Skip to content

Releases: sigstore/scaffolding

v0.6.8

Choose a tag to compare

@github-actions github-actions released this 07 Oct 11:39
76f6bf1

What's Changed

  • swap prober from v1 to v2 fulcio signingCert endpoint by @bobcallaway in #750
  • disable codeql on terraform-only changes by @bobcallaway in #751
  • Bump k8s.io/client-go from 0.27.4 to 0.28.1 by @dependabot in #743
  • Bump k8s.io/code-generator from 0.27.4 to 0.28.1 by @dependabot in #740
  • Bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in #755
  • Bump golang.org/x/crypto from 0.12.0 to 0.13.0 by @dependabot in #753
  • Bump goreleaser/goreleaser-action from 4.4.0 to 4.6.0 by @dependabot in #754
  • Add k8s 1.28 by @wlynch in #756
  • Fix CodeQL path filtering by @codysoyland in #758
  • Add alert for Cloud SQL CPU utilization > 90% for 300s by @codysoyland in #757
  • Bump goreleaser/goreleaser-action from 4.6.0 to 5.0.0 by @dependabot in #766
  • Bump docker/login-action from 2.2.0 to 3.0.0 by @dependabot in #765
  • Bump k8s.io/client-go from 0.28.1 to 0.28.2 by @dependabot in #761
  • Bump go.uber.org/zap from 1.25.0 to 1.26.0 by @dependabot in #760
  • Bump k8s.io/code-generator from 0.28.1 to 0.28.2 by @dependabot in #759
  • Remove Cloud SQL memory usage alerts by @haydentherapper in #767
  • Adding back alerts for DB memory consumption by @haydentherapper in #768
  • Bump cloud-sql-connectors/cloud-sql-proxy from 2.6.1-alpine to 2.7.0-alpine by @dependabot in #769
  • Update alert threshold for Redis OOM by @haydentherapper in #770
  • Bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #771
  • Bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 by @dependabot in #774

Full Changelog: v0.6.7...v0.6.8

v0.6.7

Choose a tag to compare

@github-actions github-actions released this 06 Sep 23:08
edf534f

Changelog

  • edf534f Bump rekor to v1.3.0 and fulcio to v1.4.0 (#749)

Thanks to all contributors!

v0.6.6

Choose a tag to compare

@github-actions github-actions released this 14 Aug 15:38
4e9f2ff

Changelog

  • 4e9f2ff clean up unused cluster-wide IP and dns WRR configs (#707)

Thanks to all contributors!

What's Changed

Full Changelog: v0.6.5...v0.6.6

v0.6.5

Choose a tag to compare

@github-actions github-actions released this 20 Jul 17:02
2221b2e

Thanks to all contributors!

What's Changed

  • Increase Cloud SQL alert threshold to 98% by @codysoyland in #569
  • expose variable to make timestamp module optional by @bobcallaway in #567
  • bump install instructions to v0.6.4 by @vaikas in #570
  • Bump google.golang.org/protobuf from 1.28.1 to 1.29.0 by @dependabot in #572
  • Bump github/codeql-action from 2.2.5 to 2.2.6 by @dependabot in #571
  • swaps resource type to k8s_node for k8s mem and cpu utilization alerts by @cdris in #573
  • Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 by @dependabot in #574
  • Bump k8s.io/apimachinery from 0.26.2 to 0.26.3 by @dependabot in #583
  • Bump github/codeql-action from 2.2.6 to 2.2.7 by @dependabot in #575
  • Bump k8s.io/client-go from 0.26.2 to 0.26.3 by @dependabot in #582
  • Bump github.com/go-openapi/strfmt from 0.21.3 to 0.21.5 by @dependabot in #580
  • Bump google.golang.org/protobuf from 1.29.1 to 1.30.0 by @dependabot in #578
  • Bump k8s.io/code-generator from 0.26.2 to 0.26.3 by @dependabot in #581
  • Bump actions/setup-go from 3.5.0 to 4.0.0 by @dependabot in #577
  • Bump actions/checkout from 3.3.0 to 3.4.0 by @dependabot in #576
  • Update kind images to v0.17.0, add k8s 1.26. by @wlynch in #584
  • Bump github/codeql-action from 2.2.7 to 2.2.8 by @dependabot in #585
  • Bump github.com/sigstore/timestamp-authority from 0.2.1 to 1.0.0 by @dependabot in #589
  • Bump actions/checkout from 3.4.0 to 3.5.0 by @dependabot in #586
  • Bump google.golang.org/grpc from 1.53.0 to 1.54.0 by @dependabot in #588
  • Bump github.com/golang/glog from 1.1.0 to 1.1.1 by @dependabot in #587
  • Bump github/codeql-action from 2.2.8 to 2.2.9 by @dependabot in #590
  • Bump github.com/go-openapi/strfmt from 0.21.5 to 0.21.7 by @dependabot in #591
  • Bump github.com/sigstore/fulcio from 1.1.0 to 1.2.0 by @dependabot in #592
  • Bump github.com/sigstore/rekor from 1.0.1 to 1.1.0 by @dependabot in #593
  • Bump github.com/docker/docker from 20.10.21+incompatible to 20.10.24+incompatible by @dependabot in #594
  • add flag to specify where to put GCS logs by @bobcallaway in #595
  • disable flow logging in VPC subnets by @bobcallaway in #596
  • Swapping use of external metric to managed prometheus metric by @cdris in #597
  • Bump github.com/sigstore/sigstore from 1.6.0 to 1.6.1 by @dependabot in #602
  • Bump github/codeql-action from 2.2.9 to 2.2.11 by @dependabot in #599
  • Bump golang.org/x/crypto from 0.7.0 to 0.8.0 by @dependabot in #601
  • Bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible by @dependabot in #603
  • Bump actions/checkout from 3.5.0 to 3.5.2 by @dependabot in #605
  • Bump github.com/sigstore/sigstore from 1.6.1 to 1.6.2 by @dependabot in #608
  • Bump k8s.io/client-go from 0.26.3 to 0.27.1 by @dependabot in #610
  • Bump github/codeql-action from 2.2.11 to 2.2.12 by @dependabot in #604
  • Bump github.com/prometheus/client_golang from 1.14.0 to 1.15.0 by @dependabot in #609
  • Bump k8s.io/code-generator from 0.26.3 to 0.27.1 by @dependabot in #606
  • Bump github.com/sigstore/sigstore from 1.6.2 to 1.6.3 by @dependabot in #613
  • Bump github/codeql-action from 2.2.12 to 2.3.0 by @dependabot in #612
  • reduce number of uptime checks for rekor by @bobcallaway in #614
  • Bump github.com/sigstore/cosign/v2 from 2.0.1 to 2.0.2 by @dependabot in #616
  • Bump github.com/go-sql-driver/mysql from 1.7.0 to 1.7.1 by @dependabot in #618
  • Bump github.com/google/certificate-transparency-go from 1.1.4 to 1.1.5 by @dependabot in #617
  • Bump github/codeql-action from 2.3.0 to 2.3.2 by @dependabot in #619
  • Bump sigstore/cosign-installer from 2.8.1 to 3.0.2 by @dependabot in #600
  • Add ko as a prerequisite in the docs. by @therealnb in #621
  • Bump github.com/sigstore/rekor from 1.1.0 to 1.1.1 by @dependabot in #624
  • Bump github.com/sigstore/fulcio from 1.2.0 to 1.3.1 by @dependabot in #628
  • Bump sigstore/cosign-installer from 3.0.2 to 3.0.3 by @dependabot in #625
  • Bump github.com/sigstore/timestamp-authority from 1.0.0 to 1.1.0 by @dependabot in #630
  • Bump github.com/prometheus/client_golang from 1.15.0 to 1.15.1 by @dependabot in #631
  • Bump google.golang.org/grpc from 1.54.0 to 1.55.0 by @dependabot in #627
  • Bump github/codeql-action from 2.3.2 to 2.3.3 by @dependabot in #626
  • Bump github.com/sigstore/sigstore from 1.6.3 to 1.6.4 by @dependabot in #629
  • Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible by @dependabot in #632
  • Bump github.com/sigstore/timestamp-authority from 1.1.0 to 1.1.1 by @dependabot in #633
  • Bump golang.org/x/crypto from 0.8.0 to 0.9.0 by @dependabot in #636
  • Bump actions/setup-go from 4.0.0 to 4.0.1 by @dependabot in #638
  • Bump k8s.io/code-generator from 0.27.1 to 0.27.2 by @dependabot in #643
  • Bump sigs.k8s.io/release-utils from 0.7.3 to 0.7.4 by @dependabot in #642
  • Bump k8s.io/api from 0.27.1 to 0.27.2 by @dependabot in #641
  • Bump sigstore/cosign-installer from 3.0.3 to 3.0.5 by @dependabot in #637
  • Bump k8s.io/client-go from 0.27.1 to 0.27.2 by @dependabot in #640
  • Bump redis max memory size by @codysoyland in #644
  • Redis memory alerts by @cdris in #645
  • Bump github/codeql-action from 2.3.3 to 2.3.5 by @dependabot in #648
  • update deps by @cpanato in #650
  • Labeling severity for low priority alerts by @cdris in #652
  • Bump github/codeql-action from 2.3.5 to 2.3.6 by @dependabot in #653
  • Bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 by @dependabot in #654
  • Update sigstore/sigstore dep and golangci-lint by @cpanato in #656
  • Bump docker/login-action from 2.1.0 to 2.2.0 by @dependabot in #661
  • Bump github/codeql-action from 2.3.6 to 2.13.4 by @dependabot in #659
  • Bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #660
  • Bump github.com/go-openapi/swag from 0.22.3 to 0.22.4 by @dependabot in #662
  • alert on remaining disk instead of utilization by @cdris in #658
  • CloudSQL disk utilization alert tf fix: conditions is a repeated block not a list by @cdris in #664
  • Cloudsql alert fix: can't have multiple conditions with mql by @cdris in #665
  • allow redis cluster size to be set in variable by @bobcallaway in #666
  • Bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 by @dependabot in #667
  • Bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 by @dependabot in #668
  • update de...
Read more

v0.6.4

Choose a tag to compare

@github-actions github-actions released this 09 Mar 02:02
8f5907d

Changelog

  • 8f5907d remove experiment to unblock tf upgrade (#568)

Thanks to all contributors!

What's Changed

  • Switch Fulcio write prober to call V2 API by @haydentherapper in #540
  • Bump goreleaser/goreleaser-action from 4.1.1 to 4.2.0 by @dependabot in #541
  • Bump golang.org/x/crypto from 0.5.0 to 0.6.0 by @dependabot in #545
  • Bump github/codeql-action from 2.2.1 to 2.2.4 by @dependabot in #543
  • Bump google.golang.org/grpc from 1.52.3 to 1.53.0 by @dependabot in #544
  • registry on port 5001 by default. From release uses 0.6.3. by @vaikas in #547
  • Bump golang.org/x/net from 0.6.0 to 0.7.0 by @dependabot in #548
  • Bump github.com/sigstore/fulcio from 1.0.0 to 1.1.0 by @dependabot in #549
  • Bump github.com/sigstore/cosign/v2 from 2.0.0-rc.0.0.20230117182108-e69e19027327 to 2.0.0 by @dependabot in #553
  • Bump github/codeql-action from 2.2.4 to 2.2.5 by @dependabot in #550
  • Bump github.com/sigstore/sigstore from 1.5.1 to 1.5.2 by @dependabot in #554
  • Bump github.com/google/trillian from 1.5.1-0.20220819043421-0a389c4bb8d9 to 1.5.1 by @dependabot in #555
  • Bump k8s.io/client-go from 0.26.1 to 0.26.2 by @dependabot in #563
  • Bump github.com/golang/glog from 1.0.0 to 1.1.0 by @dependabot in #560
  • Bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in #559
  • Bump k8s.io/code-generator from 0.26.1 to 0.26.2 by @dependabot in #561
  • Update deps by @cpanato in #565
  • Alerts for high kubernetes memory and cpu utilization by @cdris in #542
  • upgrade to use go1.20 by @cpanato in #566
  • remove experiment to unblock tf upgrade by @bobcallaway in #568

New Contributors

Full Changelog: v0.6.3...v0.6.4

v0.6.3

Choose a tag to compare

@github-actions github-actions released this 02 Feb 15:57
9ab8ae3

What's Changed

Full Changelog: v0.6.2...v0.6.3

v0.6.2

Choose a tag to compare

@github-actions github-actions released this 18 Jan 09:50
399861b

What's Changed

  • fix typo in install step by @hkadakia in #526
  • fix: handle the process kill to not fail the pod and instead exit clean by @cpanato in #527

New Contributors

Full Changelog: v0.6.1...v0.6.2

v0.6.1

Choose a tag to compare

@github-actions github-actions released this 17 Jan 19:35
cd52efd

Changelog

  • cd52efd Update prober to latest version of Cosign (#525)

Thanks to all contributors!

What's Changed

  • update setup-ko to the new home by @cpanato in #524
  • Update prober to latest version of Cosign by @haydentherapper in #525

Full Changelog: v0.6.0...v0.6.1

v0.6.0

Choose a tag to compare

@github-actions github-actions released this 17 Jan 10:39
e290f7d

What's Changed

Full Changelog: v0.5.4...v0.6.0

v0.5.4

Choose a tag to compare

@github-actions github-actions released this 05 Dec 20:57
1c509d9

Changelog

  • 1c509d9 ensure we don't leak resp.Body on fulcio prober (#496)

Thanks to all contributors!

What's Changed

  • Bump actions/setup-go from 3.3.1 to 3.4.0 by @dependabot in #491
  • Bump github/codeql-action from 2.1.31 to 2.1.35 by @dependabot in #492
  • Bump github.com/sigstore/timestamp-authority from 0.1.2 to 0.1.3 by @dependabot in #493
  • Bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 by @dependabot in #494
  • ensure we don't leak resp.Body on fulcio prober by @bobcallaway in #496

Full Changelog: v0.5.3...v0.5.4