 1.1.4.

---
updated-dependencies:
- dependency-name: hashicorp/terraform
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-24 09:48:34 -06:00
dependabot[bot]
c09ea929d5
Bump alpine/terragrunt from 1.1.3 to 1.1.4 (#2372)
Bumps alpine/terragrunt from 1.1.3 to 1.1.4.

---
updated-dependencies:
- dependency-name: alpine/terragrunt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-24 09:48:25 -06:00
dependabot[bot]
db4f384940
Bump python from 3.10.1-alpine to 3.10.2-alpine (#2373)
Bumps python from 3.10.1-alpine to 3.10.2-alpine.

---
updated-dependencies:
- dependency-name: python
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-24 09:48:17 -06:00
dependabot[bot]
4b597858b6
Bump cljkondo/clj-kondo from 2021.12.19-alpine to 2022.01.15-alpine (#2340)
Bumps cljkondo/clj-kondo from 2021.12.19-alpine to 2022.01.15-alpine.

---
updated-dependencies:
- dependency-name: cljkondo/clj-kondo
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-18 13:57:39 -06:00
Brett Logan
fc6c5b34d9
Use Virtual Environment for Python Deps (#2294)
* Build static python depenencies

* Address linting

* Fix copy path

* cleaner

* Stage virtual environments

* Update Dockerfile to support virtual environments

* Remove old python builds

* Remove unnecessary RUN step

* Fix merge conflicts

* Remove test checking for PIP packages

We use virtual environments and no longer install the packages
via pip directly in the image. It should be enough that the version
tests check for the existence already and that the version
comes back correctly.

* Remove binary installation of black

* cleaner

* Remove pip

* pretty

Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>
2022-01-10 15:23:22 -06:00
dependabot[bot]
57e304bdb4
Bump alpine/terragrunt from 1.1.2 to 1.1.3 (#2313)
Bumps alpine/terragrunt from 1.1.2 to 1.1.3.

---
updated-dependencies:
- dependency-name: alpine/terragrunt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2022-01-10 14:00:18 -06:00
dependabot[bot]
a3bc35d23e
Bump hashicorp/terraform from 1.1.2 to 1.1.3 (#2314)
Bumps hashicorp/terraform from 1.1.2 to 1.1.3.

---
updated-dependencies:
- dependency-name: hashicorp/terraform
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-10 13:59:35 -06:00
dependabot[bot]
c7e7a3fd71
Bump zricethezav/gitleaks from v8.2.5 to v8.2.7 (#2315)
Bumps zricethezav/gitleaks from v8.2.5 to v8.2.7.

---
updated-dependencies:
- dependency-name: zricethezav/gitleaks
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-10 13:59:30 -06:00
Brett Logan
d3f4b77943 Update PHP deps 2022-01-10 13:21:21 -05:00
Brett Logan
960ec6bcf2 Pin node dependencies
The removal of the color.js package broke several of our dependencies.
Enabling package lock and pinning color.js until we can sort out
the color.js dep change.
2022-01-10 13:21:21 -05:00
Colwyn Fritze-Moor
09b571b1b0
feat: add support for Terraform modules in tflint (#2297)
* fix: support tflint relative module references

* chore: add test for relative module imports

* chore: add terraform binary

* chore: move tests

* chore: add newlines to tests

* chore: add newlines to tests

* refactor: move terraform get

* refactor: put terraform get back where it was

Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2022-01-06 11:04:10 -06:00
Brett Logan
35d23ba664
Revert "Add find-unicode-control2 (#2286)" (#2299)
This reverts commit 46b9e49099.
2022-01-06 11:00:57 -06:00
dependabot[bot]
4b56c269a2
Bump accurics/terrascan from 1.12.0 to 1.13.0 (#2302)
Bumps accurics/terrascan from 1.12.0 to 1.13.0.

---
updated-dependencies:
- dependency-name: accurics/terrascan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-06 11:00:49 -06:00
Masaya Suzuki
46b9e49099
Add find-unicode-control2 (#2286)
* Add find-unicode-control2

* make version easier

* cleaner version

Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2022-01-04 10:07:45 -06:00
dependabot[bot]
d3a4a9abe5
Bump scalameta/scalafmt from v3.2.1 to v3.3.1 (#2289)
* Bump scalameta/scalafmt from v3.2.1 to v3.3.1

Bumps scalameta/scalafmt from v3.2.1 to v3.3.1.

---
updated-dependencies:
- dependency-name: scalameta/scalafmt
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* version

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>
2022-01-04 09:43:44 -06:00
dependabot[bot]
b549138f79
Bump mstruebing/editorconfig-checker from 2.3.5 to 2.4.0 (#2261)
Bumps mstruebing/editorconfig-checker from 2.3.5 to 2.4.0.

---
updated-dependencies:
- dependency-name: mstruebing/editorconfig-checker
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-03 12:55:15 -06:00
dependabot[bot]
c4594bf2f1
Bump mvdan/shfmt from v3.4.1 to v3.4.2 (#2263)
Bumps mvdan/shfmt from v3.4.1 to v3.4.2.

---
updated-dependencies:
- dependency-name: mvdan/shfmt
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-03 12:55:03 -06:00
dependabot[bot]
35a01c858a
Bump terraform-linters/tflint-bundle from v0.34.0.0 to v0.34.1.1 (#2293)
Bumps terraform-linters/tflint-bundle from v0.34.0.0 to v0.34.1.1.

---
updated-dependencies:
- dependency-name: terraform-linters/tflint-bundle
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-03 12:54:41 -06:00
dependabot[bot]
49a66231e0
Bump zricethezav/gitleaks from v8.2.3 to v8.2.5 (#2280)
Bumps zricethezav/gitleaks from v8.2.3 to v8.2.5.

---
updated-dependencies:
- dependency-name: zricethezav/gitleaks
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-03 10:49:43 -06:00
Masaya Suzuki
5cf256a086
Fix download and uncompress libz (#2274) 2021-12-30 09:32:48 -06:00
dependabot[bot]
518943efd3
Bump terraform-linters/tflint-bundle from v0.33.2.0 to v0.34.0.0 (#2225)
Bumps terraform-linters/tflint-bundle from v0.33.2.0 to v0.34.0.0.

---
updated-dependencies:
- dependency-name: terraform-linters/tflint-bundle
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-20 12:20:01 -06:00
dependabot[bot]
5186a02d09
Bump zricethezav/gitleaks from v8.0.4 to v8.2.3 (#2241)
Bumps zricethezav/gitleaks from v8.0.4 to v8.2.3.

---
updated-dependencies:
- dependency-name: zricethezav/gitleaks
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-20 11:48:20 -06:00
dependabot[bot]
c87233322c
Bump cljkondo/clj-kondo from 2021.12.01-alpine to 2021.12.19-alpine (#2242)
Bumps cljkondo/clj-kondo from 2021.12.01-alpine to 2021.12.19-alpine.

---
updated-dependencies:
- dependency-name: cljkondo/clj-kondo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-20 11:48:13 -06:00
dependabot[bot]
17f7cfe7f3
Bump alpine/terragrunt from 1.0.11 to 1.1.2 (#2243)
Bumps alpine/terragrunt from 1.0.11 to 1.1.2.

---
updated-dependencies:
- dependency-name: alpine/terragrunt
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-20 11:48:03 -06:00
Marco Ferrari
da61f6135a
Reduce duplication using a single Dockerfile (#2178)
* Reduce duplication using a single Dockerfile

* Remove slim Dockerfile

* Update PROD and RELEASE workflows

* Fix apk package installing

* Force link creation

* Don't check if the versions file exist

* Fix BUILD_DATE

* Fix BUILD_DATE

* Fix BUILD_DATE

* Fix BUILD_DATE
2021-12-10 10:15:12 -06:00
dependabot[bot]
de35dfbf5a
Bump zricethezav/gitleaks from v7.6.1 to v8.0.4 (#2188)
* Bump zricethezav/gitleaks from v7.6.1 to v8.0.4

Bumps zricethezav/gitleaks from v7.6.1 to v8.0.4.

---
updated-dependencies:
- dependency-name: zricethezav/gitleaks
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fixing command for after 8.x

* better regex

* better verbose

* remove file

* fixed logic

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>
2021-12-08 14:28:11 -06:00
dependabot[bot]
b94d7028e0
Bump scalameta/scalafmt from v3.1.2 to v3.2.1 (#2206)
* Bump scalameta/scalafmt from v3.1.2 to v3.2.1

Bumps scalameta/scalafmt from v3.1.2 to v3.2.1.

---
updated-dependencies:
- dependency-name: scalameta/scalafmt
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* update

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2021-12-08 11:35:29 -06:00
Marco Ferrari
ee99da290b
Uninstall Dockerfilelint (#2195)
* Uninstall Dockerfilelint

* remove dockerfilelint packages

* trying ca-certs

Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>
2021-12-08 09:53:05 -06:00
dependabot[bot]
6d947faec3
Bump alpine from 3.14.3 to 3.15.0 (#2187)
Bumps alpine from 3.14.3 to 3.15.0.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2021-12-08 09:52:54 -06:00
dependabot[bot]
d0972d9468
Bump terraform-linters/tflint-bundle from v0.33.1 to v0.33.2.0 (#2216)
Bumps terraform-linters/tflint-bundle from v0.33.1 to v0.33.2.0.

---
updated-dependencies:
- dependency-name: terraform-linters/tflint-bundle
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-08 09:52:44 -06:00
dependabot[bot]
e51213b0a7
Bump python from 3.10.0-alpine to 3.10.1-alpine (#2217)
Bumps python from 3.10.0-alpine to 3.10.1-alpine.

---
updated-dependencies:
- dependency-name: python
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-08 09:52:34 -06:00
dependabot[bot]
6a59b78058
Bump cljkondo/clj-kondo from 2021.10.19-alpine to 2021.12.01-alpine (#2207)
Bumps cljkondo/clj-kondo from 2021.10.19-alpine to 2021.12.01-alpine.

---
updated-dependencies:
- dependency-name: cljkondo/clj-kondo
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2021-12-08 08:22:01 -06:00
Marco Ferrari
f90bf96db8
Install R directly and don't report npm-groovy-lint usage stats (#2202)
* Install R directly

* Don't install zip

* Copy etc/R

* Move back to /home/r-library

* Copy directory contents

* Copy files

* mkdir

* recursive copy

* copy -r

* Revert R etc

* Don't create etc dir

* Disable ClassNameSameAsFilename rule

* insight kills

Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>
2021-12-07 12:10:26 -06:00