Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update aquaproj/aqua-installer action to v2.3.2 #77

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update aquaproj/aqua-installer action to v2.3.2 #77

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 17, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
aquaproj/aqua-installer action minor v2.0.2 -> v2.3.2

Release Notes

aquaproj/aqua-installer (aquaproj/aqua-installer)

v2.3.2

Compare Source

#​607 export environment variable AQUA_DISABLE_COSIGN and AQUA_DISABLE_SLSA

https://github.com/aquaproj/aqua/issues/2759

To disable Cosign and slsa-verifier on subsequent steps.

v2.3.1

Compare Source

#​605 Disable Cosign and slsa-verifier

Until we will finish upgrading Cosign to v2, we disable Cosign and slsa-verifier.

https://github.com/aquaproj/aqua/issues/1665#issuecomment-2008588288

v2.3.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.2.0...v2.3.0

Features

#​580 Support disabling the verification with Cosign and SLSA Provenance

[!CAUTION]
This feature is for users who can't use Cosign and slsa-verifier.
Most users can use them, so most users don't need this feature.
aqua installs Cosign and slsa-verifier internally, so you don't need to install them yourself.
If you can use Cosign and slsa-verifier, you should not disable them because they are important for security.

The bootstrap version is updated to aqua v2.22.0.
From this version, aqua supports disabling the verification with Cosign and SLSA Provenance.

To disable the verification with Cosign and SLSA Provenance when you install aqua with aqua-installer,
please set the environment variables AQUA_DISABLE_COSIGN and AQUA_DISABLE_SLSA.

export AQUA_DISABLE_COSIGN=true
export AQUA_DISABLE_SLSA=true
./aqua-installer
- uses: aquaproj/[email protected]
  with:
    aqua_version: v2.22.0
  env:
    AQUA_DISABLE_COSIGN: "true"
    AQUA_DISABLE_SLSA: "true"

v2.2.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.1.3...v2.2.0

Features

#​365 #​550 #​551 Output the guide to set the environment variable PATH

aqua-installer outputs the following guide.

===============================================================
[INFO] aqua is installed into /root/.local/share/aquaproj-aqua/bin/aqua
[INFO] Please add the path to the environment variable "PATH"
[INFO] export PATH=${AQUA_ROOT_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/aquaproj-aqua}/bin:$PATH
===============================================================

#​551 Use wget if curl isn't found

v2.1.3

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.1.2...v2.1.3

#​545 Update the bootstrap version to v2.16.4

To support aqua v2.17.0 or later on Windows.

https://github.com/aquaproj/aqua/releases/tag/v2.16.1

To upgrade aqua to v2.17.0 or later on Windows, you need to upgrade aqua to v2.16.1 or later first.

v2.1.2

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.1.1...v2.1.2

Fixes

#​432 Fix typo
#​461 #​463 Fix a bug that action doesn't work in a container

Fix a bug that action doesn't work in a container

#​461 #​463

GitHub Actions supports running a job in a container.

https://docs.github.com/en/actions/using-jobs/running-jobs-in-a-container

But in a container the variable ${{ github.action_path }} is wrong, so action can't access the script aqua-installer.
This is a known issue of GitHub Actions.

To solve the issue, we copy the content of the script aqua-installer into action itself, then action don't have to access the script aqua-installer.

v2.1.1

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.1.0...v2.1.1

Others

#​411 Update the bootstrapping aqua v1.26.2 to v2.2.3

This update enables to verify prerelease versions by Cosign and slsa-verifier.

ref. https://aquaproj.github.io/docs/reference/upgrade-guide/v2/change-semver

v2.1.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.0.2...v2.1.0

Features

#​403 Add an input policy_allow to run aqua policy allow

aqua >= v2.3.0

If policy_allow is true, aqua policy allow command is run.
If a Policy file path is set, aqua policy allow "${{inputs.policy_allow}}" is run.

See also

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants