ci-cd-workflows: v9.0.0

9.0.0 (2026-05-28)

⚠ BREAKING CHANGES

• ci: use package_json_file in pnpm/action-setup (#752)

If your plugin is using pnpm and is in a subdirectory, the plugin's package.json file must specify a packageManager property.

The packageManager in the root package.json is ignored.

You can use corepack use pnpm@latest in the plugin's directory to populate this field.

🎉 Features

• ci: use package_json_file in pnpm/action-setup (#752) (919febd)
• playwright: add max-parallel and customizable timeouts, add docker logs on Grafana startup failure (#711) (a879e03)

🔧 Chores

• deps: update default Go version to 1.26 (#745) (2ba6cdd)
• security: test plugins: harden security and update packages (#746) (1215545)

ci-cd-workflows: v8.0.1

8.0.1 (2026-05-22)

🐛 Bug Fixes

• cd: install jq via apk in publish-docs (docs-base is alpine) (#741) (58f76d0)

🔧 Chores

• setup: bump pnpm/action-setup from v5.0.0 to v6.0.8 (#738) (8df9930)

plugins-version-bump-changelog: v2.0.0

2.0.0 (2026-05-20)

🚨 IMPORTANT

This version introduces support for GATB (GitHub App Token Broken).

Please follow the migration guide in EngHub: here.

⚠ BREAKING CHANGES

• security: migrate version-bump-changelog workflow to GitHub App auth to GATB (#730)

🎉 Features

• security: migrate version-bump-changelog workflow to GitHub App auth to GATB (#730) (cae3d21)

🔧 Chores

• deps: update actions/checkout action to v5.0.1 (#413) (8c591cd)
• deps: update actions/checkout action to v6 (#437) (949a63c)
• deps: update actions/checkout action to v6.0.1 (#455) (aec5016)
• deps: update actions/checkout action to v6.0.2 (#529) (352ce11)
• deps: update actions/create-github-app-token action to v2.2.0 (#435) (5b2407c)
• deps: update actions/create-github-app-token action to v2.2.1 (#475) (eeaa07a)
• deps: update actions/create-github-app-token action to v3 (#632) (6ff19d7)
• deps: update grafana/shared-workflows/get-vault-secrets action to v1.3.1 (#587) (331d439)

plugins-release-please: v2.0.1

2.0.1 (2026-05-20)

🚨 IMPORTANT

This version introduces support for GATB (GitHub App Token Broken).

Please follow the migration guide in EngHub: here.

🐛 Bug Fixes

• fix GATB app name in release-please workflow (#732) (86c9535)

plugins-release-please: v2.0.0

2.0.0 (2026-05-20)

🚨 IMPORTANT

This version contains a bug and it's not properly compatible with GATB.

Please use version plugins-release-please/v2.0.1 instead.

⚠ BREAKING CHANGES

• security: migrate release-please workflow to GitHub App auth to GATB (#729)

🎉 Features

• security: migrate release-please workflow to GitHub App auth to GATB (#729) (a3744ba)

📝 Documentation

• improve release-please example and action description (#710) (f4af5b2)

♻️ Code Refactoring

• security: mask and unexport secrets when necessary (#625) (54e4c09)

🔧 Chores

• deps: update actions/checkout action to v5.0.1 (#413) (8c591cd)
• deps: update actions/checkout action to v6 (#437) (949a63c)
• deps: update actions/checkout action to v6.0.1 (#455) (aec5016)
• deps: update actions/checkout action to v6.0.2 (#529) (352ce11)
• deps: update actions/create-github-app-token action to v2.2.0 (#435) (5b2407c)
• deps: update actions/create-github-app-token action to v2.2.1 (#475) (eeaa07a)
• deps: update actions/create-github-app-token action to v3 (#632) (6ff19d7)
• deps: update googleapis/release-please-action action to v4.4.1 (#666) (79423d6)
• deps: update grafana/shared-workflows/get-vault-secrets action to v1.3.1 (#587) (331d439)

ci-cd-workflows: v8.0.0

8.0.0 (2026-05-20)

🚨 IMPORTANT

This version introduces support for GATB (GitHub App Token Broken).

Please follow the migration guide in EngHub: here.

⚠ BREAKING CHANGES

• security: migrate ci-cd workflows to GitHub App auth to GATB (#722)
• security: migrate version-bump-changelog workflow to GitHub App auth to GATB (#730)
• security: migrate release-please workflow to GitHub App auth to GATB (#729)
• playwright: bump e2e-version to v2.0.0 (#695)

🎉 Features

• enable race detector by default (#707) (6af2e54)
• playwright: bump e2e-version to v2.0.0 (#695) (e4d529b)
• security: migrate ci-cd workflows to GitHub App auth to GATB (#722) (4115f12)
• security: migrate release-please workflow to GitHub App auth to GATB (#729) (a3744ba)
• security: migrate version-bump-changelog workflow to GitHub App auth to GATB (#730) (cae3d21)

🐛 Bug Fixes

• cd: pass provenance attestation to catalog publish (#704) (d99acfa)
• ci: fix app name for release-please commits (#728) (67eaa33)
• ci: fix gatb app name (#726) (9d94d7f)
• ci: fix gatb app name (#725) (ad3ab8c)
• ci: gate GCS upload on Playwright success (#705) (a9fc9e9)
• fix GATB app name in internal release-please workflow (#733) (26be0b6)

📝 Documentation

• add EngHub URL to examples that require additional GitHub App permissions (#718) (594efe1)
• improve release-please example and action description (#710) (f4af5b2)

🤖 Continuous Integrations

• migrate release-please to GATB (#723) (bc5feb7)

🔧 Chores

• deps: update dependency plugin-validator to v0.39.3 (#709) (7a45217)
• deps: update peter-evans/create-pull-request action to v8.1.1 (#697) (a360005)
• main: release plugins-release-please 2.0.0 (#415) (660e635)
• main: release plugins-release-please 2.0.1 (#734) (c84b384)
• main: release plugins-version-bump-changelog 2.0.0 (#414) (30442d8)
• migrate codeowners to @grafana/grafana-catalog (#716) (97fa814)
• update readme team handle to @grafana/grafana-catalog (#719) (453e51c)

ci-cd-workflows: v7.3.1

7.3.1 (2026-04-24)

🐛 Bug Fixes

• cd: fix docs publishing failing due to missing rsync (#691) (39b29b4)

ci-cd-workflows: v7.3.0

7.3.0 (2026-04-24)

🎉 Features

• ci: Use setup action in playwrite.yml (#677) (54785e7)

🐛 Bug Fixes

• cd: fix github auth error in "publish docs" job (#686) (90b0bb2)
• ci: increase default artifact retention and allow config (#674) (6e7a020)
• fail check-playwright-status on e2e tests timeout (#676) (bc53186)
• test: allow hyphenated output keys to be mocked (#673) (0a0c6be)
• tests: fix setup-node and setup-go act tests (#678) (6e77bd8)

🔧 Chores

• deps: update dependency trufflehog to v3.94.2 (#675) (249c66d)
• deps: update dependency trufflehog to v3.94.3 (#684) (8ae83de)
• deps: update step-security/harden-runner action to v2.17.0 (#685) (668f015)
• fix release-please paths for ci-cd-workflows component (#687) (e1a891f)
• use go version from go.mod (#680) (546f82f)

ci-cd-workflows: v7.2.0

7.2.0 (2026-04-15)

🎉 Features

• cd: argo-workflow-slack-mention-trigger-user defaults to false (#665) (b1289af)
• ci: add playwright-gar-registry to authente to GAR Docker registry in e2e tests (#653) (609c55b)

🐛 Bug Fixes

• cd: replace branch usage by commit hash (#657) (12762c8)
• cd: skip latest GCS artifact upload for non-release branches (#663) (bb1c5f8)

🔧 Chores

• deps: update dependency act to v0.2.87 (#671) (e91911c)
• deps: update dependency actionlint to v1.7.12 (#667) (752f770)
• deps: update dependency mage to v1.17.1 (#669) (fc7275f)
• deps: update dependency plugin-validator to v0.39.2 (#664) (953bb0d)
• deps: update googleapis/release-please-action action to v4.4.1 (#666) (79423d6)
• deps: update step-security/harden-runner action to v2.16.1 (#668) (e958609)

ci-cd-workflows: v7.1.0

7.1.0 (2026-04-10)

🎉 Features

• cd: add argo-workflows-slack-silent parameter to silence Argo Slack notifications (#608) (eb7d1dd)
• cd: allow mentioning trigger user and extra handles in Argo Slack notifications (#641) (d7520ff)
• ci: allow specifying a custom mage target when building the backend (#651) (ade016d)
• ci: consider "release" event as trusted (#639) (de0a247)

♻️ Code Refactoring

• security: change GCOM_TOKEN to be an output rather than a workflow-level env var (#624) (e10bfe1)
• security: mask and unexport secrets when necessary (#625) (54e4c09)

🔧 Chores

• deps: update actions/cache action to v5.0.4 (#642) (9bf555f)
• deps: update actions/create-github-app-token action to v3 (#632) (6ff19d7)
• deps: update actions/setup-go action to v6.4.0 (#643) (5ec398b)
• deps: update actions/setup-node action to v6.3.0 (#609) (ad3390e)
• deps: update dependency act to v0.2.85 (#648) (0bd6b04)
• deps: update dependency act to v0.2.86 (#649) (824fbf3)
• deps: update dependency golangci-lint to v2.11.2 (#615) (cacc155)
• deps: update dependency golangci-lint to v2.11.3 (#620) (562df76)
• deps: update dependency golangci-lint to v2.11.4 (#647) (289b7df)
• deps: update dependency mage to v1.16.0 (#616) (af41523)
• deps: update dependency mage to v1.17.0 (#655) (064ec68)
• deps: update dependency plugin-validator to v0.38.0 (#618) (27cbc36)
• deps: update dependency plugin-validator to v0.38.1 (#621) (960f98e)
• deps: update dependency plugin-validator to v0.38.2 (#628) (9063847)
• deps: update dependency plugin-validator to v0.39.0 (#650) (3add886)
• deps: update dependency plugin-validator to v0.39.1 (#658) (8d779e5)
• deps: update dependency trufflehog to v3.93.7 (#611) (7031cfa)
• deps: update dependency trufflehog to v3.93.8 (#617) (ae7a0e3)
• deps: update dependency trufflehog to v3.94.0 (#646) (806fc27)
• deps: update dependency trufflehog to v3.94.1 (#654) (3b0704a)
• deps: update pnpm/action-setup action to v4.3.0 (#622) (b663db6)
• deps: update pnpm/action-setup action to v5 (#644) (08ce291)
• deps: update softprops/action-gh-release action to v2.6.1 (#633) (e2794e5)
• deps: update step-security/harden-runner action to v2.15.1 (#614) (d3e262a)
• deps: update step-security/harden-runner action to v2.16.0 (#634) (e5f674e)