search

DelineaXPM / terraform-provider-dsv

A Terraform Provider for Delinea DevOps Secrets Vault
https://delinea.com/products/devops-secrets-management-vault
MIT License
6 stars 2 forks source link

chore(deps): update github-actions #76

Closed renovate[bot] closed 3 weeks ago

renovate[bot] commented 5 months ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
actions/checkout action digest b4ffde6 -> 692973e
aquaproj/aqua-installer action minor v2.2.0 -> v2.3.2

Release Notes

aquaproj/aqua-installer (aquaproj/aqua-installer) ### [`v2.3.2`](https://togithub.com/aquaproj/aqua-installer/releases/tag/v2.3.2) [Compare Source](https://togithub.com/aquaproj/aqua-installer/compare/v2.3.1...v2.3.2) [#​607](https://togithub.com/aquaproj/aqua-installer/issues/607) export environment variable `AQUA_DISABLE_COSIGN` and `AQUA_DISABLE_SLSA` [https://github.com/aquaproj/aqua/issues/2759](https://togithub.com/aquaproj/aqua/issues/2759) To disable Cosign and slsa-verifier on subsequent steps. ### [`v2.3.1`](https://togithub.com/aquaproj/aqua-installer/releases/tag/v2.3.1) [Compare Source](https://togithub.com/aquaproj/aqua-installer/compare/v2.3.0...v2.3.1) [#​605](https://togithub.com/aquaproj/aqua-installer/issues/605) Disable Cosign and slsa-verifier Until we will finish upgrading Cosign to v2, we disable Cosign and slsa-verifier. [https://github.com/aquaproj/aqua/issues/1665#issuecomment-2008588288](https://togithub.com/aquaproj/aqua/issues/1665#issuecomment-2008588288) ### [`v2.3.0`](https://togithub.com/aquaproj/aqua-installer/releases/tag/v2.3.0) [Compare Source](https://togithub.com/aquaproj/aqua-installer/compare/v2.2.0...v2.3.0) [Issues](https://togithub.com/aquaproj/aqua-installer/issues?q=is%3Aissue+milestone%3Av2.3.0) | [Pull Requests](https://togithub.com/aquaproj/aqua-installer/pulls?q=is%3Apr+milestone%3Av2.3.0) | https://github.com/aquaproj/aqua-installer/compare/v2.2.0...v2.3.0 #### Features [#​580](https://togithub.com/aquaproj/aqua-installer/issues/580) Support disabling the verification with Cosign and SLSA Provenance > \[!CAUTION] > This feature is for users who can't use Cosign and slsa-verifier. > Most users can use them, so most users don't need this feature. > aqua installs Cosign and slsa-verifier internally, so you don't need to install them yourself. > If you can use Cosign and slsa-verifier, you should not disable them because they are important for security. The bootstrap version is updated to [aqua v2.22.0](https://togithub.com/aquaproj/aqua/releases/tag/v2.22.0). From this version, [aqua supports disabling the verification with Cosign and SLSA Provenance](https://aquaproj.github.io/docs/reference/security/cosign-slsa#disable-the-verification-with-cosign-and-slsa-provenance). To disable the verification with Cosign and SLSA Provenance when you install aqua with aqua-installer, please set the environment variables `AQUA_DISABLE_COSIGN` and `AQUA_DISABLE_SLSA`. ```sh export AQUA_DISABLE_COSIGN=true export AQUA_DISABLE_SLSA=true ./aqua-installer ``` ```yaml - uses: aquaproj/aqua-installer@v2.3.0 with: aqua_version: v2.22.0 env: AQUA_DISABLE_COSIGN: "true" AQUA_DISABLE_SLSA: "true" ```

Configuration

📅 Schedule: Branch creation - "every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR has been generated by Mend Renovate. View repository job log here.