v0.17.1
Highlights
Federated downloads for attestations / pieces of evidence
As noted in this issue #326, downloading attestations or pieces of evidences from our Content Addressable Storage (CAS) had some limitations. A user could only download assets from their current organization
and their default CAS backend.
This release fixes this issue by enabling storage federation across backends. In practice, this means that the system is smart enough to route download processes to the right backend (from any of your organizations), while still being addressed by their content digest
.
Downloading any item stored in CAS is as simple as providing its content digest to the cp.chainloop.dev/download
endpoint. For example, by clicking https://cp.chainloop.dev/download/sha256:f2c578be0f73ed18ca2d52ac38089dac12cdb43dfe20490c8ced1e39c6ddd937
Chainloop will dynamically find the right path to the stored attestation transparently 🪄
Public attestations / pieces of evidence (preview)
This release also includes a preview of our public sharing mechanism for attestations and pieces of evidence
#331. This allows operators to share links to attestations, SBOMs, binaries, VEX files, anything that has been collected as part of an attestation process for enhanced transparency.
The visibility property change is applied to the parent Workflow
, which means that if a Workflow is public, any attestations and pieces of evidences associated to it will be public.
During this preview, changing the visibility can only be performed through the API (CLI changes to come)
grpcurl -H "authorization: Bearer $TOKEN" -d '{"id": "[WORKFLOW_ID]", "public": true }' cp.chainloop.dev:443 controlplane.v1.WorkflowService.ChangeVisibility
As an example, you can download the attestation of this actual release here
What's Changed
- Bump Helm Chart Version => v0.16.2 by @github-actions in #324
- feat(deployment): allow to configure TLS certificate for gRPC servers by @zaibon in #319
- feat(controlplane) generate mapping for items in CAS by @migmartri in #327
- feat(controlplane): store and show the digest in CAS of the attestation by @migmartri in #329
- feat(controlplane): dynamic CAS backend selection during download by @migmartri in #328
- feat(controlplane): public attestations/materials by @migmartri in #331
- feat: show attestation digest in notifications by @migmartri in #332
- feat: show digest during attestation by @migmartri in #333
- Bump Helm Chart Version => v0.17.0 by @github-actions in #335
- chore: bump Chainloop CLI version by @migmartri in #334
- fix: show downloading message during redirect by @migmartri in #336
- Revert "chore: bump Chainloop CLI version (#334)" by @migmartri in #337
See the attestation here
Full Changelog: v0.16.2...v0.17.1