Skip to content

v1.2.0-rc.1

Pre-release
Pre-release
Compare
Choose a tag to compare
@github-actions github-actions released this 22 May 00:27
· 192 commits to dev since this release
v1.2.0-rc.1
280494f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

🚨 Deprecations

  • CertificateStore is deprecated in favor of KeyManagementProvider. Please migrate to KeyManagementProvider by following guide here. Support will be removed in Ratify v2.0.0

New Features

📄 Documentation

🎉 New Contributors

🐛 🩹 Bug Fixes

What's Changed

  • fix: bump dev helmfile ratify chart versions by @akashsinghal in #1216
  • feat: add namespace to external data request key by @binbin-li in #1201
  • chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.16.9 to 1.16.12 by @dependabot in #1224
  • chore: Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.9.0 to 1.9.1 by @dependabot in #1225
  • chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.25.11 to 1.25.12 by @dependabot in #1226
  • build: bump up upload-artifact action to v4.0.0 by @binbin-li in #1227
  • chore: Bump golang.org/x/crypto from 0.16.0 to 0.17.0 by @dependabot in #1229
  • feat: add version to CRD spec by @susanshi in #1215
  • fix: surface plugin error in exec.go by @susanshi in #1228
  • chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.16.12 to 1.16.13 by @dependabot in #1235
  • chore: Bump k8s.io/client-go from 0.28.4 to 0.28.5 by @dependabot in #1232
  • chore: Bump apache/skywalking-eyes from ee81ff786927ea6ffa48b1e29c48e5289f4753aa to ed436a5593c63a25f394ea29da61b0ac3731a9fe by @dependabot in #1231
  • feat: add cache isolation by @binbin-li in #1213
  • chore: update codecov config by @junczhu in #1237
  • docs: updated docs with the latest verifier report format by @junczhu in #1236
  • fix: SBOM verifier license match support for deprecated license by @susanshi in #1230
  • docs: add multi-tenancy support discussions by @binbin-li in #1175
  • fix: differentiate aks logs from e2e log by @susanshi in #1243
  • ci: add cache cleanup post merge by @akashsinghal in #1242
  • docs: Update log format in doc by @junczhu in #1240
  • ci: switch to fail-fast from continue-on-error by @binbin-li in #1245
  • ci: add dev helm chart publishing workflow by @akashsinghal in #1209
  • fix: update constraint templates to work with new type field by @akashsinghal in #1217
  • fix: improve vuln report verifier report messages by @akashsinghal in #1238
  • feat: improve plugin config dependency by @junczhu in #1223
  • chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.16.13 to 1.16.14 by @dependabot in #1250
  • chore: Bump github.com/AzureAD/microsoft-authentication-library-for-go from 1.2.0 to 1.2.1 by @dependabot in #1252
  • chore: Bump github.com/cloudflare/circl from 1.3.5 to 1.3.7 by @dependabot in #1253
  • chore: Bump azure/login from 1.5.1 to 1.6.0 by @dependabot in #1255
  • chore: rename func for readability by @junczhu in #1257
  • chore: Bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in #1261
  • chore: Bump azure/login from 1.6.0 to 1.6.1 by @dependabot in #1266
  • chore: Bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in #1270
  • chore: Bump k8s.io/client-go from 0.28.5 to 0.28.6 by @dependabot in #1273
  • chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.16.14 to 1.16.16 by @dependabot in #1275
  • chore: Bump github.com/opencontainers/image-spec from 1.1.0-rc5 to 1.1.0-rc6 by @dependabot in #1271
  • chore: Bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in #1279
  • chore: Bump codecov/codecov-action from 3.1.4 to 3.1.5 by @dependabot in #1281
  • chore: Bump github.com/docker/cli from 24.0.7+incompatible to 24.0.8+incompatible by @dependabot in #1282
  • chore: Bump github.com/notaryproject/notation-core-go from 1.0.1 to 1.0.2 by @dependabot in #1283
  • chore: bump to go 1.21 by @akashsinghal in #1276
  • fix: dynamic plugin should support pulling image with digest by @susanshi in #1280
  • feat: validate plugin name on CR create by @susanshi in #1265
  • chore: Bump codecov/codecov-action from 3.1.5 to 3.1.6 by @dependabot in #1288
  • fix: add missing CRD conversion methods by @binbin-li in #1289
  • fix: fix unit tests that fail in local environment by @binbin-li in #1292
  • chore: Bump codecov/codecov-action from 3.1.6 to 4.0.0 by @dependabot in #1291
  • chore: Bump codecov/codecov-action from 4.0.0 to 4.0.1 by @dependabot in #1298
  • chore: Bump github.com/sigstore/cosign/v2 from 2.2.2 to 2.2.3 by @dependabot in #1301
  • chore: Bump github.com/docker/cli from 24.0.8+incompatible to 24.0.9+incompatible by @dependabot in #1302
  • feat: handle stderr and stdout messages from plugins by @duffney in #1258
  • chore: Bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in #1303
  • chore: Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.9.1 to 1.9.2 by @dependabot in #1306
  • chore: Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in #1307
  • chore: Bump k8s.io/client-go from 0.28.6 to 0.28.7 by @dependabot in #1309
  • chore: Bump github.com/opencontainers/image-spec from 1.1.0-rc6 to 1.1.0 by @dependabot in #1312
  • chore: Bump google.golang.org/grpc from 1.61.0 to 1.61.1 by @dependabot in #1313
  • chore: Bump codecov/codecov-action from 4.0.1 to 4.0.2 by @dependabot in #1316
  • chore: Bump codecov/codecov-action from 4.0.2 to 4.1.0 by @dependabot in #1317
  • chore: Bump github.com/AzureAD/microsoft-authentication-library-for-go from 1.2.1 to 1.2.2 by @dependabot in #1315
  • chore: Bump github.com/sigstore/sigstore from 1.8.1 to 1.8.2 by @dependabot in #1325
  • feat: add debug logs to k8s secret and docker config auth providers by @akashsinghal in #1319
  • build: update deployment template azure workload identity annotation by @akashsinghal in #1320
  • chore: Bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 by @dependabot in #1328
  • chore: Bump github.com/go-jose/go-jose/v3 from 3.0.2 to 3.0.3 by @dependabot in #1329
  • chore: Bump azure/login from 1.6.1 to 2.0.0 by @dependabot in #1330
  • chore: Bump github.com/golang/protobuf from 1.5.3 to 1.5.4 by @dependabot in #1331
  • chore: Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #1332
  • chore: Bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #1335
  • chore: update to support GK 3.15 & remove support for GK 3.12 by @akashsinghal in #1318
  • ci: update and cleanup CI tools used by @akashsinghal in #1326
  • fix: update hard coded test registry reference by @akashsinghal in #1336
  • chore: Bump k8s.io/client-go from 0.28.7 to 0.28.8 by @dependabot in #1339
  • chore: Bump github.com/google/go-containerregistry from 0.19.0 to 0.19.1 by @dependabot in #1338
  • chore: Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible by @dependabot in #1345
  • chore: update the image tag of dev container by @junczhu in #1347
  • chore: Bump apache/skywalking-eyes from ed436a5593c63a25f394ea29da61b0ac3731a9fe to e6d1ce46901c759d9d9f84f8bcb97ad028cd5f88 by @dependabot in #1348
  • chore: Bump github.com/owenrumney/go-sarif/v2 from 2.3.0 to 2.3.1 by @dependabot in #1349
  • ci: update license check exclusion version by @akashsinghal in #1351
  • feat: add key management provider resource by @akashsinghal in #1293
  • chore: Bump codecov/codecov-action from 4.1.0 to 4.1.1 by @dependabot in #1354
  • feat: move cosign to be a built in verifier by @akashsinghal in #1343
  • chore: Bump apache/skywalking-eyes from e6d1ce46901c759d9d9f84f8bcb97ad028cd5f88 to 97538682f556b56cc7422ece660d8d7e6c4fb013 by @dependabot in #1355
  • chore: Bump github.com/sigstore/sigstore from 1.8.2 to 1.8.3 by @dependabot in #1357
  • feat: add GetNamespace utils method for context [multi-tenancy PR 1] by @binbin-li in #1356
  • chore: Bump apache/skywalking-eyes from 97538682f556b56cc7422ece660d8d7e6c4fb013 to 6753eaeab2d30d8b777f33637bf48794f70888d0 by @dependabot in #1362
  • chore: Bump codecov/codecov-action from 4.1.1 to 4.2.0 by @dependabot in #1363
  • docs: update COC and add adopters.md by @FeynmanZhou in #1360
  • feat: run full validation on staging by @susanshi in #1361
  • chore: Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #1365
  • chore: Bump apache/skywalking-eyes from ed436a5593c63a25f394ea29da61b0ac3731a9fe to 6753eaeab2d30d8b777f33637bf48794f70888d0 by @dependabot in #1366
  • chore: Bump google.golang.org/grpc from 1.61.1 to 1.61.2 by @dependabot in #1367
  • chore: Bump apache/skywalking-eyes from 6753eaeab2d30d8b777f33637bf48794f70888d0 to cd7b195c51fd3d6ad52afceb760719ddc6b3ee91 by @dependabot in #1370
  • fix: updated community meeting time to UTC by @susanshi in #1364
  • chore: Bump actions/checkout from 4.1.1 to 4.1.2 by @susanshi in #1368
  • docs: add roadmap by @yizha1 in #1344
  • Revert "chore: Bump actions/checkout from 4.1.1 to 4.1.2" by @susanshi in #1372
  • build: Add codecov token by @binbin-li in #1373
  • build: Add codecov token (#1373) by @binbin-li in #1376
  • feat: add verifiers interface to wrap up operations on namespaced verifiers [multi-tenancy PR 2] by @binbin-li in #1358
  • chore: Bump codecov/codecov-action from 4.2.0 to 4.3.0 by @dependabot in #1379
  • feat: add key support to key management provider by @akashsinghal in #1333
  • fix: enable workflow for staging by @susanshi in #1369
  • feat: add PolicyManager interface to wrap operations on namespaced policies [multi-tenancy PR 3] by @binbin-li in #1359
  • feat: add ReferrerStoreManager interface to wrap operations on namespaced stores [multi-tenancy PR 4] by @binbin-li in #1380
  • fix: update azure tenantId casing by @akashsinghal in #1385
  • chore: Bump github.com/sigstore/cosign/v2 from 2.2.3 to 2.2.4 by @dependabot in #1383
  • build: update Bridge to Kubernetes debugging steps by @akashsinghal in #1384
  • chore: Bump github.com/aws/aws-sdk-go-v2 from 1.26.0 to 1.26.1 by @dependabot in #1394
  • chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.9 to 1.17.11 by @dependabot in #1393
  • chore: Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.1 to 1.5.2 by @dependabot in #1392
  • chore: Bump google.golang.org/grpc from 1.62.1 to 1.62.2 by @dependabot in #1391
  • chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.9 to 1.27.11 by @dependabot in #1390
  • feat: merge from staging to main by @binbin-li in #1388
  • chore: bump oras go to 2.5.0 by @akashsinghal in #1389
  • feat: add certStoreManager interface to wrap operations on namespaced certStores [multi-tenancy PR 5] by @binbin-li in #1382
  • chore: Bump azure/login from 2.0.0 to 2.1.0 by @dependabot in #1400
  • fix: rename staging to dev branch by @susanshi in #1401
  • chore: Bump k8s.io/apimachinery from 0.28.8 to 0.28.9 by @dependabot in #1405
  • chore: Bump k8s.io/api from 0.28.8 to 0.28.9 by @dependabot in #1404
  • chore: Bump k8s.io/client-go from 0.28.8 to 0.28.9 by @dependabot in #1406
  • chore: Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.11.0 to 1.11.1 by @dependabot in #1407
  • chore: Bump github.com/spdx/tools-golang from 0.5.3 to 0.5.4 by @dependabot in #1403
  • chore: Bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in #1410
  • fix: update ReferrerNotFound error to be more accurate by @binbin-li in #1408
  • chore: Bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #1411
  • chore: Bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in #1412
  • feat: add cosign trust policies by @akashsinghal in #1381
  • docs: cosign upgrade design document by @akashsinghal in #1246
  • chore: Bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #1414
  • chore: Bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in #1415
  • feat: add compatibility check in KMP while fetching certs/keys [multi-tenancy PR 6] by @binbin-li in #1395
  • fix: add top-level read permission by @binbin-li in #1419
  • feat: add NamespacedPolicy CRD [multi-tenancy PR 7] by @binbin-li in #1402
  • build: ignore CVE-2022-48174 by @binbin-li in #1421
  • build: fix unpinned images by @binbin-li in #1420
  • feat: add NamespacedStore CRD [multi-tenancy PR 8] by @binbin-li in #1413
  • fix: Set IdleTimeout for http.Server by @mannbiher in #1418
  • test: fix cosign CR filename by @binbin-li in #1425
  • ci: bump k8s versions by @akashsinghal in #1417
  • chore: Bump golangci/golangci-lint-action from 5.0.0 to 5.1.0 by @dependabot in #1426
  • fix: add akv keys check on cosign-verifier by @binbin-li in #1427
  • chore: merging dev into main 04-30-2024 by @susanshi in #1424
  • fix: handle empty trust policies by @akashsinghal in #1431
  • feat: add NamespacedKMP and switch KMP scope to cluster [multi-tenancy PR 9] by @binbin-li in #1422
  • chore: bump ratify version for 1.1.1 patch release by @akashsinghal in #1434
  • feat: refactor certStore and KMP to support multi-tenancy [multi-tenancy PR 10] by @binbin-li in #1423
  • chore: Bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #1438
  • feat: add NamespacedVerifier CRD [multi-tenancy PR 11] by @binbin-li in #1428
  • chore: Bump codecov/codecov-action from 4.3.0 to 4.3.1 by @dependabot in #1433
  • chore: Bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 by @dependabot in #1440
  • test: add e2e tests for multi-tenancy [multi-tenancy PR 12] by @binbin-li in #1429
  • chore: Bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #1447
  • chore: Bump golangci/golangci-lint-action from 5.3.0 to 6.0.0 by @dependabot in #1446
  • chore: use semantic version for go install pkg by @binbin-li in #1448
  • fix: fix AKS test by switching to cluster-wide KMP by @binbin-li in #1455
  • chore: merge dev into main 05-07-2024 by @susanshi in #1444
  • test: add unit tests for KMP and CertStore controllers by @binbin-li in #1439
  • ci: update azure SP federated credentials by @akashsinghal in #1442
  • chore: Bump golangci/golangci-lint-action from 6.0.0 to 6.0.1 by @dependabot in #1457
  • docs: Create BREAKING_CHANGE_AND_DEPRECATION.md by @susanshi in #1399
  • chore: Bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #1462
  • fix: fix missing separator in helm template by @binbin-li in #1463
  • chore: Bump vscode/devcontainers/go from c23be6b to 0ea3913 in /.devcontainer by @dependabot in #1465
  • chore: Bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 by @dependabot in #1466
  • fix: check label value on pull_request_target by @binbin-li in #1471
  • chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.11 to 1.27.13 by @dependabot in #1467
  • chore: Bump golang from d83472f to 392d2b6 in /httpserver by @dependabot in #1469
  • fix: DecodeCertificates cert length check by @susanshi in #1470
  • chore: update dev helmfiles to clean up namespaced resources by @akashsinghal in #1476
  • chore: Bump codecov/codecov-action from 4.3.1 to 4.4.0 by @dependabot in #1477
  • fix: update cosign chart and remove extra logs by @akashsinghal in #1475
  • chore: update cert value in sample CRs by @binbin-li in #1479
  • fix: add check for disabled keys from azure key vault by @akashsinghal in #1474
  • chore: merge dev into main 5-16-24 by @akashsinghal in #1480
  • chore: prepare for release 1.2-rc.1 by @susanshi in #1481

Full Changelog: v1.1.0...v1.2.0-rc.1

Contributors

binbin-li, duffney, and 7 other contributors
Assets 8
Loading
0 Join discussion