From 31740353844781074bc249a43c0947ae7e5ee212 Mon Sep 17 00:00:00 2001
From: Christoph Hamsen <hamsen.christoph@posteo.de>
Date: Fri, 24 May 2024 17:30:26 +0200
Subject: [PATCH 1/4] ci: add integration tests for k8s v1.30

---
 .github/workflows/.reusable-integration-test.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/.reusable-integration-test.yml b/.github/workflows/.reusable-integration-test.yml
index 1befcce..3a6ae62 100644
--- a/.github/workflows/.reusable-integration-test.yml
+++ b/.github/workflows/.reusable-integration-test.yml
@@ -144,10 +144,10 @@ jobs:
       fail-fast: false
       matrix:
         k8s-version: [
-            "v1.26",
             "v1.27",
             "v1.28",
             "v1.29",
+            "v1.30",
           ]
     steps:
       - name: Checkout code
@@ -202,6 +202,7 @@ jobs:
             "v1.23",
             "v1.24",
             "v1.25",
+            "v1.26",
           ]
     steps:
       - name: Checkout code

From 7df4e955fc082ba2a4ed2960f8c8de4dc09760be Mon Sep 17 00:00:00 2001
From: Christoph Hamsen <hamsen.christoph@posteo.de>
Date: Mon, 27 May 2024 11:52:31 +0200
Subject: [PATCH 2/4] ci: adjust grype severity cutoff to high

---
 .github/actions/grype/action.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/actions/grype/action.yaml b/.github/actions/grype/action.yaml
index 058f4e5..ee35694 100644
--- a/.github/actions/grype/action.yaml
+++ b/.github/actions/grype/action.yaml
@@ -33,6 +33,7 @@ runs:
       with:
         image: ${{ inputs.image }}
         fail-build: true
+        severity-cutoff: high
         output-format: table
     - name: Scan
       id: scan

From 75f2cf8978b0038919cdbabab9064c9e6c1732e7 Mon Sep 17 00:00:00 2001
From: Christoph Hamsen <hamsen.christoph@posteo.de>
Date: Mon, 27 May 2024 16:27:01 +0200
Subject: [PATCH 3/4] ci: add semgrep platform integration

---
 .github/workflows/.reusable-sast.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/.reusable-sast.yml b/.github/workflows/.reusable-sast.yml
index ef96a35..3fb8e53 100644
--- a/.github/workflows/.reusable-sast.yml
+++ b/.github/workflows/.reusable-sast.yml
@@ -236,7 +236,9 @@ jobs:
     permissions:
       security-events: write
     container:
-      image: returntocorp/semgrep
+      image: semgrep/semgrep
+    env:
+      SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
     steps:
       - name: Checkout code
         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6

From dec61caa21ba0882390f9a98cb3554787a16032c Mon Sep 17 00:00:00 2001
From: Christoph Hamsen <hamsen.christoph@posteo.de>
Date: Mon, 27 May 2024 17:47:09 +0200
Subject: [PATCH 4/4] update: semgr8s v0.1.18

---
 charts/semgr8s/Chart.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/charts/semgr8s/Chart.yaml b/charts/semgr8s/Chart.yaml
index 64e897c..4f1a895 100644
--- a/charts/semgr8s/Chart.yaml
+++ b/charts/semgr8s/Chart.yaml
@@ -2,8 +2,8 @@ apiVersion: v2
 name: semgr8s
 description: Semgrep-based Policy Controller for Kubernetes
 type: application
-version: "0.1.17"
-appVersion: "0.1.17"
+version: "0.1.18"
+appVersion: "0.1.18"
 keywords:
   - kubernetes
   - admission controller