Releases: sigstore/scaffolding
Releases · sigstore/scaffolding
v0.7.11
What's Changed
- fix release workflow to checkout first by @bobcallaway in #1283
Full Changelog: v0.7.10...v0.7.11
v0.7.10
FYI
This release failed due to an issue in the release script. Please use the 0.7.11 release.
What's Changed
Go to 1.23.1 and:
- terraform: read mysql pwd from gcp SM instead of TF random variable by @bobcallaway in #1263
- Bump the terraform group across 27 directories with 2 updates by @dependabot in #1248
- Bump github/codeql-action from 3.26.6 to 3.26.7 by @dependabot in #1264
- Bump github.com/sigstore/sigstore-go from 0.6.1 to 0.6.2 by @dependabot in #1268
- Bump k8s.io/client-go from 0.31.0 to 0.31.1 by @dependabot in #1272
- Bump google.golang.org/grpc from 1.66.0 to 1.66.2 by @dependabot in #1267
- Bump k8s.io/code-generator from 0.31.0 to 0.31.1 by @dependabot in #1269
- Revert "Bump the terraform group across 27 directories with 2 updates" by @bobcallaway in #1273
- remove secret_version from being TF managed by @bobcallaway in #1274
- Bump github/codeql-action from 3.26.7 to 3.26.8 by @dependabot in #1275
- Bump github.com/prometheus/client_golang from 1.20.3 to 1.20.4 by @dependabot in #1277
- Bump google.golang.org/grpc from 1.66.2 to 1.67.0 by @dependabot in #1276
- Bump trillian-opensource-ci/db_server from
c5195ff
to6f9942d
in /config/trillian/mysql by @dependabot in #1279 - bump terraform to 1.9.6 and 6.3.0 by @bobcallaway in #1281
- bump cloud-sql-proxy in ko by @bobcallaway in #1282
- update vendor by @k4leung4 in #1278
- Bump sigs.k8s.io/release-utils from 0.8.4 to 0.8.5 by @dependabot in #1266
Full Changelog: v0.7.9...v0.7.10
v0.7.9
What's Changed
- Bump github/codeql-action from 3.26.5 to 3.26.6 by @dependabot in #1249
- Bump trillian-opensource-ci/db_server from
0447d06
to58f8b09
in /config/trillian/mysql by @dependabot in #1250 - Remove unused preprod TUF GCS bucket by @haydentherapper in #1251
- Set default value for tuf_main_page_suffix by @jku in #1252
- add variable to toggle standalone mysql SSL setting by @bobcallaway in #1253
- strip port from TLS server name used in verification by @bobcallaway in #1254
- Bump github.com/sigstore/fulcio from 1.6.3 to 1.6.4 by @dependabot in #1255
- Bump github.com/sigstore/sigstore-go from 0.6.1-0.20240821212051-2198ac32dd94 to 0.6.1 by @dependabot in #1256
- Bump projectsigstore/fulcio from v1.6.3 to v1.6.4 in /config/fulcio/fulcio by @dependabot in #1261
- Bump golang.org/x/net from 0.28.0 to 0.29.0 by @dependabot in #1257
- Bump github.com/prometheus/client_golang from 1.20.2 to 1.20.3 by @dependabot in #1260
- Bump trillian-opensource-ci/db_server from
58f8b09
toc5195ff
in /config/trillian/mysql by @dependabot in #1262
Full Changelog: v0.7.8...v0.7.9
v0.7.8
What's Changed
- Bump projectsigstore/fulcio from v1.6.2 to v1.6.3 in /config/fulcio/fulcio by @dependabot in #1242
- Bump github/codeql-action from 3.26.2 to 3.26.5 by @dependabot in #1239
- Bump hashicorp/setup-terraform from 3.1.1 to 3.1.2 by @dependabot in #1238
- Bump github.com/sigstore/fulcio from 1.6.2 to 1.6.3 by @dependabot in #1241
- Bump github.com/prometheus/client_golang from 1.20.0 to 1.20.2 by @dependabot in #1240
- Bump trillian-opensource-ci/db_server from
febf72e
to0447d06
in /config/trillian/mysql by @dependabot in #1243 - Generate the TUF repository with consistent_snapshot: true by @bkabrda in #1244
- bump trillian to v1.6.1 release by @bobcallaway in #1246
- Bump google.golang.org/grpc from 1.65.0 to 1.66.0 by @dependabot in #1247
- Truncate files if they exist prior to extraction from archive by @bkabrda in #1245
- Generate trusted_root.json in the TUF server by @bkabrda in #1235
Full Changelog: v0.7.7...v0.7.8
v0.7.7
v0.7.6
Note, this release missed a go mod tidy
so you should skip and move to v0.7.7
What's Changed
- Bump docker/login-action from 3.2.0 to 3.3.0 by @dependabot in #1197
- Bump github/codeql-action from 3.25.13 to 3.25.15 by @dependabot in #1196
- Bump sigs.k8s.io/release-utils from 0.8.3 to 0.8.4 by @dependabot in #1194
- Bump github.com/docker/docker from 24.0.9+incompatible to 26.1.4+incompatible by @dependabot in #1198
- Bump hashicorp/google from 5.38.0 to 5.39.1 in /terraform/gcp/modules/external_secrets in the terraform group by @dependabot in #1201
- Bump golang.org/x/time from 0.5.0 to 0.6.0 by @dependabot in #1203
- Bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 by @dependabot in #1202
- export bastion SA email address as tf output from sigstore module by @bobcallaway in #1204
- Bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.3.0 by @dependabot in #1195
- Bump github.com/sigstore/fulcio from 1.5.1 to 1.6.0 by @dependabot in #1209
- Bump github.com/sigstore/sigstore from 1.8.7 to 1.8.8 by @dependabot in #1207
- Bump github.com/sigstore/cosign/v2 from 2.3.0 to 2.4.0 by @dependabot in #1210
- Bump golang.org/x/crypto from 0.25.0 to 0.26.0 by @dependabot in #1208
- Bump golang.org/x/net from 0.27.0 to 0.28.0 by @dependabot in #1206
- bump terraform and tweak dependabot config by @bobcallaway in #1213
- assign bastion SA role in bastion module by @bobcallaway in #1212
- Update dependabot.yml by @k4leung4 in #1215
- Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by @dependabot in #1218
- Bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in #1217
- Bump the terraform group across 2 directories with 1 update by @dependabot in #1219
- Bump github.com/docker/docker from 26.1.4+incompatible to 26.1.5+incompatible by @dependabot in #1220
- Bump trillian-opensource-ci/db_server from
e58334f
to7021372
in /config/trillian/mysql by @dependabot in #1216 - rename rekor createsecret to eliminate naming confict by @bobcallaway in #1221
- Bump projectsigstore/fulcio from v1.5.1 to v1.6.0 in /config/fulcio/fulcio by @dependabot in #1211
- Add different run modes for the TUF server, allow saving TUF keys as a secret by @bkabrda in #1214
- Bump github/codeql-action from 3.26.0 to 3.26.2 by @dependabot in #1232
- Bump github.com/sigstore/fulcio from 1.6.0 to 1.6.2 by @dependabot in #1228
- Bump projectsigstore/fulcio from v1.6.0 to v1.6.2 in /config/fulcio/fulcio by @dependabot in #1230
- Bump cloud-sql-connectors/cloud-sql-proxy from 2.12.0-alpine to 2.13.0-alpine by @dependabot in #1229
- Bump github.com/prometheus/client_golang from 1.19.1 to 1.20.0 by @dependabot in #1227
- Update the default k8s version by @cmurphy in #1233
- Add default kubelet config for node config for pools and clusters by @haydentherapper in #1234
- Bump k8s.io/client-go from 0.30.3 to 0.31.0 by @dependabot in #1226
- Bump trillian-opensource-ci/db_server from
7021372
tofebf72e
in /config/trillian/mysql by @dependabot in #1231
Full Changelog: v0.7.5...v0.7.6
v0.7.5
Changelog
Thanks to all contributors!
What's Changed
- Bump projectsigstore/fulcio from v1.5.0 to v1.5.1 in /config/fulcio/fulcio by @dependabot in #1173
- Bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in #1179
- Bump github.com/golang/glog from 1.2.1 to 1.2.2 by @dependabot in #1176
- Bump sigs.k8s.io/release-utils from 0.8.2 to 0.8.3 by @dependabot in #1175
- Bump github.com/sigstore/sigstore from 1.8.6 to 1.8.7 by @dependabot in #1178
- Bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #1180
- Add documentation on generating trusted_root.json by @cmurphy in #1174
- bump terraform to 1.9.2 and google provider to 5.37.0 by @bobcallaway in #1181
- Bump cloud-sql-connectors/cloud-sql-proxy from 2.11.4-alpine to 2.12.0-alpine by @dependabot in #1185
- Enable running the TUF server outside of k8s by @bkabrda in #1159
- Bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in #1186
- Bump k8s.io/api from 0.30.2 to 0.30.3 by @dependabot in #1190
- Bump k8s.io/code-generator from 0.30.2 to 0.30.3 by @dependabot in #1188
- Bump k8s.io/client-go from 0.30.2 to 0.30.3 by @dependabot in #1187
- bump terraform to 1.9.3 and google to 5.38.0 by @bobcallaway in #1193
- Bump github.com/sigstore/fulcio from 1.4.5 to 1.5.1 by @dependabot in #1177
- Bump google.golang.org/grpc from 1.64.0 to 1.65.0 by @dependabot in #1168
New Contributors
Full Changelog: v0.7.4...v0.7.5
v0.7.4
v0.7.3
What's Changed
- add cloudsql.client role to trillian SA by @bobcallaway in #1146
- update default for mysql-shard to v8.0.37 by @bobcallaway in #1147
- declare instance name, tier for shard by @bobcallaway in #1148
- bump google provider for ext secrets module to match by @bobcallaway in #1151
- enable DB deletion protection across all GCP API surfaces by @bobcallaway in #1150
- add ssl_mode given deprecation of require_ssl by @bobcallaway in #1152
- bump base disk for bastion to debian 12 by @bobcallaway in #1161
- Add v1 Fulcio endpoint to prober by @cmurphy in #1160
- Add alert for cloud-sql-proxy connection failures by @cmurphy in #1162
- Allow rekor service account to post to metrics by @cmurphy in #1163
- enable os patch runs nightly for bastion images by @bobcallaway in #1164
- enable osconfig API by @bobcallaway in #1165
Full Changelog: v0.7.2...v0.7.3
v0.7.2
Thanks to all contributors!
What's Changed
- update scaffold release to v0.7.1 by @cpanato in #1106
- expose database collation setting as tf variable by @bobcallaway in #1114
- chore: add support for kubernetes version 1.30 by @vishal-chdhry in #1115
- add variable to expose index.html from tuf buckets by @bobcallaway in #1119
- Add playbook for redis memory increase alert by @bobcallaway in #1124
- upgrade metallb by @bobcallaway in #1136
- bump google provider to 5.33.0 by @bobcallaway in #1137
- bump terraform to 1.8.5 by @bobcallaway in #1116
Full Changelog: v0.7.1...v0.7.2