Mike Dalessio
6a244b17e6
Use new FIZZY_GH_TOKEN with limited access
...
because this is a public repo and so doesn't have access to the
private org secret GH_TOKEN anymore.
2025-12-12 13:04:26 -05:00
Jeremy Daer
586015c3f9
Bundle drift detection and correction ( #2101 )
...
Gemfile.saas evals Gemfile, so shared gems should have identical versions
in both lockfiles. This adds bin/bundle-drift to detect and fix drift:
* `bin/bundle-drift check` compares shared gem versions
* `bin/bundle-drift correct` seeds Gemfile.lock from Gemfile.saas.lock
and re-locks, letting Bundler prune SaaS-only gems while preserving
shared versions
Adds drift check to bin/ci and GitHub CI. Corrects existing drift.
2025-12-11 21:32:34 -08:00
dependabot[bot]
ef538abb4f
Bump actions/checkout from 4 to 6 ( #2047 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v6 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:25:42 -08:00
dependabot[bot]
19cd7bfeec
Bump docker/login-action from 3.5.0 to 3.6.0 ( #2046 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v3.5.0...v3.6.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-version: 3.6.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:25:17 -08:00
dependabot[bot]
9ee8b131c5
Bump docker/metadata-action from 5.8.0 to 5.10.0 ( #2045 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 5.8.0 to 5.10.0.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](https://github.com/docker/metadata-action/compare/v5.8.0...v5.10.0 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-version: 5.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:25:02 -08:00
dependabot[bot]
a90ad88bab
Bump sigstore/cosign-installer from 3.9.2 to 4.0.0 ( #2044 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.9.2 to 4.0.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.9.2...v4.0.0 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-version: 4.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:24:47 -08:00
Stanko K.R.
9d5ddfccec
Remove semver-major-days from Dependabot on GH actions
2025-12-10 09:18:20 +01:00
Rosa Gutierrez
2352f30b61
Adopt a cooldown period for dependency updates
...
As suggested by @flavorjones, and explained in:
https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns
This applies:
- 7 days as default: from the article, a 7-day
cooldown would have prevented 8 out of 10 recent
supply chain attacks. It seems reasonably long
but not crazy long.
- 14 days for major versions, to give some time
to the community to find problems.
2025-12-08 20:05:03 +01:00
Jeremy Daer
bc1075f194
GitHub actions: limit GITHUB_TOKEN permissions ( #1933 )
2025-12-04 11:05:50 -08:00
Stanko K.R.
8bc2b7c8c8
Add contributing guide
2025-12-02 20:37:58 +01:00
Stanko K.R.
fc8ca04c05
Disable ARM image builds
2025-12-02 18:59:40 +01:00
Stanko K.R.
94d1a1e10a
Disable image builds for PRs
2025-12-02 18:51:07 +01:00
Stanko K.R.
2d0110963a
Add automated Docker image builds
2025-12-02 18:42:51 +01:00
Mike Dalessio
04ed381742
update pipelines
2025-11-28 15:40:24 -05:00
Jorge Manrubia
e15c4987c1
Remove saas from matrix or it will always run
2025-11-28 15:53:58 +01:00
Jorge Manrubia
15e654b526
Checks only in PRs
2025-11-28 15:53:58 +01:00
Jorge Manrubia
f174058f43
Extract common checks to its own workflow to only run once
2025-11-28 15:53:58 +01:00
Jorge Manrubia
25cfa42872
Rename workflows
2025-11-28 15:53:58 +01:00
Jorge Manrubia
68bb4a84e2
Rename
2025-11-28 15:53:58 +01:00
Jorge Manrubia
dd0f9f174e
Split CI files to prevent PR workflows from accessing secrets
2025-11-28 15:53:58 +01:00
Jorge Manrubia
624b6680c7
Fix condition
2025-11-28 15:53:58 +01:00
Jorge Manrubia
d81cf9161e
Fix hostname
2025-11-28 15:53:58 +01:00
Jorge Manrubia
00cb9a3638
Set proper SaaS vars for mysql
2025-11-28 15:53:58 +01:00
Jorge Manrubia
ac649f1af0
Try to pin the host
2025-11-28 15:53:58 +01:00
Jorge Manrubia
127a4ebdc9
LOL if does not exist
2025-11-28 15:53:58 +01:00
Jorge Manrubia
93c60d09a8
Omit MySQL service with if condition
2025-11-28 15:53:58 +01:00
Jorge Manrubia
5a1d40ae65
Omit empty image
2025-11-28 15:53:58 +01:00
Jorge Manrubia
0328149ba2
Initial github action setup
2025-11-28 15:53:58 +01:00
Mike Dalessio
3a8ea5ea85
dependabot: make the schedule weekly
...
Daily is very noisy when we're using so many git branches.
2025-10-03 22:17:21 -04:00
David Heinemeier Hansson
5316a6b821
It is Local CI now
2025-04-05 17:18:54 +02:00
Mike Dalessio
2756a0ebc1
ci: Set access token to pull from the private repo
2025-03-10 12:12:56 -04:00
Jeremy Daer
42130f71ab
Dependabot: group dev deps
2025-02-04 10:32:17 -08:00
Kevin McConnell
5f5226d05b
Add CI
2024-06-24 15:09:34 +01:00