Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 62339db73c56dd749060f65a6ebb93a6e056b755 to e6428a5c4e294a61438ed7f43155db912025b6b3.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/62339db73c56dd749060f65a6ebb93a6e056b755...e6428a5c4e294a61438ed7f43155db912025b6b3

)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from fdf7f43ecf7c1a5c7afe936410233728a8c2d9c2 to 4a13e500e55cf31b7a5d59a38ab2040ab0f42f56.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/fdf7f43ecf7c1a5c7afe936410233728a8c2d9c2...4a13e500e55cf31b7a5d59a38ab2040ab0f42f56

)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/login-action](https://github.com/docker/login-action) from 1f401f745bf57e30b3a2800ad308a87d2ebdf14b to 3d58c274f17dffee475a5520cbe67f0a882c4dbb.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/1f401f745bf57e30b3a2800ad308a87d2ebdf14b...3d58c274f17dffee475a5520cbe67f0a882c4dbb

)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 2.0.0 to 2.1.1.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v2.0.0...v2.1.1

)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Pin the GitHub runner version used to Ubuntu 22.04.

This endures stability in the runner behavior once GitHub switches to
the next Ubuntu release for the latest tag.

Signed-off-by: David Bauer <mail@david-bauer.net>

Build the CI integration test in our own docker container. This way, we
can make sure Gluon builds actually succeed there.

This also has the advantage of becoming independent from the host
version of GitHubs CI runners.

Signed-off-by: David Bauer <mail@david-bauer.net>

Collect some basic system information about the runners the CI jobs
run on. This is done iwth the intention to have diagnostics information
in advance in case builds fail spuriously in some instances.

Signed-off-by: David Bauer <mail@david-bauer.net>

Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 879dcbb708d40f8b8679d4f7941b938a086e23a7 to 62339db73c56dd749060f65a6ebb93a6e056b755.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/879dcbb708d40f8b8679d4f7941b938a086e23a7...62339db73c56dd749060f65a6ebb93a6e056b755

)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/login-action](https://github.com/docker/login-action) from b4bedf8053341df3b5a9f9e0f2cf4e79e27360c6 to 1f401f745bf57e30b3a2800ad308a87d2ebdf14b.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/b4bedf8053341df3b5a9f9e0f2cf4e79e27360c6...1f401f745bf57e30b3a2800ad308a87d2ebdf14b

)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.4.0 to 2.0.0.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v1.4.0...v2.0.0

)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4c1b68d83ad20cc1a09620ca477d5bbbb5fa14d0 to fdf7f43ecf7c1a5c7afe936410233728a8c2d9c2.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/4c1b68d83ad20cc1a09620ca477d5bbbb5fa14d0...fdf7f43ecf7c1a5c7afe936410233728a8c2d9c2

)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Add a workflow-dispatch trigger to the build-workflow to enable
triggering build-tests on branches not covered from the match
pattern.

Signed-off-by: David Bauer <mail@david-bauer.net>

In #2997 it was pointed out the current branch-trigger matches more
branches than the release-branches. Retrict the match-pattern to only
cover release-branches

Also only trigger builds on the next-branch and not branches prefixed
with this name.

Link: https://github.com/freifunk-gluon/gluon/pull/2997#issuecomment-1771076385



Signed-off-by: David Bauer <mail@david-bauer.net>

Also build the docker-container whan creating pull-requests. Keep the
pull-request triggered builds from pushing to the container registry.

Signed-off-by: David Bauer <mail@david-bauer.net>

Only push the container to ghcr in case the repository is owned by the
freifunk-gluon organization.

THis avoids failing CI on forks.

Signed-off-by: David Bauer <mail@david-bauer.net>

`make update-ci` is very fast, so we can run it unconditionally.

Bumps [docker/login-action](https://github.com/docker/login-action) from 65b78e6e13532edd9afa3aa52ac7964289d1a9c1 to b4bedf8053341df3b5a9f9e0f2cf4e79e27360c6.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/65b78e6e13532edd9afa3aa52ac7964289d1a9c1...b4bedf8053341df3b5a9f9e0f2cf4e79e27360c6

)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from f2a1d5e99d037542a71f64918e516c093c6f3fc4 to 4c1b68d83ad20cc1a09620ca477d5bbbb5fa14d0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/f2a1d5e99d037542a71f64918e516c093c6f3fc4...4c1b68d83ad20cc1a09620ca477d5bbbb5fa14d0

)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4

)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 to 879dcbb708d40f8b8679d4f7941b938a086e23a7.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7...879dcbb708d40f8b8679d4f7941b938a086e23a7

)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

The docker container on PR action is broken in case the PR is not opened
within the Gluon project.

Remove the build on PR so the pipeline does not fail for third party
PRs.

Signed-off-by: David Bauer <mail@david-bauer.net>

This adds a workflow to push the build-container described in Gluons
Dockerfile to the freifunk-gluon organizations container registry.

This will create a image

 - For every push to master
 - For every tagged version
 - For every PR against master

Signed-off-by: David Bauer <mail@david-bauer.net>

Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v1.3.1...v1.4.0

)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Replaces hard coded dependency.

Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.2.0 to 1.3.1.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v1.2.0...v1.3.1

)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: Stefan Weil <sw@weilnetz.de>

Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v1.1.0...v1.2.0

)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Bumps [actions/checkout](https://github.com/actions/checkout) from 1 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v1...v3

)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.0.1 to 1.1.0.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v1.0.1...v1.1.0

)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

- [Release notes](https://github.com/editorconfig-checker/editorconfig-checker/releases)
- [Commits](https://github.com/editorconfig-checker/editorconfig-checker/compare/2.6.0...2.7.0

)

Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>

Adds `lint-editorconfig` make target.

Co-authored-by: Jan-Niklas Burfeind <git@aiyionpri.me>
version bump to 2.6.0

- set permissions explicitly, as recommended in their docs
- drop github_token and github_workspace (now set per default)
- ownership has moved from "zeebe-io" to the main developer "korthout"

backport-action will follow semver from now on

Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 0.0.9 to 1.0.1.
- [Release notes](https://github.com/zeebe-io/backport-action/releases)
- [Commits](https://github.com/zeebe-io/backport-action/compare/v0.0.9...v1.0.1

)

---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 0.0.8 to 0.0.9.
- [Release notes](https://github.com/zeebe-io/backport-action/releases)
- [Commits](https://github.com/zeebe-io/backport-action/compare/v0.0.8...v0.0.9

)

---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 0.0.7 to 0.0.8.
- [Release notes](https://github.com/zeebe-io/backport-action/releases)
- [Commits](https://github.com/zeebe-io/backport-action/compare/v0.0.7...v0.0.8

)

---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/

)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

Bumps [actions/labeler](https://github.com/actions/labeler) from 3 to 4.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v3...v4

)

---
updated-dependencies:
- dependency-name: actions/labeler
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>