Dependency Dashboard

[renovate[bot]]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• [ ] chore(deps): update gcr.io/distroless/static:nonroot docker digest to 26f9b99
• [ ] chore(deps-dev): update actions/checkout digest to eef6144
• [ ] chore(deps-dev): update pascalgn/size-label-action digest to 49850f3
• [ ] chore(deps-dev): update anchore/sbom-action action to v0.17.4
• [ ] Click on this checkbox to rebase all open PRs at once

Detected dependencies

dockerfile

Dockerfile

- `gcr.io/distroless/static nonroot@sha256:8dd8d3ca2cf283383304fd45a5c9c74d5f2cd9da8d3b077d720e264880077c65`

proxy/Dockerfile

- `gcr.io/distroless/static nonroot@sha256:8dd8d3ca2cf283383304fd45a5c9c74d5f2cd9da8d3b077d720e264880077c65`

github-actions

.github/workflows/main.yaml

- `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32` - `shogo82148/actions-goveralls v1.9.0@785c9d68212c91196d3994652647f8721918ba11`

.github/workflows/pr-actions.yaml

- `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4.2.1@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871` - `zgosalvez/github-actions-ensure-sha-pinned-actions v3.0.14@40ba2d51b6b6d8695f2b6bd74e785172d4f8d00f`

.github/workflows/pr-build.yaml

- `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4@692973e3d937129bcbf40652eb9f2f61becf3332` - `azure/setup-helm v3.5@5119fcb9089d432beecbf79bb2c7915207344b78` - `actions/setup-python v5.2.0@f677139bbe7f9c59b41e40162b753c062f5d49a3` - `helm/chart-testing-action v2.6.1@e6669bcd63d7cb57cb4380c33043eebe5d111992` - `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32` - `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32` - `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32` - `actions/upload-artifact v4.4.3@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882` - `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4@692973e3d937129bcbf40652eb9f2f61becf3332` - `engineerd/setup-kind v0.5.0@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16` - `imranismail/setup-kustomize v2.1.0@2ba527d4d055ab63514ba50a99456fc35684947f` - `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4@692973e3d937129bcbf40652eb9f2f61becf3332` - `azure/setup-helm v3.5@5119fcb9089d432beecbf79bb2c7915207344b78` - `actions/setup-python v5.2.0@f677139bbe7f9c59b41e40162b753c062f5d49a3` - `helm/chart-testing-action v2.6.1@e6669bcd63d7cb57cb4380c33043eebe5d111992` - `helm/kind-action v1.10.0@0025e74a8c7512023d06dc019c617aa3cf561fde` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16`

.github/workflows/pr-goreleaser.yaml

- `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4.2.1@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871` - `goreleaser/goreleaser-action v6.0.0@286f3b13b1b49da4ac219696163fb8c1c93e1200`

.github/workflows/pr-label.yaml

- `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `pascalgn/size-label-action bbbaa0d5ccce8e2e76254560df5c64b82dac2e12`

.github/workflows/pr-stale.yaml

- `actions/stale v9.0.0@28ca1036281a5e5922ead5184a1bbf96e5fc984e`

.github/workflows/pr-trivy.yaml

- `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `aquasecurity/trivy-action 0.28.0@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2` - `github/codeql-action v3.26.13@f779452ac5af1c261dce0346a8f964149f49322b`

.github/workflows/rebase.yaml

- `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4@692973e3d937129bcbf40652eb9f2f61becf3332` - `cirrus-actions/rebase 1.8@b87d48154a87a85666003575337e27b8cd65f691`

.github/workflows/release.yaml

- `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32` - `docker/login-action v3.3.0@9780b0c442fbb1117ed29e0efdff1e18412f7567` - `sigstore/cosign-installer v3.7.0@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da` - `anchore/sbom-action v0.17.3@f5e124a5e5e1d497a692818ae907d3c45829d033` - `goreleaser/goreleaser-action v6.0.0@286f3b13b1b49da4ac219696163fb8c1c93e1200` - `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4@692973e3d937129bcbf40652eb9f2f61becf3332` - `azure/setup-helm v3.5@5119fcb9089d432beecbf79bb2c7915207344b78` - `sigstore/cosign-installer v3.7.0@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da`

.github/workflows/report-on-vulnerabilities.yaml

- `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `aquasecurity/trivy-action 0.28.0@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2` - `actions/upload-artifact v4.4.3@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882` - `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4.2.1@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16` - `JasonEtco/create-an-issue v2.9.2@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5`

.github/workflows/scan.yaml

- `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4@692973e3d937129bcbf40652eb9f2f61becf3332` - `github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818` - `github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818` - `github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818`

.github/workflows/scorecard.yaml

- `step-security/harden-runner v2.10.1@91182cccc01eb5e619899d80e4e971d6181294a7` - `actions/checkout v4.2.1@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871` - `ossf/scorecard-action v2.4.0@62b2cac7ed8198b15735ed49ab1e5cf35480ba46` - `actions/upload-artifact v4.4.3@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882` - `github/codeql-action v3.26.13@f779452ac5af1c261dce0346a8f964149f49322b`

gomod

go.mod

- `go 1.22.0` - `github.com/fluxcd/pkg/runtime v0.49.1` - `github.com/go-logr/logr v1.4.2` - `github.com/kylelemons/godebug v1.1.0` - `github.com/onsi/ginkgo/v2 v2.20.2` - `github.com/onsi/gomega v1.34.2` - `github.com/spf13/pflag v1.0.5` - `github.com/stretchr/testify v1.9.0` - `github.com/tj/assert v0.0.3` - `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.56.0` - `go.opentelemetry.io/otel v1.31.0` - `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.31.0` - `go.opentelemetry.io/otel/sdk v1.31.0` - `google.golang.org/grpc v1.67.1` - `k8s.io/api v0.31.1` - `k8s.io/apiextensions-apiserver v0.31.1` - `k8s.io/apimachinery v0.31.1` - `k8s.io/client-go v0.31.1` - `sigs.k8s.io/controller-runtime v0.19.0`

helm-values

chart/keycloak-controller/values.yaml

- `quay.io/brancz/kube-rbac-proxy v0.18.1`

kustomize

config/base/manager/kustomization.yaml

- `ghcr.io/doodlescheduling/keycloak-controller v2.5.0`

---

• [ ] Check this box to trigger a request for Renovate to run again on this repository