funkyfuture / deck-chores

A job scheduler for Docker containers, configured via labels.
https://deck-chores.readthedocs.io/
ISC License
197 stars 27 forks source link

Bump docker/metadata-action from 3 to 4 #90

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps docker/metadata-action from 3 to 4.

Release notes

Sourced from docker/metadata-action's releases.

v4.0.0

  • Node 16 as default runtime by @​crazy-max (#176)
    • This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.
  • Do not sanitize before pattern matching by @​crazy-max (#201)
    • Breaking change with type=match pattern matching

Full Changelog: https://github.com/docker/metadata-action/compare/v3.8.0...v4.0.0

v3.8.0

Full Changelog: https://github.com/docker/metadata-action/compare/v3.7.0...v3.8.0

v3.7.0

  • Handle comments for multi-line inputs (#172)
  • Missing json output in action.yml (#167)
  • Update dev dependencies and workflow (#175)
  • Bump minimist from 1.2.5 to 1.2.6 (#182)
  • Bump moment from 2.29.1 to 2.29.2 (#180)
  • Bump @​actions/github from 5.0.0 to 5.0.1 (#179)
  • Bump node-fetch from 2.6.1 to 2.6.7 (#173)

v3.6.2

  • Handle raw statement for pre-release (#155 #156)

v3.6.1

  • Preserve quotes inside unquoted field (#153)

v3.6.0

  • base_ref global expression (#142)
  • Trim tags and flavor inputs (#143)
  • Bump @​actions/core from 1.5.0 to 1.6.0 (#135)
  • Bump ansi-regex from 5.0.0 to 5.0.1 (#134)
  • Bump tmpl from 1.0.4 to 1.0.5 (#132)
  • Bump csv-parse from 4.16.0 to 4.16.3 (#131)

v3.5.0

  • Add global expression date (#121)
  • Bump @​actions/core from 1.4.0 to 1.5.0 (#122)

v3.4.1

  • Only return edge if branch matches (#115)

v3.4.0

  • PEP 440 support (#108)

... (truncated)

Upgrade guide

Sourced from docker/metadata-action's upgrade guide.

Upgrade notes

v2 to v3

  • Repository has been moved to docker org. Replace crazy-max/ghaction-docker-meta@v2 with docker/metadata-action@v4
  • The default bake target has been changed: ghaction-docker-meta > docker-metadata-action

v1 to v2

inputs

New Unchanged Removed
tags images tag-sha
flavor sep-tags tag-edge
labels sep-labels tag-edge-branch
tag-semver
tag-match
tag-match-group
tag-latest
tag-schedule
tag-custom
tag-custom-only
label-custom

tag-sha

tags: |
  type=sha

tag-edge / tag-edge-branch

tags: |
  # default branch
  type=edge
</tr></table> 

... (truncated)

Commits
  • 69f6fc9 Merge pull request #203 from crazy-max/san-fix
  • 2f5b5ae Sanitize tag earlier
  • f206c36 Merge pull request #202 from crazy-max/v4-prep
  • a20adfa readme: set metadata-action to v4
  • 26b9439 Merge pull request #201 from crazy-max/fix-sanitization
  • 467883f Merge pull request #176 from crazy-max/node-16
  • 5edf56f Node 16 as default runtime
  • 678218f Note about image name and tag sanitization
  • e44c1fb Do not sanitize before pattern matching
  • See full diff in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)