Bump grafana/plugin-ci-workflows/.github/workflows/cd.yml from 5.1.0 to 6.0.0

[dependabot]

Bumps grafana/plugin-ci-workflows/.github/workflows/cd.yml from 5.1.0 to 6.0.0.

Release notes

Sourced from grafana/plugin-ci-workflows/.github/workflows/cd.yml's releases.

ci-cd-workflows: v6.0.0

6.0.0 (2026-01-19)

⚠ BREAKING CHANGES

• playwright: remove version and image arguments (#507)

GRAFANA_VERSION and GRAFANA_IMAGE aren't being passed to Playwright anymore.

For consumers of the shared workflows that wants to detect Grafana version within plugin-e2e tests, there's an alternative approach using the official API:

test('should be possible to enable advanced mode', async ({ grafanaVersion, alertRuleEditPage }) => {
   test.skip(semver.lt(grafanaVersion, '11.6.0'), 'Advanced mode is not supported in Grafana versions < 11.6.0');
   // test code
});

---

• cd: allow releasing to prod from non-main branches (#378)

Calls to cd.yml must be adjusted to include an additional permission: pull-requests: read, otherwise the workflow will fail with the following error:

Invalid workflow file: ...
The workflow is not valid. .github/workflows/publish.yaml (...): Error calling workflow 'grafana/plugin-ci-workflows/.github/workflows/cd.yml@.... The workflow is requesting 'pull-requests: read', but is only allowed 'pull-requests: none'.

Example on the required changes to cd.yml:

jobs:
  cd:
    name: CD
    uses: grafana/plugin-ci-workflows/.github/workflows/cd.yml@main
    permissions:
      contents: write
+     pull-requests: read
      id-token: write
      attestations: write

---

🎉 Features

... (truncated)

Commits

• a62bf1e chore(main): release ci-cd-workflows 6.0.0 (#487)
• 0a4cd3d test(act): fix flaky setup go step in act tests (#513)
• 3c93dda test(act): fix validator tests (#506)
• f70e822 feat(playwright)!: remove version and image arguments (#507)
• e3f1779 test(act): add gcom mock, cd.yml changes for testing (#501)
• ba46bf1 test(act): refactor testing framework to handle more than one type of workflo...
• 6d8cb8c feat(ci): support react image in e2e matrix (#496)
• f601916 perf(ci): cache used actions as part of act cache warmup (#495)
• 4e9ca04 feat(ci): add warning when ci and cd workflows are not on the same reference ...
• 26d87fb test(act): fix gcs sub-tests not running in parallel (#494)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #1543.