v1.30.0
·
1825 commits
to main
since this release
v1.30.0
suzuki-shunsuke
Shunsuke Suzuki
This tag was signed with the committer’s verified signature.
suzuki-shunsuke
Shunsuke Suzuki
Pull Requests | Issues | v1.29.0...v1.30.0
Features
#1490 #1511 Install cosign lazily to avoid installing Cosign unnecessarily
#1510 Prevent Cosign from being tampered by hardcoding checksums of Cosign
#1491 #1508 Support verifying Registries' checksums
#1512 #1514 Add darwin/arm64 to supported_envs if rosetta2 is enabled
Support verifying Registries' checksums
aqua verifies checksums of Registries if Checksum Verification is enabled.
aqua.yaml
checksum:
enabled: trueaqua-checksums.json
{
"checksums": [
{
"id": "registries/github_content/github.com/aquaproj/aqua-registry/v3.114.0/registry.yaml",
"checksum": "b5b922c4d64609e536daffec6e480d0fed3ee56b16320a10c38ae12df7f045e8b20a0c05ec66eb28146cee42559e5e6c4e4bc49ce89ffe48a5640999cc6248bd",
"algorithm": "sha512"
}
]
}If the checksum is invalid, it would fail to install Registries.
ERRO[0000] install the registry actual_checksum=b5b922c4d64609e536daffec6e480d0fed3ee56b16320a10c38ae12df7f045e8b20a0c05ec66eb28146cee42559e5e6c4e4bc49ce89ffe48a5640999cc6248be aqua_version= env=darwin/arm64 error="check a registry's checksum: checksum is invalid" exe_name=starship expected_checksum=b5b922c4d64609e536daffec6e480d0fed3ee56b16320a10c38ae12df7f045e8b20a0c05ec66eb28146cee42559e5e6c4e4bc49ce89ffe48a5640999cc6248bd program=aqua registry_name=standard
FATA[0000] aqua failed aqua_version= env=darwin/arm64 error="it failed to install some registries" exe_name=starship program=aqua
Others
#1509 init: add .checksum.supported_envs to aqua init's template