Skip to content

Releases: sigstore/scaffolding

v0.4.6

Choose a tag to compare

@vaikas vaikas released this 24 Aug 00:29
1be83b7

What's Changed

  • Disable noisy rekor alert by @priyawadhwa in #303
  • Bump github.com/go-openapi/swag from 0.22.0 to 0.22.3 by @dependabot in #310
  • Bump github.com/sigstore/cosign from 1.10.1 to 1.11.0 by @dependabot in #306
  • Bump github/codeql-action from 2.1.18 to 2.1.19 by @dependabot in #305
  • Bump sigstore/cosign-installer from 2.5.0 to 2.5.1 by @dependabot in #304
  • Bump github.com/google/trillian from 1.4.2 to 1.5.0 by @dependabot in #309
  • Bump github.com/sigstore/rekor from 0.10.0 to 0.11.0 by @dependabot in #311
  • Bump all sigstore components. Use GODEBUG=netdns=go for fulcio. by @vaikas in #316

Full Changelog: v0.4.5...v0.4.6

v0.4.5

Choose a tag to compare

@vaikas vaikas released this 19 Aug 09:58
3d392ac

What's Changed

  • Updates to reflect v0.4.4 by @vaikas in #300
  • remove deprecated github.com/pkg/errors and use native go error by @cpanato in #301
  • New kind images + more retries to work around 1.23 by @vaikas in #302

Full Changelog: v0.4.4...v0.4.5

v0.4.4

Choose a tag to compare

@vaikas vaikas released this 16 Aug 10:44
e630126

What's Changed

  • bump rekor to v0.10.0 and fulcio to v0.5.2 by @vaikas in #295
  • actually parse the release-version, update curl to fail properly by @vaikas in #290
  • Bump github.com/go-openapi/swag from 0.21.1 to 0.22.0 by @dependabot in #293
  • add working-directory input so that you can control where files go. by @vaikas in #294
  • Fix issue #129 by @vaikas in #296
  • Increase ksvc wait times 45s->2m. by @vaikas in #299

Full Changelog: v0.4.3...v0.4.4

v0.4.3

Choose a tag to compare

@vaikas vaikas released this 12 Aug 04:34
2e14289

What's Changed

New Contributors

Full Changelog: v0.4.2...v0.4.3

v0.4.2

Choose a tag to compare

@vaikas vaikas released this 09 Aug 20:44
640448b

What's Changed

  • Breaking change: setup-scaffolding.sh assumed you had ko installed locally, so added a proper replacement for previous release.yaml and replace it with setup-scaffolding-from-release.sh instead.

  • Give mysql SA permissions to export Monitoring/Trace data by @priyawadhwa in #272

  • Roles should be applied directly to the mysql service account by @priyawadhwa in #278

  • FIX Broken main action . Test with 0.4.1 release by @vaikas in #277

Full Changelog: v0.4.1...v0.4.2

v0.4.1

Choose a tag to compare

@vaikas vaikas released this 09 Aug 13:56
82de738

What's Changed

  • Modify test to use release v0.4.0, update getting-started. by @vaikas in #274

Full Changelog: v0.4.0...v0.4.1

v0.4.0

Choose a tag to compare

@vaikas vaikas released this 08 Aug 09:17
9473e9a

What's Changed

  • Breaking change: remove release.yaml because for TUF you can not just do a simple kubectl apply. Replaced with setup-scaffolding.sh

  • Increse Cloud SQL disk utilization threshold to 95% by @priyawadhwa in #193

  • Add prober check for Fulcio write endpoint by @priyawadhwa in #194

  • Add github action to run prober once when it's updated by @priyawadhwa in #195

  • actually pass through the mysql version to the module. by @k4leung4 in #197

  • test go mod tidy by @k4leung4 in #198

  • bump tuf version by @k4leung4 in #200

  • Bump github/codeql-action from 2.1.11 to 2.1.12 by @dependabot in #201

  • Bump google.golang.org/grpc from 1.46.2 to 1.47.0 by @dependabot in #203

  • Refactor alerts and fix prober error code alert by @priyawadhwa in #199

  • Bump tfsec/tfsec-sarif-action from 0.1.0 to 0.1.3 by @dependabot in #202

  • Bump github.com/sigstore/rekor from 0.7.0 to 0.8.0 by @dependabot in #207

  • Bump sigstore/cosign-installer from 2.3.0 to 2.4.0 by @dependabot in #205

  • Bump github.com/sigstore/fulcio from 0.4.1 to 0.5.0 by @dependabot in #208

  • Allow custom URLs for Rekor/Fulcio for prober by @priyawadhwa in #209

  • add data audit module. by @k4leung4 in #210

  • add slack token secret by @cpanato in #212

  • raise version upper limit to allow terraform 1.2.0+ by @k4leung4 in #213

  • Add Rekor write endpoint to prober by @priyawadhwa in #214

  • add maintenance policy, avoid work hours for google maintenance by @k4leung4 in #215

  • Bump github.com/sigstore/rekor from 0.8.0 to 0.8.1 by @dependabot in #219

  • Bump sigs.k8s.io/release-utils from 0.6.0 to 0.7.1 by @dependabot in #216

  • raise allowed google provider version to 4.25 by @k4leung4 in #224

  • Updates by @cpanato in #222

  • enable managed prometheus by default. by @k4leung4 in #223

  • Bump github.com/sigstore/rekor from 0.8.1 to 0.8.2 by @dependabot in #226

  • Bump github/codeql-action from 2.1.12 to 2.1.14 by @dependabot in #225

  • increase timeout from 5 to 15min for argocd helm release. by @k4leung4 in #227

  • upgrade kubectl / helm terraform providers by @cpanato in #228

  • Add Terraform resource for TUF preprod bucket by @haydentherapper in #229

  • Bump github/codeql-action from 2.1.14 to 2.1.15 by @dependabot in #230

  • Bump sigstore/cosign-installer from 2.4.0 to 2.4.1 by @dependabot in #231

  • Bump github.com/sigstore/rekor from 0.8.2 to 0.9.0 by @dependabot in #232

  • Temporarily disable Rekor alert until we get around to fixing it by @priyawadhwa in #234

  • Bump docs/test to using release v0.3.0. by @vaikas in #235

  • Bump github.com/sigstore/rekor from 0.9.0 to 0.9.1 by @dependabot in #237

  • Bump github.com/sigstore/fulcio from 0.5.0 to 0.5.1 by @dependabot in #236

  • Update prober alert metric names to Prometheus targets by @priyawadhwa in #238

  • Bump github/codeql-action from 2.1.15 to 2.1.16 by @dependabot in #240

  • Bump github.com/go-openapi/strfmt from 0.21.2 to 0.21.3 by @dependabot in #241

  • Bump google.golang.org/grpc from 1.47.0 to 1.48.0 by @dependabot in #243

  • Bump actions/setup-go from 3.2.0 to 3.2.1 by @dependabot in #239

  • Allow creating alerts with multiple notification channels by @priyawadhwa in #249

  • Bump github.com/sigstore/cosign from 1.9.0 to 1.10.0 by @dependabot in #250

  • Bump github.com/google/trillian from 1.4.1 to 1.4.2 by @dependabot in #257

  • Bump sigstore/cosign-installer from 2.4.1 to 2.5.0 by @dependabot in #254

  • Bump sigs.k8s.io/release-utils from 0.7.1 to 0.7.3 by @dependabot in #258

  • Bump github.com/sigstore/fulcio from 0.5.1 to 0.5.2 by @dependabot in #259

  • Bump google.golang.org/protobuf from 1.28.0 to 1.28.1 by @dependabot in #256

  • Bump github/codeql-action from 2.1.16 to 2.1.17 by @dependabot in #253

  • Bump github.com/sigstore/rekor from 0.9.1 to 0.10.0 by @dependabot in #255

  • add support for adding read replicas. can be used for failover by @k4leung4 in #251

  • use workload identity for external secret instead of service key. by @k4leung4 in #233

  • bump external-secrets api to v1beta1 now we are on v0.5.x by @k4leung4 in #260

  • plumb mysql replica configuration into sigstore module. by @k4leung4 in #261

  • Add a tuf server as well as repo management for tuf. by @vaikas in #262

  • remove token creator role for external secrets. by @k4leung4 in #264

  • clean up unused module variables by @k4leung4 in #266

  • Refactor the github action, test with tuf root. by @vaikas in #263

  • Bump github.com/sigstore/cosign from 1.10.0 to 1.10.1 by @dependabot in #270

  • Bump github/codeql-action from 2.1.17 to 2.1.18 by @dependabot in #269

  • Bump github.com/prometheus/client_golang from 1.12.2 to 1.13.0 by @dependabot in #271

  • Add job ttls, use setup-scaffolding for e2e tests, update getting-started.md by @vaikas in #267

  • Break release into smaller chunks. by @vaikas in #268

Full Changelog: v0.3.0...v0.4.0

v0.3.0

Choose a tag to compare

@github-actions github-actions released this 30 May 11:30
v0.3.0
74d1900

What's Changed

New Contributors

Full Changelog: v0.2.9...v0.3.0

Thanks to all contributors!

v0.2.9

Choose a tag to compare

@vaikas vaikas released this 25 Apr 17:32
611feaf

What's Changed

  • bump kind node versions. by @k4leung4 in #126
  • Add firewall to allow ingress webhook by @k4leung4 in #123
  • Updated ctlog config to include CodeSigning usage. by @k4leung4 in #125
  • Add checks in setup-kind for existing steps by @eddiezane in #122
  • Bump instructions to use latest release (v0.2.8) and test with it. by @vaikas in #130
  • Do not scale fulcio/rekor down to zero to prevent flakes when waiting for things to come up.

New Contributors

Full Changelog: v0.2.8...v0.2.9

v0.2.8

Choose a tag to compare

@github-actions github-actions released this 19 Apr 15:25
v0.2.8
88498ed

What's Changed

  • sync go module by @cpanato in #124
  • Fetch only root certificate from cert chain by @haydentherapper in #111
  • Add KMS key for Fulcio by @haydentherapper in #112
  • fix missing variables for kms rekor/fulcio by @cpanato in #114
  • Add presubmit test for "terraform validate" to the sigstore module by @priyawadhwa in #116
  • use chainguard set of actions to avoid duplication by @cpanato in #113
  • Split up KMS module keys into rekor and fulcio modules by @priyawadhwa in #117
  • Bump actions/checkout from 3.0.0 to 3.0.1 by @dependabot in #118
  • Bump github.com/sigstore/rekor from 0.5.0 to 0.6.0 by @dependabot in #121
  • Bump github/codeql-action from 1 to 2.1.8 by @dependabot in #120
  • Bump sigstore/cosign-installer from 2.2.0 to 2.2.1 by @dependabot in #119

New Contributors

  • @haydentherapper made their first contribution in #111

Full Changelog: v0.2.6...v0.2.8