V1.4.1 rollup (#1515)

* Bump version to v1.4.0 for helm chart (#1483) Signed-off-by: Baiju Muthukadan <baiju.m.mail@gmail.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump actions/checkout from 3 to 4 (#1494) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump sigs.k8s.io/controller-runtime in /test/_projects/api-controller (#1499) Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.15.1 to 0.16.2. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](kubernetes-sigs/controller-runtime@v0.15.1...v0.16.2) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump github.com/onsi/gomega from 1.27.10 to 1.28.0 (#1501) Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.10 to 1.28.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.27.10...v1.28.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump vulture from 2.9.1 to 2.10 in /hack/check-python (#1503) Bumps [vulture](https://github.com/jendrikseipp/vulture) from 2.9.1 to 2.10. - [Release notes](https://github.com/jendrikseipp/vulture/releases) - [Changelog](https://github.com/jendrikseipp/vulture/blob/main/CHANGELOG.md) - [Commits](jendrikseipp/vulture@v2.9.1...v2.10) --- updated-dependencies: - dependency-name: vulture dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump golang.org/x/net in /test/_projects/api-client (#1504) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.17.0. - [Commits](golang/net@v0.12.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump golang.org/x/net in /test/_projects/api-controller (#1505) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.13.0 to 0.17.0. - [Commits](golang/net@v0.13.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump k8s.io/apimachinery in /test/_projects/api-client (#1498) Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.27.4 to 0.28.2. - [Commits](kubernetes/apimachinery@v0.27.4...v0.28.2) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * bump k8s.io/api* and friends in test/ (#1509) These dependencies had become out-of-sync from each other, and were causing test failures. Bring them back into alignment. Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump securego/gosec from 2.17.0 to 2.18.1 (#1507) Bumps [securego/gosec](https://github.com/securego/gosec) from 2.17.0 to 2.18.1. - [Release notes](https://github.com/securego/gosec/releases) - [Changelog](https://github.com/securego/gosec/blob/master/.goreleaser.yml) - [Commits](securego/gosec@v2.17.0...v2.18.1) --- updated-dependencies: - dependency-name: securego/gosec dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump semver from 3.0.1 to 3.0.2 in /test/acceptance/features (#1508) Bumps [semver](https://github.com/python-semver/python-semver) from 3.0.1 to 3.0.2. - [Release notes](https://github.com/python-semver/python-semver/releases) - [Changelog](https://github.com/python-semver/python-semver/blob/master/CHANGELOG.rst) - [Commits](python-semver/python-semver@3.0.1...3.0.2) --- updated-dependencies: - dependency-name: semver dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump golang.org/x/net from 0.14.0 to 0.17.0 (#1506) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.14.0 to 0.17.0. - [Commits](golang/net@v0.14.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump k8s.io/apimachinery in /test/_projects/api-controller (#1511) Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.28.2 to 0.28.3. - [Commits](kubernetes/apimachinery@v0.28.2...v0.28.3) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump github.com/onsi/gomega from 1.28.0 to 1.28.1 (#1513) Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.28.0 to 1.28.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.28.0...v1.28.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump sigs.k8s.io/controller-runtime in /test/_projects/api-controller (#1512) Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.16.2 to 0.16.3. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](kubernetes-sigs/controller-runtime@v0.16.2...v0.16.3) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * Bump k8s.io/apimachinery in /test/_projects/api-client (#1514) Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.28.2 to 0.28.3. - [Commits](kubernetes/apimachinery@v0.28.2...v0.28.3) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> * disable http2 support in metrics and webhooks by default (#1510) Until we have a safe path forward for CVE-2023-44487, default them to disabled as a mitigation. They can still be re-enabled by passing the --enable-http2 flag for testing purposes. Signed-off-by: Andy Sadler <ansadler@redhat.com> * update docs branch to 1.4.x Signed-off-by: Andy Sadler <ansadler@redhat.com> --------- Signed-off-by: Baiju Muthukadan <baiju.m.mail@gmail.com> Signed-off-by: Andy Sadler <ansadler@redhat.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Baiju Muthukadan <baiju.m.mail@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
redhat-developer · Oct 26, 2023 · 755814b · 755814b
1 parent f15e0b4
commit 755814b
Show file tree

Hide file tree

Showing 500 changed files with 22,581 additions and 13,035 deletions.
diff --git a/.github/workflows/merge-to-master.yaml b/.github/workflows/merge-to-master.yaml
@@ -18,7 +18,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up PATH
         run: |
@@ -54,7 +54,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up Go
         uses: actions/setup-go@v4
@@ -78,7 +78,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: generate website
         env:
@@ -100,7 +100,7 @@ jobs:
     needs: ["release"]
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Extract operator image ref
         id: operator-image-ref

diff --git a/.github/workflows/merge-to-release-branch.yaml b/.github/workflows/merge-to-release-branch.yaml
@@ -18,7 +18,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up PATH
         run: |
@@ -50,7 +50,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up Go
         uses: actions/setup-go@v4
@@ -74,7 +74,7 @@ jobs:
     needs: ["release"]
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Extract operator image ref
         id: operator-image-ref

diff --git a/.github/workflows/periodic-security-check.yaml b/.github/workflows/periodic-security-check.yaml
@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Extract operator image ref
         id: operator-image-ref
@@ -36,10 +36,10 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Run gosec
-        uses: securego/gosec@v2.17.0
+        uses: securego/gosec@v2.18.1
         with:
           args: '-no-fail -fmt sarif -out gosec.sarif ./...'
 

diff --git a/.github/workflows/pr-checks-build-images.yaml b/.github/workflows/pr-checks-build-images.yaml
@@ -25,7 +25,7 @@ jobs:
           go-version: "^1.18"
 
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup CLI
         uses: ./.github/actions/setup-cli

diff --git a/.github/workflows/pr-checks-clean-images.yaml b/.github/workflows/pr-checks-clean-images.yaml
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Clean PR images
         uses: ./.github/actions/clean-images

diff --git a/.github/workflows/pr-checks-push-images.yaml b/.github/workflows/pr-checks-push-images.yaml
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Wait for build
         uses: lewagon/wait-on-check-action@e106e5c43e8ca1edea6383a39a01c5ca495fd812

diff --git a/.github/workflows/pr-checks.yaml b/.github/workflows/pr-checks.yaml
@@ -35,7 +35,7 @@ jobs:
           architecture: "x64"
 
       - name: Checkout repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Run linters
         run: make lint
@@ -51,7 +51,7 @@ jobs:
           go-version: "^1.18"
 
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Unit Tests with Code Coverage
         run: |
@@ -75,7 +75,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Check if acceptance tests can be skipped
         id: check-skip-acceptance
@@ -155,7 +155,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Check if acceptance tests can be skipped
         id: check-skip-acceptance
@@ -236,7 +236,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Check if acceptance tests can be skipped
         id: check-skip-acceptance
@@ -316,7 +316,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Check if acceptance tests can be skipped
         id: check-skip-acceptance
@@ -396,7 +396,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Check if acceptance tests can be skipped
         id: check-skip-acceptance
@@ -487,7 +487,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Check if acceptance tests can be skipped
         id: check-skip-acceptance
@@ -578,7 +578,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
@@ -596,7 +596,7 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Wait for push
         uses: lewagon/wait-on-check-action@e106e5c43e8ca1edea6383a39a01c5ca495fd812
@@ -637,10 +637,10 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Run gosec
-        uses: securego/gosec@v2.17.0
+        uses: securego/gosec@v2.18.1
         with:
           args: '-no-fail -fmt sarif -out gosec.sarif ./...'
 

diff --git a/.github/workflows/pr-cherry-picks.yaml b/.github/workflows/pr-cherry-picks.yaml
@@ -13,7 +13,7 @@ jobs:
     if: contains(github.event.pull_request.labels.*.name, 'release/v1.1.x') && github.event.pull_request.merged
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Setup SSH for cherry-pick repo
@@ -39,7 +39,7 @@ jobs:
     if: contains(github.event.pull_request.labels.*.name, 'release/v1.2.x') && github.event.pull_request.merged
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Setup SSH for cherry-pick repo
@@ -65,7 +65,7 @@ jobs:
     if: contains(github.event.pull_request.labels.*.name, 'release/v1.3.x') && github.event.pull_request.merged
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Setup SSH for cherry-pick repo
@@ -91,7 +91,7 @@ jobs:
     if: contains(github.event.pull_request.labels.*.name, 'release/v1.4.x') && github.event.pull_request.merged
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Setup SSH for cherry-pick repo

diff --git a/.github/workflows/pr-labels.yaml b/.github/workflows/pr-labels.yaml
@@ -13,7 +13,7 @@ jobs:
 
     steps:
       - name: Checkout Git Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Check if acceptance tests can be skipped
         id: check-skip-acceptance

diff --git a/charts/service-binding-operator/Chart.yaml b/charts/service-binding-operator/Chart.yaml
@@ -2,8 +2,8 @@ apiVersion: v2
 name: service-binding-operator
 description: A Helm chart to deploy service binding operator
 type: application
-version: 1.3.3
-appVersion: "1.3.3"
+version: 1.4.0
+appVersion: "1.4.0"
 kubeVersion: ">= 1.19.2-0"
 icon: https://github.com/raw/redhat-developer/service-binding-operator/master/assets/icon/sbo-logo.png
 keywords:

diff --git a/charts/service-binding-operator/templates/deployment.yaml b/charts/service-binding-operator/templates/deployment.yaml
@@ -29,7 +29,7 @@ spec:
         - --zap-log-level=info
         command:
         - /manager
-        image: {{.Values.image.image | default (printf "%s/%s" .Values.image.repository "servicebinding-operator@sha256:e4259939a496f292a31b5e57760196d63a8182b999164d93a446da48c4ea24eb") | quote}}
+        image: {{.Values.image.image | default (printf "%s/%s" .Values.image.repository "servicebinding-operator@sha256:ac47f496fb7ecdcbc371f8c809fad2687ec0c35bbc8c522a7ab63b3e5ffd90ea") | quote}}
         imagePullPolicy: {{.Values.image.pullPolicy}}
         securityContext:
           allowPrivilegeEscalation: false

diff --git a/docs/devguide/antora.yml b/docs/devguide/antora.yml
@@ -7,7 +7,7 @@ asciidoc:
     secret-generation-extension: https://github.com/servicebinding/spec/blob/master/extensions/secret-generation.md[Secret Generation Extension]
     experimental: true
 name: devguide
-version: master
+version: 1.4.x
 title: Developer Guide
 start_page: architecture.adoc
 nav:

diff --git a/docs/userguide/antora.yml b/docs/userguide/antora.yml
@@ -6,12 +6,12 @@ asciidoc:
     experimental: true
     servicebinding-title: Service Binding Operator
 name: userguide
-version: master
+version: 1.4.x
 title: User Guide
 start_page: intro.adoc
 nav:
   - modules/ROOT/nav.adoc
   - modules/getting-started/nav.adoc
   - modules/exposing-binding-data/nav.adoc
   - modules/projecting-binding-data/nav.adoc
-  - modules/binding-workloads-using-sbo/nav.adoc
+  - modules/binding-workloads-using-sbo/nav.adoc