From 459ccd4a57bd7a111bbb9306162c58ca2edebef6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 27 Aug 2025 03:15:27 +0000 Subject: [PATCH 1/5] Bump super-linter/super-linter from 7 to 8 Bumps [super-linter/super-linter](https://github.com/super-linter/super-linter) from 7 to 8. - [Release notes](https://github.com/super-linter/super-linter/releases) - [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md) - [Commits](https://github.com/super-linter/super-linter/compare/v7...v8) --- updated-dependencies: - dependency-name: super-linter/super-linter dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/superlinter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/superlinter.yml b/.github/workflows/superlinter.yml index 734e071..b7b7e67 100644 --- a/.github/workflows/superlinter.yml +++ b/.github/workflows/superlinter.yml @@ -22,7 +22,7 @@ jobs: # Run Linter against code base # ################################ - name: Lint Code Base - uses: super-linter/super-linter/slim@v7 + uses: super-linter/super-linter/slim@v8 env: VALIDATE_ALL_CODEBASE: true DEFAULT_BRANCH: main From fc6bd435ed7ffb9313f6097df2224527b28c56ec Mon Sep 17 00:00:00 2001 From: Michele Baldessari Date: Thu, 12 Mar 2026 16:05:15 +0100 Subject: [PATCH 2/5] Updates for super-linter v8 --- .github/dependabot.yml | 5 +++++ .github/workflows/helm-lint.yml | 4 +++- .github/workflows/helm-unittest.yml | 4 +++- .github/workflows/superlinter.yml | 5 +++-- .github/workflows/update-helm-repo.yml | 7 +++++-- README.md | 10 ++++++---- tests/README.md | 2 +- values.yaml | 4 ++-- 8 files changed, 28 insertions(+), 13 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index ce740cc..94b8aa7 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -6,3 +6,8 @@ updates: directory: "/" schedule: interval: "weekly" + cooldown: + default-days: 7 + semver-major: 30 + semver-minor: 7 + semver-patch: 1 diff --git a/.github/workflows/helm-lint.yml b/.github/workflows/helm-lint.yml index cfe39a1..3efa5f6 100644 --- a/.github/workflows/helm-lint.yml +++ b/.github/workflows/helm-lint.yml @@ -18,9 +18,11 @@ jobs: steps: - name: Checkout Code uses: actions/checkout@v6 + with: + persist-credentials: false - name: Setup helm - uses: azure/setup-helm@v4 + uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4 with: version: 'v3.14.0' diff --git a/.github/workflows/helm-unittest.yml b/.github/workflows/helm-unittest.yml index 1a975ae..97f5417 100644 --- a/.github/workflows/helm-unittest.yml +++ b/.github/workflows/helm-unittest.yml @@ -18,7 +18,9 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v6 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + with: + persist-credentials: false - name: Run make helmlint run: | diff --git a/.github/workflows/superlinter.yml b/.github/workflows/superlinter.yml index b7b7e67..e355480 100644 --- a/.github/workflows/superlinter.yml +++ b/.github/workflows/superlinter.yml @@ -13,16 +13,17 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v6 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: # Full git history is needed to get a proper list of changed files within `super-linter` fetch-depth: 0 + persist-credentials: false ################################ # Run Linter against code base # ################################ - name: Lint Code Base - uses: super-linter/super-linter/slim@v8 + uses: super-linter/super-linter/slim@61abc07d755095a68f4987d1c2c3d1d64408f1f9 # v8 env: VALIDATE_ALL_CODEBASE: true DEFAULT_BRANCH: main diff --git a/.github/workflows/update-helm-repo.yml b/.github/workflows/update-helm-repo.yml index e684b77..e254cc5 100644 --- a/.github/workflows/update-helm-repo.yml +++ b/.github/workflows/update-helm-repo.yml @@ -12,6 +12,9 @@ # name: vp-patterns/update-helm-repo + +permissions: read-all + on: push: tags: @@ -19,12 +22,12 @@ on: jobs: helmlint: - uses: validatedpatterns/helm-charts/.github/workflows/helmlint.yml@workflow-stable + uses: validatedpatterns/helm-charts/.github/workflows/helmlint.yml@workflow-stable # zizmor: ignore[unpinned-uses] permissions: contents: read update-helm-repo: needs: [helmlint] - uses: validatedpatterns/helm-charts/.github/workflows/update-helm-repo.yml@workflow-stable + uses: validatedpatterns/helm-charts/.github/workflows/update-helm-repo.yml@workflow-stable # zizmor: ignore[unpinned-uses] permissions: read-all secrets: inherit diff --git a/README.md b/README.md index bf0277d..96d6387 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ This chart is used by the Validated Patterns installation script that can be fou | Name | Email | Url | | ---- | ------ | --- | -| Validated Patterns Team | | | +| Validated Patterns Team | | | ## Values @@ -22,20 +22,21 @@ This chart is used by the Validated Patterns installation script that can be fou | main | object | depends on the individual settings | main is used primarly for initial bootstrap pattern configuration | | main.analytics | object | `{"enabled":true}` | Settings related to the segment.io analytics collection by the patterns operator | | main.analytics.enabled | bool | `true` | Whether analytics are enabled or not | +| main | object | depends on the individual settings | main is used primarily for initial bootstrap pattern configuration | | main.clusterGroupName | string | `"default"` | Name of the clusterGroup to be used. Drives the clusterGroup chart | | main.experimentalCapabilities | string | `""` | String to enable certain experimental capabilities in the operator and the framework. Not needed unless you know exactly what you're doing. | | main.git | object | depends on the individual settings | Settings related to the Git repository used to deploy the pattern | | main.git.repoURL | string | `"https://github.com/pattern-clone/mypattern"` | Repository URL pointing to the pattern | | main.git.repoUpstreamURL | string | `nil` | Setting this field will make it so that an in-cluster gitea instance will be spawned. `repoURL` will be ignored and the pattern will be deployed using the in-gitea URL | | main.git.revision | string | `"main"` | The branch or Git reference to use to deploy the pattern | -| main.gitea | object | `{"chartName":"gitea","chartVersion":"0.0.*","helmRepoUrl":"https://charts.validatedpatterns.io/"}` | Settings releated to the in-cluster gitea installation | +| main.gitea | object | `{"chartName":"gitea","chartVersion":"0.0.*","helmRepoUrl":"https://charts.validatedpatterns.io/"}` | Settings related to the in-cluster gitea installation | | main.gitea.chartName | string | `"gitea"` | Chart name for the in-cluster gitea installation | | main.gitea.chartVersion | string | `"0.0.*"` | Chart version to install | | main.gitea.helmRepoUrl | string | `"https://charts.validatedpatterns.io/"` | Helm Repository URL for the gitea chart | | main.gitops | object | depends on the individual settings | Settings related to the gitops operator | | main.gitops.channel | string | `"gitops-1.18"` | Default channel to install the gitops operator from | | main.gitops.operatorSource | string | `"redhat-operators"` | Source to be used to install the gitops operator from | -| main.multiSourceConfig.clusterGroupChartVersion | string | `nil` | The clustergroup chart version to be used when deploying a pattern (defaults to 0.8.*) | +| main.multiSourceConfig.clusterGroupChartVersion | string | `nil` | The clustergroup chart version to be used when deploying a pattern (defaults to 0.8.\*) | | main.multiSourceConfig.enabled | bool | `false` | Enables a multisource configuration for the clustergroup chart | | main.multiSourceConfig.helmRepoUrl | string | `nil` | The URL of the VP helm charts repository (defaults to https://charts.validatedpatterns.io) | | main.patternsOperator | object | depends on the individual settings | Settings related to the patterns operator installation | @@ -47,7 +48,8 @@ This chart is used by the Validated Patterns installation script that can be fou | main.tokenSecret | string | `nil` | Name of the secret containing access credentials to clone the Git repository to deploy the pattern See https://validatedpatterns.io/blog/2023-12-20-private-repos/ for more information | | main.tokenSecretNamespace | string | `nil` | Namespace where the above secret will be | ----------------------------------------------- +______________________________________________________________________ + Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) ## Update CRD diff --git a/tests/README.md b/tests/README.md index 19c2de1..cfb8c53 100644 --- a/tests/README.md +++ b/tests/README.md @@ -22,7 +22,7 @@ helm plugin install https://github.com/helm-unittest/helm-unittest.git helm unittest . ``` -## Run unittests with docker +## Run unittests with Docker ```bash docker run -ti --rm -v $(pwd):/apps:z helmunittest/helm-unittest . ``` diff --git a/values.yaml b/values.yaml index 012a9bc..589e002 100644 --- a/values.yaml +++ b/values.yaml @@ -2,7 +2,7 @@ global: # -- List of additional value files to be passed to the pattern extraValueFiles: [] -# -- main is used primarly for initial bootstrap pattern configuration +# -- main is used primarily for initial bootstrap pattern configuration # @default -- depends on the individual settings main: # -- Settings related to the Git repository used to deploy the pattern @@ -25,7 +25,7 @@ main: # -- Source to be used to install the gitops operator from operatorSource: redhat-operators - # -- Settings releated to the in-cluster gitea installation + # -- Settings related to the in-cluster gitea installation gitea: # -- Chart name for the in-cluster gitea installation chartName: gitea From c5ae8cdcf5e4f86c8b0aba13448a946b10407369 Mon Sep 17 00:00:00 2001 From: Michele Baldessari Date: Thu, 12 Mar 2026 16:05:49 +0100 Subject: [PATCH 3/5] Fix dependabot --- .github/dependabot.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 94b8aa7..888fc67 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,6 +8,3 @@ updates: interval: "weekly" cooldown: default-days: 7 - semver-major: 30 - semver-minor: 7 - semver-patch: 1 From c70b2681bb39d5edc635c8bd65d747686846529f Mon Sep 17 00:00:00 2001 From: Michele Baldessari Date: Thu, 12 Mar 2026 16:32:52 +0100 Subject: [PATCH 4/5] Fix some zizmor complaints --- .github/workflows/superlinter.yml | 1 + .github/workflows/update-helm-repo.yml | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/superlinter.yml b/.github/workflows/superlinter.yml index e355480..783a218 100644 --- a/.github/workflows/superlinter.yml +++ b/.github/workflows/superlinter.yml @@ -32,5 +32,6 @@ jobs: VALIDATE_KUBERNETES_KUBECONFORM: false VALIDATE_MARKDOWN: false VALIDATE_MARKDOWN_PRETTIER: false + VALIDATE_CHECKOV: false VALIDATE_YAML: false VALIDATE_YAML_PRETTIER: false diff --git a/.github/workflows/update-helm-repo.yml b/.github/workflows/update-helm-repo.yml index e254cc5..7965864 100644 --- a/.github/workflows/update-helm-repo.yml +++ b/.github/workflows/update-helm-repo.yml @@ -29,5 +29,6 @@ jobs: update-helm-repo: needs: [helmlint] uses: validatedpatterns/helm-charts/.github/workflows/update-helm-repo.yml@workflow-stable # zizmor: ignore[unpinned-uses] - permissions: read-all - secrets: inherit + permissions: + contents: read + secrets: inherit # zizmor: ignore[secrets-inherit] From f34bb819a6f0a813eaef6817b5351abac9854478 Mon Sep 17 00:00:00 2001 From: Michele Baldessari Date: Thu, 12 Mar 2026 16:42:59 +0100 Subject: [PATCH 5/5] Fix last issues --- .github/workflows/helm-lint.yml | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/helm-lint.yml b/.github/workflows/helm-lint.yml index 3efa5f6..3c59043 100644 --- a/.github/workflows/helm-lint.yml +++ b/.github/workflows/helm-lint.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: persist-credentials: false diff --git a/README.md b/README.md index 96d6387..69c4b8a 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ This chart is used by the Validated Patterns installation script that can be fou | Key | Type | Default | Description | |-----|------|---------|-------------| | global.extraValueFiles | list | `[]` | List of additional value files to be passed to the pattern | -| main | object | depends on the individual settings | main is used primarly for initial bootstrap pattern configuration | +| main | object | depends on the individual settings | main is used primarily for initial bootstrap pattern configuration | | main.analytics | object | `{"enabled":true}` | Settings related to the segment.io analytics collection by the patterns operator | | main.analytics.enabled | bool | `true` | Whether analytics are enabled or not | | main | object | depends on the individual settings | main is used primarily for initial bootstrap pattern configuration |