Andrew Dryga
aa14be0280
Release major.minor container versions
2023-11-07 18:09:54 -06:00
Andrew Dryga
04eaeb9041
Concurrency control for release artifacts
2023-11-07 16:53:24 -06:00
Andrew Dryga
28fecca415
Delete stale assets and use gh cli tool
2023-11-07 16:50:57 -06:00
Andrew Dryga
3d44b0e626
Try with a draft: true
2023-11-07 16:14:42 -06:00
Andrew Dryga
0cafa7edbd
Try to find a way for action not to create a new release
2023-11-07 15:33:35 -06:00
Andrew Dryga
b1aaa74976
Trim trailing whitespace
...
My VSCode doesn't want to work properly with Github Action Files.
2023-11-07 14:38:14 -06:00
Andrew Dryga
6fe0bc229e
Fix outputs and try both solutions
2023-11-07 14:04:50 -06:00
Andrew Dryga
30aad4e052
Fix gh command
2023-11-07 13:32:39 -06:00
Andrew Dryga
2831405de1
Trim trailing whitespace in cd.yml
2023-11-07 12:32:35 -06:00
Andrew Dryga
627b6c97b6
Try using gh cli to upload the release assets
2023-11-07 11:58:24 -06:00
Andrew Dryga
013c633539
Try a different gh action to upload release asset
2023-11-07 11:49:24 -06:00
Andrew Dryga
cb6f63641f
Also release major and major.minor -tagged containers
2023-11-07 10:35:25 -06:00
Andrew Dryga
8c35e3a4fa
Deploy a demo instance to staging project
2023-11-07 10:30:09 -06:00
Jamil
ee02b8c6e5
Remove paid runners ( #2577 )
...
These aren't worth the cost for us at the moment -- they shave maybe
10-15% off the total CI time and the $$ would be better spent on
dedicated servers which we can also use to run regression tests, etc.
<img width="949" alt="Screenshot 2023-11-02 at 2 21 21 PM"
src="https://github.com/firezone/firezone/assets/167144/9cbb17ef-6e0c-4d20-a938-45a64ed76c25 ">
2023-11-03 15:37:49 +00:00
Jamil
c12af429c9
cp binary artifacts to location Docker build is expecting ( #2574 )
...
Fixes
https://github.com/firezone/firezone/actions/runs/6734189073/job/18305377757#step:11:215
2023-11-02 16:16:08 +00:00
Jamil
8763be7e5c
Distribute apps on version bumps and manual trigger instead of PR labels ( #2535 )
...
Unfortunately the label-based method of distributing app builds was
flawed because it was trigger on `push: main` which doesn't include the
PR label metadata in the event.
Instead, we can (and probably should) distribute new app builds to
testers whenever the patch version changes. This PR aims to do that.
What this means:
- We'll want to bump the patch version to distribute new app builds to
Test Flight and Play Console. I think this is ok, because once the build
goes to Test Flight or Play Console for distribution, it should be
potentially publishable. This is the assumption both Google and Apple
make throughout their publishing workflow (and why we got temporarily
banned by AppStore Connect).
- Day to day development and testing requires building locally, which I
think is OK since it's relatively easy to do so.
2023-11-02 04:45:49 +00:00
Jamil
9225f27e72
Remove version number from binary filename ( #2530 )
...
Fixes #2529
Fixes #2041
2023-11-01 12:41:19 -07:00
dependabot[bot]
16f20d3fb6
build(deps): Bump hashicorp/setup-terraform from 2 to 3 ( #2552 )
...
Bumps
[hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform )
from 2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/hashicorp/setup-terraform/releases ">hashicorp/setup-terraform's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<p>NOTES:</p>
<ul>
<li>Updated default runtime to node20 (<a
href="https://redirect.github.com/hashicorp/setup-terraform/issues/346 ">#346</a>)</li>
<li>The wrapper around the installed Terraform binary has been fixed to
return the exact STDOUT and STDERR from Terraform when executing
commands. Previous versions of setup-terraform may have required
workarounds to process the STDOUT in bash, such as filtering out the
first line or selectively parsing STDOUT with jq. These workarounds may
need to be adjusted with <code>v3.0.0</code>, which will now return just
the STDOUT/STDERR from Terraform with no errant characters/statements.
(<a
href="https://redirect.github.com/hashicorp/setup-terraform/issues/367 ">#367</a>)</li>
</ul>
<p>BUG FIXES:</p>
<ul>
<li>Fixed malformed stdout when wrapper is enabled (<a
href="https://redirect.github.com/hashicorp/setup-terraform/issues/367 ">#367</a>)</li>
</ul>
<h2>v2.0.3</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<h3>NOTES</h3>
<ul>
<li>Bump <code>@actions/core</code> from 1.9.1 to 1.10.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/247 ">hashicorp/setup-terraform#247</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/hashicorp/setup-terraform/compare/v2.0.2...v2.0.3 ">https://github.com/hashicorp/setup-terraform/compare/v2.0.2...v2.0.3 </a></p>
<h2>v2.0.2</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<h3>NOTES</h3>
<ul>
<li>Update 2.0.1 release metadata by <a
href="https://github.com/jpogran "><code>@jpogran</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/253 ">hashicorp/setup-terraform#253</a></li>
<li>Release 2.0.2 by <a
href="https://github.com/jpogran "><code>@jpogran</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/254 ">hashicorp/setup-terraform#254</a></li>
</ul>
<h3>INTERNAL</h3>
<ul>
<li>Bump jest from 29.0.3 to 29.1.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/248 ">hashicorp/setup-terraform#248</a></li>
<li><code>README.md</code> updates - direct links to license and code of
conduct, updated GitHub documents link by <a
href="https://github.com/magnetikonline "><code>@magnetikonline</code></a>
in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/244 ">hashicorp/setup-terraform#244</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/hashicorp/setup-terraform/compare/v2.0.1...v2.0.2 ">https://github.com/hashicorp/setup-terraform/compare/v2.0.1...v2.0.2 </a></p>
<h2>v2.0.1</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<h3>ENHANCEMENTS</h3>
<ul>
<li>Do not fail when theres an exit-code 2 by <a
href="https://github.com/dannyibishev "><code>@dannyibishev</code></a>
in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/125 ">hashicorp/setup-terraform#125</a></li>
</ul>
<h3>BUG FIXES</h3>
<ul>
<li>Fix terraform extract by <a
href="https://github.com/cpc-camarj "><code>@cpc-camarj</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/187 ">hashicorp/setup-terraform#187</a></li>
</ul>
<h3>INTERNAL</h3>
<ul>
<li>Bump <code>@actions/core</code> from 1.6.0 to 1.7.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/185 ">hashicorp/setup-terraform#185</a></li>
<li>Bump <code>@vercel/ncc</code> from 0.33.3 to 0.33.4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/182 ">hashicorp/setup-terraform#182</a></li>
<li>Bump jest from 27.5.1 to 28.0.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/184 ">hashicorp/setup-terraform#184</a></li>
<li>Bump jest from 28.0.0 to 28.0.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/190 ">hashicorp/setup-terraform#190</a></li>
<li>Bump husky from 7.0.4 to 8.0.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/193 ">hashicorp/setup-terraform#193</a></li>
<li>Bump jest from 28.0.3 to 28.1.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/194 ">hashicorp/setup-terraform#194</a></li>
<li>Bump <code>@actions/github</code> from 5.0.1 to 5.0.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/201 ">hashicorp/setup-terraform#201</a></li>
<li>Bump <code>@actions/core</code> from 1.7.0 to 1.8.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/200 ">hashicorp/setup-terraform#200</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md ">hashicorp/setup-terraform's
changelog</a>.</em></p>
<blockquote>
<h2>3.0.0 (2023-10-30)</h2>
<p>NOTES:</p>
<ul>
<li>Updated default runtime to node20 (<a
href="https://redirect.github.com/hashicorp/setup-terraform/issues/346 ">#346</a>)</li>
<li>The wrapper around the installed Terraform binary has been fixed to
return the exact STDOUT and STDERR from Terraform when executing
commands. Previous versions of setup-terraform may have required
workarounds to process the STDOUT in bash, such as filtering out the
first line or selectively parsing STDOUT with jq. These workarounds may
need to be adjusted with <code>v3.0.0</code>, which will now return just
the STDOUT/STDERR from Terraform with no errant characters/statements.
(<a
href="https://redirect.github.com/hashicorp/setup-terraform/issues/367 ">#367</a>)</li>
</ul>
<p>BUG FIXES:</p>
<ul>
<li>Fixed malformed stdout when wrapper is enabled (<a
href="https://redirect.github.com/hashicorp/setup-terraform/issues/367 ">#367</a>)</li>
</ul>
<h1>[2.0.3] (2022-11-01)</h1>
<h3>NOTES</h3>
<ul>
<li>Reduced occurrences of GitHub Actions warnings for setting output <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/247 ">#247</a></li>
</ul>
<h1>[2.0.2] (2022-10-12)</h1>
<h3>BUG FIXES</h3>
<ul>
<li>Update 2.0.1 release metadata by <a
href="https://github.com/jpogran "><code>@jpogran</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/253 ">hashicorp/setup-terraform#253</a></li>
<li><code>README.md</code> updates - direct links to license and code of
conduct, updated GitHub documents link by <a
href="https://github.com/magnetikonline "><code>@magnetikonline</code></a>
in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/244 ">hashicorp/setup-terraform#244</a></li>
</ul>
<h3>INTERNAL</h3>
<ul>
<li>Bump jest from 29.0.3 to 29.1.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/248 ">hashicorp/setup-terraform#248</a></li>
</ul>
<h1>[2.0.1] (2022-10-12)</h1>
<h3>ENHANCEMENTS</h3>
<ul>
<li>Do not fail when theres an exit-code 2 by <a
href="https://github.com/dannyibishev "><code>@dannyibishev</code></a>
in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/125 ">hashicorp/setup-terraform#125</a></li>
<li>Updated README to reflect GitHub limitations by <a
href="https://github.com/rnsc "><code>@rnsc</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/205 ">hashicorp/setup-terraform#205</a></li>
</ul>
<h3>BUG FIXES</h3>
<ul>
<li>Fix terraform extract by <a
href="https://github.com/cpc-camarj "><code>@cpc-camarj</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/187 ">hashicorp/setup-terraform#187</a></li>
<li>Add new-style readme build badges, bump
<code>actions/checkout</code> in <code>README.md</code> examples by <a
href="https://github.com/magnetikonline "><code>@magnetikonline</code></a>
in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/188 ">hashicorp/setup-terraform#188</a></li>
<li>Fixed <code>master</code> to <code>main</code> workflow branch
triggers by <a
href="https://github.com/magnetikonline "><code>@magnetikonline</code></a>
in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/216 ">hashicorp/setup-terraform#216</a></li>
<li>Fix the example of how to comment on pull request. by <a
href="https://github.com/acarmel "><code>@acarmel</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/220 ">hashicorp/setup-terraform#220</a></li>
</ul>
<h3>INTERNAL</h3>
<ul>
<li>Bump <code>@actions/core</code> from 1.6.0 to 1.7.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/185 ">hashicorp/setup-terraform#185</a></li>
<li>Bump <code>@vercel/ncc</code> from 0.33.3 to 0.33.4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/182 ">hashicorp/setup-terraform#182</a></li>
<li>Bump jest from 27.5.1 to 28.0.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/184 ">hashicorp/setup-terraform#184</a></li>
<li>Bump jest from 28.0.0 to 28.0.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/190 ">hashicorp/setup-terraform#190</a></li>
<li>Bump husky from 7.0.4 to 8.0.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/193 ">hashicorp/setup-terraform#193</a></li>
<li>Bump jest from 28.0.3 to 28.1.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/hashicorp/setup-terraform/pull/194 ">hashicorp/setup-terraform#194</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a1502cd9e7070aa52467cfd668c07bhttps://redirect.github.com/hashicorp/setup-terraform/issues/369 ">#369</a>)</li>
<li><a
href="4dff81de7ehttps://redirect.github.com/hashicorp/setup-terraform/issues/367 ">#367</a>)</li>
<li><a
href="4c41f96f26https://redirect.github.com/hashicorp/setup-terraform/issues/361 ">#361</a>)</li>
<li><a
href="9507e1d5bbhttps://redirect.github.com/hashicorp/setup-terraform/issues/346 ">#346</a>)</li>
<li><a
href="599d383196https://redirect.github.com/hashicorp/setup-terraform/issues/365 ">#365</a>)</li>
<li><a
href="1697eea208https://redirect.github.com/hashicorp/setup-terraform/issues/363 ">#363</a>)</li>
<li><a
href="8fa54e78fahttps://redirect.github.com/hashicorp/setup-terraform/issues/355 ">#355</a>)"
(<a
href="https://redirect.github.com/hashicorp/setup-terraform/issues/360 ">#360</a>)</li>
<li><a
href="bf6ea8ac71https://redirect.github.com/hashicorp/setup-terraform/issues/358 ">#358</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/hashicorp/setup-terraform/compare/v2...v3 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-01 10:34:13 -06:00
dependabot[bot]
84edc157c8
build(deps): Bump docker/login-action from 1 to 3 ( #2553 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from
1 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases ">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0 ">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/593 ">docker/login-action#593</a></li>
<li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/login-action/pull/598 ">docker/login-action#598</a></li>
<li>Bump <code>@aws-sdk/client-ecr</code> and
<code>@aws-sdk/client-ecr-public</code> to 3.410.0 in <a
href="https://redirect.github.com/docker/login-action/pull/555 ">docker/login-action#555</a>
<a
href="https://redirect.github.com/docker/login-action/pull/560 ">docker/login-action#560</a>
<a
href="https://redirect.github.com/docker/login-action/pull/582 ">docker/login-action#582</a>
<a
href="https://redirect.github.com/docker/login-action/pull/599 ">docker/login-action#599</a></li>
<li>Bump semver from 6.3.0 to 6.3.1 in <a
href="https://redirect.github.com/docker/login-action/pull/556 ">docker/login-action#556</a></li>
<li>Bump https-proxy-agent to 7.0.2 <a
href="https://redirect.github.com/docker/login-action/pull/561 ">docker/login-action#561</a>
<a
href="https://redirect.github.com/docker/login-action/pull/588 ">docker/login-action#588</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v2.2.0...v3.0.0 ">https://github.com/docker/login-action/compare/v2.2.0...v3.0.0 </a></p>
<h2>v2.2.0</h2>
<ul>
<li>Switch to actions-toolkit implementation by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/409 ">docker/login-action#409</a>
<a
href="https://redirect.github.com/docker/login-action/pull/470 ">docker/login-action#470</a>
<a
href="https://redirect.github.com/docker/login-action/pull/476 ">docker/login-action#476</a></li>
<li>Bump <code>@aws-sdk/client-ecr</code> and
<code>@aws-sdk/client-ecr-public</code> to 3.347.1 in <a
href="https://redirect.github.com/docker/login-action/pull/524 ">docker/login-action#524</a>
<a
href="https://redirect.github.com/docker/login-action/pull/364 ">docker/login-action#364</a>
<a
href="https://redirect.github.com/docker/login-action/pull/363 ">docker/login-action#363</a></li>
<li>Bump minimatch from 3.0.4 to 3.1.2 in <a
href="https://redirect.github.com/docker/login-action/pull/354 ">docker/login-action#354</a></li>
<li>Bump json5 from 2.2.0 to 2.2.3 in <a
href="https://redirect.github.com/docker/login-action/pull/378 ">docker/login-action#378</a></li>
<li>Bump http-proxy-agent from 5.0.0 to 7.0.0 in <a
href="https://redirect.github.com/docker/login-action/pull/509 ">docker/login-action#509</a></li>
<li>Bump https-proxy-agent from 5.0.1 to 7.0.0 in <a
href="https://redirect.github.com/docker/login-action/pull/508 ">docker/login-action#508</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v2.1.0...v2.2.0 ">https://github.com/docker/login-action/compare/v2.1.0...v2.2.0 </a></p>
<h2>v2.1.0</h2>
<ul>
<li>Ensure AWS temp credentials are redacted in workflow logs by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://redirect.github.com/docker/login-action/issues/275 ">#275</a>)</li>
<li>Bump <code>@actions/core</code> from 1.6.0 to 1.10.0 (<a
href="https://redirect.github.com/docker/login-action/issues/252 ">#252</a>
<a
href="https://redirect.github.com/docker/login-action/issues/292 ">#292</a>)</li>
<li>Bump <code>@aws-sdk/client-ecr</code> from 3.53.0 to 3.186.0 (<a
href="https://redirect.github.com/docker/login-action/issues/298 ">#298</a>)</li>
<li>Bump <code>@aws-sdk/client-ecr-public</code> from 3.53.0 to 3.186.0
(<a
href="https://redirect.github.com/docker/login-action/issues/299 ">#299</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v2.0.0...v2.1.0 ">https://github.com/docker/login-action/compare/v2.0.0...v2.1.0 </a></p>
<h2>v2.0.0</h2>
<ul>
<li>Node 16 as default runtime by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://redirect.github.com/docker/login-action/issues/161 ">#161</a>)
<ul>
<li>This requires a minimum <a
href="https://github.com/actions/runner/releases/tag/v2.285.0 ">Actions
Runner</a> version of v2.285.0, which is by default available in GHES
3.4 or later.</li>
</ul>
</li>
<li>chore: update dev dependencies and workflow by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://redirect.github.com/docker/login-action/issues/170 ">#170</a>)</li>
<li>Bump <code>@actions/exec</code> from 1.1.0 to 1.1.1 (<a
href="https://redirect.github.com/docker/login-action/issues/167 ">#167</a>)</li>
<li>Bump <code>@actions/io</code> from 1.1.1 to 1.1.2 (<a
href="https://redirect.github.com/docker/login-action/issues/168 ">#168</a>)</li>
<li>Bump minimist from 1.2.5 to 1.2.6 (<a
href="https://redirect.github.com/docker/login-action/issues/176 ">#176</a>)</li>
<li>Bump https-proxy-agent from 5.0.0 to 5.0.1 (<a
href="https://redirect.github.com/docker/login-action/issues/182 ">#182</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v1.14.1...v2.0.0 ">https://github.com/docker/login-action/compare/v1.14.1...v2.0.0 </a></p>
<h2>v1.14.1</h2>
<ul>
<li>Revert to Node 12 as default runtime to fix issue for GHE users (<a
href="https://redirect.github.com/docker/login-action/issues/160 ">#160</a>)</li>
</ul>
<h2>v1.14.0</h2>
<ul>
<li>Update to node 16 (<a
href="https://redirect.github.com/docker/login-action/issues/158 ">#158</a>)</li>
<li>Bump <code>@aws-sdk/client-ecr</code> from 3.45.0 to 3.53.0 (<a
href="https://redirect.github.com/docker/login-action/issues/157 ">#157</a>)</li>
<li>Bump <code>@aws-sdk/client-ecr-public</code> from 3.45.0 to 3.53.0
(<a
href="https://redirect.github.com/docker/login-action/issues/156 ">#156</a>)</li>
</ul>
<h2>v1.13.0</h2>
<ul>
<li>Handle proxy settings for aws-sdk (<a
href="https://redirect.github.com/docker/login-action/issues/152 ">#152</a>)</li>
<li>Workload identity based authentication docs for GCR and GAR (<a
href="https://redirect.github.com/docker/login-action/issues/112 ">#112</a>)</li>
<li>Test login against ACR (<a
href="https://redirect.github.com/docker/login-action/issues/49 ">#49</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="343f7c4344https://redirect.github.com/docker/login-action/issues/599 ">#599</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="aad0f974f22e0cd39144203bc9c4efhttps://redirect.github.com/docker/login-action/issues/588 ">#588</a>
from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li>
<li><a
href="2199648fc8b4893761737c309e74e6https://redirect.github.com/docker/login-action/issues/598 ">#598</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="0ccf22296156d703e106https://redirect.github.com/docker/login-action/issues/597 ">#597</a>
from docker/dependabot/github_actions/aws-actions/con...</li>
<li><a
href="24d3b3519ehttps://github.com/docker/login-action/compare/v1...v3 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-01 08:50:30 -07:00
dependabot[bot]
03b1794ca5
build(deps): Bump actions/setup-node from 3 to 4 ( #2551 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3
to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-node/releases ">actions/setup-node's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<p>In scope of this release we changed version of node runtime for
action from node16 to node20 and updated dependencies in <a
href="https://redirect.github.com/actions/setup-node/pull/866 ">actions/setup-node#866</a></p>
<p>Besides, release contains such changes as:</p>
<ul>
<li>Upgrade actions/checkout to v4 by <a
href="https://github.com/gmembre-zenika "><code>@gmembre-zenika</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/868 ">actions/setup-node#868</a></li>
<li>Update actions/checkout for documentation and yaml by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/876 ">actions/setup-node#876</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/gmembre-zenika "><code>@gmembre-zenika</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/868 ">actions/setup-node#868</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v3...v4.0.0 ">https://github.com/actions/setup-node/compare/v3...v4.0.0 </a></p>
<h2>v3.8.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update semver by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/861 ">actions/setup-node#861</a></li>
<li>Update temp directory creation by <a
href="https://github.com/nikolai-laevskii "><code>@nikolai-laevskii</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/859 ">actions/setup-node#859</a></li>
<li>Bump <code>@babel/traverse</code> from 7.15.4 to 7.23.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/870 ">actions/setup-node#870</a></li>
<li>Add notice about binaries not being updated yet by <a
href="https://github.com/nikolai-laevskii "><code>@nikolai-laevskii</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/872 ">actions/setup-node#872</a></li>
<li>Update toolkit cache and core by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
and <a
href="https://github.com/seongwon-privatenote "><code>@seongwon-privatenote</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/875 ">actions/setup-node#875</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v3...v3.8.2 ">https://github.com/actions/setup-node/compare/v3...v3.8.2 </a></p>
<h2>v3.8.1</h2>
<h2>What's Changed</h2>
<p>In scope of this release, the filter was removed within the
cache-save step by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/831 ">actions/setup-node#831</a>.
It is filtered and checked in the toolkit/cache library.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v3...v3.8.1 ">https://github.com/actions/setup-node/compare/v3...v3.8.1 </a></p>
<h2>v3.8.0</h2>
<h2>What's Changed</h2>
<h3>Bug fixes:</h3>
<ul>
<li>Add check for existing paths by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/803 ">actions/setup-node#803</a></li>
<li>Resolve SymbolicLink by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/809 ">actions/setup-node#809</a></li>
<li>Change passing logic for cache input by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/816 ">actions/setup-node#816</a></li>
<li>Fix armv7 cache issue by <a
href="https://github.com/louislam "><code>@louislam</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/794 ">actions/setup-node#794</a></li>
<li>Update check-dist workflow name by <a
href="https://github.com/sinchang "><code>@sinchang</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/710 ">actions/setup-node#710</a></li>
</ul>
<h3>Feature implementations:</h3>
<ul>
<li>feat: handling the case where "node" is used for
tool-versions file. by <a
href="https://github.com/xytis "><code>@xytis</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/812 ">actions/setup-node#812</a></li>
</ul>
<h3>Documentation changes:</h3>
<ul>
<li>Refer to semver package name in README.md by <a
href="https://github.com/olleolleolle "><code>@olleolleolle</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/808 ">actions/setup-node#808</a></li>
</ul>
<h3>Update dependencies:</h3>
<ul>
<li>Update toolkit cache to fix zstd by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/804 ">actions/setup-node#804</a></li>
<li>Bump tough-cookie and <code>@azure/ms-rest-js</code> by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/802 ">actions/setup-node#802</a></li>
<li>Bump semver from 6.1.2 to 6.3.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/807 ">actions/setup-node#807</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8f152de45chttps://redirect.github.com/actions/setup-node/issues/876 ">#876</a>)</li>
<li><a
href="23755b521fhttps://redirect.github.com/actions/setup-node/issues/868 ">#868</a>)</li>
<li><a
href="54534a2a9bhttps://redirect.github.com/actions/setup-node/issues/866 ">#866</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-node/compare/v3...v4 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-01 08:41:44 -07:00
Andrew Dryga
c9375c3b07
Use max mode for docker layer caching
2023-10-31 15:16:48 -06:00
Jamil
2bca378f17
Allow data plane configuration at runtime ( #2477 )
...
## Changelog
- Updates connlib parameter API_URL (formerly known under different
names as `CONTROL_PLANE_URL`, `PORTAL_URL`, `PORTAL_WS_URL`, and
friends) to be configured as an "advanced" or "hidden" feature at
runtime so that we can test production builds on both staging and
production.
- Makes `AUTH_BASE_URL` configurable at runtime too
- Moves `CONNLIB_LOG_FILTER_STRING` to be configured like this as well
and simplifies its naming
- Fixes a timing attack bug on Android when comparing the `csrf` token
- Adds proper account ID validation to Android to prevent invalid URL
parameter strings from being saved and used
- Cleans up a number of UI / view issues on Android regarding typos,
consistency, etc
- Hides vars from from the `relay` CLI we may not want to expose just
yet
- `get_device_id()` is flawed for connlib components -- SMBios is rarely
available. Data plane components now require a `FIREZONE_ID` now instead
to use for upserting.
Fixes #2482
Fixes #2471
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
Co-authored-by: Gabi <gabrielalejandro7@gmail.com >
2023-10-30 23:46:53 -07:00
Andrew Dryga
00d8d4be01
Hotfix cluster version selection
2023-10-25 19:02:01 -06:00
Andrew Dryga
34cb88f5af
Fix cache registry references
2023-10-25 13:52:50 -06:00
Andrew Dryga
677b1b1f40
Do not try to join to a cluster of older versions ( #2493 )
2023-10-24 17:04:56 +00:00
Andrew Dryga
8331ea9022
Move concurrency limit to the terraform step
2023-10-24 09:15:02 -06:00
Andrew Dryga
00bde6e785
Fix sccache
2023-10-24 08:43:37 -06:00
Andrew Dryga
0d8f87ec81
Do not push to GCR on hotfix releases
2023-10-24 00:16:59 -06:00
Andrew Dryga
0de24b7ea7
Fix type error for foolproof cond
2023-10-24 00:08:29 -06:00
Andrew Dryga
420931af23
Require foolproof checkbox to deploy to production
2023-10-24 00:02:50 -06:00
Andrew Dryga
1991659046
Fix container push for prod releases ( #2494 )
2023-10-23 22:49:29 -06:00
Andrew Dryga
8b8881f415
Make CodeQL a part of CI workflow ( #2492 )
2023-10-23 16:16:09 -06:00
Andrew Dryga
dc57b45d64
Fix publish workflow and provide a way to trigger it manually ( #2491 )
2023-10-23 19:32:44 +00:00
Jamil
ca8f2ec3b6
Remove macos-14 runner from swift build ( #2484 )
...
Temporarily disable self-hosted runners (`macos-14`) until official GH
runners can back them up.
2023-10-23 12:35:25 -06:00
Jamil
f925898d55
Add CodeQL ( #2476 )
...
The CodeQL repo settings weren't sticking, so I figured I'd check our
config in as a workflow instead.
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
2023-10-21 02:28:54 -07:00
Jamil
fa57d66965
Publish Releases ( #2344 )
...
- rebuild and publish gateway and relay binaries to currently drafted
release
- re-tag current relay/gateway images and push to ghcr.io
Stacked on #2341 to prevent conflicts
Fixes #2223
Fixes #2205
Fixes #2202
Fixes #2239
~~Still TODO: `arm64` images and binaries...~~ Edit: added via
`cross-rs`
2023-10-20 14:20:43 -07:00
Andrew Dryga
0e9f4bcf5d
Hotfix cloud-init linting
2023-10-20 12:33:39 -06:00
Andrew Dryga
428eddd570
Clean up terraform module for gateway ( #2474 )
...
Switched back to `cos-105` to reduce attack surface and generally have
less maintenance and cleaned up the module to be more reusable for our
customers.
2023-10-20 12:29:54 -06:00
Andrew Dryga
66302a5063
Production environment ( #2449 )
2023-10-19 19:20:51 -06:00
Jamil
573124bd2f
Document relay gateway client CLIs ( #2424 )
...
Fixes #2363
* Rename `relay` package to `firezone-relay` so that binaries outputted
match the `firezone-*` cli naming scheme
* Rename `firezone-headless-client` package to `firezone-linux-client`
for consistency
* Add READMEs for user-facing CLI components (there will also be docs
later)
2023-10-19 00:59:17 +00:00
Jamil
218e1169d3
Change dependabot updates to monthly ( #2423 )
...
* `daily` is way too noisy
* we run the risk of tracking dependency updates too closely: a bad
update would cause issues. `monthly` increases the odds the community
will find any problems with said dependency and time for the maintainer
to fix it
* this doesn't affect security alerts (the main reason I had picked
`daily` to begin with) -- those are configured separately in repo
settings
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
Co-authored-by: Thomas Eizinger <thomas@eizinger.io >
2023-10-18 19:40:20 +00:00
Jamil
6ec10b2669
Revert "Fix/website mdx" ( #2434 )
...
Reverts firezone/firezone#2433
2023-10-18 11:42:54 -07:00
Jamil
caef531b17
Fix/website mdx ( #2433 )
2023-10-18 11:42:18 -07:00
Thomas Eizinger
5549044afe
ci: use sccache for Rust ( #2402 )
...
Our caches in GitHub actions are hopelessly overflowing, plus for the
Kotlin and Swift jobs, we don't seem to be doing a particularly good job
at caching the build outputs because those jobs take forever.
Instead of using GitHub actions, this PR configures `sccache` for all
Rust compilation commands and uses a GCP bucket to store the artifacts.
This speeds up some of the builds a fair bit. Android now finishes in
~6minutes.
Apart from the self-hosted MacOS 14 runner, the Swift jobs are slow but
still a lot faster than what we currently have.
Windows seems to be quite slow at compiling / fetching artefacts which
is negatively impacted by this change because they now have to be
fetched from the bucket.
Overall, I think this is a net-positive though and should be much easier
to maintain going forward.
---------
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
2023-10-18 10:25:31 -07:00
Jamil
8f75045a25
block kotlin upgrades ( #2425 )
2023-10-18 07:50:35 -07:00
Jamil
102d37d1e4
Fix/dependency ignore kotlin ( #2421 )
2023-10-18 06:06:45 -07:00
Jamil
febe6801cf
Fix/kotlin hilt compiler artifact issue ( #2416 )
2023-10-18 06:02:02 -07:00
Jamil
8441cf5c8d
Use Package.swift dir ( #2400 )
2023-10-17 19:01:47 -07:00
Jamil
6153e580f3
Specify gradle dependency versions in ONLY one place ( #2399 )
2023-10-17 17:52:50 -07:00
Jamil
06608eca1b
Add terraform dependabot ( #2392 )
...
Refs #2360
2023-10-17 16:46:12 -07:00
