Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v2.2.1 release #380

Merged
merged 30 commits into from
Nov 23, 2021
Merged

v2.2.1 release #380

merged 30 commits into from
Nov 23, 2021

Conversation

xopham
Copy link
Collaborator

@xopham xopham commented Oct 22, 2021
edited by phbelitz

v2.2.1

Major Scope

The release contains the following central improvements:

The focus is aimed to improve compatibility and validation speed.

Changelog

Feat

Fix

Docs

Update

Refactor

Ci

Test

New Contributors

Thanks to all Contributors 🚀

@codecov-commenter
Copy link

codecov-commenter commented Oct 22, 2021
edited

Codecov Report

Merging #380 (a4f8266) into master (975afc1) will decrease coverage by 2.39%.
The diff coverage is 66.66%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #380      +/-   ##
==========================================
- Coverage   96.85%   94.45%   -2.40%     
==========================================
  Files          21       22       +1     
  Lines        1050     1101      +51     
==========================================
+ Hits         1017     1040      +23     
- Misses         33       61      +28
Impacted Files Coverage Δ
connaisseur/__main__.py 0.00% <0.00%> (ø)
connaisseur/logging_wrapper.py 0.00% <0.00%> (ø)
connaisseur/workload_object.py 100.00% <ø> (ø)
connaisseur/flask_application.py 91.46% <85.71%> (ø)
connaisseur/alert.py 97.93% <100.00%> (+0.13%) ⬆️
connaisseur/image.py 100.00% <100.00%> (ø)
connaisseur/validators/cosign/cosign_validator.py 98.83% <100.00%> (+2.58%) ⬆️
connaisseur/validators/interface.py 100.00% <100.00%> (ø)
...naisseur/validators/notaryv1/notaryv1_validator.py 98.30% <100.00%> (+2.50%) ⬆️
...naisseur/validators/notaryv2/notaryv2_validator.py 80.00% <100.00%> (ø)
... and 2 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 975afc1...a4f8266. Read the comment docs.

phbelitz and others added 25 commits October 22, 2021 15:27
@phbelitz
feat: async image validation
8eab731 
Connaisseur now validates all images inside a single request in parallel.

fixes #226
@hsuchan
fix: allow CAPS in image tag
232e5b7 
fixes #392
@Starkteetje
fix: Handle invalid admission requests
80948ab 
This commit adds graceful handling to Connaisseur receiving syntactically invalid admission requests, such that e.g. an alert can be sent out that admission failed
@xopham
docs: add pull request template
ee0b5de
@xopham
ci: use custom k3s cluster
48d2bea
@xopham
ci/test: integration test for workload objects and api versions
f9487c2 
fixes #382
@xopham
fix: add api version batch/v1 support for CronJob resource
ac212a3
@dependabot
update: update mkdocs-material requirement from ~=7.3.4 to ~=7.3.6 (#398
1eed91f 
)

Updates the requirements on [mkdocs-material](https://github.com/squidfunk/mkdocs-material) to permit the latest version.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](squidfunk/mkdocs-material@7.3.4...7.3.6)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
update: update pytest-subprocess requirement from ~=1.2.0 to ~=1.3.1 (#…
df30e54 
…400)

Updates the requirements on [pytest-subprocess](https://github.com/aklajnert/pytest-subprocess) to permit the latest version.
- [Release notes](https://github.com/aklajnert/pytest-subprocess/releases)
- [Changelog](https://github.com/aklajnert/pytest-subprocess/blob/master/HISTORY.rst)
- [Commits](aklajnert/pytest-subprocess@1.2.0...1.3.1)

---
updated-dependencies:
- dependency-name: pytest-subprocess
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
update: update jsonschema requirement from ~=4.1.2 to ~=4.2.0 (#402)
4faead5 
Updates the requirements on [jsonschema](https://github.com/Julian/jsonschema) to permit the latest version.
- [Release notes](https://github.com/Julian/jsonschema/releases)
- [Changelog](https://github.com/Julian/jsonschema/blob/main/CHANGELOG.rst)
- [Commits](python-jsonschema/jsonschema@v4.1.2...v4.2.0)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
update: update setuptools requirement from ~=58.2.0 to ~=58.5.3 (#403)
390ada1 
Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version.
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst)
- [Commits](pypa/setuptools@v58.2.0...v58.5.3)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@xopham
ci: upgrade test
f8a1068
@phbelitz
fix: only load required delegations + bug fix
b91d745 
When using delegation for nv1, Connaisseur now only loads those delegation files it actually needs for verification and not all available. Additionally fixed a bug, where when a delegation role was present inside the `targets.json` but the actual delegation file was missing, Connaisseur would have raised a `KeyError`. This has been solved with proper error handling.

fixes #171
@Starkteetje
docs: Add ADR 7 about WSGI server choice
e80352d 
This commit adds the documentation for the WSGI server choice including the tests run and our decision
@Starkteetje
feat: Exchange Flask server with Cheroot server
2a2cf99 
This commit exchanges the previously used Flask server with the Cheroot WSGI server and ensures compatible logging. The Flask server was not intended as a production server, which is why we did the change.

Fix #11
@Starkteetje
ci/test: Add loadtest to GitHub pipeline
cf8cc75 
This commit adds a loadtest to the GitHub actions pipeline to ensure the Connaisseur performance when under stress

Fix #154
@xopham
docs: add ADR-7
031b89c
@xopham
update: cosign v1.2.1 to v1.3.0
b36dab7
@xopham
ci: speedup upgrade integration test
e7f8a8e
@dependabot
update: update jinja2 requirement from ~=3.0.2 to ~=3.0.3 (#410)
67b6534 
Updates the requirements on [jinja2](https://github.com/pallets/jinja) to permit the latest version.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](pallets/jinja@3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
update: update jsonschema requirement from ~=4.2.0 to ~=4.2.1 (#408)
c2544f1 
Updates the requirements on [jsonschema](https://github.com/Julian/jsonschema) to permit the latest version.
- [Release notes](https://github.com/Julian/jsonschema/releases)
- [Changelog](https://github.com/Julian/jsonschema/blob/main/CHANGELOG.rst)
- [Commits](python-jsonschema/jsonschema@v4.2.0...v4.2.1)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
update: update pytest-subprocess requirement from ~=1.3.1 to ~=1.3.2 (#…
2d94512 
…409)

Updates the requirements on [pytest-subprocess](https://github.com/aklajnert/pytest-subprocess) to permit the latest version.
- [Release notes](https://github.com/aklajnert/pytest-subprocess/releases)
- [Changelog](https://github.com/aklajnert/pytest-subprocess/blob/master/HISTORY.rst)
- [Commits](aklajnert/pytest-subprocess@1.3.1...1.3.2)

---
updated-dependencies:
- dependency-name: pytest-subprocess
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@xopham
update: cosign v1.3.0 to v1.3.1
f035e57
@xopham
refactor: properly handle different cosign key types
b7b2f05
@dependabot
update: update setuptools requirement from ~=58.5.3 to ~=59.2.0 (#419)
7e65d46 
Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version.
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst)
- [Commits](pypa/setuptools@v58.5.3...v59.2.0)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@xopham xopham marked this pull request as ready for review November 23, 2021 13:26
@phbelitz phbelitz merged commit a4f8266 into master Nov 23, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@phbelitz phbelitz phbelitz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@xopham @codecov-commenter @phbelitz @hsuchan @Starkteetje