Kubediff: a tool for Kubernetes to show differences between running state and version controlled configuration.

Last update: Dec 30, 2022

Overview

Kubediff

Kubediff is a tool for Kubernetes to show you the differences between your running configuration and your version controlled configuration.

Kubediff can be run from the command line:

$ ./kubediff
usage: kubediff [-h] [--kubeconfig KUBECONFIG] [--context CONTEXT] [--namespace NAMESPACE] [--json] [--no-error-on-diff] [paths ...]

     _          _             _  _   __   __
    | |__ _  _ | |__  ___  __| |(_) / _| / _|
    | / /| || || '_ \/ -_)/ _` || ||  _||  _|
    |_\_\ \_,_||_.__/\___|\__,_||_||_|  |_|

    Compare yaml files in path(s) to running state in kubernetes and print the
    differences. This is useful to ensure you have applied all your changes
    to the appropriate environment. This tools runs kubectl, so unless your
    ~/.kube/config is configured for the correct environment, you will need
    to supply the kubeconfig for the appropriate environment.

positional arguments:
  paths                  path(s) from which kubediff will look for configuration files

optional arguments:
  -h, --help            show this help message and exit
  --kubeconfig KUBECONFIG, -k KUBECONFIG
                        path to kubeconfig
  --context CONTEXT, -c CONTEXT
                        name of kubeconfig context to use
  --namespace NAMESPACE, -n NAMESPACE
                        Namespace to assume for objects where it is not specified (default = Kubernetes default for current context)
  --json, -j            output in json format
  --no-error-on-diff, -e
                        don't exit with 2 if diff exists

For example:

$ ./kubediff k8s
Checking ReplicationController 'kubediff'
 *** .spec.template.spec.containers[0].args[0]: '-repo=https://github.com/weaveworks/kubediff' != '-repo=https://github.com/
   
    '
Checking Secret 'kubediff-secret'
Checking Service 'kubediff'

Make sure the dependencies are installed first:

$ pip install -r requirements.txt

Kubediff can also be run as a service on Kubernetes, periodically downloading the latest configuration from Github, comparing it to the running configuration. In this mode Kubediff will also offers a very simple UI showing the output and export the result to Prometheus, all courtesy to prom-run.

To deploy to Kubernetes, you much first make a copy of the YAML files in k8s and update the following fields:

kubediff-rc.yaml the first argument to git-sync must be the location of the config repo, and the last argument to kubediff must the the location in this repo of your config.
kubediff-secret.yaml the username and password must be set to valid github OAuth token.

Once you have updated the config, the following commands should bring up the service:

$ kubectl create -f k8s
replicationcontroller "kubediff" created
secret "kubediff-secret" created
service "kubediff" created

And to view the UI, run the follow command and go to http://localhost:4040

`$ kubectl port-forward $(kubectl get pod --selector=name=kubediff -o jsonpath={.items..metadata.name}) 4040:80`

This service exports the exit code of the kubediff as a Prometheus metric; a suitable alert can be setup for persistent differences:

ALERT Kubediff
  IF          max(command_exit_code{job="kubediff"}) != 0
  FOR         2h
  LABELS      { severity="warning" }
  ANNOTATIONS {
    summary = "Kubediff has detected a difference in running config.",
    description = "Kubediff has detected a difference in running config.",
  }

These alerts can be sent to Slack, for example:

compare-images

To quickly see how two sets of configurations differ, purely in terms of images:

$ ./compare-images ../service-conf/k8s/dev/ ../service-conf/k8s/prod/
Image                          dev                   prod
-----------------------------  --------------------  --------------------
quay.io/weaveworks/grafana     master-0fc7cc2        master-08fd09d
quay.io/weaveworks/prometheus  master-0fc7cc2        master-4fb2aed
quay.io/weaveworks/ui-server   master-2899c36        master-45d67b3
tomwilkie/prometheus           frankenstein-8a5ec1b  frankenstein-ebe5808
weaveworks/scope               master-1a1021c        master-14d0e4e

Build

mkdir -p $GOPATH/src/github.com/prometheus && cd "$_"
git clone [email protected]:prometheus/client_golang.git
mkdir -p $GOPATH/src/github.com/weaveworks && cd "$_"
git clone [email protected]:weaveworks/kubediff.git
cd kubediff
make

Getting Help

If you have any questions about, feedback for or problems with kubediff:

Invite yourself to the Weave Users Slack.
Ask a question on the #general slack channel.
File an issue.

Weaveworks follows the CNCF Code of Conduct. Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting a Weaveworks project maintainer, or Alexis Richardson ([email protected]).

Your feedback is always welcome!

Comments

Kubediff find differences on missing defaults

kubediff should ignore the differences on missing defaults in the .yaml files. Poking through the source code you're getting the object (kubectl get), whilst instead should do something similar to kubectl diff

opened by nmiculinic 13

Only redact Kinds starting "Secret.", avoiding SealedSecret and similar

Fixes the error below for e.g. SealedSecret.v1alpha1.bitnami.com

Traceback (most recent call last):
  File "/Users/po/src/kubediff/kubediff", line 48, in <module>
    main()
  File "/Users/po/src/kubediff/kubediff", line 42, in main
    failed = check_files(args, printer, config)
  File "/Users/po/src/kubediff/kubedifflib/_diff.py", line 246, in check_files
    differences += check_file(printer, path, config)
  File "/Users/po/src/kubediff/kubedifflib/_diff.py", line 174, in check_file
    printer.diff(path, difference)
  File "/Users/po/src/kubediff/kubedifflib/_diff.py", line 214, in diff
    self._write('%s', difference.to_text(self._current.kind))
  File "/Users/po/src/kubediff/kubedifflib/_diff.py", line 35, in to_text
    message = self.message % ((len(self.args[0]) * '*'), (len(self.args[1]) * '*'))
TypeError: object of type 'NoneType' has no len()

opened by puzza007 10

Skip yaml document if it's empty

I'm trying to kubediff the changes between the output of helm template and the running helm release.

In some cases, helm template can generate empty yaml documents, which are not handled by kubediff.

opened by eviln1 7

'make' fails

kubediff on  master via 🐍 v3.8.10 
❯ make
touch .ensure-pip
touch .ensure-virtualenv
virtualenv .env
created virtual environment CPython3.8.10.final.0-64 in 133ms
  creator CPython3Posix(dest=/home/daniel/dev/kubediff/.env, clear=False, global=False)
  seeder FromAppData(download=False, pip=latest, setuptools=latest, wheel=latest, pkg_resources=latest, via=copy, app_data_dir=/home/daniel/.local/share/virtualenv/seed-app-data/v1.0.1.debian.1)
  activators BashActivator,CShellActivator,FishActivator,PowerShellActivator,PythonActivator,XonshActivator
.env/bin/pip install -e .
Obtaining file:///home/daniel/dev/kubediff
Collecting PyYAML
  Using cached PyYAML-5.4.1-cp38-cp38-manylinux1_x86_64.whl (662 kB)
Collecting attrs
  Using cached attrs-21.2.0-py2.py3-none-any.whl (53 kB)
Processing /home/daniel/.cache/pip/wheels/8e/70/28/3d6ccd6e315f65f245da085482a2e1c7d14b90b30f239e2cf4/future-0.18.2-py3-none-any.whl
Installing collected packages: PyYAML, attrs, future, kubedifflib
  Running setup.py develop for kubedifflib
Successfully installed PyYAML-5.4.1 attrs-21.2.0 future-0.18.2 kubedifflib
.env/bin/pip install -r requirements.txt
Requirement already satisfied: attrs in ./.env/lib/python3.8/site-packages (from -r requirements.txt (line 1)) (21.2.0)
Requirement already satisfied: pyyaml in ./.env/lib/python3.8/site-packages (from -r requirements.txt (line 2)) (5.4.1)
Collecting tabulate
  Using cached tabulate-0.8.9-py3-none-any.whl (25 kB)
Requirement already satisfied: future in ./.env/lib/python3.8/site-packages (from -r requirements.txt (line 4)) (0.18.2)
Installing collected packages: tabulate
Successfully installed tabulate-0.8.9
.env/bin/pip install -r dev-requirements.txt
Collecting flake8
  Using cached flake8-3.9.2-py2.py3-none-any.whl (73 kB)
Requirement already satisfied: future in ./.env/lib/python3.8/site-packages (from -r dev-requirements.txt (line 2)) (0.18.2)
Collecting hypothesis
  Downloading hypothesis-6.20.1-py3-none-any.whl (371 kB)
     |████████████████████████████████| 371 kB 3.0 MB/s 
Collecting pytest
  Using cached pytest-6.2.5-py3-none-any.whl (280 kB)
Collecting tox
  Using cached tox-3.24.3-py2.py3-none-any.whl (85 kB)
Collecting mccabe<0.7.0,>=0.6.0
  Using cached mccabe-0.6.1-py2.py3-none-any.whl (8.6 kB)
Collecting pycodestyle<2.8.0,>=2.7.0
  Using cached pycodestyle-2.7.0-py2.py3-none-any.whl (41 kB)
Collecting pyflakes<2.4.0,>=2.3.0
  Using cached pyflakes-2.3.1-py2.py3-none-any.whl (68 kB)
Requirement already satisfied: attrs>=19.2.0 in ./.env/lib/python3.8/site-packages (from hypothesis->-r dev-requirements.txt (line 3)) (21.2.0)
Collecting sortedcontainers<3.0.0,>=2.1.0
  Using cached sortedcontainers-2.4.0-py2.py3-none-any.whl (29 kB)
Collecting packaging
  Using cached packaging-21.0-py3-none-any.whl (40 kB)
Collecting pluggy<2.0,>=0.12
  Using cached pluggy-1.0.0-py2.py3-none-any.whl (13 kB)
Collecting iniconfig
  Using cached iniconfig-1.1.1-py2.py3-none-any.whl (5.0 kB)
Collecting py>=1.8.2
  Using cached py-1.10.0-py2.py3-none-any.whl (97 kB)
Collecting toml
  Using cached toml-0.10.2-py2.py3-none-any.whl (16 kB)
Collecting virtualenv!=20.0.0,!=20.0.1,!=20.0.2,!=20.0.3,!=20.0.4,!=20.0.5,!=20.0.6,!=20.0.7,>=16.0.0
  Using cached virtualenv-20.7.2-py2.py3-none-any.whl (5.3 MB)
Collecting six>=1.14.0
  Using cached six-1.16.0-py2.py3-none-any.whl (11 kB)
Collecting filelock>=3.0.0
  Using cached filelock-3.0.12-py3-none-any.whl (7.6 kB)
Collecting pyparsing>=2.0.2
  Using cached pyparsing-2.4.7-py2.py3-none-any.whl (67 kB)
Collecting distlib<1,>=0.3.1
  Using cached distlib-0.3.2-py2.py3-none-any.whl (338 kB)
Collecting backports.entry-points-selectable>=1.0.4
  Using cached backports.entry_points_selectable-1.1.0-py2.py3-none-any.whl (6.2 kB)
Collecting platformdirs<3,>=2
  Using cached platformdirs-2.3.0-py3-none-any.whl (13 kB)
Installing collected packages: mccabe, pycodestyle, pyflakes, flake8, sortedcontainers, hypothesis, pyparsing, packaging, pluggy, iniconfig, py, toml, pytest, distlib, backports.entry-points-selectable, filelock, platformdirs, six, virtualenv, tox
Successfully installed backports.entry-points-selectable-1.1.0 distlib-0.3.2 filelock-3.0.12 flake8-3.9.2 hypothesis-6.20.1 iniconfig-1.1.1 mccabe-0.6.1 packaging-21.0 platformdirs-2.3.0 pluggy-1.0.0 py-1.10.0 pycodestyle-2.7.0 pyflakes-2.3.1 pyparsing-2.4.7 pytest-6.2.5 six-1.16.0 sortedcontainers-2.4.0 toml-0.10.2 tox-3.24.3 virtualenv-20.7.2
touch .env/.deps-uptodate
.env/bin/py.test --junitxml="junit.xml"
==================================================================================== test session starts ====================================================================================
platform linux -- Python 3.8.10, pytest-6.2.5, py-1.10.0, pluggy-1.0.0
rootdir: /home/daniel/dev/kubediff
plugins: hypothesis-6.20.1
collected 13 items                                                                                                                                                                          

kubedifflib/tests/test_diff.py .............                                                                                                                                          [100%]

===================================================================================== warnings summary ======================================================================================
.env/lib/python3.8/site-packages/past/builtins/misc.py:45
  /home/daniel/dev/kubediff/.env/lib/python3.8/site-packages/past/builtins/misc.py:45: DeprecationWarning: the imp module is deprecated in favour of importlib; see the module's documentation for alternative uses
    from imp import reload

-- Docs: https://docs.pytest.org/en/stable/warnings.html
------------------------------------------------------------------ generated xml file: /home/daniel/dev/kubediff/junit.xml ------------------------------------------------------------------
=============================================================================== 13 passed, 1 warning in 4.44s ===============================================================================
.env/bin/flake8 kubediff
CGO_ENABLED=0 GOOS=linux go build ./vendor/github.com/tomwilkie/prom-run
vendor/github.com/tomwilkie/prom-run/main.go:16:2: cannot find package "github.com/prometheus/client_golang/prometheus" in any of:
	/usr/lib/go-1.13/src/github.com/prometheus/client_golang/prometheus (from $GOROOT)
	/home/daniel/go/src/github.com/prometheus/client_golang/prometheus (from $GOPATH)
vendor/github.com/tomwilkie/prom-run/main.go:17:2: cannot find package "github.com/sirupsen/logrus" in any of:
	/usr/lib/go-1.13/src/github.com/sirupsen/logrus (from $GOROOT)
	/home/daniel/go/src/github.com/sirupsen/logrus (from $GOPATH)
make: *** [Makefile:49: prom-run] Fehler 1

kubediff on  master [?] via 🐍 v3.8.10 took 14s 
❯

bug enhancement

opened by dholbach 5

Handle Kubernetes apiVersion

Fixes #50

kubectl get deployment foo may fetch an old version of the object, whereas kubectl get deployment foo.v1.apps will fetch the requested version.

See https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#get

opened by bboreham 5
Add --context parameter for easier switch between kubeconfig context

At my org we work with several clusters in parallel, each in their own Kubeconfig context. Some of our admins are used to passing the --context param to kubectl. Being able to specify the context as a parameter to kubeconfig would be a big timesaver for them.

The parameter is simply sent through to kubectl, not much logic here, works essentially like --kubeconfig.

opened by mgarstecki 4
.yaml file extension requirement not clear

I had to grep around to find this one ... I'd been naming my files .yml, which kubediff didn't deal with so well. Some kind of output or a note about it in the help would be nice.

On the other hand, thank you for this tool!

opened by robertlabrie 4
Catch KeyErrors when trying to load manifest

If any YAML file is not a Kubernetes object manifest file, kubediff fails with an exception. This PR allows for processing to continue and the YAML file is simply passed over.
enhancement blocked-rebase

opened by TimJones 3
Ignore spurious diffs in cpu resource requests/limits

There are multiple possible formats for the same semantic value (eg. 50m vs 0.05) for cpu resources, and the k8s server may return one even if you apply the other. This creates a diff that can't be resolved by applying.

We solve this problem by ignoring the diff if the values have the same meaning. To facilitate this we introduce a generic method for adding 'tolerations' to the diffs. Since it would be complex and annoying to add the special case all the way down the stack at the place the diff is detected, we instead remove any tolerable diffs as a seperate step after all diffs for a file have been generated.

I've used globbing of paths for simplicity, as it allows you to easily say "anything ending with" or "all paths under", etc. without resorting to full regex, which I think would be less readable in most cases.

Fixes #33

opened by ekimekim 3
Bump golang.org/x/tools from 0.1.6 to 0.1.7
Bumps golang.org/x/tools from 0.1.6 to 0.1.7.

Commits

0df0ca0 internal/typeparams: hide go1.18 API usage behind a build constraint

7898fe6 internal/lsp/analysis: move implementmissing logic into undeclared

da36f79 go/internal/gcimporter: skip typeparam import tests on unified builders

64bbad1 internal/lsp/debug: improve readability of session options

b182fde go/analysis/passes/tests: check example output

ba6b94c internal/lsp: add fields to anonymous struct info

939195f go/ssa: skip the "constraints" package in TestStdlib

e1e06b8 go/internal/gcimporter: temporarily skip the contraints package on the

6d1e33f internal/lsp: handle panic in hoverRune by using token.Pos

c8db761 internal/lsp/cache: keep going on failed analyzers

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies go
opened by dependabot[bot] 2
Bump flask from 0.12.4 to 1.0 in /tools/scheduler
Bumps flask from 0.12.4 to 1.0.

Release notes

Sourced from flask's releases.

1.0

The Pallets team is pleased to release Flask 1.0. [Read the announcement on our blog.](https://www.palletsprojects.com/blog/flask-1-0-released/

There are over a year's worth of changes in this release. Many features have been improved or changed. Read the changelog to understand how your project's code will be affected.

JSON Security Fix

Flask previously decoded incoming JSON bytes using the content type of the request. Although JSON should only be encoded as UTF-8, Flask was more lenient. However, Python includes non-text related encodings that could result in unexpected memory use by a request.

Flask will now detect the encoding of incoming JSON data as one of the supported UTF encodings, and will not allow arbitrary encodings from the request.

Install or Upgrade

Install from PyPI with pip:

pip install -U Flask

Changelog

Sourced from flask's changelog.

Version 1.0

Released 2018-04-26

Python 2.6 and 3.3 are no longer supported.

Bump minimum dependency versions to the latest stable versions: Werkzeug >= 0.14, Jinja >= 2.10, itsdangerous >= 0.24, Click >= 5.1. :issue:2586

Skip :meth:app.run <Flask.run> when a Flask application is run from the command line. This avoids some behavior that was confusing to debug.

Change the default for :data:JSONIFY_PRETTYPRINT_REGULAR to False. :func:~json.jsonify returns a compact format by default, and an indented format in debug mode. :pr:2193

:meth:Flask.__init__ <Flask> accepts the host_matching argument and sets it on :attr:~Flask.url_map. :issue:1559

:meth:Flask.__init__ <Flask> accepts the static_host argument and passes it as the host argument when defining the static route. :issue:1559

:func:send_file supports Unicode in attachment_filename. :pr:2223

Pass _scheme argument from :func:url_for to :meth:~Flask.handle_url_build_error. :pr:2017

:meth:~Flask.add_url_rule accepts the provide_automatic_options argument to disable adding the OPTIONS method. :pr:1489

:class:~views.MethodView subclasses inherit method handlers from base classes. :pr:1936

Errors caused while opening the session at the beginning of the request are handled by the app's error handlers. :pr:2254

Blueprints gained :attr:~Blueprint.json_encoder and :attr:~Blueprint.json_decoder attributes to override the app's encoder and decoder. :pr:1898

:meth:Flask.make_response raises TypeError instead of ValueError for bad response types. The error messages have been improved to describe why the type is invalid. :pr:2256

Add routes CLI command to output routes registered on the application. :pr:2259

Show warning when session cookie domain is a bare hostname or an IP address, as these may not behave properly in some browsers, such as Chrome. :pr:2282

Allow IP address as exact session cookie domain. :pr:2282

SESSION_COOKIE_DOMAIN is set if it is detected through SERVER_NAME. :pr:2282

Auto-detect zero-argument app factory called create_app or make_app from FLASK_APP. :pr:2297

Factory functions are not required to take a script_info parameter to work with the flask command. If they take a single parameter or a parameter named script_info, the

... (truncated)

Commits

291f3c3 Bump version number to 1.0

36e68a4 release 1.0

216151c Merge branch '0.12-maintenance'

062745b Merge pull request #2720 from pallets/setup-link

5c8110d ensure order of project urls

10a77a5 Add project_urls so that PyPI will show GitHub stats.

2ede0b8 add donate link

4137aec add donate link

4df5f82 Merge pull request #2719 from greyli/patch-9

7df3524 Fix typo in docs

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 2
Bump alpine from 3.15.0 to 3.17.0
Bumps alpine from 3.15.0 to 3.17.0.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies docker
opened by dependabot[bot] 0
Bump actions/checkout from 2 to 3.1.0
Bumps actions/checkout from 2 to 3.1.0.

Release notes

Sourced from actions/checkout's releases.

v3.1.0

What's Changed

Inject GitHub host to be able to clone from another GitHub instance by @peter-murray in actions/checkout#922

Bump @actions/core to 1.10.0 by @rentziass in actions/checkout#939

New Contributors

@peter-murray made their first contribution in actions/checkout#922

@rentziass made their first contribution in actions/checkout#939

Full Changelog: https://github.com/actions/checkout/compare/v3.0.2...v3.1.0

v3.0.2

What's Changed

Add set-safe-directory input to allow customers to take control. by @TingluoHuang in actions/checkout#770

Prepare changelog for v3.0.2. by @TingluoHuang in actions/checkout#777

Full Changelog: https://github.com/actions/checkout/compare/v3...v3.0.2

v3.0.1

Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

Bumped various npm package versions

v3.0.0

Updated to the node16 runtime by default

This requires a minimum Actions Runner version of v2.285.0 to run, which is by default available in GHES 3.4 or later.

v2.4.2

What's Changed

Add set-safe-directory input to allow customers to take control. (#770) by @TingluoHuang in actions/checkout#776

Prepare changelog for v2.4.2. by @TingluoHuang in actions/checkout#778

Full Changelog: https://github.com/actions/checkout/compare/v2...v2.4.2

v2.4.1

Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

v2.4.0

Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

v2.3.5

Update dependencies

v2.3.4

Add missing awaits

Swap to Environment Files

v2.3.3

Remove Unneeded commit information from build logs

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

v3.1.0

Use @actions/core saveState and getState

Add github-server-url input

v3.0.2

Add input set-safe-directory

v3.0.1

Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

Bumped various npm package versions

v3.0.0

Update to node 16

v2.3.1

Fix default branch resolution for .wiki and when using SSH

v2.3.0

Fallback to the default branch

v2.2.0

Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

Changes to support GHES (here and here)

v2.1.0

Group output

Changes to support GHES alpha release

Persist core.sshCommand for submodules

Add support ssh

Convert submodule SSH URL to HTTPS, when not using SSH

Add submodule support

Follow proxy settings

Fix ref for pr closed event when a pr is merged

Fix issue checking detached when git less than 2.22

v2.0.0

Do not pass cred on command line

Add input persist-credentials

Fallback to REST API to download repo

Commits

93ea575 Prepare release v3.1.0 (#940)

6a84743 Bump @actions/core to 1.10.0 (#939)

e6d535c Inject GitHub host to be able to clone from another GitHub instance (#922)

2541b12 Prepare changelog for v3.0.2. (#777)

0ffe6f9 Add set-safe-directory input to allow customers to take control. (#770)

dcd71f6 Enforce safe directory (#762)

add3486 Patch to fix the dependbot alert. (#744)

5126516 Bump minimist from 1.2.5 to 1.2.6 (#741)

d50f8ea Add v3.0 release information to changelog (#740)

2d1c119 update test workflows to checkout v3 (#709)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies github_actions
opened by dependabot[bot] 0
Bump actions/setup-python from 2 to 4.1.0
Bumps actions/setup-python from 2 to 4.1.0.

Release notes

Sourced from actions/setup-python's releases.

v4.1.0

In scope of this pull request we updated actions/cache package as the new version contains fixes for caching error handling. Moreover, we added a new input update-environment. This option allows to specify if the action shall update environment variables (default) or not.

Update-environment input

- name: setup-python 3.9 uses: actions/setup-python@v4 with: python-version: 3.9 update-environment: false

Besides, we added such changes as:

Allow python-version-file to be a relative path: actions/setup-python#431

Added new environment variables for Cmake: actions/setup-python#440

Updated error message for resolveVersion: actions/setup-python#450

Assign default value of AGENT_TOOLSDIRECTORY if not set: actions/setup-python#394

v4.0.0

What's Changed

Support for python-version-file input: #336

Example of usage:

- uses: actions/setup-python@v4 with: python-version-file: '.python-version' # Read python version from a file - run: python my_script.py

There is no default python version for this setup-python major version, the action requires to specify either python-version input or python-version-file input. If the python-version input is not specified the action will try to read required version from file from python-version-file input.

Use pypyX.Y for PyPy python-version input: #349

Example of usage:

- uses: actions/setup-python@v4 with: python-version: 'pypy3.9' # pypy-X.Y kept for backward compatibility - run: python my_script.py

RUNNER_TOOL_CACHE environment variable is equal AGENT_TOOLSDIRECTORY: #338

Bugfix: create missing pypyX.Y symlinks: #347

PKG_CONFIG_PATH environment variable: #400

Added python-path output: #405

... (truncated)

Commits

c4e89fa Improve readme for 3.x and 3.11-dev style python-version (#441)

0ad0f6a Merge pull request #452 from mayeut/fix-env

f0bcf8b Merge pull request #456 from akx/patch-1

af97157 doc: Add multiple wildcards example to readme

364e819 Merge pull request #394 from akv-platform/v-sedoli/set-env-by-default

782f81b Merge pull request #450 from IvanZosimov/ResolveVersionFix

2c9de4e Remove duplicate code introduced in #440

412091c Fix tests for update-environment==false

78a2330 Merge pull request #451 from dmitry-shibanov/fx-pipenv-python-version

96f494e trigger checks

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies github_actions
opened by dependabot[bot] 0
Bump docker/login-action from 1 to 2
Bumps docker/login-action from 1 to 2.

Release notes

Sourced from docker/login-action's releases.

v2.0.0

Node 16 as default runtime by @crazy-max (#161)

This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.

chore: update dev dependencies and workflow by @crazy-max (#170)

Bump @actions/exec from 1.1.0 to 1.1.1 (#167)

Bump @actions/io from 1.1.1 to 1.1.2 (#168)

Bump minimist from 1.2.5 to 1.2.6 (#176)

Bump https-proxy-agent from 5.0.0 to 5.0.1 (#182)

Full Changelog: https://github.com/docker/login-action/compare/v1.14.1...v2.0.0

v1.14.1

Revert to Node 12 as default runtime to fix issue for GHE users (#160)

v1.14.0

Update to node 16 (#158)

Bump @aws-sdk/client-ecr from 3.45.0 to 3.53.0 (#157)

Bump @aws-sdk/client-ecr-public from 3.45.0 to 3.53.0 (#156)

v1.13.0

Handle proxy settings for aws-sdk (#152)

Workload identity based authentication docs for GCR and GAR (#112)

Test login against ACR (#49)

Bump @aws-sdk/client-ecr from 3.44.0 to 3.45.0 (#132)

Bump @aws-sdk/client-ecr-public from 3.43.0 to 3.45.0 (#131)

v1.12.0

ECR: only set credentials if username and password are specified (#128)

Refactor to use aws-sdk v3 (#128)

v1.11.0

ECR: switch implementation to use the AWS SDK (#126)

ecr input to specify whether the given registry is ECR (#123)

Test against Windows runner (#126)

Update instructions for Google registry (#127)

Update dev workflow (#111)

Small changes for GHCR doc (#86)

Update dev dependencies (#85)

Bump ansi-regex from 5.0.0 to 5.0.1 (#101)

Bump tmpl from 1.0.4 to 1.0.5 (#100)

Bump @actions/core from 1.4.0 to 1.6.0 (#94 #103)

Bump codecov/codecov-action from 1 to 2 (#88)

Bump hosted-git-info from 2.8.8 to 2.8.9 (#83)

Bump node-notifier from 8.0.0 to 8.0.2 (#82)

Bump ws from 7.3.1 to 7.5.0 (#81)

Bump lodash from 4.17.20 to 4.17.21 (#80)

Bump y18n from 4.0.0 to 4.0.3 (#79)

v1.10.0

GitHub Packages Docker Registry deprecated (#78)

... (truncated)

Commits

49ed152 Merge pull request #161 from crazy-max/node16-runtime

b61a9ce Node 16 as default runtime

3a136a8 Merge pull request #182 from docker/dependabot/npm_and_yarn/https-proxy-agent...

b312880 Update generated content

795794e Bump https-proxy-agent from 5.0.0 to 5.0.1

1edf618 Merge pull request #179 from docker/dependabot/github_actions/codecov/codecov...

8e66ad4 Bump codecov/codecov-action from 2 to 3

7c79b59 Merge pull request #176 from docker/dependabot/npm_and_yarn/minimist-1.2.6

24a38e0 Bump minimist from 1.2.5 to 1.2.6

70e1ff8 Merge pull request #170 from crazy-max/eslint

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies github_actions
opened by dependabot[bot] 0
Bump github/codeql-action from 1 to 2
Bumps github/codeql-action from 1 to 2.

Changelog

Sourced from github/codeql-action's changelog.

2.1.8 - 08 Apr 2022

Update default CodeQL bundle version to 2.8.5. #1014

Fix error where the init action would fail due to a GitHub API request that was taking too long to complete #1025

2.1.7 - 05 Apr 2022

A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. #1018

2.1.6 - 30 Mar 2022

[v2+ only] The CodeQL Action now runs on Node.js v16. #1000

Update default CodeQL bundle version to 2.8.4. #990

Fix a bug where an invalid commit_oid was being sent to code scanning when a custom checkout path was being used. #956

Commits

2c03704 Allow the version of the ML-powered pack to depend on the CLI version

dd6b592 Simplify ML-powered query status report definition

a90d8bf Merge pull request #1011 from github/henrymercer/ml-powered-queries-pr-check

dc0338e Use latest major version of actions/upload-artifact

57096fe Add a PR check to validate that ML-powered queries are run correctly

b0ddf36 Merge pull request #1012 from github/henrymercer/update-actions-major-versions

1ea2f2d Merge branch 'main' into henrymercer/update-actions-major-versions

9dcc141 Merge pull request #1010 from github/henrymercer/stop-running-ml-powered-quer...

ea751a9 Update other Actions from v2 to v3

a2949f4 Update actions/checkout from v2 to v3

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies github_actions
opened by dependabot[bot] 0
kubediff doesn't seem to be able to compare helm files

I'm using the helm template in git and then the k8s environment has installed the app via helm, kubediff doesn't seem to render the helm file, only the native yaml file can be compared

opened by zerunhu 0