When building the container images for Packer (light and full), we
should only publish them in the version being built is a release, and
not a pre-release.
Changing this means that both light and full latest will always be only
a final release at any time.
* Updating the license from MPL to Business Source License
Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at https://hashi.co/bsl-blog, FAQ at https://hashi.co/license-faq, and details of the license at www.hashicorp.com/bsl.
* Update copyright file headers to BUSL-1.1
---------
Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
The action currently fails when trying to remove the stale or waiting-reply labels from issues
that do not actually contain the labels in question. This update adds a guard clause to only run the
action on issues containing at least one of the labels.
The GHA action used for adding comments or labels to issues untrusted by TSCCR
have been replaced with an approved set of actions. The updated workflows use
actions/github-script for adding comments or labels to an issue.
Related to: https://github.com/hashicorp/security-tsccr/pull/608
Remove the check-legacy-links-format.yml workflow. These checks are now included as part of our
content conformance checks that run on PRs with documentation content changes.
Prior to v1.8.6 a change to the release pipeline was introduced to
automatically set and bump product version information. In that change
the ldflags for striping debug symbols was removed resulting in binaries
with full debug symbols. Thus resulting in larger binary deliverables.
This change adds the missing ldflags back into the build pipeline.
Results for Packer 1.8.5
```
~> unzip ~/packer_1.8.5_linux_amd64.zip
~> go tool nm -size packer| c++filt
reading packer: no symbol section
reading packer: no symbols
```
Results for Packer 1.8.6
```
~> unzip ~/packer_1.8.6_linux_amd64.zip
~> go tool nm -size packer| c++filt | tail -n 10
8d97ac0 2816 D vendor/golang.org/x/text/unicode/norm.nfcSparseValues
8df2f60 6144 D vendor/golang.org/x/text/unicode/norm.nfcValues
8f96fc8 8 D vendor/golang.org/x/text/unicode/norm.nfkcData
8d985c0 2816 D vendor/golang.org/x/text/unicode/norm.nfkcIndex
8fa40a0 48 D vendor/golang.org/x/text/unicode/norm.nfkcSparse
8f4a3c0 24 D vendor/golang.org/x/text/unicode/norm.nfkcSparseOffset
8db5c00 3580 D vendor/golang.org/x/text/unicode/norm.nfkcSparseValues
8e48d60 12032 D vendor/golang.org/x/text/unicode/norm.nfkcValues
8f96fd0 8 D vendor/golang.org/x/text/unicode/norm.recompMap
8fe5bd0 12 D vendor/golang.org/x/text/unicode/norm.recompMapOnce
```
Closes#12392
When tsscr bumped the version of the action to v6, we experienced some
failures in our nightly runs.
To make the action operable again, we pin the action to the former: v3.
* Packer plugins rely on the Packer SDK for the majority of its HCL
dependency. To prevent issues with the version of go-cty or hcl/v2 pkg
getting out of sync this changes sets the allowed dependency to
packer-plugin-sdk only.
* HashiCorp is standardizing on pinning versions of allowed GitHub actions to prevent
the introduction of potential security issues. This change removes GitHub actions
from dependabot.
This change will allow for release branches `release/<MAJOR>.<MINOR>.x`
to be built add uploaded to the CRT build tool chain, which can then be
promoted and released publicly if needed.
