v1.0.0-rc.1
Pre-release
Pre-release
github-actions
released this
03 Feb 00:34
·
904 commits
to main
since this release
New Features
-
Introduce new certificate store and CRD definition
- A certificate store resource defines the list of certificate to fetch from a provider. You can find more about certificate stores including a sample notary verifier with certificate stores defined here.
-
Introduce new Ratify server endpoint and accompanying functionality for a tag to digest external data provider
- This service endpoint returns resolved digests of any tag provided in the request. Find the design doc here.
-
Introduce new request cache lock to enable processing verification once per subject in case of concurrent requests
- Verification results are cached with a 5 min TTL and refreshed if the cache entry is expired at read time.
-
Introduce new cache layer to the ORAS store API to avoid lots of same requests to remote registry at the same time
- Add cache layer to the ListReferrers ORAS store API with configurable TTL.
-
Introduce new configurable logging level
- Implements configurable log levels via RATIFY_LOG_LEVEL, with the default to the current INFO level. Find the valid options here.
Bug Fixes
- fix: update chart value for keyvault provider by @susanshi in #586
- fix: store crd chart missing managedIdentity oras authprovider by @fseldow in #543
- fix: notice file name for component governance by @sajayantony in #482
Tests
CLI
- Verifier Scenarios
- Notation v2
- Cosign
- SBOM
- License Checker
- JSON Schema Validation
- All verifier types in one
Kubernetes
- Verifier Scenarios
- Notation v2
- Cosign
- SBOM
- License Checker
- JSON Schema Validation
- All verifier types in one
- ORAS Store Authentication Providers
- Docker
- Kubernetes Secrets
- Azure Workload Identity
- Azure Managed Identity
- Mutation Provider
Detailed Commits
- Added notes for 2022-jan to 2022-jun by @sajayantony in #476
- chore: bump github/codeql-action from 2.1.35 to 2.1.36 by @dependabot in #479
- chore: update pull request template by @aramase in #484
- fix: notice file name for component governance by @sajayantony in #482
- chore: Bump k8s.io/client-go from 0.24.8 to 0.24.9 by @dependabot in #487
- ci: add semantic.yml by @aramase in #483
- Update devcontainer for latest Ratify by @noelbundick-msft in #491
- update document of oras auth provider for azure managed identity by @fseldow in #427
- chore: add gh issue template by @aramase in #486
- chore: Bump goreleaser/goreleaser-action from 3 to 4 by @dependabot in #495
- Enable verifier plugins to work with store plugins by @noelbundick-msft in #493
- chore: go fmt by @noelbundick-msft in #497
- Adds initial docs for creating plugins by @noelbundick-msft in #496
- Remove executionMode (passthrough mode) by @noelbundick-msft in #494
- chore: Bump github/codeql-action from 2.1.36 to 2.1.37 by @dependabot in #500
- chore: Bump ossf/scorecard-action from 2.0.6 to 2.1.0 by @dependabot in #501
- Add configurable logging level by @noelbundick-msft in #498
- chore: Bump oras.land/oras-go/v2 from 2.0.0-rc.5 to 2.0.0-rc.6 by @dependabot in #514
- chore: Bump github.com/Azure/azure-sdk-for-go from 67.1.0+incompatible to 67.2.0+incompatible by @dependabot in #512
- chore: add log level toggle to helm chart by @akashsinghal in #506
- chore: Bump github.com/docker/cli from 20.10.21+incompatible to 20.10.22+incompatible by @dependabot in #513
- chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.13.4 to 1.13.5 by @dependabot in #511
- ci: remove markdown file bypass by @akashsinghal in #516
- Update quick start to latest image by @susanshi in #477
- chore: Bump ossf/scorecard-action from 2.1.0 to 2.1.1 by @dependabot in #517
- chore: Bump ossf/scorecard-action from 2.1.1 to 2.1.2 by @dependabot in #522
- chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.18.4 to 1.18.7 by @dependabot in #524
- perf: add http retry client by @akashsinghal in #505
- pin GK to 3.10.0 until breaking changes are merged in and addressed by @mluker in #540
- chore: Bump github.com/hashicorp/go-retryablehttp from 0.7.1 to 0.7.2 by @dependabot in #532
- chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.13.7 to 1.13.8 by @dependabot in #533
- chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.18.7 to 1.18.8 by @dependabot in #534
- feat: add annotation of configmap/secret hash to ratify pod by @HDYA in #509
- docs: Added meeting notes for 2022-Dec by @sajayantony in #541
- Added maintainers for the Ratify project by @sajayantony in #537
- fix: store crd chart missing managedIdentity oras authprovider by @fseldow in #543
- feat: add JSON schema validator by @mluker in #527
- refactor: Move authprovider to pkg/common/oras by @noelbundick-msft in #520
- Add feature flag support by @noelbundick-msft in #544
- chore: Bump github/codeql-action from 2.1.37 to 2.1.38 by @dependabot in #549
- ci: enable linting with golangci-lint by @aramase in #547
- ci: add gatekeeper version matrix by @binbin-li in #530
- chore: Bump github.com/Azure/azure-sdk-for-go from 67.2.0+incompatible to 67.3.0+incompatible by @dependabot in #551
- chore: enable
unused
,whitespace
linters and fix errors by @aramase in #548 - docs: verify azure cmd doc updates by @joshuaphelpsms in #545
- docs: cheatsheet to get up and running quicker by @mluker in #550
- chore: enable more linters and fix errors (part 2) by @aramase in #552
New Contributors
Full Changelog: v1.0.0-beta.2...v1.0.0-rc.1