Explicitly disable sparse checkout unless asked for #1598
Merged
+36
β4
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This should allow users to reuse existing folders when running `actions/checkout` where a previous run asked for a sparse checkout but the current run does not ask for a sparse checkout. This fixes actions#1475 Signed-off-by: Johannes Schindelin <[email protected]>
Signed-off-by: Johannes Schindelin <[email protected]>
29f6b52 to
79dd834
Compare
Closed
|
It looks as if the |
There are use cases in particular with non-ephemeral runners where an existing worktree (that has been initialized as a sparse checkout) is reused in subsequent CI runs (where `actions/checkout` is run _without_ any `sparse-checkout` parameter). In these scenarios, we need to make sure that the sparse checkout is disabled before checking out the files. Signed-off-by: Johannes Schindelin <[email protected]>
79dd834 to
6f108b2
Compare
jww3
reviewed
Feb 1, 2024
| yield git.disableSparseCheckout(); | ||
| } | ||
| else { | ||
| core.startGroup('Setting up sparse checkout'); |
There was a problem hiding this comment.
do you want to pop the .startGroup / .endGroup calls outside of the if block?
Consider core.startGroup('Applying sparse checkout options');
There was a problem hiding this comment.
No, because we're not actually setting up a sparse checkout. We're disabling it. But saying that would only make sense if there was a worktree already, otherwise there'd be no sparse checkout to disable.
Added a clarifying comment about test branches.
Try pointing `test-proxy` at a custom container image `fdev321123/ubuntu-with-git` (courtesy of @fhammerl)
joshmgross
reviewed
Feb 16, 2024
.github/workflows/test.yml
Outdated
| runs-on: ubuntu-latest | ||
| container: | ||
| image: alpine/git:latest | ||
| image: fdev321123/ubuntu-with-git:latest |
There was a problem hiding this comment.
We should be very careful about adding in external dependencies to our workflows - https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
If this is something we internally built, could we publish it to ghcr.io within this repository or org?
There was a problem hiding this comment.
Agreed. This was something @fhammerl provided as a proof-of-concept, but I was just reading up about how to publish packages to ghcr.io and like the idea of hosting this container image at ghcr.io/actions (see neighboring packages here)
Racer159
referenced
this pull request
in defenseunicorns/uds-software-factory
May 10, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.1` -> `v4.1.5` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v4.3.1` -> `v4.3.3` | | [defenseunicorns/uds-cli](https://togithub.com/defenseunicorns/uds-cli) | | minor | `v0.9.0` -> `v0.10.4` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | | minor | `v0.3.10` -> `v0.4.2` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | action | minor | `v0.3.10` -> `v0.4.2` | | ghcr.io/defenseunicorns/packages/init | | minor | `v0.32.3` -> `v0.33.1` | | ghcr.io/defenseunicorns/packages/uds-k3d | | minor | `0.3.1` -> `0.6.0` | | ghcr.io/defenseunicorns/packages/uds/dev-minio | | patch | `0.0.1` -> `0.0.2` | | ghcr.io/defenseunicorns/packages/uds/dev-redis | | patch | `0.0.1` -> `0.0.2` | | ghcr.io/defenseunicorns/packages/uds/gitlab | | minor | `16.10.1-uds.1-upstream` -> `16.11.1-uds.1-upstream` | | ghcr.io/defenseunicorns/packages/uds/gitlab-runner | | minor | `16.10.0-uds.0-upstream` -> `16.11.0-uds.0-upstream` | | ghcr.io/defenseunicorns/packages/uds/mattermost | | minor | `9.6.1-uds.0-upstream` -> `9.7.2-uds.0-upstream` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | minor | `v3.24.7` -> `v3.25.4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707) **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 ### [`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643) ### [`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3) #### What's Changed - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650) - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656) - Add SSH user parameter by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685) **Full Changelog**: actions/checkout@v4.1.2...v4.1.3 ### [`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://togithub.com/dscho) in [https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598) </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3) ##### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565) **Full Changelog**: actions/upload-artifact@v4.3.2...v4.3.3 ### [`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2) #### What's Changed - Update release-new-action-version.yml by [@​konradpabjan](https://togithub.com/konradpabjan) in [https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516) - Minor fix to the migration readme by [@​andrewakim](https://togithub.com/andrewakim) in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561) - updating `@actions/artifact` dependency to v2.1.5 and `@actions/core` to v1.0.1 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562) #### New Contributors - [@​andrewakim](https://togithub.com/andrewakim) made their first contribution in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) **Full Changelog**: actions/upload-artifact@v4.3.1...v4.3.2 </details> <details> <summary>defenseunicorns/uds-cli (defenseunicorns/uds-cli)</summary> ### [`v0.10.4`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.10.4) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.10.3...v0.10.4) ##### What's Changed - feat: uds dev deploy by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/536](https://togithub.com/defenseunicorns/uds-cli/pull/536) - feat: add ability to uds create to local output path by [@​TristanHoladay](https://togithub.com/TristanHoladay) in [https://github.com/defenseunicorns/uds-cli/pull/547](https://togithub.com/defenseunicorns/uds-cli/pull/547) - chore: adds dup pkgs docs by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/545](https://togithub.com/defenseunicorns/uds-cli/pull/545) - feat: `uds dev deploy` beta note, packages flag, skip sbom by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/557](https://togithub.com/defenseunicorns/uds-cli/pull/557) - ci: pin k3s version in k3d action to sidestep containerd issue by [@​ZachGallagher](https://togithub.com/ZachGallagher) in [https://github.com/defenseunicorns/uds-cli/pull/565](https://togithub.com/defenseunicorns/uds-cli/pull/565) - chore(deps): update docker/setup-buildx-action action to v3.3.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/559](https://togithub.com/defenseunicorns/uds-cli/pull/559) - chore(deps): update github/codeql-action action to v3.24.10 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/556](https://togithub.com/defenseunicorns/uds-cli/pull/556) - fix(deps): update golang.org/x/exp digest to [`93d18d7`](https://togithub.com/defenseunicorns/uds-cli/commit/93d18d7) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/555](https://togithub.com/defenseunicorns/uds-cli/pull/555) - fix: typo in docs by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/561](https://togithub.com/defenseunicorns/uds-cli/pull/561) - chore(deps): update zarf to v0.33.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/562](https://togithub.com/defenseunicorns/uds-cli/pull/562) - fix(deps): update module helm.sh/helm/v3 to v3.14.4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/566](https://togithub.com/defenseunicorns/uds-cli/pull/566) - chore(deps): update pre-commit/action digest to [`f7acafa`](https://togithub.com/defenseunicorns/uds-cli/commit/f7acafa) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/564](https://togithub.com/defenseunicorns/uds-cli/pull/564) - chore(deps): update podinfo to v6.6.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/563](https://togithub.com/defenseunicorns/uds-cli/pull/563) - chore(deps): update sigstore/cosign-installer action to v3.5.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/568](https://togithub.com/defenseunicorns/uds-cli/pull/568) - chore: refactor dev mode docs by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/567](https://togithub.com/defenseunicorns/uds-cli/pull/567) - chore: swap release workflow to GH app by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/569](https://togithub.com/defenseunicorns/uds-cli/pull/569) ##### New Contributors - [@​ZachGallagher](https://togithub.com/ZachGallagher) made their first contribution in [https://github.com/defenseunicorns/uds-cli/pull/565](https://togithub.com/defenseunicorns/uds-cli/pull/565) **Full Changelog**: defenseunicorns/uds-cli@v0.10.3...v0.10.4 ### [`v0.10.3`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.10.3) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.10.2...v0.10.3) ##### What's Changed - fix: ensure we are pulling all components by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/543](https://togithub.com/defenseunicorns/uds-cli/pull/543) - feat: allow dup pkgs in a bundle by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/533](https://togithub.com/defenseunicorns/uds-cli/pull/533) **Full Changelog**: defenseunicorns/uds-cli@v0.10.2...v0.10.3 ### [`v0.10.2`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.10.2) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.10.1...v0.10.2) ##### What's Changed - chore: adds TUI tests by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/530](https://togithub.com/defenseunicorns/uds-cli/pull/530) - feat: adds retries flag by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/532](https://togithub.com/defenseunicorns/uds-cli/pull/532) - chore(deps): update podinfo to v6.6.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/528](https://togithub.com/defenseunicorns/uds-cli/pull/528) - fix: nil check pkg components in TUI by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/538](https://togithub.com/defenseunicorns/uds-cli/pull/538) - fix: bumps retries to 3 by default to match Zarf by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/535](https://togithub.com/defenseunicorns/uds-cli/pull/535) - chore: adds registry health check for tests by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/534](https://togithub.com/defenseunicorns/uds-cli/pull/534) - feat: enables setting namespaces in bundled Helm charts by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/539](https://togithub.com/defenseunicorns/uds-cli/pull/539) - fix: adds global GracefulPanic and checks to deploy TUI by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/542](https://togithub.com/defenseunicorns/uds-cli/pull/542) **Full Changelog**: defenseunicorns/uds-cli@v0.10.1...v0.10.2 ### [`v0.10.1`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.10.1) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.10.0...v0.10.1) ##### What's Changed - chore(deps): update anchore/sbom-action action to v0.15.10 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/526](https://togithub.com/defenseunicorns/uds-cli/pull/526) - fix(deps): update module github.com/charmbracelet/lipgloss to v0.10.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/525](https://togithub.com/defenseunicorns/uds-cli/pull/525) - fix(deps): update module github.com/charmbracelet/bubbles to v0.18.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/524](https://togithub.com/defenseunicorns/uds-cli/pull/524) - fix(deps): update golang.org/x/exp digest to [`a685a6e`](https://togithub.com/defenseunicorns/uds-cli/commit/a685a6e) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/522](https://togithub.com/defenseunicorns/uds-cli/pull/522) - fix(deps): update module oras.land/oras-go/v2 to v2.5.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/520](https://togithub.com/defenseunicorns/uds-cli/pull/520) - fix: err when deploying with BubbleTea with no cluster by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/527](https://togithub.com/defenseunicorns/uds-cli/pull/527) **Full Changelog**: defenseunicorns/uds-cli@v0.10.0...v0.10.1 ### [`v0.10.0`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.10.0) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.4...v0.10.0) ##### What's Changed - chore: update uds to zarf v0.32.5 by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/511](https://togithub.com/defenseunicorns/uds-cli/pull/511) - chore(deps): update github/codeql-action action to v3.24.8 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/512](https://togithub.com/defenseunicorns/uds-cli/pull/512) - fix(deps): update golang.org/x/exp digest to [`a85f2c6`](https://togithub.com/defenseunicorns/uds-cli/commit/a85f2c6) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/510](https://togithub.com/defenseunicorns/uds-cli/pull/510) - feat: adds --set to helm override vars by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/515](https://togithub.com/defenseunicorns/uds-cli/pull/515) - fix: vendored in zarf version tag by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/518](https://togithub.com/defenseunicorns/uds-cli/pull/518) - chore(deps): update github/codeql-action action to v3.24.9 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/519](https://togithub.com/defenseunicorns/uds-cli/pull/519) - feat: beautiful TUI round 3 by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/509](https://togithub.com/defenseunicorns/uds-cli/pull/509) **Full Changelog**: defenseunicorns/uds-cli@v0.9.4...v0.10.0 ### [`v0.9.4`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.4) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.3...v0.9.4) ##### What's Changed - fix: error when removing bundles with short names by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/490](https://togithub.com/defenseunicorns/uds-cli/pull/490) - fix(deps): update module github.com/stretchr/testify to v1.9.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/484](https://togithub.com/defenseunicorns/uds-cli/pull/484) - chore: enhance development workflow with unified linting and tool by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/uds-cli/pull/472](https://togithub.com/defenseunicorns/uds-cli/pull/472) - fix: add a wait to the registry startup during tests by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/499](https://togithub.com/defenseunicorns/uds-cli/pull/499) - fix: ensure manifest config is included with pulls by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/503](https://togithub.com/defenseunicorns/uds-cli/pull/503) - fix: autocomplete and vendor refactor by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/502](https://togithub.com/defenseunicorns/uds-cli/pull/502) - chore(deps): update docker/setup-buildx-action action to v3.2.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/508](https://togithub.com/defenseunicorns/uds-cli/pull/508) - chore(deps): update docker/login-action action to v3.1.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/504](https://togithub.com/defenseunicorns/uds-cli/pull/504) - chore(deps): update github/codeql-action action to v3.24.7 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/501](https://togithub.com/defenseunicorns/uds-cli/pull/501) - fix(deps): update module helm.sh/helm/v3 to v3.14.3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/507](https://togithub.com/defenseunicorns/uds-cli/pull/507) - fix: pass UDS_ARCHITECTURE to runner by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/506](https://togithub.com/defenseunicorns/uds-cli/pull/506) - chore(deps): update anchore/sbom-action action to v0.15.9 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/489](https://togithub.com/defenseunicorns/uds-cli/pull/489) **Full Changelog**: defenseunicorns/uds-cli@v0.9.3...v0.9.4 ### [`v0.9.3`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.3) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.2...v0.9.3) ##### What's Changed - fix: toctou for files by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/uds-cli/pull/443](https://togithub.com/defenseunicorns/uds-cli/pull/443) - fix: path traversal bug by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/uds-cli/pull/454](https://togithub.com/defenseunicorns/uds-cli/pull/454) - fix: updates Zarf version in README by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/460](https://togithub.com/defenseunicorns/uds-cli/pull/460) - chore: fixed the dangerous workflow by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/uds-cli/pull/465](https://togithub.com/defenseunicorns/uds-cli/pull/465) - chore(deps): update docker/setup-buildx-action action to v3.1.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/470](https://togithub.com/defenseunicorns/uds-cli/pull/470) - chore(deps): update actions/download-artifact action to v4.1.3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/467](https://togithub.com/defenseunicorns/uds-cli/pull/467) - chore(deps): update github/codeql-action action to v3.24.5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/457](https://togithub.com/defenseunicorns/uds-cli/pull/457) - fix(deps): update golang.org/x/exp digest to [`814bf88`](https://togithub.com/defenseunicorns/uds-cli/commit/814bf88) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/456](https://togithub.com/defenseunicorns/uds-cli/pull/456) - fix: refactors tests and fixes bugs by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/464](https://togithub.com/defenseunicorns/uds-cli/pull/464) - chore(deps): update podinfo to v6.6.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/462](https://togithub.com/defenseunicorns/uds-cli/pull/462) - chore(deps): update zarf to v0.32.4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/468](https://togithub.com/defenseunicorns/uds-cli/pull/468) - chore(deps): update github/codeql-action action to v3.24.6 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/482](https://togithub.com/defenseunicorns/uds-cli/pull/482) - chore: refactor pull operation by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/473](https://togithub.com/defenseunicorns/uds-cli/pull/473) - chore: add UDS Core smoke test by [@​justin-o12](https://togithub.com/justin-o12) in [https://github.com/defenseunicorns/uds-cli/pull/474](https://togithub.com/defenseunicorns/uds-cli/pull/474) - fix: adds better err messaging when remote fails to resolve by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/486](https://togithub.com/defenseunicorns/uds-cli/pull/486) - chore(deps): update actions/download-artifact action to v4.1.4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/485](https://togithub.com/defenseunicorns/uds-cli/pull/485) - fix(deps): update module golang.org/x/mod to v0.16.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/487](https://togithub.com/defenseunicorns/uds-cli/pull/487) - chore: vendor runner by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/481](https://togithub.com/defenseunicorns/uds-cli/pull/481) - fix: adds k3d to smoke test by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/488](https://togithub.com/defenseunicorns/uds-cli/pull/488) ##### New Contributors - [@​justin-o12](https://togithub.com/justin-o12) made their first contribution in [https://github.com/defenseunicorns/uds-cli/pull/474](https://togithub.com/defenseunicorns/uds-cli/pull/474) **Full Changelog**: defenseunicorns/uds-cli@v0.9.2...v0.9.3 ### [`v0.9.2`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.2) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.1...v0.9.2) ##### What's Changed - fix(deps): update module helm.sh/helm/v3 to v3.14.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/450](https://togithub.com/defenseunicorns/uds-cli/pull/450) - fix: relative paths for bundle create by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/453](https://togithub.com/defenseunicorns/uds-cli/pull/453) **Full Changelog**: defenseunicorns/uds-cli@v0.9.1...v0.9.2 ### [`v0.9.1`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.1) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.0...v0.9.1) ##### What's Changed - fix(deps): update module github.com/opencontainers/image-spec to v1.1.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/432](https://togithub.com/defenseunicorns/uds-cli/pull/432) - fix(deps): update module helm.sh/helm/v3 to v3.14.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/429](https://togithub.com/defenseunicorns/uds-cli/pull/429) - chore(deps): update github/codeql-action action to v3.24.3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/421](https://togithub.com/defenseunicorns/uds-cli/pull/421) - fix(deps): update golang.org/x/exp digest to [`ec58324`](https://togithub.com/defenseunicorns/uds-cli/commit/ec58324) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/420](https://togithub.com/defenseunicorns/uds-cli/pull/420) - fix: add support for zarf dev lint by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/uds-cli/pull/436](https://togithub.com/defenseunicorns/uds-cli/pull/436) - fix: case sensitivity in override vars by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/433](https://togithub.com/defenseunicorns/uds-cli/pull/433) - feat: alias vendored zarf to z by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/424](https://togithub.com/defenseunicorns/uds-cli/pull/424) - fix: use tmpdir if provided by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/431](https://togithub.com/defenseunicorns/uds-cli/pull/431) - feat: import all vars exported from package by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/428](https://togithub.com/defenseunicorns/uds-cli/pull/428) - fix: gosec lint issues for the pkg by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/uds-cli/pull/444](https://togithub.com/defenseunicorns/uds-cli/pull/444) - chore: ensure PR workflows can't write to GHCR by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/446](https://togithub.com/defenseunicorns/uds-cli/pull/446) - chore: addresses github linter findings by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/447](https://togithub.com/defenseunicorns/uds-cli/pull/447) - feat: imported vars as override values by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/423](https://togithub.com/defenseunicorns/uds-cli/pull/423) - chore(deps): update github/codeql-action action to v3.24.4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/451](https://togithub.com/defenseunicorns/uds-cli/pull/451) ##### New Contributors - [@​naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/uds-cli/pull/444](https://togithub.com/defenseunicorns/uds-cli/pull/444) **Full Changelog**: defenseunicorns/uds-cli@v0.9.0...v0.9.1 </details> <details> <summary>defenseunicorns/uds-common (defenseunicorns/uds-common)</summary> ### [`v0.4.2`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.2) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.4.1...v0.4.2) ##### Miscellaneous - give doug a mattermostid attribute and update uds version ([#​120](https://togithub.com/defenseunicorns/uds-common/issues/120)) ([4a85172](https://togithub.com/defenseunicorns/uds-common/commit/4a851720a8ac7e62826efda9e92200ba3a5b6709)) ### [`v0.4.1`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.1) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.4.0...v0.4.1) ##### Miscellaneous - **deps:** update uds common support dependencies ([#​116](https://togithub.com/defenseunicorns/uds-common/issues/116)) ([8aed1e0](https://togithub.com/defenseunicorns/uds-common/commit/8aed1e0ae8b4d65f7418664e8f2c73a16bf42801)) ### [`v0.4.0`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.0) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.11...v0.4.0) ##### Features - adds renovate to sh files ([#​110](https://togithub.com/defenseunicorns/uds-common/issues/110)) ([b604d2e](https://togithub.com/defenseunicorns/uds-common/commit/b604d2e1b3fc69f29122f9a709c605f5ecf4da18)) ##### Miscellaneous - add a default to setup to create an admin keycloak user ([#​111](https://togithub.com/defenseunicorns/uds-common/issues/111)) ([7fe0dd4](https://togithub.com/defenseunicorns/uds-common/commit/7fe0dd49a9b7032f9c06a83c5a1c6adbb17e8d63)) - **deps:** update uds common support dependencies ([#​106](https://togithub.com/defenseunicorns/uds-common/issues/106)) ([ab06724](https://togithub.com/defenseunicorns/uds-common/commit/ab067245249e63065d2c266fe3b1a45b155e9de2)) - fix the extract version template for env vars ([#​115](https://togithub.com/defenseunicorns/uds-common/issues/115)) ([72d5d26](https://togithub.com/defenseunicorns/uds-common/commit/72d5d263ce850eac20728eb9330c7b3e26143a2b)) ### [`v0.3.11`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.11) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.10...v0.3.11) ##### Miscellaneous - add a default uds task to deploy podinfo ([#​108](https://togithub.com/defenseunicorns/uds-common/issues/108)) ([c60e1ba](https://togithub.com/defenseunicorns/uds-common/commit/c60e1ba4888635ace4839e158b4dc476c11a8e7c)) - add a UDS package CR to make the package better for testing ([#​102](https://togithub.com/defenseunicorns/uds-common/issues/102)) ([cf74934](https://togithub.com/defenseunicorns/uds-common/commit/cf749343a72db09f46cc054ff463454cdb8c4b74)) - **deps:** update uds common package dependencies to v6.6.2 ([#​107](https://togithub.com/defenseunicorns/uds-common/issues/107)) ([b6a18b0](https://togithub.com/defenseunicorns/uds-common/commit/b6a18b039711998bb6d3c90db25a4f42f49c5eb3)) - pull the current bundle and package names when deploying ([#​103](https://togithub.com/defenseunicorns/uds-common/issues/103)) ([4b27106](https://togithub.com/defenseunicorns/uds-common/commit/4b27106a55775b725be217818f4be8d711340e95)) - update codeowners ([#​105](https://togithub.com/defenseunicorns/uds-common/issues/105)) ([2e23ae3](https://togithub.com/defenseunicorns/uds-common/commit/2e23ae3a9a70189ca7d9671f3454158bb71a7ed6)) </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) ### [`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) ### [`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) ### [`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) ### [`v3.25.0`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0) ### [`v3.24.10`](https://togithub.com/github/codeql-action/compare/v3.24.9...v3.24.10) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.9...v3.24.10) ### [`v3.24.9`](https://togithub.com/github/codeql-action/compare/v3.24.8...v3.24.9) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.8...v3.24.9) ### [`v3.24.8`](https://togithub.com/github/codeql-action/compare/v3.24.7...v3.24.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.7...v3.24.8) </details> --- ### Configuration π **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). π¦ **Automerge**: Disabled by config. Please merge this manually once you are satisfied. β» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. π» **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-software-factory). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM0MC4xMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Wayne Starr <[email protected]>
github-merge-queue bot
referenced
this pull request
in 4m-mazi/gh-test
May 11, 2024
This PR contains the following updates: | Package | Type | Update | Change | OpenSSF | |---|---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.1` -> `v4.1.5` | [](https://securityscorecards.dev/viewer/?uri=github.com/actions/checkout) | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) ##### What's Changed - Update NPM dependencies by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707) **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 ### [`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643) ### [`v4.1.3`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v413) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3) - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656) - Add SSH user parameter by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685) - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650) ### [`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://togithub.com/dscho) in [https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598) </details> --- ### Configuration π **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). π¦ **Automerge**: Enabled. β» **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. π **Ignore**: Close this PR and you won't be reminded about this update again. --- This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjMxMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJzZW12ZXI6bm9uZSJdfQ==--> Co-authored-by: mazi-renovate[bot] <161091290+mazi-renovate[bot]@users.noreply.github.com>
This was referenced Dec 31, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When a worktree is reused by
actions/checkoutand the first time sparse checkout was enabled, we need to ensure that the second time it is only a sparse checkout if explicitly asked for. Otherwise we need to disable the sparse checkout so that a full checkout is the outcome of this Action.This fixes #1475