Update dependency gitlab-ci-utils/gitlab-ci-templates to v26
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
gitlab-ci-utils/gitlab-ci-templates | repository | major |
25.0.0 -> 26.0.0
|
Release Notes
gitlab-ci-utils/gitlab-ci-templates (gitlab-ci-utils/gitlab-ci-templates)
v26.0.0
Changed
- BREAKING: Updated all
container
/docker
jobs to remove the container image repository (CI_APPLICATION_REPOSITORY
) and tag (CI_APPLICATION_TAG
) variables from the job definitions. These must now be provided if the individual jobs are used, but can be provided globally which avoids duplicate overrides. If using theContainer-Build-Test-Deploy
orDocker-Build-Test-Deploy
collections, no changes are required, and the variablesTEMP_IMAGE_REPOSITORY
andTEMP_IMAGE_TAG
are still used. (#181)- This includes the following jobs:
container_build
,.copy_image
(used by containerdeploy_branch
anddeploy_tag
),remove_image
,docker_build
,.deploy_image
(used by dockerdeploy_branch
anddeploy_tag
),docker_dive
, andcontainer_scanning
.
- This includes the following jobs:
- BREAKING: Update the
.dind
template and all associated jobs to Alpine 3.19. - Added
Attestation
template to generate attestation files for a single job, andAttestation-All
template to generate attestation files for all jobs in a pipeline. See the GitLab docs for additional details on attestation files. (#193) - Updated
semgrep-sast
job togitlab-semgrep-plus:3.3.0
. See the release notes for details.
Fixed
- Updated
node_lts_yarn_pnp_test
job to specifically set Yarn v4. (#279) - Updated
owasp_dependency_check
job to not check for vulnerability updates (with the--noupdate
flag). The image is rebuilt every 4 hours, so it is up to date. If it fails to update, it's likely due to an NVD failure, which could cause jobs to fail. (#291)- Note this was previously only an override in the
GitLab-Security-Scans
collection, but is now the default for the job.
- Note this was previously only an override in the
- Updated
go_test
job to setGO_COVER_PACKAGES
to an explicit list of packages to calculate coverage. Previously, the variable was set to./...
, which includes packages in the GOPATH in coverage since it is overridden to be within the current directory. This is now set in thebefore_script
with a complete listing of packages in the project. (#290) - Updated the
syft_sbom
job tosyft:v0.99.0
. - Updated the
lint_nunjucks
job and.djlint
template todjlint@1.34.1
.
Miscellaneous
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.