Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Connaisseur release 3.2.0 #1340

Merged
merged 16 commits into from
Oct 27, 2023
Merged

Connaisseur release 3.2.0 #1340

merged 16 commits into from
Oct 27, 2023

Conversation

Starkteetje
Copy link
Member

Connaisseur release 3.2.0

v3.2.0

Feat

Fix

Refactor

Ci

Test

Docs

Update

phbelitz and others added 16 commits October 13, 2023 13:28
@phbelitz
fix: fix regular integration test
8e798cf 
With #1282 new test images were pushed, thus changing the signed digests. The previous digest was pinned inside the regular integration test. This has been updated.
@hsudbrock @phbelitz
feat: explicitly specify containerPort in helm chart
8547459 
Specifying the containerPort, on the one hand, has a documentary purpose, by making explicit which ports are exposed by the container. On the other hand, it permits the usage of other tools that rely on the containerPort, like PodMonitors from the prometheus operator.

Fix #1305
@xopham
docs: add copy code buttons and linked content tabs
e011fee
@xopham
fix: getRoot base image
e2af133
@xopham
docs: fix code blocks in basics
a77701d
@Starkteetje
docs: Update unittest recommendation
6a2b2e5
@Starkteetje
feat: Validate ephemeral containers
ae9da3f 
Prior to this commit, ephemeral containers were not validated. Thus an attacker able to deploy ephemeral containers could have circumvented Connaisseur's signature validation to deploy arbitrary container images.
@xopham
update: cosign v2.2.0
5380ae7
@Starkteetje
test: Add message to retry of deployment during integration test
6bd96ea
@dependabot
update: bump the gh-actions-packages group with 4 updates
c75fba4 
Bumps the gh-actions-packages group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [ossf/scorecard-action](https://github.com/ossf/scorecard-action), [github/codeql-action](https://github.com/github/codeql-action) and [bridgecrewio/checkov-action](https://github.com/bridgecrewio/checkov-action).


Updates `actions/checkout` from 4.1.0 to 4.1.1
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@8ade135...b4ffde6)

Updates `ossf/scorecard-action` from 2.2.0 to 2.3.1
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ossf/scorecard-action@08b4669...0864cf1)

Updates `github/codeql-action` from 2.21.9 to 2.22.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@ddccb87...49abf0b)

Updates `bridgecrewio/checkov-action` from 12.2526.0 to 12.2549.0
- [Release notes](https://github.com/bridgecrewio/checkov-action/releases)
- [Commits](bridgecrewio/checkov-action@f6243e0...defe079)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gh-actions-packages
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gh-actions-packages
- dependency-name: bridgecrewio/checkov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gh-actions-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
update: bump the pip-packages group with 5 updates (#1338)
d9ca2ae 
Updates the requirements on [aiohttp](https://github.com/aio-libs/aiohttp), [prometheus-flask-exporter](https://github.com/rycus86/prometheus_flask_exporter), [pylint](https://github.com/pylint-dev/pylint), [pytest-mock](https://github.com/pytest-dev/pytest-mock) and [mkdocs-material](https://github.com/squidfunk/mkdocs-material) to permit the latest version.

Updates `aiohttp` to 3.8.6
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](aio-libs/aiohttp@v3.8.5...v3.8.6)

Updates `prometheus-flask-exporter` from 0.22.4 to 0.23.0
- [Commits](rycus86/prometheus_flask_exporter@0.22.4...0.23.0)

Updates `pylint` to 3.0.2
- [Release notes](https://github.com/pylint-dev/pylint/releases)
- [Commits](pylint-dev/pylint@v3.0.1...v3.0.2)

Updates `pytest-mock` to 3.12.0
- [Release notes](https://github.com/pytest-dev/pytest-mock/releases)
- [Changelog](https://github.com/pytest-dev/pytest-mock/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest-mock@v3.11.1...v3.12.0)

Updates `mkdocs-material` to 9.4.6
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](squidfunk/mkdocs-material@9.4.4...9.4.6)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
  dependency-group: pip-packages
- dependency-name: prometheus-flask-exporter
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-packages
- dependency-name: pylint
  dependency-type: direct:development
  dependency-group: pip-packages
- dependency-name: pytest-mock
  dependency-type: direct:development
  dependency-group: pip-packages
- dependency-name: mkdocs-material
  dependency-type: direct:production
  dependency-group: pip-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@Starkteetje
test: Run most integration tests on a single replica
e8a362d
@Starkteetje
refactor: Add missing variable brackets
376e9b2
@Starkteetje
test: No uninstall on integration test failure
2a51358
@Starkteetje
ci: Show non-truncated logs on failure
befe6f0
@dependabot
update: bump the gh-actions-packages group with 1 update
8124191 
Bumps the gh-actions-packages group with 1 update: [bridgecrewio/checkov-action](https://github.com/bridgecrewio/checkov-action).

- [Release notes](https://github.com/bridgecrewio/checkov-action/releases)
- [Commits](bridgecrewio/checkov-action@defe079...d403349)

---
updated-dependencies:
- dependency-name: bridgecrewio/checkov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gh-actions-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@Starkteetje Starkteetje merged commit 8124191 into master Oct 27, 2023
129 of 132 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@phbelitz phbelitz phbelitz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@Starkteetje @phbelitz @hsudbrock @xopham