Release v1.1.0

What's Changed

• Remove dependency on sigstore-ocp by @bouskaJ in #387
• fix: Set the common name of the Fulcio cert automatically by @JasonPowr in #365
• Extract fbc sources code to separate repository by @osmman in #395
• rm kube-rbac-proxy by @JasonPowr in #388
• Handle error when ctlog unable to generate public key by @osmman in #369
• Add annotation to pause resource reconciliation by @osmman in #346
• Use SecurityContextConstraints resource to identify OCP environment by @osmman in #391
• Add liveness and readiness probes by @osmman in #408
• Securesign-1001 | Create Tree Deadline not being enough by @tommyd450 in #393
• doc: fix breaking readme by @kahboom in #434
• rm-unused-secret by @JasonPowr in #433
• [SECURESIGN-1016] | Adding License by @tommyd450 in #435
• Rename Rekor search image from quay.io by @osmman in #440
• [SECURESIGN-844] Migrate to kubebuilder go/v4 by @bouskaJ in #431
• Remove dupplicated e2e by @bouskaJ in #442
• [SECURESIGN-570] Rekor add options to set trillian_log_server by @tommyd450 in #196
• Move metrics annotation into annotation package by @osmman in #441
• [SECURESIGN-1002] Move creation of cli server to manager startup cycle by @osmman in #450
• Add new flag for manager to define target k8s environment by @osmman in #459
• Split build actions by @osmman in #460
• Update golang Docker tag to v1.22 (main) by @red-hat-konflux in #473
• feat: pass proxy configuration to operands by @miyunari in #475
• [SECURESIGN-1137] refactor services port name by @fghanmi in #474
• Fix trillian-db scc by @bouskaJ in #464
• [SECURESIGN-1049] adding securesign quay url by @SequeI in #486
• [SECURESIGN-663] Add option to set an external ctlog service by @fghanmi in #465
• Extract shared actions by @bouskaJ in #490
• Inject CA trust bundle into managed containers and set SSL_CERT_DIR by @osmman in #491
• Bumb source version of operator for upgrade scenario by @osmman in #497
• Use Gomega parameter passed by eventually to create assertions by @osmman in #495
• Store K8s dump into file by @osmman in #499
• [SECURESIGN-1206] Making segment backup job proxy aware by @SequeI in #501
• feat: provide host name option for CLI and search ui by @JasonPowr in #488
• Namespace deletion check in Reconcile function by @osmman in #505
• Create tree event contains Merkle tree id by @osmman in #506
• SECURESIGN-1207: fix SBJ breaking on update by @JasonPowr in #502
• Update Rekor controller behavior to preserve generated keys by @osmman in #351
• SECURESIGN-1226: Update Rekor's treeID when it change by @osmman in #509
• Remove finalizer before interupting reconcile function by @osmman in #511
• SECURESIGN-1227: Update CTlog's treeID when it change by @osmman in #510
• doc: Rotation the signer key for Rekor service by @osmman in #513
• Fix incorrect number of parameters for SBJ error logging by @osmman in #519
• SECURESIGN-1250 | Targets are not coming up with monitoring enabled. by @JasonPowr in #518
• e2e: Use deployment to verify configuration update of component by @osmman in #522
• rekor: Initialize action execute when targeted condition status is false by @osmman in #529
• SECURESIGN-568: Extend Rekor API to support sharding configuration by @osmman in #512
• [SECURESIGN-574] | Independently deployable CTlog Changes by @tommyd450 in #517
• SECURESIGN-1275: Enable RecoverPanic on controllers by @osmman in #532
• Enforce standards by golangci linter by @osmman in #534
• logging: Replace zap logger by klog by @osmman in #533
• chore: update checkout and setup-go actions by @osmman in #535
• Migrate images to new repos by @bouskaJ in #539
• Update rekor-redis image sha by @bouskaJ in #542
• feat: add prefix parameter into Fulcio's ctlog config by @osmman in #543
• refactor: fix e2e tests to pass golangci linter by @osmman in #545
• feat: add option to set custom CTlog server's config by @osmman in #544
• SECURESIGN-1014 | Add support for Trusted Timestamp Authorities in SecureSign by @JasonPowr in #456
• chore: patch-tsa-upgrade-test by @JasonPowr in #563
• refactor: switch from docker to go-containerregistry implementation by @osmman in #562
• SECURESIGN-1015 | Configure ingress sharding by @JasonPowr in #566
• fix: check observed, available and new replica set statuses to decide if deployment is ready by @osmman in #564
• [SECURESIGN-574] Independently Deployable CT-log by @tommyd450 in #561
• SECURESIGN-842 | Operator's metrics are not consumed by OCP monitor by @JasonPowr in #557
• SECURESIGN-1203 | Add TSA key rotation doc by @JasonPowr in #565
• doc: CT log signer key rotation and sharding by @osmman in #571
• SECURESIGN-1221 | SBJ Not reaching segment endpoint by @JasonPowr in #570
• fix(rekor): create new secret only for generated signer key by @osmman in #582
• Add proxy e2e test by @bouskaJ in #536
• fix: check if lates progressing status is for current deployment temp… by @osmman in #583
• refactor: split config update based on component by @osmman in #548
• fix: Make sure cosign recognises leaf cert by @JasonPowr in #586
• SECURESIGN-1200 | Fulcio key rotation by @JasonPowr in #578
• fix: Make sure SBJ installation runs only once by @JasonPowr in #587
• fix(trillian): run initialize check when deployment changed by @osmman in #590
• [SECURESIGN-1238] Align with new TUF server by @bouskaJ in #550
• doc(rekor): add rekor_server option for rekor-cli commands by @osmman in #597
• SECURESIGN-1338 | Tsa-server does not work in Proxy environment by @JasonPowr in #600
• fix(ctlog): fix handle key action condition for private password ref by @osmman in #601
• doc(ctlog): patch password reference and fix ctlog po...

Release v1.0.2

What's Changed

• [release-1.0] fix: Set the common name of the Fulcio cert automatically by @openshift-cherrypick-robot in #400
• [release-1.0] Remove dependency on sigstore-ocp by @openshift-cherrypick-robot in #401
• [release-1.0] rm kube-rbac-proxy by @openshift-cherrypick-robot in #403
• [release-1.0] Handle error when ctlog unable to generate public key by @openshift-cherrypick-robot in #406
• [release-1.0] Extract fbc sources code to separate repository by @osmman in #407
• [release-1.0] Use SecurityContextConstraints resource to identify OCP environment by @openshift-cherrypick-robot in #410
• [release-1.0] Add liveness and readiness probes by @openshift-cherrypick-robot in #411
• [release-1.0] Securesign-1001 | Create Tree Deadline not being enough by @openshift-cherrypick-robot in #427
• [SECURESIGN-1002] Move creation of cli server to manager startup cycle by @osmman in #453
• [release-1.0] Add new flag for manager to define target k8s environment by @osmman in #461

Full Changelog: v1.0.1...v1.0.2

Release v1.0.1

What's Changed

• update fbc-images by @JasonPowr in #311
• trigger builds by @JasonPowr in #312
• Stabilize e2e by @bouskaJ in #304
• Replace PROD images in CI actions by @bouskaJ in #313
• Move to Deployment conditions by @bouskaJ in #314
• Update RHTAP references (main) by @red-hat-konflux in #279
• disable-upgrade-path by @JasonPowr in #317
• downgrade tp2 operator to alpha channel by @Gregory-Pereira in #318
• Fix rekor signer generation action by @bouskaJ in #315
• Make e2e passign by @bouskaJ in #319
• feat: add service monitors to log server and log signer by @JasonPowr in #320
• feat: add service monitor to ctlog by @JasonPowr in #321
• fix: add-missing-metadata by @JasonPowr in #331
• [Securesign 297] Backup and Restore Docs by @tommyd450 in #277
• Eks documentation by @cooktheryan in #259
• fix: fix-snyk-vul by @JasonPowr in #332
• [SECURESIGN-829] Modify Fulcio validation rules to enable meta issuers by @osmman in #330
• Rises a memory limit to 256Mi on manager's container by @osmman in #333
• Patch to be equal with the sample by @cooktheryan in #336
• fix: use-upstream-rbac-image by @JasonPowr in #335
• fix: Use roles instead of cluster roles for SBJ by @Gregory-Pereira in #301
• Add pprof-address option to expose pprof server by @osmman in #334
• 1.0.1: Update client server/sbj add name label by @JasonPowr in #337
• 1.0.1: Run make bundle by @JasonPowr in #338
• run-make-bundle by @JasonPowr in #339
• trigger-bundle-build by @JasonPowr in #341
• Adding 1.0.1 operator to fbc images by @JasonPowr in #342
• trigger-fbc-builds by @JasonPowr in #343
• Enable ec clientserver e2e test by @osmman in #345
• Disable execution of productization-adjustments action during budle t… by @osmman in #348
• Fix external access in Tuf sample by @osmman in #347
• [Securesign 835] | Create Tree Error Looping indefinetley. by @tommyd450 in #340
• feat: Add image EnVar/Flags by @JasonPowr in #344
• fix(rekor): enable rekor search ui by default by @kahboom in #350
• update rekor-search-ui image by @JasonPowr in #354
• run make bundle by @JasonPowr in #355
• update fbc's by @JasonPowr in #356
• catalog: remove alpha channel, add rhtas-1-0 by @lance in #357
• chore(rekor-search-ui) update image by @lance in #360
• chore(bundle): make bundle with new image by @lance in #361
• fbc-images by @JasonPowr in #362
• olm(channel): change from rhtas-1-0 to stable-1-0 by @lance in #359
• Upgrade operator maturity level by @bouskaJ in #366
• Make docker optional by @bouskaJ in #364
• update-naming-in-fbc by @JasonPowr in #367
• update-label-in-bundle by @JasonPowr in #368
• update bundle image by @JasonPowr in #370
• chore(deps): update rhtap references by @red-hat-konflux in #316
• adding dep params for depricated image check by @Gregory-Pereira in #371
• Remove analytics field from Securesign sample by @osmman in #372
• update-images by @JasonPowr in #373
• run make bundle by @JasonPowr in #374
• fbc-images by @JasonPowr in #375
• Securesign 861 by @bouskaJ in #358
• Disable kind registry to free node memory by @bouskaJ in #378
• [SECURESIGN-957] Change Deployment strategy to Recreate for services with PVCs by @bouskaJ in #377
• run-make-bundle by @JasonPowr in #379
• update fbc images by @JasonPowr in #380
• [SECURESIGN-938] Add TUF keys to securesign sample by @bouskaJ in #381
• update fbcs by @JasonPowr in #382
• add annotation by @JasonPowr in #384
• trigger-bundle-build by @JasonPowr in #385

Full Changelog: v1.0.0...v1.0.1

Release v1.0.0

What's Changed

• redis-image-change by @cooktheryan in #100
• Create namespaced hostnames by @bouskaJ in #107
• Updating Images by @tommyd450 in #108
• ingress change due to ocp cert issue by @cooktheryan in #111
• trillian-db by @cooktheryan in #112
• gamma to main by @cooktheryan in #158
• Operator 2.0 by @bouskaJ in #95
• Dump ns on failure by @bouskaJ in #169
• Fix 171 by @bouskaJ in #174
• feat: Add Back fill Redis CronJob by @JasonPowr in #173
• Fix keys autodiscovery by @bouskaJ in #168
• Migrate from phases to conditions by @bouskaJ in #188
• EKS support and testing by @cooktheryan in #194
• job for openshift CI by @cooktheryan in #197
• retain and size set by @cooktheryan in #172
• fix of retain functionality by @cooktheryan in #203
• Manually ensuring nothing was missed gamma to main by @cooktheryan in #209
• Restart on configuration change by @bouskaJ in #200
• modify the default value of database by @cooktheryan in #213
• Quick hack for Openshift testing by @cooktheryan in #214
• fix tas keycloak install script by @sallyom in #215
• update dockerfiles, update pipelines, add fbc images by @JasonPowr in #201
• fix: Fix EC in Konflux by @JasonPowr in #221
• Improve error handling by @bouskaJ in #216
• Update RHTAP references (main) by @red-hat-konflux in #220
• Swap ctlog image based on midstream and konflux by @cooktheryan in #224
• include yaml in file and dont curl by @cooktheryan in #225
• replacing values to represent TAS by @cooktheryan in #229
• Add validation conditions for Trillian resource by @osmman in #228
• release candidate images by @cooktheryan in #231
• Add validation conditions for TUF and Rekor resources by @osmman in #232
• Update RHTAP references (main) by @red-hat-konflux in #226
• run make bundle by @JasonPowr in #235
• Add API validation rules for CTlog and Fulcio resources by @osmman in #236
• Add FBC images for GA by @JasonPowr in #237
• Red Hat Konflux update fbc-v4-13 by @red-hat-konflux in #241
• Red Hat Konflux update fbc-v4-14 by @red-hat-konflux in #242
• Fix status conditions by @bouskaJ in #245
• Split Client server into two images by @JasonPowr in #227
• Add license to FBC images by @JasonPowr in #246
• Adding 4.15 FBC images by @JasonPowr in #243
• Red Hat Konflux update fbc-v4-15 by @red-hat-konflux in #247
• Add LocalObejctReference to v1alpha1 api by @osmman in #244
• Run make bundle by @JasonPowr in #248
• Update FBC images to recent snapshot by @JasonPowr in #251
• Fix generated Fulcio root certificate requirements by @osmman in #252
• chore: bump fulcio, trillian and ct by @lance in #255
• chore(deps): update rhtap references (main) by @red-hat-konflux in #240
• chore: Update to latest images by @JasonPowr in #253
• Update Konflux CEL expressions by @JasonPowr in #250
• deps(netcat): replace custom netcat with ose-tools by @lance in #258
• [SECURESIGN-655] Enable OIDCs with private or self-signed certificates by @osmman in #256
• SECURESIGN-589 | Fulcio OIDC issuers configuration does not show in Web Form by @JasonPowr in #257
• Fix Openshift CI's E2E tests by @osmman in #263
• GA: image updates by @JasonPowr in #265
• run make bundle by @JasonPowr in #264
• Fix validation error by @bouskaJ in #261
• add-trigger-action by @JasonPowr in #267
• Update RHTAP references (main) by @red-hat-konflux in #262
• update-images by @JasonPowr in #269
• run-make-bundle by @JasonPowr in #270
• GA: fbc image updates by @JasonPowr in #271
• generating new builds by @JasonPowr in #272
• run-make-bundle by @JasonPowr in #273
• run-make-bundle by @JasonPowr in #275
• trigger bundle build by @JasonPowr in #276
• update fbc images by @JasonPowr in #278
• feat(config): add env var for rekor endpoint to search-ui deployment by @kahboom in #268
• [SECURESIGN-681] Move TreeID to status field by @bouskaJ in #280
• [SECURESIGN-683] Fix autodiscovery of Fulcio Root CA in CTlog by @osmman in #281
• Implementation of Segment Backup Job and Cronjob by @Gregory-Pereira in #260
• GA: update-images by @JasonPowr in #282
• run make bundle by @JasonPowr in #283
• GA: update fbc images by @JasonPowr in #284
• revert to 4.14 by @JasonPowr in #285
• switch back to 4.15 by @JasonPowr in #286
• trigger rebuild by @Gregory-Pereira in #287
• fix-sbj-cluster-role by @JasonPowr in #288
• run-make-bundle by @JasonPowr in #289
• fbc-images by @JasonPowr in #290
• trigger builds by @JasonPowr in #291
• [SECURESIGN-704] Create ClusterRoleBinding per instance by @bouskaJ in #292
• updating the bundle based on SECURESIGN-704 by @Gregory-Pereira in #293
• forgot to bump operator version in csv + makefile by @Gregory-Pereira in #295
• updating FBCs with new shas @ 03/28/24 1:38 PST by @Gregory-Pereira in #294
• update-images by @JasonPowr in #296
• run-make-bundle by @JasonPowr in #297
• update fbc-images by @JasonPowr in #298
• Disable monitoring by default by @Gregory-Pereira in #299
• update operator and bundle shas to match snapshot: operator-54fl9 by @Gregory-Pereira in https://github.com/securesign/secure-sign-...

Tech Preview v0.0.2

Update RHTAP references (#234)

Co-authored-by: red-hat-konflux <123456+red-hat-konflux[bot]@users.noreply.github.com>