build(deps): bump sigs.k8s.io/promo-tools/v3 from 3.4.4 to 3.4.12

[dependabot]

Bumps sigs.k8s.io/promo-tools/v3 from 3.4.4 to 3.4.12.

Release notes

Sourced from sigs.k8s.io/promo-tools/v3's releases.

v3.4.12

Changes by Kind

Uncategorized

• Added initial support for kpromo file synchronization to S3 buckets. (#704, @​justinsb) [SIG Release]
• Kpromo now uses the correct S3 regional endpoint for regional buckets (#718, @​justinsb) [SIG Release]
• When --use-service-account=false (which is the default), we will issue anonymous requests to AWS and ignore any AWS credentials. This should be sufficient for dry-run, and ensures that dry-run is safe even if manifests are hostile. (#722, @​justinsb) [SIG Release]

Dependencies

Added

• cloud.google.com/go/maps: v0.1.0
• cloud.google.com/go/vmwareengine: v0.1.0
• github.com/go-jose/go-jose/v3: v3.0.0

Changed

• cloud.google.com/go/compute/metadata: v0.2.2 → v0.2.3
• cloud.google.com/go/compute: v1.13.0 → v1.18.0
• cloud.google.com/go/containeranalysis: v0.6.0 → v0.7.0
• cloud.google.com/go/iam: v0.8.0 → v0.10.0
• cloud.google.com/go/kms: v1.7.0 → v1.8.0
• cloud.google.com/go/storage: v1.28.1 → v1.29.0
• cloud.google.com/go: v0.105.0 → v0.107.0
• github.com/Azure/azure-sdk-for-go: v67.1.0+incompatible → v67.3.0+incompatible
• github.com/aws/aws-sdk-go-v2/config: v1.18.4 → v1.18.8
• github.com/aws/aws-sdk-go-v2/credentials: v1.13.4 → v1.13.8
• github.com/aws/aws-sdk-go-v2/feature/ec2/imds: v1.12.20 → v1.12.21
• github.com/aws/aws-sdk-go-v2/internal/configsources: v1.1.26 → v1.1.27
• github.com/aws/aws-sdk-go-v2/internal/endpoints/v2: v2.4.20 → v2.4.21
• github.com/aws/aws-sdk-go-v2/internal/ini: v1.3.27 → v1.3.28
• github.com/aws/aws-sdk-go-v2/service/internal/presigned-url: v1.9.20 → v1.9.21
• github.com/aws/aws-sdk-go-v2/service/kms: v1.19.2 → v1.20.0
• github.com/aws/aws-sdk-go-v2/service/sso: v1.11.26 → v1.12.0
• github.com/aws/aws-sdk-go-v2/service/ssooidc: v1.13.9 → v1.14.0
• github.com/aws/aws-sdk-go-v2/service/sts: v1.17.6 → v1.18.0
• github.com/aws/aws-sdk-go-v2: v1.17.2 → v1.17.3
• github.com/aws/aws-sdk-go: v1.44.155 → v1.44.202
• github.com/census-instrumentation/opencensus-proto: v0.3.0 → v0.4.1
• github.com/cespare/xxhash/v2: v2.1.2 → v2.2.0
• github.com/cncf/udpa/go: 04548b0 → c52dc94
• github.com/cncf/xds/go: a8f9461 → 06c439d
• github.com/coreos/go-oidc/v3: v3.4.0 → v3.5.0
• github.com/envoyproxy/go-control-plane: 49ff273 → v0.10.3
• github.com/envoyproxy/protoc-gen-validate: v0.6.2 → v0.9.1
• github.com/go-rod/rod: v0.112.2 → v0.112.3
• github.com/go-test/deep: v1.0.8 → v1.1.0
• github.com/google/go-containerregistry: v0.12.1 → v0.13.0
• github.com/googleapis/enterprise-certificate-proxy: v0.2.0 → v0.2.3

... (truncated)

Changelog

Sourced from sigs.k8s.io/promo-tools/v3's changelog.

Releasing the artifact promoter tools

This is a draft document to describe the release process for artifact promotion tooling.

(If there are improvements you'd like to see, please comment on the tracking issue.)

• Workflow- Tracking
• Tagging
• Release notes
• Image promotion
• Rollout
• Announce

Tracking

As the first task, a Release Manager should open a tracking issue for the release.

We don't currently have a template for releasing, but the following issue is a good example to draw inspiration from.

We're not striving for perfection with the template, but the tracking issue will serve as a reference point to aggregate feedback, so try your best to be as descriptive as possible.

Validation

TODO: Talk about canaries

Tagging

There are two tags that we care about:

• git tags
• image tags

We use with SemVer-compliant versions for git tags and GitHub releases, prefixed with v. SemVer is described in detail here.

Example:

v3.4.0

Image tags are derived from the git tag, with the addition of a revision.

... (truncated)

Commits

• 0eb682a Merge pull request #732 from kubernetes-sigs/dependabot/go_modules/github.com...
• 3ee68cb build(deps): bump github.com/aws/aws-sdk-go from 1.44.201 to 1.44.202
• 82af931 Merge pull request #731 from ameukam/release-3-4-12
• 47e4d68 releng: Bump promoter to v3.4.12
• 6da3933 Merge pull request #729 from kubernetes-sigs/dependabot/go_modules/github.com...
• f23f635 build(deps): bump github.com/aws/aws-sdk-go from 1.44.200 to 1.44.201
• 8344877 Merge pull request #727 from kubernetes-sigs/dependabot/go_modules/google.gol...
• 1ea7ba9 Merge pull request #728 from kubernetes-sigs/dependabot/go_modules/github.com...
• 015a966 build(deps): bump github.com/aws/aws-sdk-go from 1.44.199 to 1.44.200
• 9783775 build(deps): bump google.golang.org/api from 0.109.0 to 0.110.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

The following labels could not be found: area/dependency, release-note-none, ok-to-test.