v0.4.0
What's Changed
-
Breaking change: remove
release.yaml
because for TUF you can not just do a simple kubectl apply. Replaced withsetup-scaffolding.sh
-
Increse Cloud SQL disk utilization threshold to 95% by @priyawadhwa in #193
-
Add prober check for Fulcio write endpoint by @priyawadhwa in #194
-
Add github action to run prober once when it's updated by @priyawadhwa in #195
-
actually pass through the mysql version to the module. by @k4leung4 in #197
-
Bump github/codeql-action from 2.1.11 to 2.1.12 by @dependabot in #201
-
Bump google.golang.org/grpc from 1.46.2 to 1.47.0 by @dependabot in #203
-
Refactor alerts and fix prober error code alert by @priyawadhwa in #199
-
Bump tfsec/tfsec-sarif-action from 0.1.0 to 0.1.3 by @dependabot in #202
-
Bump github.com/sigstore/rekor from 0.7.0 to 0.8.0 by @dependabot in #207
-
Bump sigstore/cosign-installer from 2.3.0 to 2.4.0 by @dependabot in #205
-
Bump github.com/sigstore/fulcio from 0.4.1 to 0.5.0 by @dependabot in #208
-
Allow custom URLs for Rekor/Fulcio for prober by @priyawadhwa in #209
-
raise version upper limit to allow terraform 1.2.0+ by @k4leung4 in #213
-
Add Rekor write endpoint to prober by @priyawadhwa in #214
-
add maintenance policy, avoid work hours for google maintenance by @k4leung4 in #215
-
Bump github.com/sigstore/rekor from 0.8.0 to 0.8.1 by @dependabot in #219
-
Bump sigs.k8s.io/release-utils from 0.6.0 to 0.7.1 by @dependabot in #216
-
raise allowed google provider version to 4.25 by @k4leung4 in #224
-
Bump github.com/sigstore/rekor from 0.8.1 to 0.8.2 by @dependabot in #226
-
Bump github/codeql-action from 2.1.12 to 2.1.14 by @dependabot in #225
-
increase timeout from 5 to 15min for argocd helm release. by @k4leung4 in #227
-
upgrade kubectl / helm terraform providers by @cpanato in #228
-
Add Terraform resource for TUF preprod bucket by @haydentherapper in #229
-
Bump github/codeql-action from 2.1.14 to 2.1.15 by @dependabot in #230
-
Bump sigstore/cosign-installer from 2.4.0 to 2.4.1 by @dependabot in #231
-
Bump github.com/sigstore/rekor from 0.8.2 to 0.9.0 by @dependabot in #232
-
Temporarily disable Rekor alert until we get around to fixing it by @priyawadhwa in #234
-
Bump github.com/sigstore/rekor from 0.9.0 to 0.9.1 by @dependabot in #237
-
Bump github.com/sigstore/fulcio from 0.5.0 to 0.5.1 by @dependabot in #236
-
Update prober alert metric names to Prometheus targets by @priyawadhwa in #238
-
Bump github/codeql-action from 2.1.15 to 2.1.16 by @dependabot in #240
-
Bump github.com/go-openapi/strfmt from 0.21.2 to 0.21.3 by @dependabot in #241
-
Bump google.golang.org/grpc from 1.47.0 to 1.48.0 by @dependabot in #243
-
Bump actions/setup-go from 3.2.0 to 3.2.1 by @dependabot in #239
-
Allow creating alerts with multiple notification channels by @priyawadhwa in #249
-
Bump github.com/sigstore/cosign from 1.9.0 to 1.10.0 by @dependabot in #250
-
Bump github.com/google/trillian from 1.4.1 to 1.4.2 by @dependabot in #257
-
Bump sigstore/cosign-installer from 2.4.1 to 2.5.0 by @dependabot in #254
-
Bump sigs.k8s.io/release-utils from 0.7.1 to 0.7.3 by @dependabot in #258
-
Bump github.com/sigstore/fulcio from 0.5.1 to 0.5.2 by @dependabot in #259
-
Bump google.golang.org/protobuf from 1.28.0 to 1.28.1 by @dependabot in #256
-
Bump github/codeql-action from 2.1.16 to 2.1.17 by @dependabot in #253
-
Bump github.com/sigstore/rekor from 0.9.1 to 0.10.0 by @dependabot in #255
-
add support for adding read replicas. can be used for failover by @k4leung4 in #251
-
use workload identity for external secret instead of service key. by @k4leung4 in #233
-
bump external-secrets api to v1beta1 now we are on v0.5.x by @k4leung4 in #260
-
plumb mysql replica configuration into sigstore module. by @k4leung4 in #261
-
Add a tuf server as well as repo management for tuf. by @vaikas in #262
-
remove token creator role for external secrets. by @k4leung4 in #264
-
Refactor the github action, test with tuf root. by @vaikas in #263
-
Bump github.com/sigstore/cosign from 1.10.0 to 1.10.1 by @dependabot in #270
-
Bump github/codeql-action from 2.1.17 to 2.1.18 by @dependabot in #269
-
Bump github.com/prometheus/client_golang from 1.12.2 to 1.13.0 by @dependabot in #271
-
Add job ttls, use setup-scaffolding for e2e tests, update getting-started.md by @vaikas in #267
Full Changelog: v0.3.0...v0.4.0