Bump the ci group with 3 updates

[dependabot]

Bumps the ci group with 3 updates: helm/kind-action, fluxcd/flux2 and peter-evans/create-pull-request.

Updates helm/kind-action from 1.8.0 to 1.9.0

Release notes

Sourced from helm/kind-action's releases.

v1.9.0

What's Changed

• Bump actions/checkout from 3.3.0 to 3.5.3 by @​dependabot in helm/kind-action#90
• Bump actions/checkout from 3.5.3 to 3.6.0 by @​dependabot in helm/kind-action#96
• Bump actions/checkout from 3.6.0 to 4.0.0 by @​dependabot in helm/kind-action#97
• Bump actions/checkout from 4.0.0 to 4.1.0 by @​dependabot in helm/kind-action#98
• Bump actions/checkout from 4.1.0 to 4.1.1 by @​dependabot in helm/kind-action#99
• chore: Bump node version to node20 by @​sayboras in helm/kind-action#102
• Fix arch detection in non-Debian distros by @​musse in helm/kind-action#93
• docs: fix default version in action.yml by @​dunglas in helm/kind-action#91
• docs: bump outdated action version in README by @​dunglas in helm/kind-action#92

New Contributors

• @​musse made their first contribution in helm/kind-action#93
• @​dunglas made their first contribution in helm/kind-action#91

Full Changelog: helm/kind-action@v1.8.0...v1.9.0

Commits

• 99576bf docs: bump outdated action version in README (#92)
• 0ca85d0 docs: fix default version in action.yml (#91)
• fc8d4ed Fix arch detection in non-Debian distros (#93)
• 4be822c chore: Bump node version to node20 (#102)
• 100421e Bump actions/checkout from 4.1.0 to 4.1.1 (#99)
• 5adb538 Bump actions/checkout from 4.0.0 to 4.1.0 (#98)
• 49375a6 Bump actions/checkout from 3.6.0 to 4.0.0 (#97)
• 2d498b1 Bump actions/checkout from 3.5.3 to 3.6.0 (#96)
• 77db130 Bump actions/checkout from 3.3.0 to 3.5.3 (#90)
• See full diff in compare view

Updates fluxcd/flux2 from 2.2.2 to 2.2.3

Release notes

Sourced from fluxcd/flux2's releases.

v2.2.3

Highlights

Flux v2.2.3 is a patch release which comes with various fixes and improvements. Users are encouraged to upgrade for the best experience.

💡 For upgrading to Flux v2.2, please see the procedure documented in 2.2.0.

This release updates the Kubernetes dependencies to v1.28.6 and various other dependencies to their latest version to patch upstream CVEs.

All controllers are built with Go 1.21.6 using Alpine Linux 3.19.1 base image.

[!NOTE] Due to breaking changes in Helm v3.14.0, the helm-controller version included in this patch release comes with Helm SDK v3.13.3. A preview build of the helm-controller with the latest Helm SDK is available at helm-controller#879.

Fixes:

• Reconciling empty directories and directories without Kubernetes manifests no longer results in an error. This regressing bug was introduced with the kustomize-controller upgrade to Kustomize v5.3 and has been fixed in this patch release.
• The regression due to which Roles and ClusterRoles with aggregated roles were continuous reconciled by kustomize-controller has been fixed.
• Fix the Git revision displaying when notification-controller sends alerts to Grafana.
• The HelmRelease status reporting has been improved by ensuring that the stale failure conditions get updated after failure recovery.

See the components changelog for a full list of bug fixes.

Components changelog

• source-controller v1.2.4
• kustomize-controller v1.2.2
• notification-controller v1.2.4
• helm-controller v0.37.4
• image-reflector-controller v0.31.2
• image-automation-controller v0.37.1

CLI Changelog

• PR #4589 - @​stefanprodan - Update dependencies
• PR #4585 - @​dependabot[bot] - build(deps): bump the ci group with 3 updates
• PR #4583 - @​fluxcdbot - Update toolkit components
• PR #4575 - @​stefanprodan - Update dependencies to Kubernetes v1.28.6
• PR #4573 - @​dependabot[bot] - build(deps): bump the ci group with 5 updates
• PR #4558 - @​twinguy - flux check should error on unrecognised args
• PR #4557 - @​twinguy - flux stats should error on unrecognised args
• PR #4554 - @​dependabot[bot] - build(deps): bump the ci group with 3 updates
• PR #4553 - @​twinguy - Properly detect unexpected arguments during uninstall
• PR #4535 - @​dependabot[bot] - build(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7
• PR #4533 - @​darkowlzz - tests/int: Add separate resource cleanup step

Commits

• 5346846 Merge pull request #4591 from fluxcd/backport-4589-to-release/v2.2.x
• 1feda85 Update dependencies
• e3cdb19 Merge pull request #4588 from fluxcd/backport-4583-to-release/v2.2.x
• cb0cf95 Update toolkit components
• 81f8bf8 Merge pull request #4587 from fluxcd/backport-4585-to-release/v2.2.x
• aa4cad4 build(deps): bump the ci group with 3 updates
• a3550cc Merge pull request #4577 from fluxcd/backport-4554-to-release/v2.2.x
• 384d472 build(deps): bump the ci group with 3 updates
• aabdd28 Merge pull request #4576 from fluxcd/backport-4575-to-release/v2.2.x
• 297c0f0 Update dependencies to Kubernetes v1.28.6
• Additional commits viewable in compare view

Updates peter-evans/create-pull-request from 5.0.2 to 6.0.0

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v6.0.0

Behaviour changes

• The default values for author and committer have changed. See "What's new" below for details. If you are overriding the default values you will not be affected by this change.
• On completion, the action now removes the temporary git remote configuration it adds when using push-to-fork. This should not affect you unless you were using the temporary configuration for some other purpose after the action completes.

What's new

• Updated runtime to Node.js 20
  • The action now requires a minimum version of v2.308.0 for the Actions runner. Update self-hosted runners to v2.308.0 or later to ensure compatibility.
• The default value for author has been changed to ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>. The change adds the ${{ github.actor_id }}+ prefix to the email address to align with GitHub's standard format for the author email address.
• The default value for committer has been changed to github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>. This is to align with the default GitHub Actions bot user account.
• Adds input git-token, the Personal Access Token (PAT) that the action will use for git operations. This input defaults to the value of token. Use this input if you would like the action to use a different token for git operations than the one used for the GitHub API.
• push-to-fork now supports pushing to sibling repositories in the same network.
• Previously, when using push-to-fork, the action did not remove temporary git remote configuration it adds during execution. This has been fixed and the configuration is now removed when the action completes.
• If the pull request body is truncated due to exceeding the maximum length, the action will now suffix the body with the message "...[Pull request body truncated]" to indicate that the body has been truncated.
• The action now uses --unshallow only when necessary, rather than as a default argument of git fetch. This should improve performance, particularly for large git repositories with extensive commit history.
• The action can now be executed on one GitHub server and create pull requests on a different GitHub server. Server products include GitHub hosted (github.com), GitHub Enterprise Server (GHES), and GitHub Enterprise Cloud (GHEC). For example, the action can be executed on GitHub hosted and create pull requests on a GHES or GHEC instance.

What's Changed

• Update distribution by @​actions-bot in peter-evans/create-pull-request#2086
• fix crazy-max/ghaction-import-gp parameters by @​fharper in peter-evans/create-pull-request#2177
• Update distribution by @​actions-bot in peter-evans/create-pull-request#2364
• Use checkout v4 by @​okuramasafumi in peter-evans/create-pull-request#2521
• Note about delete-branch by @​dezren39 in peter-evans/create-pull-request#2631
• 98 dependency updates by @​dependabot

New Contributors

• @​fharper made their first contribution in peter-evans/create-pull-request#2177
• @​okuramasafumi made their first contribution in peter-evans/create-pull-request#2521
• @​dezren39 made their first contribution in peter-evans/create-pull-request#2631

Full Changelog: peter-evans/create-pull-request@v5.0.2...v6.0.0

Commits

• b1ddad2 feat: v6 (#2717)
• bb80902 build(deps-dev): bump @​types/node from 18.19.8 to 18.19.10 (#2712)
• e0037d4 build(deps): bump peter-evans/create-or-update-comment from 3 to 4 (#2702)
• 94b1f99 build(deps): bump peter-evans/find-comment from 2 to 3 (#2703)
• 69c27ea build(deps-dev): bump ts-jest from 29.1.1 to 29.1.2 (#2685)
• 7ea722a build(deps-dev): bump prettier from 3.2.2 to 3.2.4 (#2684)
• 5ee839a build(deps-dev): bump @​types/node from 18.19.7 to 18.19.8 (#2683)
• 60fc256 build(deps-dev): bump eslint-plugin-prettier from 5.1.2 to 5.1.3 (#2660)
• 0c67723 build(deps-dev): bump @​types/node from 18.19.5 to 18.19.7 (#2661)
• 4e288e8 build(deps-dev): bump prettier from 3.1.1 to 3.2.2 (#2659)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions