chore(deps): update support-deps to v1 (#70)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[defenseunicorns/uds-common](https://redirect.github.com/defenseunicorns/uds-common)
| | major | `v0.10.0` -> `v1.1.0` |
|
[defenseunicorns/uds-common](https://redirect.github.com/defenseunicorns/uds-common)
| action | major | `v0.10.0` -> `v1.1.0` |

---

### Release Notes

<details>
<summary>defenseunicorns/uds-common
(defenseunicorns/uds-common)</summary>

###
[`v1.1.0`](https://redirect.github.com/defenseunicorns/uds-common/releases/tag/v1.1.0)

[Compare
Source](https://redirect.github.com/defenseunicorns/uds-common/compare/v1.0.0...v1.1.0)

##### ⚠ BREAKING CHANGES

- update the license to AGPLv3 or Commercial
([#&#8203;286](https://redirect.github.com/defenseunicorns/uds-common/issues/286))

##### Bug Fixes

- modified jq command
([#&#8203;292](https://redirect.github.com/defenseunicorns/uds-common/issues/292))
([d566e86](https://redirect.github.com/defenseunicorns/uds-common/commit/d566e86c5a78f2124116113ea3ed35695caec5be))
- simplify git command for flavor checks
([#&#8203;290](https://redirect.github.com/defenseunicorns/uds-common/issues/290))
([72c4e35](https://redirect.github.com/defenseunicorns/uds-common/commit/72c4e35d5f9f6ed877c184cf748e67a77e4fa771))
- upgrade test not cloning in private repos
([#&#8203;295](https://redirect.github.com/defenseunicorns/uds-common/issues/295))
([1dde808](https://redirect.github.com/defenseunicorns/uds-common/commit/1dde808b943c554edcd401fb814d504ee74117c0))

##### Miscellaneous

- **badging:** include unicorn flavor suggstion for bronze
([#&#8203;288](https://redirect.github.com/defenseunicorns/uds-common/issues/288))
([f668b06](https://redirect.github.com/defenseunicorns/uds-common/commit/f668b06f1597efd3c701a47ce28de1d8f298b1b8))
- **deps:** update support-deps to v4.4.3
([#&#8203;282](https://redirect.github.com/defenseunicorns/uds-common/issues/282))
([13d35ef](https://redirect.github.com/defenseunicorns/uds-common/commit/13d35ef9831c71cc217ef43f2c13562f40a3ec5b))
- **deps:** update uds common package dependencies to v1.27.2
([#&#8203;229](https://redirect.github.com/defenseunicorns/uds-common/issues/229))
([5b6a722](https://redirect.github.com/defenseunicorns/uds-common/commit/5b6a7223469bddf79be079baab1e3333a01c71e5))
- disable stale PR rebasing for renovate
([#&#8203;284](https://redirect.github.com/defenseunicorns/uds-common/issues/284))
([27ca69e](https://redirect.github.com/defenseunicorns/uds-common/commit/27ca69e53d980672b655b03ee854d2e7ea0462dc))
- have addlicense ignore gitignored files
([#&#8203;294](https://redirect.github.com/defenseunicorns/uds-common/issues/294))
([1bf662e](https://redirect.github.com/defenseunicorns/uds-common/commit/1bf662e890a238bf49234e9768d5fa7078d4fdb3))
- make all Maru references local includes
([#&#8203;287](https://redirect.github.com/defenseunicorns/uds-common/issues/287))
([727db0f](https://redirect.github.com/defenseunicorns/uds-common/commit/727db0fae26a4397361bab84de18dd253a755c79))
- update the license to AGPLv3 or Commercial
([#&#8203;286](https://redirect.github.com/defenseunicorns/uds-common/issues/286))
([2a9ca00](https://redirect.github.com/defenseunicorns/uds-common/commit/2a9ca00409f3bb513d2f256bcf1a91146b94d514))

###
[`v1.0.0`](https://redirect.github.com/defenseunicorns/uds-common/releases/tag/v1.0.0)

[Compare
Source](https://redirect.github.com/defenseunicorns/uds-common/compare/v0.13.1...v1.0.0)

##### ⚠ BREAKING CHANGES

- remove with.assessment_results from oscal tasks
([#&#8203;276](https://redirect.github.com/defenseunicorns/uds-common/issues/276))
- update the publish task to avoid name collision
([#&#8203;267](https://redirect.github.com/defenseunicorns/uds-common/issues/267))
- **task:** add optional config input to create, deploy package and
bundle tasks
([#&#8203;262](https://redirect.github.com/defenseunicorns/uds-common/issues/262))
- add shell linting to uds-common linting
([#&#8203;258](https://redirect.github.com/defenseunicorns/uds-common/issues/258))
- update uds common gh actions to use uds run conditionals
([#&#8203;254](https://redirect.github.com/defenseunicorns/uds-common/issues/254))

##### Features

- **task:** add optional config input to create, deploy package and
bundle tasks
([#&#8203;262](https://redirect.github.com/defenseunicorns/uds-common/issues/262))
([3d3e9cb](https://redirect.github.com/defenseunicorns/uds-common/commit/3d3e9cb82e6664a4250782e6ae3a4e1112cfe5be))
- update uds common gh actions to use uds run conditionals
([#&#8203;254](https://redirect.github.com/defenseunicorns/uds-common/issues/254))
([c9d92f0](https://redirect.github.com/defenseunicorns/uds-common/commit/c9d92f0481d147e362d359447b487ab1c1560f31))

##### Bug Fixes

- add runner.arch to upload-artifacts name
([#&#8203;269](https://redirect.github.com/defenseunicorns/uds-common/issues/269))
([4abe414](https://redirect.github.com/defenseunicorns/uds-common/commit/4abe414fa5460bc9e98b53f2e830b41e2e01cf26))
- add test artifact uploads to callable workflows
([#&#8203;275](https://redirect.github.com/defenseunicorns/uds-common/issues/275))
([02e5c07](https://redirect.github.com/defenseunicorns/uds-common/commit/02e5c072465f1b06a05760fd4d1d12e070c22155))
- broken hyperlink in guide.md
([#&#8203;272](https://redirect.github.com/defenseunicorns/uds-common/issues/272))
([6b152a4](https://redirect.github.com/defenseunicorns/uds-common/commit/6b152a4905ce4b8d212519e3fff4ff99dbaf7e50))
- refactor top level tasks
([#&#8203;277](https://redirect.github.com/defenseunicorns/uds-common/issues/277))
([b7f6894](https://redirect.github.com/defenseunicorns/uds-common/commit/b7f68947d4082a7cb3128271476f65c61b3a9261))
- remove with.assessment_results from oscal tasks
([#&#8203;276](https://redirect.github.com/defenseunicorns/uds-common/issues/276))
([bb8bb4b](https://redirect.github.com/defenseunicorns/uds-common/commit/bb8bb4b4df897b8aa747f5fe6e3ddd3fa40017b9))
- test/publish workflow upload and default behavior
([#&#8203;279](https://redirect.github.com/defenseunicorns/uds-common/issues/279))
([1851a1c](https://redirect.github.com/defenseunicorns/uds-common/commit/1851a1cb3f532f83a70c09e8bb513fcc6bb64bd1))
- update publish permissions
([#&#8203;263](https://redirect.github.com/defenseunicorns/uds-common/issues/263))
([2e57869](https://redirect.github.com/defenseunicorns/uds-common/commit/2e57869b41d1f523ca37b2a3da035a580fc7d6d0))
- update the publish task to avoid name collision
([#&#8203;267](https://redirect.github.com/defenseunicorns/uds-common/issues/267))
([6a176ff](https://redirect.github.com/defenseunicorns/uds-common/commit/6a176ffd18ece28b759eb4e20f2e082ff0e079fb))

##### Miscellaneous

- add an ADR to document workflow/job names
([#&#8203;260](https://redirect.github.com/defenseunicorns/uds-common/issues/260))
([0685c7c](https://redirect.github.com/defenseunicorns/uds-common/commit/0685c7cac904ebe5f746770f9488210498d4463d))
- add shell linting to uds-common linting
([#&#8203;258](https://redirect.github.com/defenseunicorns/uds-common/issues/258))
([82e9137](https://redirect.github.com/defenseunicorns/uds-common/commit/82e9137642cb5dc0ba41cb33ad1ae44258549d19))
- correct the release workflow path on README
([#&#8203;265](https://redirect.github.com/defenseunicorns/uds-common/issues/265))
([62c9a5f](https://redirect.github.com/defenseunicorns/uds-common/commit/62c9a5f0a14a8215d5d7e55e1b11d0d77003c8e1))
- **deps:** update uds common support dependencies
([#&#8203;250](https://redirect.github.com/defenseunicorns/uds-common/issues/250))
([c828932](https://redirect.github.com/defenseunicorns/uds-common/commit/c82893264fffadfd0d84ca239a9459e6e55b9635))
- **docs:** restructure and introduce metadata guidelines
([#&#8203;266](https://redirect.github.com/defenseunicorns/uds-common/issues/266))
([6828f10](https://redirect.github.com/defenseunicorns/uds-common/commit/6828f10932a65d5fbbaf5994e2c23ddd1cd27255))
- refactor and improve badge verification task
([#&#8203;249](https://redirect.github.com/defenseunicorns/uds-common/issues/249))
([82e63be](https://redirect.github.com/defenseunicorns/uds-common/commit/82e63be82766a2e550a847af904b2d738c9d3478))
- update practices around maintaining the UDS Common framework
([#&#8203;253](https://redirect.github.com/defenseunicorns/uds-common/issues/253))
([a733122](https://redirect.github.com/defenseunicorns/uds-common/commit/a7331224f153532361d32d0b02de6cbe7361ffe3))
- update the codeowners for the repo
([#&#8203;264](https://redirect.github.com/defenseunicorns/uds-common/issues/264))
([6359020](https://redirect.github.com/defenseunicorns/uds-common/commit/6359020fa85b88f3360d0813f3da1d5e1f51134c))
- **deps:** update uds common support dependencies
([#&#8203;278](https://redirect.github.com/defenseunicorns/uds-common/issues/278))
([e71432f](https://redirect.github.com/defenseunicorns/uds-common/commit/e71432f261fa03b60c7bf5845e749476390e104b))

###
[`v0.13.1`](https://redirect.github.com/defenseunicorns/uds-common/releases/tag/v0.13.1)

[Compare
Source](https://redirect.github.com/defenseunicorns/uds-common/compare/v0.13.0...v0.13.1)

##### Bug Fixes

- allow dependent bundle commands to be run on upgrade tests
([#&#8203;241](https://redirect.github.com/defenseunicorns/uds-common/issues/241))
([093def2](https://redirect.github.com/defenseunicorns/uds-common/commit/093def2f245709084c079aaf529a604d8ca5b6c2))

##### Miscellaneous

- **deps:** update uds common support dependencies
([#&#8203;237](https://redirect.github.com/defenseunicorns/uds-common/issues/237))
([eac2f68](https://redirect.github.com/defenseunicorns/uds-common/commit/eac2f686deacb898a6383fcc73c861293db52b9c))
- modify helm matches to handle git and helm
([#&#8203;238](https://redirect.github.com/defenseunicorns/uds-common/issues/238))
([803d9fe](https://redirect.github.com/defenseunicorns/uds-common/commit/803d9fed89bd890c1203c618a1e3fda1bd495cbd))

###
[`v0.13.0`](https://redirect.github.com/defenseunicorns/uds-common/releases/tag/v0.13.0)

[Compare
Source](https://redirect.github.com/defenseunicorns/uds-common/compare/v0.12.0...v0.13.0)

##### Features

- add action for assisting with badge verification and migrate to nginx
([#&#8203;191](https://redirect.github.com/defenseunicorns/uds-common/issues/191))
([79a5edf](https://redirect.github.com/defenseunicorns/uds-common/commit/79a5edfe7f5d9a4d1611289dbadf643c07850081))
- add options support to setup to set vars and other flags on uds-core
([#&#8203;235](https://redirect.github.com/defenseunicorns/uds-common/issues/235))
([4336357](https://redirect.github.com/defenseunicorns/uds-common/commit/433635708b47c3f420990582a6a813a710d44423))

##### Bug Fixes

- mandate yamllint at least 1.30.0 to guarantee features in use
([#&#8203;224](https://redirect.github.com/defenseunicorns/uds-common/issues/224))
([61929ac](https://redirect.github.com/defenseunicorns/uds-common/commit/61929ac82c3e4b635a5e1673975ab29964001ce4))

##### Miscellaneous

- add uds-marketplace to codeowners
([#&#8203;225](https://redirect.github.com/defenseunicorns/uds-common/issues/225))
([ff9a8d9](https://redirect.github.com/defenseunicorns/uds-common/commit/ff9a8d943f4e7e926d243dabecfe0c585e946ba0))
- **deps:** update uds common nginx package
([#&#8203;223](https://redirect.github.com/defenseunicorns/uds-common/issues/223))
([688197c](https://redirect.github.com/defenseunicorns/uds-common/commit/688197cfcfdf2e14c222f82c59d27904fd1753bb))
- **deps:** update uds common support dependencies
([#&#8203;216](https://redirect.github.com/defenseunicorns/uds-common/issues/216))
([a597644](https://redirect.github.com/defenseunicorns/uds-common/commit/a597644480afb2e8c1685ca067a7e838c6f14570))
- **deps:** update uds common support dependencies
([#&#8203;221](https://redirect.github.com/defenseunicorns/uds-common/issues/221))
([bd6459f](https://redirect.github.com/defenseunicorns/uds-common/commit/bd6459f057c236a6ca28e8fc6ec9af2821be9c00))
- **deps:** update uds common support dependencies
([#&#8203;228](https://redirect.github.com/defenseunicorns/uds-common/issues/228))
([b34e017](https://redirect.github.com/defenseunicorns/uds-common/commit/b34e01747bc81b098b63cdf2a820dd644a7c6725))
- **deps:** update uds common support dependencies
([#&#8203;236](https://redirect.github.com/defenseunicorns/uds-common/issues/236))
([ba37ec2](https://redirect.github.com/defenseunicorns/uds-common/commit/ba37ec2db2d56afd2b7e63c00bd19eebd1dd8ddc))
- **renovate:** prefer opentofu registry for providers
([#&#8203;230](https://redirect.github.com/defenseunicorns/uds-common/issues/230))
([443fd0f](https://redirect.github.com/defenseunicorns/uds-common/commit/443fd0f1401ea496d5f39b43383d910f9f737871))

###
[`v0.12.0`](https://redirect.github.com/defenseunicorns/uds-common/releases/tag/v0.12.0)

[Compare
Source](https://redirect.github.com/defenseunicorns/uds-common/compare/v0.11.2...v0.12.0)

##### ⚠ BREAKING CHANGES

- changed latest-package behavior
([#&#8203;206](https://redirect.github.com/defenseunicorns/uds-common/issues/206))

> \[!NOTE]
> As part of this change please migrate to using the [test-deploy
callable
workflow](https://redirect.github.com/defenseunicorns/uds-common/blob/d48167a5f999dc5ffd91e6b5878ab158e55f1a6c/.github/workflows/test-deploy.yaml)

##### Features

- changed latest-package behavior
([#&#8203;206](https://redirect.github.com/defenseunicorns/uds-common/issues/206))
([eb0253c](https://redirect.github.com/defenseunicorns/uds-common/commit/eb0253c3174ec6553b00c52022aa0818049a8036))

##### Bug Fixes

- upgrade version tests
([#&#8203;215](https://redirect.github.com/defenseunicorns/uds-common/issues/215))
([d48167a](https://redirect.github.com/defenseunicorns/uds-common/commit/d48167a5f999dc5ffd91e6b5878ab158e55f1a6c))

##### Miscellaneous

- **deps:** update uds common support dependencies
([#&#8203;210](https://redirect.github.com/defenseunicorns/uds-common/issues/210))
([822dac4](https://redirect.github.com/defenseunicorns/uds-common/commit/822dac4452e6815aadcf09f487406ff258756a0c))
- **deps:** update uds common support dependencies
([#&#8203;213](https://redirect.github.com/defenseunicorns/uds-common/issues/213))
([7eb8a12](https://redirect.github.com/defenseunicorns/uds-common/commit/7eb8a123684bca1c3a7490f5d35ae7ae4598db60))

###
[`v0.11.2`](https://redirect.github.com/defenseunicorns/uds-common/releases/tag/v0.11.2)

[Compare
Source](https://redirect.github.com/defenseunicorns/uds-common/compare/v0.11.1...v0.11.2)

##### Miscellaneous

- refine package selection logic for publishing
([#&#8203;207](https://redirect.github.com/defenseunicorns/uds-common/issues/207))
([7e1c03a](https://redirect.github.com/defenseunicorns/uds-common/commit/7e1c03abede1d4a3f91bb122fe5fff6abbb73311))

###
[`v0.11.1`](https://redirect.github.com/defenseunicorns/uds-common/releases/tag/v0.11.1)

[Compare
Source](https://redirect.github.com/defenseunicorns/uds-common/compare/v0.11.0...v0.11.1)

##### Bug Fixes

- renovate ghcr host docker type
([#&#8203;201](https://redirect.github.com/defenseunicorns/uds-common/issues/201))
([9c298e0](https://redirect.github.com/defenseunicorns/uds-common/commit/9c298e08417ce928dbbf4356c23182f8b1a62ffb))
- renovate typo token/password
([#&#8203;202](https://redirect.github.com/defenseunicorns/uds-common/issues/202))
([5d7ea03](https://redirect.github.com/defenseunicorns/uds-common/commit/5d7ea03815929a662c529b2078bdf895d8f3ac1b))
- update renovate creds
([#&#8203;200](https://redirect.github.com/defenseunicorns/uds-common/issues/200))
([1c6eb24](https://redirect.github.com/defenseunicorns/uds-common/commit/1c6eb24f37b4059589a70c9addeffb80895d450b))

##### Miscellaneous

- add renovate support for org ghcr packages
([#&#8203;199](https://redirect.github.com/defenseunicorns/uds-common/issues/199))
([2c5de9c](https://redirect.github.com/defenseunicorns/uds-common/commit/2c5de9cc41cad9d1e02faf39c0cad364933f335f))
- **deps:** update uds common support dependencies
([#&#8203;195](https://redirect.github.com/defenseunicorns/uds-common/issues/195))
([04b6409](https://redirect.github.com/defenseunicorns/uds-common/commit/04b64091ba0528463713f66d8167572a533e0c3d))
- fix codeowners
([#&#8203;196](https://redirect.github.com/defenseunicorns/uds-common/issues/196))
([856ef22](https://redirect.github.com/defenseunicorns/uds-common/commit/856ef221b39e65070e966942b42e79d408f59b76))

###
[`v0.11.0`](https://redirect.github.com/defenseunicorns/uds-common/releases/tag/v0.11.0)

[Compare
Source](https://redirect.github.com/defenseunicorns/uds-common/compare/v0.10.0...v0.11.0)

##### Features

- add support for uds-core snapshots
([#&#8203;193](https://redirect.github.com/defenseunicorns/uds-common/issues/193))
([7a39915](https://redirect.github.com/defenseunicorns/uds-common/commit/7a39915ceff7a1a9e319846042ab74390fda6f2b))

##### Miscellaneous

- **deps:** update uds common support dependencies
([#&#8203;187](https://redirect.github.com/defenseunicorns/uds-common/issues/187))
([a0bbfb0](https://redirect.github.com/defenseunicorns/uds-common/commit/a0bbfb043e670a175fbdc44585e2bbb5b695acf7))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/defenseunicorns/uds-package-postgres-operator).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC45Ny4wIiwidXBkYXRlZEluVmVyIjoiMzguMTE1LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInN1cHBvcnQtZGVwcyJdfQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Wayne Starr <me@racer159.com>

.github/workflows/ci-docs-shim.yaml

@@ -1,20 +1,21 @@
-name: CI Docs Shim
+# Copyright 2024 Defense Unicorns
+# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
+
+name: CI Doc Shim
 
 on:
   pull_request:
     branches: [main]
     types: [milestoned, opened, synchronize]
 
 jobs:
-  run-test:
-    name: ${{ matrix.type }} ${{ matrix.flavor }}
-    runs-on: ubuntu-latest
-    timeout-minutes: 20
+  validate:
     strategy:
       matrix:
-        flavor: [upstream, registry1]
         type: [install, upgrade]
-    steps:
-      - name: Shim for ${{ matrix.type }} ${{ matrix.flavor }}
-        run: |
-          echo "Documentation-only change detected; marking ${{ matrix.type }} ${{ matrix.flavor }} as successful."
+        flavor: [upstream, registry1]
+    uses: defenseunicorns/uds-common/.github/workflows/callable-ci-docs-shim.yaml@f0164622ffc2007e96a0e1deaa3f5064db04b148 # v1.1.0
+    with:
+      flavor: ${{ matrix.flavor }}
+      type: ${{ matrix.type }}
+    secrets: inherit # Inherits all secrets from the parent workflow.

.github/workflows/commitlint.yaml

@@ -1,4 +1,7 @@
-name: Metadata
+# Copyright 2024 Defense Unicorns
+# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
+
+name: PR Title Check
 
 on:
   pull_request:
@@ -7,5 +10,4 @@ on:
 
 jobs:
   validate:
-    name: Validate
-    uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@e7c0643d3f9d74ce49c7386b48964d2be646d726 # v0.10.0
+    uses: defenseunicorns/uds-common/.github/workflows/callable-commitlint.yaml@f0164622ffc2007e96a0e1deaa3f5064db04b148 # v1.1.0

.github/workflows/lint.yaml

@@ -1,35 +1,15 @@
-name: Scan
+# Copyright 2024 Defense Unicorns
+# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
+
+name: Lint
 
 on:
   # This workflow is triggered on pull requests to the main branch.
   pull_request:
-    branches: [main]
-    types: [milestoned, opened, synchronize]
+    # milestoned is added here as a workaround for release-please not triggering PR workflows (PRs should be added to a milestone to trigger the workflow).
+    types: [milestoned, opened, reopened, synchronize]
 
 jobs:
   validate:
-    runs-on: ubuntu-latest
-    name: Lint
-    permissions:
-      contents: read # Allows reading the repo contents
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-        with:
-          fetch-depth: 0
-
-      - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@e7c0643d3f9d74ce49c7386b48964d2be646d726 # v0.10.0
-        with:
-          registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
-          registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
-          ghToken: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Install lint deps
-        run: |
-          uds run lint:deps --no-progress
-
-      - name: Lint the repository
-        run: |
-          uds run lint:yaml --no-progress
+    uses: defenseunicorns/uds-common/.github/workflows/callable-lint.yaml@f0164622ffc2007e96a0e1deaa3f5064db04b148 # v1.1.0
+    secrets: inherit

.github/workflows/release.yaml

@@ -0,0 +1,48 @@
+# Copyright 2024 Defense Unicorns
+# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
+
+name: Release
+
+on:
+  push:
+    branches:
+      - main
+
+# Permissions for the GITHUB_TOKEN used by the workflow.
+permissions:
+  contents: read # Allows reading the content of the repository.
+  packages: read # Allows reading the content of the repository's packages.
+  id-token: write
+
+jobs:
+  tag-new-version:
+    permissions: write-all
+    runs-on: ubuntu-latest
+    outputs:
+      release_created: ${{ steps.release-flag.outputs.release_created }}
+    steps:
+      - name: Create Release Tag
+        id: tag
+        uses: googleapis/release-please-action@7987652d64b4581673a76e33ad5e98e3dd56832f # v4.1.3
+      - id: release-flag
+        run: echo "release_created=${{ steps.tag.outputs.release_created || false }}" >> "$GITHUB_OUTPUT"
+
+  publish:
+    permissions:
+      contents: read # Allows reading the content of the repository.
+      packages: write # Allows reading the content of the repository's packages.
+      id-token: write
+    needs: tag-new-version
+    if: ${{ needs.tag-new-version.outputs.release_created == 'true' }}
+    strategy:
+      matrix:
+        flavor: [upstream, registry1]
+        architecture: [amd64, arm64]
+        exclude:
+          - flavor: registry1
+            architecture: arm64
+    uses: defenseunicorns/uds-common/.github/workflows/callable-publish.yaml@f0164622ffc2007e96a0e1deaa3f5064db04b148 # v1.1.0
+    with:
+      flavor: ${{ matrix.flavor }}
+      runsOn: ${{ matrix.architecture == 'arm64' && 'uds-swf-ubuntu-arm64-4-core' || 'ubuntu-latest' }}
+    secrets: inherit # Inherits all secrets from the parent workflow.

.github/workflows/scorecard.yaml

@@ -1,3 +1,6 @@
+# Copyright 2024 Defense Unicorns
+# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
+
 name: Scorecards supply-chain security
 on:
   # Only the default branch is supported.
@@ -11,40 +14,23 @@ on:
 permissions: read-all
 
 jobs:
-  analysis:
-    name: Scorecards analysis
-    runs-on: ubuntu-latest
+  validate:
     permissions:
+      actions: read
+      attestations: read
+      checks: read
+      contents: read
+      deployments: read
+      discussions: read
+      issues: read
+      packages: read
+      pages: read
+      pull-requests: read
+      repository-projects: read
+      statuses: read
       # Needed to upload the results to code-scanning dashboard.
       security-events: write
       # Used to receive a badge.
       id-token: write
-
-    steps:
-      - name: "Checkout code"
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-        with:
-          persist-credentials: false
-
-      - name: "Run analysis"
-        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
-        with:
-          results_file: results.sarif
-          results_format: sarif
-          repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
-          publish_results: true
-
-      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
-      # format to the repository Actions tab.
-      - name: "Upload artifact"
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
-        with:
-          name: SARIF file
-          path: results.sarif
-          retention-days: 5
-
-      # Upload the results to GitHub's code scanning dashboard.
-      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
-        with:
-          sarif_file: results.sarif
+    uses: defenseunicorns/uds-common/.github/workflows/callable-scorecard.yaml@f0164622ffc2007e96a0e1deaa3f5064db04b148 # v1.1.0
+    secrets: inherit

.github/workflows/test.yaml

@@ -1,68 +1,64 @@
+# Copyright 2024 Defense Unicorns
+# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
+
 name: Test
 
 on:
+  # This workflow is triggered on pull requests to the main branch.
   pull_request:
-    branches: [main]
-    types: [milestoned, opened, synchronize]
+    # milestoned is added here as a workaround for release-please not triggering PR workflows (PRs should be added to a milestone to trigger the workflow).
+    types: [milestoned, opened, reopened, synchronize]
     paths-ignore:
       - "**.md"
       - "**.jpg"
       - "**.png"
       - "**.gif"
       - "**.svg"
-      - "adr/**"
-      - "docs/**"
-      - ".gitignore"
-      - "renovate.json"
-      - ".release-please-config.json"
-      - "release-please-config.json"
-      - "oscal-component.yaml"
-      - "CODEOWNERS"
-      - "LICENSE"
-      - "CONTRIBUTING.md"
-      - "SECURITY.md"
+      - adr/**
+      - docs/**
+      - .gitignore
+      - renovate.json
+      - .release-please-config.json
+      - release-please-config.json
+      - CODEOWNERS
+      - LICENSE
+      - CONTRIBUTING.md
+      - SECURITY.md
 
+# Permissions for the GITHUB_TOKEN used by the workflow.
+permissions:
+  contents: read # Allows reading the content of the repository.
+  packages: read # Allows reading the content of the repository's packages.
+  id-token: write
 
 # Abort prior jobs in the same workflow / PR
 concurrency:
-  group: test-${{ github.ref }}-${{ inputs.package }}
+  group: test-${{ github.ref }}
   cancel-in-progress: true
 
-permissions:
-  contents: read
-
 jobs:
-  test:
-    name: ${{ matrix.type }} ${{ matrix.flavor }}
+  check-flavor:
     runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        flavor: [upstream, registry1]
-        type: [install, upgrade]
-
     steps:
       - name: Checkout repository
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-
-      - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@e7c0643d3f9d74ce49c7386b48964d2be646d726 # v0.10.0
-        with:
-          registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
-          registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
-          ghToken: ${{ secrets.GITHUB_TOKEN }}
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
 
-      - name: Test
-        uses: defenseunicorns/uds-common/.github/actions/test@e7c0643d3f9d74ce49c7386b48964d2be646d726 # v0.10.0
-        with:
-          flavor: ${{ matrix.flavor }}
-          type: ${{ matrix.type }}
+      - name: test-flavor
+        uses: defenseunicorns/uds-common/.github/actions/test-flavor@f0164622ffc2007e96a0e1deaa3f5064db04b148 # v1.1.0
+        id: test-flavor
+    outputs:
+      upgrade-flavors: ${{ steps.test-flavor.outputs.upgrade-flavors }}
 
-      - name: Debug Output
-        if: ${{ always() }}
-        uses: defenseunicorns/uds-common/.github/actions/debug-output@e7c0643d3f9d74ce49c7386b48964d2be646d726 # v0.10.0
-
-      - name: Save logs
-        if: always()
-        uses: defenseunicorns/uds-common/.github/actions/save-logs@e7c0643d3f9d74ce49c7386b48964d2be646d726 # v0.10.0
-        with:
-          suffix: ${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}
+  validate:
+    needs: check-flavor
+    strategy:
+      fail-fast: false
+      matrix:
+        type: [install, upgrade]
+        flavor: [upstream, registry1]
+    uses: defenseunicorns/uds-common/.github/workflows/callable-test.yaml@f0164622ffc2007e96a0e1deaa3f5064db04b148 # v1.1.0
+    with:
+      upgrade-flavors: ${{ needs.check-flavor.outputs.upgrade-flavors }}
+      flavor: ${{ matrix.flavor }}
+      type: ${{ matrix.type }}
+    secrets: inherit # Inherits all secrets from the parent workflow.

CODEOWNERS

@@ -2,5 +2,5 @@
 /* @defenseunicorns/swf
 
 # Additional privileged files
-/CODEOWNERS @jeff-mccoy @austenbryan
-/LICENSE @jeff-mccoy @austenbryan
+/CODEOWNERS @jeff-mccoy @daveworth
+/LICENS* @jeff-mccoy @austenbryan