Merge branch 'main' into renovate/kubernetes-go

Author: TylerGillson

.github/CODEOWNERS

@@ -5,4 +5,4 @@
 # the repo. Unless a later match takes precedence,
 # @global-owner1 and @global-owner2 will be requested for
 # review when someone opens a pull request.
-* @spectrocloud-labs/validator
+* @validator-labs/validator

.github/workflows/bulwark-gitleaks.yaml

@@ -22,7 +22,7 @@ jobs:
         shell: sh
         env:
           BRANCH: ${{ github.head_ref || github.ref_name }}
-        run: /workspace/bulwark -name CodeSASTGitLeaks -organization spectrocloud-labs -target $REPO -tags "branch:$BRANCH,options:--log-opts origin..HEAD"
+        run: /workspace/bulwark -name CodeSASTGitLeaks -organization validator-labs -target $REPO -tags "branch:$BRANCH,options:--log-opts origin..HEAD"
 
       - name: check-result
         shell: sh

.github/workflows/bulwark-gosec.yaml

@@ -30,7 +30,7 @@ jobs:
         env:
           BRANCH: ${{ github.head_ref || github.ref_name }}
           GO111MODULE: on
-        run: /workspace/bulwark -name CodeSASTGoSec -verbose -organization spectrocloud-labs -target $REPO -tags "branch:$BRANCH"
+        run: /workspace/bulwark -name CodeSASTGoSec -verbose -organization validator-labs -target $REPO -tags "branch:$BRANCH"
 
       - name: check-result
         shell: sh

.github/workflows/bulwark-govulncheck.yaml

@@ -13,7 +13,7 @@ jobs:
   govulncheck-pr-scan:
     runs-on: [self-hosted, Linux, X64, validator]
     container:
-      image: gcr.io/spectro-images-public/golang:1.21-alpine
+      image: gcr.io/spectro-images-public/golang:1.22-alpine
     steps:
       - name: install-govulncheck
         run: GOBIN=/usr/local/bin go install golang.org/x/vuln/cmd/govulncheck@latest

.github/workflows/release.yaml

@@ -18,8 +18,8 @@ defaults:
 jobs:
   release-please:
     permissions:
-      contents: write  # for google-github-actions/release-please-action to create release commit
-      pull-requests: write  # for google-github-actions/release-please-action to create release PR
+      contents: write  # for googleapis/release-please-action to create release commit
+      pull-requests: write  # for googleapis/release-please-action to create release PR
     runs-on: [self-hosted, Linux, X64, validator]
     outputs:
       releases_created: ${{ steps.release.outputs.releases_created }}
@@ -29,12 +29,10 @@ jobs:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
-      - uses: google-github-actions/release-please-action@a37ac6e4f6449ce8b3f7607e4d97d0146028dc0b # v4
+      - uses: googleapis/release-please-action@v4
         id: release
         with:
-          command: manifest
           token: ${{secrets.PAT}}
-          default-branch: main
 
   release-charts:
     needs: release-please
@@ -49,10 +47,10 @@ jobs:
         with:
           token: ${{ secrets.PAT }}
           charts_dir: chart
-          owner: spectrocloud-labs
+          owner: validator-labs
           branch: ${{ env.GITHUB_PAGES_BRANCH }}
-          commit_username: spectrocloud-labs-bot
-          commit_email: bot@noreply.spectrocloud-labs.io
+          commit_username: validator-labs-bot
+          commit_email: bot@noreply.validator-labs.io
 
   build-container:
     if: needs.release-please.outputs.releases_created == 'true'
@@ -64,7 +62,7 @@ jobs:
       packages: write
       id-token: write
     env:
-      IMAGE_TAG: quay.io/spectrocloud-labs/validator-plugin-oci:${{ needs.release-please.outputs.tag_name }}
+      IMAGE_TAG: quay.io/validator-labs/validator-plugin-oci:${{ needs.release-please.outputs.tag_name }}
       IMAGE_NAME: validator-plugin-oci
     steps:
       - name: Checkout
@@ -74,13 +72,13 @@ jobs:
 
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3
+        uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3
         with:
           registry: "quay.io"
-          username: tgillson
+          username: ${{ secrets.QUAY_USER }}
           password: ${{ secrets.QUAY_TOKEN }}
 
       - name: Build Docker Image
@@ -105,7 +103,7 @@ jobs:
           output-file: ./sbom-${{ env.IMAGE_NAME }}.spdx.json
 
       - name: Attach SBOM to release
-        uses: softprops/action-gh-release@3198ee18f814cdf787321b4a32a26ddbf37acc52 # v2
+        uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2
         with:
           tag_name: ${{ needs.release-please.outputs.tag_name }}
           files: ./sbom-${{ env.IMAGE_NAME }}.spdx.json

.github/workflows/test.yaml

@@ -31,7 +31,7 @@ jobs:
           git config --global --add safe.directory "$GITHUB_WORKSPACE"
 
       - name: Codecov
-        uses: codecov/codecov-action@c16abc29c95fcf9174b58eb7e1abf4c866893bc8 # v4
+        uses: codecov/codecov-action@6d798873df2b1b8e5846dba6fb86631229fbcb17 # v4
         with:
           file: ./cover.out
           fail_ci_if_error: true
@@ -47,7 +47,7 @@ jobs:
           fetch-depth: 0
 
       - name: Set up Helm
-        uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4
+        uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4
         with:
           version: v3.11.2
 

.release-please-manifest.json

@@ -1 +1 @@
-{".":"0.0.9"}
+{".":"0.0.10"}