build(deps): bump the actions group with 2 updates

[dependabot]

Bumps the actions group with 2 updates: fluxcd/flux2 and docker/build-push-action.

Updates fluxcd/flux2 from 2.8.3 to 2.8.5

Release notes

Sourced from fluxcd/flux2's releases.

v2.8.5

Highlights

Flux v2.8.5 is a patch release that includes bug fixes and improvements across kustomize-controller, source-controller, and notification-controller. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

Fixes:

• Fix a race condition where a cancelled reconciliation could leave stale data in the cache, causing Kustomizations to get stuck (kustomize-controller)
• Fix Azure Blob prefix option not being passed to the storage client (source-controller)

Improvements:

• Improve error message for encrypted SSH keys without password (source-controller)
• Add optional email and audience fields to the GCR Receiver for tighter verification (notification-controller)
• Add provider manifest example for Azure Event Hub managed identity authentication (notification-controller)

Components changelog

• kustomize-controller v1.8.3
• source-controller v1.8.2
• notification-controller v1.8.3

CLI changelog

• Update toolkit components by @​fluxcdbot in fluxcd/flux2#5822

Full Changelog: fluxcd/flux2@v2.8.4...v2.8.5

v2.8.4

Highlights

Flux v2.8.4 is a patch release that includes fixes for the Flux CLI. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

Fixes:

• Fix flux build ks and flux diff ks on Windows
• Fix --source flag validation in create kustomization command

CLI changelog

• Update fluxcd/pkg dependencies by @​fluxcdbot in fluxcd/flux2#5796
• [release/v2.8.x] fix: validate --source flag in create kustomization command by @​fluxcdbot in fluxcd/flux2#5799

Full Changelog: fluxcd/flux2@v2.8.3...v2.8.4

Commits

• 5adad89 Merge pull request #5822 from fluxcd/update-components-release/v2.8.x
• 29cc0b3 Update toolkit components
• 3cf3cb5 Merge pull request #5799 from fluxcd/backport-5798-to-release/v2.8.x
• 1569932 fix: validate --source flag in create kustomization command
• 836f87e Merge pull request #5796 from fluxcd/update-pkg-deps/release/v2.8.x
• 19545a8 Update fluxcd/pkg dependencies
• See full diff in compare view

Updates docker/build-push-action from 7.0.0 to 7.1.0

Release notes

Sourced from docker/build-push-action's releases.

v7.1.0

• Git context query format support by @​crazy-max in docker/build-push-action#1505
• Bump @​docker/actions-toolkit from 0.79.0 to 0.87.0 by @​crazy-max in docker/build-push-action#1505
• Bump brace-expansion from 1.1.12 to 1.1.13 in docker/build-push-action#1500
• Bump fast-xml-parser from 5.4.2 to 5.5.7 in docker/build-push-action#1489
• Bump flatted from 3.3.3 to 3.4.2 in docker/build-push-action#1491
• Bump glob from 10.3.12 to 10.5.0 in docker/build-push-action#1490
• Bump handlebars from 4.7.8 to 4.7.9 in docker/build-push-action#1497
• Bump lodash from 4.17.23 to 4.18.1 in docker/build-push-action#1510
• Bump picomatch from 4.0.3 to 4.0.4 in docker/build-push-action#1496
• Bump undici from 6.23.0 to 6.24.1 in docker/build-push-action#1486
• Bump vite from 7.3.1 to 7.3.2 in docker/build-push-action#1509

Full Changelog: docker/build-push-action@v7.0.0...v7.1.0

Commits

• bcafcac Merge pull request #1509 from docker/dependabot/npm_and_yarn/vite-7.3.2
• 18e62f1 Merge pull request #1510 from docker/dependabot/npm_and_yarn/lodash-4.18.1
• 46580d2 chore: update generated content
• 3f80b25 chore(deps): Bump lodash from 4.17.23 to 4.18.1
• efeec95 Merge pull request #1505 from crazy-max/refactor-git-context
• ddf04b0 Merge pull request #1511 from docker/dependabot/github_actions/crazy-max-dot-...
• db08d97 chore(deps): Bump the crazy-max-dot-github group with 2 updates
• ef1fb96 Merge pull request #1508 from docker/dependabot/github_actions/docker/login-a...
• 2d8f2a1 chore: update generated content
• 919ac7b fix test since secrets are not written to temp path anymore
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.