Skip to content

beta-v4.0.0

Pre-release
Pre-release

Choose a tag to compare

View all tags
@anderssonw anderssonw released this 31 Jan 12:55
· 255 commits to main since this release
beta-v4.0.0
9fa89ff
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Breaking Changes

image_url is no longer a valid input for the run-terraform. This can be safely removed without adding anything else.

Features to note

  • Binary Authorization - Only two attestations are now made. One to be ran by itself using the post-build-attest workflow, and one which is automatically performed after a successful Trivy scan using run-security-scans. Note that a successful Trivy scan is just that the scan is ran, not that it found no vulnerabilities.
  • Customize security level - When running the workflow run-security-scans you are now able to add the new input allow_severity_level. This input takes one of the following inputs critical, high, medium, which denotes the highest level of severity that can occur on a scan while still allowing the security scan to pass without errors.
  • Terraform destroy plan - When running run-terraform with the destroy: true input, you now get a plan for this destruction during the terraform plan step.
  • Easier branch input - Using the deploy-on flag in run-terraform now allows for using only the branch name and not the full github reference.

(The last two features are from older versions, but have not been announced)

What's Changed

Full Changelog: v3.1.3...beta-v4.0.0

Contributors

anderssonw
Assets 2
Loading