From 5dfa31af20ab0085b98238a2f5a375339a0417ef Mon Sep 17 00:00:00 2001
From: Theron Voran <tvoran@users.noreply.github.com>
Date: Thu, 13 Jun 2024 19:28:03 -0700
Subject: [PATCH 1/2] Update to go 1.22.4 and k8s versions 1.26-1.30

Also configure dependabot for hashicorp actions, and set latest
trusted actions.
---
 .github/dependabot.yaml                  | 21 +++++++++++++++++++++
 .github/workflows/bulk-dep-upgrades.yaml |  3 +--
 .github/workflows/jira.yaml              |  2 +-
 .github/workflows/tests.yaml             | 10 +++++-----
 .go-version                              |  2 +-
 CHANGELOG.md                             |  2 ++
 go.mod                                   |  2 +-
 7 files changed, 32 insertions(+), 10 deletions(-)
 create mode 100644 .github/dependabot.yaml

diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
new file mode 100644
index 00000000..d597d150
--- /dev/null
+++ b/.github/dependabot.yaml
@@ -0,0 +1,21 @@
+---
+version: 2
+
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    labels: ["dependencies"]
+    groups:
+      github-actions-breaking:
+        update-types:
+          - major
+      github-actions-backward-compatible:
+        update-types:
+          - minor
+          - patch
+    # only update internal github actions, external github actions are handled
+    # by https://github.com/hashicorp/security-tsccr/tree/main/automation
+    allow:
+      - dependency-name: "hashicorp/*"
diff --git a/.github/workflows/bulk-dep-upgrades.yaml b/.github/workflows/bulk-dep-upgrades.yaml
index 1e7714de..697d2b6e 100644
--- a/.github/workflows/bulk-dep-upgrades.yaml
+++ b/.github/workflows/bulk-dep-upgrades.yaml
@@ -11,7 +11,6 @@ jobs:
     secrets:
       VAULT_ECO_GITHUB_TOKEN: ${{ secrets.VAULT_ECO_GITHUB_TOKEN }}
     with:
-      # either hashicorp/vault-ecosystem-applications or hashicorp/vault-ecosystem-foundations
-      reviewer-team: hashicorp/vault-ecosystem-foundations
+      reviewer-team: hashicorp/vault-ecosystem
       repository: ${{ github.repository }}
       run-id: ${{ github.run_id }}
diff --git a/.github/workflows/jira.yaml b/.github/workflows/jira.yaml
index 0f73ec38..333579bf 100644
--- a/.github/workflows/jira.yaml
+++ b/.github/workflows/jira.yaml
@@ -14,4 +14,4 @@ jobs:
       JIRA_SYNC_USER_EMAIL: ${{ secrets.JIRA_SYNC_USER_EMAIL }}
       JIRA_SYNC_API_TOKEN: ${{ secrets.JIRA_SYNC_API_TOKEN }}
     with:
-      teams-array: '["ecosystem", "foundations-eco"]'
+      teams-array: '["vault-eco"]'
diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml
index 35c91416..d7f1928f 100644
--- a/.github/workflows/tests.yaml
+++ b/.github/workflows/tests.yaml
@@ -6,7 +6,7 @@ jobs:
   fmtcheck:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
       - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
         with:
           go-version-file: .go-version
@@ -15,7 +15,7 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
       - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
         with:
           go-version-file: .go-version
@@ -27,13 +27,13 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        kind-k8s-version: [1.24.15, 1.25.11, 1.26.6, 1.27.3, 1.28.0]
+        kind-k8s-version: [1.26.15, 1.27.13, 1.28.9, 1.29.4, 1.30.0]
     steps:
-      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
       - name: Create K8s Kind Cluster
         uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
         with:
-          version: v0.20.0
+          version: v0.23.0
           cluster_name: vault-plugin-auth-kubernetes
           node_image: kindest/node:v${{ matrix.kind-k8s-version }}
       - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
diff --git a/.go-version b/.go-version
index 6fee2fed..2a0ba77c 100644
--- a/.go-version
+++ b/.go-version
@@ -1 +1 @@
-1.22.2
+1.22.4
diff --git a/CHANGELOG.md b/CHANGELOG.md
index a15949d5..0f101e9d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,8 @@
 
 ### Changes
 
+* Building with go 1.22.4
+* Testing with k8s 1.26-1.30
 * Updated dependencies
   * `github.com/hashicorp/go-hclog` v1.6.2 -> v1.6.3
   * `github.com/hashicorp/vault/api` v1.12.2 -> v1.14.0
diff --git a/go.mod b/go.mod
index 34c1b615..40fefffb 100644
--- a/go.mod
+++ b/go.mod
@@ -2,7 +2,7 @@ module github.com/hashicorp/vault-plugin-auth-kubernetes
 
 go 1.22.0
 
-toolchain go1.22.2
+toolchain go1.22.4
 
 require (
 	github.com/go-test/deep v1.1.0

From a3b5ad6c6ed680d2f595b591a8259a4e9baf9fe2 Mon Sep 17 00:00:00 2001
From: Theron Voran <tvoran@users.noreply.github.com>
Date: Tue, 25 Jun 2024 16:21:22 -0700
Subject: [PATCH 2/2] license++

---
 .github/dependabot.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
index d597d150..bdd16cb0 100644
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -1,3 +1,6 @@
+# Copyright (c) HashiCorp, Inc.
+# SPDX-License-Identifier: MPL-2.0
+
 ---
 version: 2