Releases: ministryofjustice/modernisation-platform-github-oidc-provider
Releases · ministryofjustice/modernisation-platform-github-oidc-provider
Updating thumbprint_list of the github_actions OIDC provider
This is to fix the issue addressed in this slack thread.
This release also includes security updates listed below.
What's Changed
- Bump bridgecrewio/checkov-action from 12.2388.0 to 12.2393.0 by @dependabot in #140
- Bump bridgecrewio/checkov-action from 12.2393.0 to 12.2395.0 by @dependabot in #141
- Bump bridgecrewio/checkov-action from 12.2395.0 to 12.2398.0 by @dependabot in #142
- Bump bridgecrewio/checkov-action from 12.2398.0 to 12.2400.0 by @dependabot in #143
- Bump bridgecrewio/checkov-action from 12.2400.0 to 12.2402.0 by @dependabot in #145
- Bump ministryofjustice/github-actions from 13 to 14 by @dependabot in #144
- Bump bridgecrewio/checkov-action from 12.2402.0 to 12.2404.0 by @dependabot in #147
- Bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in #146
- Bump bridgecrewio/checkov-action from 12.2404.0 to 12.2408.0 by @dependabot in #150
- ❇️ Add GitHub known TLS thumbprints by @jacobwoffenden in #151
New Contributors
- @jacobwoffenden made their first contribution in #151
Full Changelog: v3.0.0...v3.0.1
Contributors
jacobwoffenden and dependabot
Assets 2
v3.0.0
Breaking Changes
- AWS Provider constraint is now set to
~> 5.x. - This will conflict with modules that enforce a constraint of
~> 4.x. You can useterraform providersto show any potential conflicts.
What's Changed
- Bump github/codeql-action from 2.2.3 to 2.2.4 by @dependabot in #40
- Bump github.com/hashicorp/go-getter from 1.6.1 to 1.7.0 in /test by @dependabot in #42
- Added code scanning workflow task by @dms1981 in #43
- Ensure sarif upload runs regardless of scanning exit code by @dms1981 in #47
- Bump actions/cache from 3.2.5 to 3.2.6 by @dependabot in #46
- Bump bridgecrewio/checkov-action from 12.2138.0 to 12.2149.0 by @dependabot in #45
- Update code-scanning to support GITHUB_TOKEN, scoped permissions, added scan exclusions by @dms1981 in #48
- Bump github/codeql-action from 2.2.4 to 2.2.5 by @dependabot in #50
- Bump bridgecrewio/checkov-action from 12.2151.0 to 12.2155.0 by @dependabot in #49
- Bump bridgecrewio/checkov-action from 12.2155.0 to 12.2164.0 by @dependabot in #52
- Bump bridgecrewio/checkov-action from 12.2164.0 to 12.2166.0 by @dependabot in #53
- Bump golang.org/x/crypto from 0.0.0-20210921155107-089bfa567519 to 0.1.0 in /test by @dependabot in #51
- Bump golang.org/x/net from 0.1.0 to 0.7.0 in /test by @dependabot in #44
- Bump bridgecrewio/checkov-action from 12.2166.0 to 12.2172.0 by @dependabot in #55
- Bump ministryofjustice/github-actions from 10 to 11 by @dependabot in #57
- Amended version constraint for terratest workflow by @dms1981 in #56
- Bump bridgecrewio/checkov-action from 12.2172.0 to 12.2183.0 by @dependabot in #58
- Bump bridgecrewio/checkov-action from 12.2183.0 to 12.2184.0 by @dependabot in #59
- Bump bridgecrewio/checkov-action from 12.2184.0 to 12.2188.0 by @dependabot in #60
- Bump actions/cache from 3.2.6 to 3.3.0 by @dependabot in #61
- Bump github/codeql-action from 2.2.5 to 2.2.6 by @dependabot in #62
- Bump bridgecrewio/checkov-action from 12.2188.0 to 12.2201.0 by @dependabot in #63
- Bump bridgecrewio/checkov-action from 12.2201.0 to 12.2203.0 by @dependabot in #68
- Bump actions/checkout from 3.3.0 to 3.4.0 by @dependabot in #65
- Bump github/codeql-action from 2.2.6 to 2.2.7 by @dependabot in #66
- Bump actions/setup-go from 3.5.0 to 4.0.0 by @dependabot in #67
- Bump bridgecrewio/checkov-action from 12.2203.0 to 12.2204.0 by @dependabot in #69
- Bump bridgecrewio/checkov-action from 12.2204.0 to 12.2216.0 by @dependabot in #70
- Bump bridgecrewio/checkov-action from 12.2216.0 to 12.2223.0 by @dependabot in #74
- Bump github/codeql-action from 2.2.7 to 2.2.8 by @dependabot in #72
- Bump github/codeql-action from 2.2.8 to 2.2.9 by @dependabot in #76
- Bump bridgecrewio/checkov-action from 12.2223.0 to 12.2232.0 by @dependabot in #75
- Bump actions/checkout from 3.4.0 to 3.5.0 by @dependabot in #73
- Bump bridgecrewio/checkov-action from 12.2232.0 to 12.2236.0 by @dependabot in #77
- Bump bridgecrewio/checkov-action from 12.2236.0 to 12.2242.0 by @dependabot in #78
- Bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @dependabot in #80
- Bump bridgecrewio/checkov-action from 12.2242.0 to 12.2256.0 by @dependabot in #82
- Bump bridgecrewio/checkov-action from 12.2256.0 to 12.2258.0 by @dependabot in #83
- Bump github/codeql-action from 2.2.9 to 2.2.10 by @dependabot in #84
- Bump github/codeql-action from 2.2.10 to 2.2.11 by @dependabot in #85
- Bump bridgecrewio/checkov-action from 12.2258.0 to 12.2264.0 by @dependabot in #86
- Bump bridgecrewio/checkov-action from 12.2264.0 to 12.2265.0 by @dependabot in #87
- Bump actions/checkout from 3.5.0 to 3.5.1 by @dependabot in #88
- Bump actions/cache from 3.3.0 to 3.3.1 by @dependabot in #64
- Bump github/codeql-action from 2.2.11 to 2.2.12 by @dependabot in #89
- Bump actions/checkout from 3.5.1 to 3.5.2 by @dependabot in #92
- Bump bridgecrewio/checkov-action from 12.2265.0 to 12.2270.0 by @dependabot in #90
- Bump bridgecrewio/checkov-action from 12.2270.0 to 12.2280.0 by @dependabot in #93
- Bump bridgecrewio/checkov-action from 12.2280.0 to 12.2286.0 by @dependabot in #95
- Bump bridgecrewio/checkov-action from 12.2286.0 to 12.2289.0 by @dependabot in #96
- Bump bridgecrewio/checkov-action from 12.2289.0 to 12.2294.0 by @dependabot in #97
- Bump bridgecrewio/checkov-action from 12.2294.0 to 12.2301.0 by @dependabot in #99
- Bump github/codeql-action from 2.2.12 to 2.3.0 by @dependabot in #98
- Bump bridgecrewio/checkov-action from 12.2301.0 to 12.2305.0 by @dependabot in #100
- Bump github/codeql-action from 2.3.0 to 2.3.2 by @dependabot in #101
- Bump bridgecrewio/checkov-action from 12.2305.0 to 12.2314.0 by @dependabot in #103
- Bump bridgecrewio/checkov-action from 12.2314.0 to 12.2316.0 by @dependabot in #104
- Bump bridgecrewio/checkov-action from 12.2316.0 to 12.2322.0 by @dependabot in #105
- Bump github/codeql-action from 2.3.2 to 2.3.3 by @dependabot in #107
- Bump bridgecrewio/checkov-action...
Contributors
dms1981, dependabot, and SteveLinden
Assets 2
v2.1.0
What's Changed
- Add OSSF scorecards and pin github actions to specific versions as recommended in the github actions security hardening guidance by @davidkelliott in #14
- Remove reliance on remote backend by @dms1981 in #16
- Github actions security improvements by @davidkelliott in #18
- Remove deprecated attribute by @davidkelliott in #23
- Bump actions/checkout to 3.2.0 by @dependabot in #25
- Bump actions/setup-go to 3.5.0 by @dependabot in #24
- Bump ossf/scorecard-action to 2.1.2 by @dependabot in #30
- Bump actions/checkout to 3.3.0 by @dependabot in #31
- Bump actions/upload-artifact to 3.1.2 by @dependabot in #32
- Bump ministryofjustice/github-actions from 9 to 10 by @dependabot in #33
- Bump github/codeql-action to 2.2.3 by @dependabot in #39
- Adding option to specify OIDC role name. by @julialawrence in #41
Full Changelog: v2.0.0...v2.1.0
Contributors
dms1981, davidkelliott, and 2 other contributors
Assets 2
Adding ability to pass multiple repos
Breaking Changes!!!
var.github_repository of type string is now var.github_repositories of type list(string) to allow using the default iam role in multiple repos.
Full Changelog: v.1.2.0...v2.0.0
What's Changed
- Bump hashicorp/setup-terraform from 2.0.0 to 2.0.2 by @dependabot in #10
- Bump hashicorp/setup-terraform from 2.0.2 to 2.0.3 by @dependabot in #12
- Refactor OIDC Module by @julialawrence in #13
New Contributors
- @dependabot made their first contribution in #10
Contributors
dependabot and julialawrence
Assets 2
Adding Managed Policy list variable
v1.2.0 Merge pull request #9 from ministryofjustice/feature/add-managed-poli…
v1.1.0
v1.0.1
v1.0.0 - Initial Release
Contributors
dms1981