Skip to content

Update dependency gitlab-ci-utils/gitlab-ci-templates to v26

GoldenBot requested to merge renovate/gitlab-ci-utils-gitlab-ci-templates-26.x into master

This MR contains the following updates:

Package Type Update Change
gitlab-ci-utils/gitlab-ci-templates repository major 25.0.0 -> 26.0.0

Release Notes

gitlab-ci-utils/gitlab-ci-templates (gitlab-ci-utils/gitlab-ci-templates)

v26.0.0

Compare Source

Changed
  • BREAKING: Updated all container/docker jobs to remove the container image repository (CI_APPLICATION_REPOSITORY) and tag (CI_APPLICATION_TAG) variables from the job definitions. These must now be provided if the individual jobs are used, but can be provided globally which avoids duplicate overrides. If using the Container-Build-Test-Deploy or Docker-Build-Test-Deploy collections, no changes are required, and the variables TEMP_IMAGE_REPOSITORY and TEMP_IMAGE_TAG are still used. (#​181)
    • This includes the following jobs: container_build, .copy_image (used by container deploy_branch and deploy_tag), remove_image, docker_build, .deploy_image (used by docker deploy_branch and deploy_tag), docker_dive, and container_scanning.
  • BREAKING: Update the .dind template and all associated jobs to Alpine 3.19.
  • Added Attestation template to generate attestation files for a single job, and Attestation-All template to generate attestation files for all jobs in a pipeline. See the GitLab docs for additional details on attestation files. (#​193)
  • Updated semgrep-sast job to gitlab-semgrep-plus:3.3.0. See the release notes for details.
Fixed
  • Updated node_lts_yarn_pnp_test job to specifically set Yarn v4. (#​279)
  • Updated owasp_dependency_check job to not check for vulnerability updates (with the --noupdate flag). The image is rebuilt every 4 hours, so it is up to date. If it fails to update, it's likely due to an NVD failure, which could cause jobs to fail. (#​291)
    • Note this was previously only an override in the GitLab-Security-Scans collection, but is now the default for the job.
  • Updated go_test job to set GO_COVER_PACKAGES to an explicit list of packages to calculate coverage. Previously, the variable was set to ./..., which includes packages in the GOPATH in coverage since it is overridden to be within the current directory. This is now set in the before_script with a complete listing of packages in the project. (#​290)
  • Updated the syft_sbom job to syft:v0.99.0.
  • Updated the lint_nunjucks job and .djlint template to djlint@1.34.1.
Miscellaneous
  • Updated Renovate config to move from regexManagers to customManagers. (#​288)
  • Updated the project's default branch to main. (#​289)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Merge request reports