chore(deps): update actions/setup-python digest to 57ded4d #1641

jarvis-plus-bot · 2023-04-30T11:06:19Z

This PR contains the following updates:

Package	Type	Update	Change
actions/setup-python	action	digest	`d27e3f3` -> `57ded4d`

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

Signed-off-by: Jarvis Plus Bot <112913195+jarvis-plus-bot[bot]@users.noreply.github.com>

github-actions · 2023-04-30T11:13:14Z

`kustomize build` Success

Show Output

apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
    pod-security.kubernetes.io/enforce: privileged
    pod-security.kubernetes.io/warn: privileged
  name: actions-runner-system
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
  name: backup-system
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
  name: crossplane-system
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
  name: development
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
    pod-security.kubernetes.io/audit: privileged
    pod-security.kubernetes.io/enforce: privileged
    pod-security.kubernetes.io/warn: privileged
  name: game-servers
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
  name: home-system
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    istio-injection: enabled
    kustomize.toolkit.fluxcd.io/prune: disabled
  name: istio-ingress
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
    pod-security.kubernetes.io/enforce: privileged
    pod-security.kubernetes.io/warn: privileged
  name: istio-system
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
  name: kube-system
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
  name: litmus
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
    pod-security.kubernetes.io/audit: privileged
    pod-security.kubernetes.io/enforce: privileged
    pod-security.kubernetes.io/warn: privileged
  name: network-system
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
  name: nginx-ingress
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
    pod-security.kubernetes.io/enforce: privileged
    pod-security.kubernetes.io/warn: privileged
  name: observability
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
    pod-security.kubernetes.io/enforce: privileged
    pod-security.kubernetes.io/warn: privileged
  name: openebs
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    access: openfaas-system
    kustomize.toolkit.fluxcd.io/prune: disabled
    namespace: openfaas
    role: openfaas-system
  name: openfaas
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
    namespace: openfaas-fn
    role: openfaas-fn
  name: openfaas-fn
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
    pod-security.kubernetes.io/enforce: privileged
    pod-security.kubernetes.io/warn: privileged
  name: rook-ceph
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
    pod-security.kubernetes.io/enforce: privileged
    pod-security.kubernetes.io/warn: privileged
  name: security-system
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
  name: traefik-ingress
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
  name: velero
---
apiVersion: scheduling.k8s.io/v1
description: Used for cluster critical pods that must not be moved from their current
  node.
kind: PriorityClass
metadata:
  name: platform-cluster-critical
preemptionPolicy: PreemptLowerPriority
value: 100000000
---
apiVersion: scheduling.k8s.io/v1
description: Used for cluster critical pods that must not be moved from their current
  node.
kind: PriorityClass
metadata:
  name: platform-node-critical
preemptionPolicy: PreemptLowerPriority
value: 100001000
---
apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
  name: allow-all
  namespace: kube-system
spec:
  egress:
  - toEndpoints:
    - {}
  - toEntities:
    - cluster
  - toEntities:
    - world
  endpointSelector: {}
  ingress:
  - fromEndpoints:
    - {}
  - fromEntities:
    - world
  - fromEntities:
    - cluster
---
apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
  name: dns
  namespace: kube-system
spec:
  egress:
  - toEndpoints:
    - matchLabels:
        io.kubernetes.pod.namespace: kube-system
        k8s-app: kube-dns
    toPorts:
    - ports:
      - port: "53"
        protocol: UDP
      rules:
        dns:
        - matchPattern: '*'
  endpointSelector: {}
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: actions-runner-controller
  namespace: flux-system
spec:
  dependsOn:
  - name: cert-manager
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/actions-runner-system/actions-runner-controller/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: actions-runner-controller-runners
  namespace: flux-system
spec:
  dependsOn:
  - name: actions-runner-controller
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/actions-runner-system/actions-runner-controller/runners
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: cert-manager
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/network-system/cert-manager/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: cert-manager-clusterissuers
  namespace: flux-system
spec:
  dependsOn:
  - name: cert-manager
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/network-system/cert-manager/issuers
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: cert-manager-csi-driver
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/network-system/cert-manager-csi-driver/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: cilium
  namespace: flux-system
spec:
  interval: 30m
  path: ./k8s/namespaces/base/kube-system/cilium/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: GitRepository
    name: flux-system
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: cilium-config
  namespace: flux-system
spec:
  dependsOn:
  - name: istiod
    namespace: flux-system
  interval: 30m
  path: ./k8s/namespaces/base/kube-system/cilium/config
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: GitRepository
    name: flux-system
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: cloudflare-ddns
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/network-system/cloudflare-ddns/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: cloudflared
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/network-system/cloudflared/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: coredns
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/network-system/coredns/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: crossplane
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/crossplane-system/crossplane/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: crossplane-providers
  namespace: flux-system
spec:
  dependsOn:
  - name: crossplane
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/crossplane-system/crossplane/providers
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: cstor
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/openebs/cstor/app
  prune: false
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 10m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: descheduler
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/kube-system/descheduler/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: dex
  namespace: flux-system
spec:
  dependsOn:
  - name: istiod
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/network-system/dex/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: dex-k8s-authenticator
  namespace: flux-system
spec:
  dependsOn:
  - name: istiod
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/network-system/dex-k8s-authenticator/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: echo-server
  namespace: flux-system
spec:
  dependsOn:
  - name: istiod
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/network-system/echo-server/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: external-dns
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/network-system/external-dns/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: flux-system-monitoring
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/flux-system/addons/monitoring
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: false
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: flux-system-notifications
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/flux-system/addons/notifications
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: false
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: flux-system-repositories
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/flux-system/addons/repositories
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: false
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: flux-system-webhooks
  namespace: flux-system
spec:
  dependsOn:
  - name: istiod
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/flux-system/addons/webhooks
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: false
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: grafana
  namespace: flux-system
spec:
  dependsOn:
  - name: istiod
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/observability/grafana/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: istio-base
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/istio-system/istio-base/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: istio-cni
  namespace: flux-system
spec:
  dependsOn:
  - name: istio-base
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/istio-system/istio-cni/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: istio-gateway
  namespace: flux-system
spec:
  dependsOn:
  - name: istiod
    namespace: flux-system
  - name: cert-manager
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/istio-ingress/istio-gateway/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: false
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: istiod
  namespace: flux-system
spec:
  dependsOn:
  - name: istio-cni
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/istio-system/istiod/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: kube-prometheus-stack
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/observability/kube-prometheus-stack/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: kubelet-csr-approver
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/kube-system/kubelet-csr-approver/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: kubernetes-schemas
  namespace: flux-system
spec:
  interval: 5m
  path: ./namespaces/base/development/kubernetes-schemas/app
  prune: true
  sourceRef:
    kind: OCIRepository
    name: cluster
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: loki
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/observability/loki/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: false
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: metallb
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/network-system/metallb/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: metallb-config
  namespace: flux-system
spec:
  dependsOn:
  - name: metallb
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/network-system/metallb/config
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: metrics-server
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/kube-system/metrics-server/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: node-feature-discovery
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/network-system/node-feature-discovery/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: oauth2-proxy
  namespace: flux-system
spec:
  dependsOn:
  - name: istiod
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/network-system/oauth2-proxy/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: secret-store-csi-driver
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/kube-system/secret-store-csi-driver/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: thanos
  namespace: flux-system
spec:
  dependsOn:
  - name: istiod
    namespace: flux-system
  interval: 30m
  path: ./namespaces/base/observability/thanos/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: velero
  namespace: flux-system
spec:
  interval: 5m
  path: ./namespaces/base/velero/velero/app
  prune: true
  sourceRef:
    kind: OCIRepository
    name: cluster
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: volsync
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/backup-system/volsync/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: true
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: vpa
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/observability/vpa/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: false
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  labels:
    substitution.flux/enabled: true
  name: weave-gitops
  namespace: flux-system
spec:
  interval: 30m
  path: ./namespaces/base/flux-system/weave-gitops/app
  prune: true
  retryInterval: 1m
  sourceRef:
    kind: OCIRepository
    name: cluster
  timeout: 3m
  wait: false
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: default-allow-all
  namespace: game-servers
spec:
  egress:
  - ports:
    - port: 53
      protocol: UDP
    - port: 53
      protocol: TCP
    to:
    - namespaceSelector:
        matchLabels:
          kubernetes.io/metadata.name: kube-system
      podSelector:
        matchLabels:
          k8s-app: kube-dns
  - {}
  - to:
    - ipBlock:
        cidr: 0.0.0.0/0
  - to:
    - ipBlock:
        cidr: 10.144.15.153/32
  - to:
    - podSelector: {}
  ingress:
  - from:
    - podSelector: {}
  - {}
  - from:
    - ipBlock:
        cidr: 0.0.0.0/0
    ports:
    - port: 443
  podSelector: {}
  policyTypes:
  - Ingress
  - Egress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: home-assistant
  namespace: home-system
spec:
  egress:
  - ports:
    - port: 53
      protocol: UDP
    - port: 53
      protocol: TCP
    to:
    - namespaceSelector:
        matchLabels:
          kubernetes.io/metadata.name: kube-system
      podSelector:
        matchLabels:
          k8s-app: kube-dns
  - ports:
    - port: 1883
    to:
    - podSelector:
        matchLabels:
          name: mosquitto
  - ports:
    - port: 1900
      protocol: UDP
    - port: 5353
      protocol: UDP
    to:
    - ipBlock:
        cidr: 0.0.0.0/0
  ingress:
  - from:
    - namespaceSelector:
        matchLabels:
          kubernetes.io/metadata.name: istio-ingress
      podSelector:
        matchLabels:
          app: istio-ingressgateway
    ports:
    - port: 8123
    - port: 12321
  podSelector:
    matchLabels:
      name: home-assistant
  policyTypes:
  - Ingress
  - Egress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: mosquitto
  namespace: home-system
spec:
  egress: []
  ingress:
  - from:
    - podSelector:
        matchLabels:
          name: zigbee2mqtt
    ports:
    - port: 1883
  - from:
    - podSelector:
        matchLabels:
          name: home-assistant
    ports:
    - port: 1883
  podSelector:
    matchLabels:
      name: mosquitto
  policyTypes:
  - Ingress
  - Egress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: istio-ingressgateway
  namespace: istio-ingress
spec:
  ingress:
  - from:
    - ipBlock:
        cidr: 0.0.0.0/0
    ports:
    - port: 8443
  - from:
    - namespaceSelector:
        matchLabels:
          kubernetes.io/metadata.name: network-system
      podSelector:
        matchLabels:
          app: dex-k8s-authenticator
    ports:
    - port: 8443
  podSelector:
    matchLabels:
      app: istio-ingressgateway
  policyTypes:
  - Ingress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: default-allow-all
  namespace: nginx-ingress
spec:
  egress:
  - ports:
    - port: 53
      protocol: UDP
    - port: 53
      protocol: TCP
    to:
    - namespaceSelector:
        matchLabels:
          kubernetes.io/metadata.name: kube-system
      podSelector:
        matchLabels:
          k8s-app: kube-dns
  - {}
  - to:
    - ipBlock:
        cidr: 0.0.0.0/0
  - to:
    - ipBlock:
        cidr: 10.144.15.153/32
  - to:
    - podSelector: {}
  ingress:
  - from:
    - podSelector: {}
  - {}
  - from:
    - ipBlock:
        cidr: 0.0.0.0/0
    ports:
    - port: 443
  podSelector: {}
  policyTypes:
  - Ingress
  - Egress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: velero
  namespace: velero
spec:
  egress:
  - ports:
    - port: 53
      protocol: UDP
    - port: 53
      protocol: TCP
    to:
    - namespaceSelector:
        matchLabels:
          kubernetes.io/metadata.name: kube-system
      podSelector:
        matchLabels:
          k8s-app: kube-dns
  - ports:
    - port: 443
    to:
    - ipBlock:
        cidr: 0.0.0.0/0
  - ports:
    - port: 5757
      protocol: TCP
    to:
    - namespaceSelector:
        matchLabels:
          kubernetes.io/metadata.name: openebs
      podSelector:
        matchLabels:
          name: cvc-operator
  - {}
  podSelector:
    matchLabels:
      name: velero
  policyTypes:
  - Egress

Workflow: Lint, Action: __karancode_kustomize-github-action_2, Build Directory: k8s/namespaces/overlays/cluster-1/

github-actions · 2023-04-30T11:15:24Z

`kustomize build` Success

Show Output

apiVersion: v1
kind: Namespace
metadata:
  labels:
    toolkit.fluxcd.io/tenant: kube-guardian
  name: kube-guardian-tenant
---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    kustomize.toolkit.fluxcd.io/prune: disabled
    pod-security.kubernetes.io/audit: privileged
    pod-security.kubernetes.io/enforce: privileged
    pod-security.kubernetes.io/warn: privileged
    toolkit.fluxcd.io/tenant: kube-guardian
  name: xdp-log
---
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    toolkit.fluxcd.io/tenant: kube-guardian
  name: kube-guardian
  namespace: kube-guardian-tenant
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    toolkit.fluxcd.io/tenant: kube-guardian
  name: kube-guardian-reconciler
  namespace: kube-guardian-tenant
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- apiGroup: rbac.authorization.k8s.io
  kind: User
  name: gotk:kube-guardian-tenant:reconciler
- kind: ServiceAccount
  name: kube-guardian
  namespace: kube-guardian-tenant
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    toolkit.fluxcd.io/tenant: kube-guardian
  name: kube-guardian-tenant-reconciler
  namespace: xdp-log
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- apiGroup: rbac.authorization.k8s.io
  kind: User
  name: gotk:kube-guardian-tenant:reconciler
- kind: ServiceAccount
  name: kube-guardian
  namespace: kube-guardian-tenant
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: kube-guardian-tenant
  namespace: kube-guardian-tenant
spec:
  interval: 5m
  path: ./k8s/base/kube-guardian
  prune: true
  serviceAccountName: kube-guardian
  sourceRef:
    kind: GitRepository
    name: kube-guardian-tenant
    namespace: flux-system
  wait: false
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: default-deny-policy
  namespace: xdp-log
spec:
  egress: []
  ingress: []
  podSelector: {}
  policyTypes:
  - Ingress
  - Egress
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
  name: kube-guardian-tenant
  namespace: flux-system
spec:
  interval: 1m0s
  ref:
    branch: main
  secretRef:
    name: flux-system
  url: https://github.com/kube-guardian/guardian-controller.git

Workflow: Lint, Action: __karancode_kustomize-github-action_3, Build Directory: k8s/tenants/overlays/cluster-1/

jarvis-plus-bot · 2023-04-30T11:17:29Z

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Errors	Elapsed time
✅ ACTION	actionlint	1	0	0.1s
⚠️ REPOSITORY	checkov	yes	589	38.63s
✅ REPOSITORY	dustilock	yes	no	0.2s
✅ REPOSITORY	git_diff	yes	no	0.07s
✅ REPOSITORY	secretlint	yes	no	3.89s
⚠️ REPOSITORY	trivy	yes	1	119.07s
✅ SPELL	misspell	1	0	0.04s
⚠️ YAML	prettier	1	1	0.41s
✅ YAML	yamllint	1	0	0.24s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by

chore(deps): update actions/setup-python digest to 57ded4d

57c53c1

Signed-off-by: Jarvis Plus Bot <112913195+jarvis-plus-bot[bot]@users.noreply.github.com>

jarvis-plus-bot bot requested a review from xunholy as a code owner April 30, 2023 11:06

jarvis-plus-bot bot added renovate/github-release renovate/github-action labels Apr 30, 2023

jarvis-plus-bot bot merged commit 118daf9 into main Apr 30, 2023

jarvis-plus-bot bot deleted the renovate/actions-setup-python-digest branch April 30, 2023 12:06

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update actions/setup-python digest to 57ded4d #1641

chore(deps): update actions/setup-python digest to 57ded4d #1641

jarvis-plus-bot bot commented Apr 30, 2023

github-actions bot commented Apr 30, 2023

github-actions bot commented Apr 30, 2023

jarvis-plus-bot bot commented Apr 30, 2023

chore(deps): update actions/setup-python digest to 57ded4d #1641

chore(deps): update actions/setup-python digest to 57ded4d #1641

Conversation

jarvis-plus-bot bot commented Apr 30, 2023

⚠ Dependency Lookup Warnings ⚠

Configuration

github-actions bot commented Apr 30, 2023

kustomize build Success

github-actions bot commented Apr 30, 2023

kustomize build Success

jarvis-plus-bot bot commented Apr 30, 2023

🦙 MegaLinter status: ⚠️ WARNING

`kustomize build` Success

`kustomize build` Success