Skip to content

v0.21.0

Choose a tag to compare

View all tags
@CybotTM CybotTM released this 07 Mar 20:30
· 451 commits to main since this release
v0.21.0
This tag was signed with the committer’s verified signature.
CybotTM Sebastian Mendel
SSH Key Fingerprint: NOxv8dcZlMFz3wrLdHILVNSnF6xskqAjN3bnn0i7K30
Verified
Learn about vigilant mode.
42cdbc9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Highlights

Native go-cron DAG workflow engine (#499)

Replaced the custom WorkflowOrchestrator with go-cron's native DAG engine. Job dependencies, on-success, and on-failure chains now execute through go-cron's built-in directed acyclic graph scheduler, removing significant custom code while improving reliability.

Native pause/resume for job disable/enable (#497)

Job enable/disable now uses go-cron's native pause/resume API instead of removing and re-adding cron entries. This preserves job state and is more efficient. Disabled (paused) jobs correctly skip NextRuns/PrevRuns in the API.

Schedule introspection API (#495)

New PrevN/NextN endpoints expose upcoming and past scheduled run times for any job via the web API, useful for dashboards and monitoring.

Workflow observability (#496)

Added workflow completion hooks and metrics — track DAG workflow execution, step durations, and outcomes through the metrics subsystem.

Rate limiting via go-cron middleware (#500)

Replaced the custom scheduler semaphore with go-cron's MaxConcurrentSkip middleware for cleaner concurrency control.

Go 1.26.1 security update (#506)

Updated to Go 1.26.1 fixing 5 stdlib vulnerabilities: crypto/x509 certificate handling, net/url IPv6 parsing, os root escape, and html/template XSS.

Test coverage 60% → 86% (#502, #503)

Comprehensive test coverage improvements across core, CLI, web, middlewares, and Docker adapter packages.

Changes

Features

  • feat: add PrevN/NextN schedule introspection to web API (#495)
  • feat: add workflow completion observability hooks and metrics (#496)
  • feat: use native go-cron pause/resume for job disable/enable (#497)
  • feat: use native go-cron @triggered schedule instead of manual handling (#498)
  • feat: replace custom WorkflowOrchestrator with go-cron native DAG engine (#499)
  • feat: replace scheduler semaphore with go-cron MaxConcurrentSkip middleware (#500)

Bug Fixes

  • fix: don't track internal labels as config params (#485)
  • fix: add allow-list for global config keys from Docker labels (#487)
  • fix: update Go to 1.26.1 to fix stdlib vulnerabilities (#506)
  • fix: eliminate data races detected by -race flag
  • fix(web): improve API error handling, status codes, auth panic, rate limiter leak
  • fix(core): nil safety, idempotent EnableJob, remove dead WaitGroup

Testing

  • test: comprehensive test coverage improvement 60% → 82.5% (#502)
  • test: increase coverage from 82.5% to 86.2% (#503)

Dependencies

  • chore(deps): bump go-cron from 0.11.0 → 0.13.0 (quoted TZ values, DAG engine, pause/resume)
  • chore(deps): bump docker/cli to 29.3.0
  • chore: add SPDX headers and DCO enforcement (#501)
  • chore: remove flaky CodSpeed benchmarks from CI (#507)

Full Changelog: v0.20.0...v0.21.0

Verification

All binaries include SLSA Level 3 provenance attestations.

Verify binary provenance

slsa-verifier verify-artifact ofelia-linux-amd64 \
  --provenance-path ofelia-linux-amd64.intoto.jsonl \
  --source-uri github.com/netresearch/ofelia

Verify checksums signature

cosign verify-blob \
  --certificate checksums.txt.pem \
  --signature checksums.txt.sig \
  --certificate-identity "https://github.com/netresearch/ofelia/.github/workflows/release-slsa.yml@refs/tags/v0.21.0" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  checksums.txt

Included in this release

View all PRs and Issues included in this release

Assets 29
Loading