Skip to content

Releases: sigstore/scaffolding

v0.6.14

10 Jan 23:58
b29298c
Compare
Choose a tag to compare

Changelog

  • b29298c Bump the terraform group in /terraform/gcp/modules/monitoring/slo with 1 update (#937)

Thanks to all contributors!

v0.6.13

18 Dec 13:38
a6e9b1a
Compare
Choose a tag to compare

Changelog

  • a6e9b1a Bump the terraform group in /terraform/gcp/modules/sigstore with 1 update (#894)

Thanks to all contributors!

What's Changed

  • monitoring: change api prober alert by @hectorj2f in #892
  • Bump github.com/sigstore/sigstore from 1.7.5 to 1.7.6 by @dependabot in #897
  • Bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in #893
  • Bump github.com/sigstore/cosign/v2 from 2.2.0 to 2.2.2 by @dependabot in #895
  • Bump the terraform group in /terraform/gcp/modules/external_secrets with 1 update by @dependabot in #898
  • Bump github.com/go-openapi/strfmt from 0.21.8 to 0.21.9 by @dependabot in #896
  • Bump cloud-sql-connectors/cloud-sql-proxy from 2.8.0-alpine to 2.8.1-alpine by @dependabot in #901
  • bump base image for cloud-sql-proxy to 2.8.1 by @bobcallaway in #902
  • Bump the terraform group in /terraform/gcp/modules/sigstore with 1 update by @dependabot in #894

Full Changelog: v0.6.12...v0.6.13

v0.6.12

05 Dec 20:58
9e5583e
Compare
Choose a tag to compare

Changelog

  • 9e5583e Explicitly export zero failures on prober startup (#891)

Thanks to all contributors!

What's Changed

New Contributors

Full Changelog: v0.6.11...v0.6.12

v0.6.11

05 Dec 20:30
4aacfb5
Compare
Choose a tag to compare

Changelog

Thanks to all contributors!

What's Changed

  • Bump the terraform group in /terraform/gcp/modules/external_secrets with 1 update by @dependabot in #868
  • Bump github.com/sigstore/cosign/v2 from 2.2.0 to 2.2.1 by @dependabot in #872
  • Bump github.com/golang/glog from 1.1.2 to 1.2.0 by @dependabot in #871
  • bump terraform to 1.6.5 and 5.7.0 by @bobcallaway in #874
  • revert to using latest ko release instead of tip of HEAD by @bobcallaway in #875
  • upgrade hashicorp/helm tf module by @bobcallaway in #876
  • Bump github.com/theupdateframework/go-tuf from 0.6.1 to 0.7.0 by @dependabot in #877
  • Bump golang.org/x/crypto from 0.15.0 to 0.16.0 by @dependabot in #878
  • Bump github.com/go-openapi/strfmt from 0.21.7 to 0.21.8 by @dependabot in #879
  • Bump github.com/sigstore/rekor from 1.3.3 to 1.3.4 by @dependabot in #881
  • Bump projectsigstore/rekor-server from 1.3.3 to v1.3.4 in /config/rekor/rekor by @dependabot in #884
  • Bump github.com/hashicorp/hcl from 1.0.1-vault-5 to 1.0.1-vault by @dependabot in #883
  • Bump cloud-sql-connectors/cloud-sql-proxy from 2.7.2-alpine to 2.8.0-alpine by @dependabot in #885
  • chore: improve error logs for prober by @hectorj2f in #886
  • chore: check status code in fulcio prober by @hectorj2f in #887

Full Changelog: v0.6.10...v0.6.11

v0.6.10

21 Nov 16:48
2ac99cd
Compare
Choose a tag to compare

What's Changed

  • set default autoscaling service_account to not be 'default' by @bobcallaway in #801
  • Bump github.com/sigstore/sigstore from 1.7.4 to 1.7.5 by @dependabot in #808
  • Bump github.com/hashicorp/go-secure-stdlib/parseutil from 0.1.7 to 0.1.8 by @dependabot in #807
  • Bump sigs.k8s.io/release-utils from 0.7.5 to 0.7.6 by @dependabot in #806
  • Bump github.com/docker/docker from 24.0.2+incompatible to 24.0.7+incompatible by @dependabot in #809
  • Add alert for prober verification data absent by @haydentherapper in #810
  • always increment counter for rekor prober by @bobcallaway in #811
  • Bump projectsigstore/rekor-server from 1.3.2 to v1.3.3 in /config/rekor/rekor by @dependabot in #813
  • Bump github.com/google/uuid from 1.3.1 to 1.4.0 by @dependabot in #804
  • clean up terraform for post-install modules by @bobcallaway in #814
  • upgrade terraform to 1.6.3 and google 5.4.0 by @bobcallaway in #815
  • Bump hashicorp/setup-terraform from 2.0.3 to 3.0.0 by @dependabot in #816
  • Bump golang.org/x/time from 0.3.0 to 0.4.0 by @dependabot in #820
  • Bump github.com/google/trillian from 1.5.2 to 1.5.3 by @dependabot in #818
  • Bump github.com/sigstore/rekor from 1.3.2 to 1.3.3 by @dependabot in #819
  • [docs] update getting-started to work with cosign 2.1 by @NissesSenap in #803
  • bump terraform google module to v5.5.0 by @bobcallaway in #853
  • make terraform updates less noisy by @bobcallaway in #854
  • Add support for specifying a different mysql version for each ctlog shard by @priyawadhwa in #855
  • bump ko version to tip to help debug intermittent failure by @bobcallaway in #857
  • Bump sigstore/cosign-installer from 3.1.2 to 3.2.0 by @dependabot in #822
  • Bump cloud-sql-connectors/cloud-sql-proxy from 2.7.1-alpine to 2.7.2-alpine by @dependabot in #856
  • Bump golang.org/x/crypto from 0.14.0 to 0.15.0 by @dependabot in #836
  • Bump github.com/hashicorp/go-retryablehttp from 0.7.4 to 0.7.5 by @dependabot in #835
  • Bump github.com/hashicorp/go-sockaddr from 1.0.5 to 1.0.6 by @dependabot in #834
  • Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @dependabot in #833
  • Bump golang.org/x/net from 0.17.0 to 0.18.0 by @dependabot in #832
  • Bump github.com/sigstore/cosign/v2 from 2.2.0 to 2.2.1 by @dependabot in #821
  • Bump k8s.io/api from 0.28.3 to 0.28.4 by @dependabot in #860
  • Bump github.com/hashicorp/hcl from 1.0.1-vault-5 to 1.0.1-vault by @dependabot in #864
  • Bump k8s.io/client-go from 0.28.3 to 0.28.4 by @dependabot in #861
  • Bump sigs.k8s.io/release-utils from 0.7.6 to 0.7.7 by @dependabot in #859
  • Bump k8s.io/code-generator from 0.28.3 to 0.28.4 by @dependabot in #863
  • upgrade default & add new k8s versions to improve coverage by @bobcallaway in #812
  • Bump the terraform group in /terraform/gcp/modules/external_secrets with 1 update by @dependabot in #866
  • Bump the terraform group in /terraform/gcp/modules/sigstore with 1 update by @dependabot in #858

New Contributors

Full Changelog: v0.6.9...v0.6.10

v0.6.9

25 Oct 23:19
184dc62
Compare
Choose a tag to compare

Changelog

  • 184dc62 Bump k8s.io/client-go from 0.28.2 to 0.28.3 (#795)

Thanks to all contributors!

What's Changed

Full Changelog: v0.6.8...v0.6.9

v0.6.8

07 Oct 11:39
76f6bf1
Compare
Choose a tag to compare

What's Changed

Full Changelog: v0.6.7...v0.6.8

v0.6.7

06 Sep 23:08
edf534f
Compare
Choose a tag to compare

Changelog

  • edf534f Bump rekor to v1.3.0 and fulcio to v1.4.0 (#749)

Thanks to all contributors!

v0.6.6

14 Aug 15:38
4e9f2ff
Compare
Choose a tag to compare

Changelog

  • 4e9f2ff clean up unused cluster-wide IP and dns WRR configs (#707)

Thanks to all contributors!

What's Changed

Full Changelog: v0.6.5...v0.6.6

v0.6.5

20 Jul 17:02
2221b2e
Compare
Choose a tag to compare

Thanks to all contributors!

What's Changed

  • Increase Cloud SQL alert threshold to 98% by @codysoyland in #569
  • expose variable to make timestamp module optional by @bobcallaway in #567
  • bump install instructions to v0.6.4 by @vaikas in #570
  • Bump google.golang.org/protobuf from 1.28.1 to 1.29.0 by @dependabot in #572
  • Bump github/codeql-action from 2.2.5 to 2.2.6 by @dependabot in #571
  • swaps resource type to k8s_node for k8s mem and cpu utilization alerts by @cdris in #573
  • Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 by @dependabot in #574
  • Bump k8s.io/apimachinery from 0.26.2 to 0.26.3 by @dependabot in #583
  • Bump github/codeql-action from 2.2.6 to 2.2.7 by @dependabot in #575
  • Bump k8s.io/client-go from 0.26.2 to 0.26.3 by @dependabot in #582
  • Bump github.com/go-openapi/strfmt from 0.21.3 to 0.21.5 by @dependabot in #580
  • Bump google.golang.org/protobuf from 1.29.1 to 1.30.0 by @dependabot in #578
  • Bump k8s.io/code-generator from 0.26.2 to 0.26.3 by @dependabot in #581
  • Bump actions/setup-go from 3.5.0 to 4.0.0 by @dependabot in #577
  • Bump actions/checkout from 3.3.0 to 3.4.0 by @dependabot in #576
  • Update kind images to v0.17.0, add k8s 1.26. by @wlynch in #584
  • Bump github/codeql-action from 2.2.7 to 2.2.8 by @dependabot in #585
  • Bump github.com/sigstore/timestamp-authority from 0.2.1 to 1.0.0 by @dependabot in #589
  • Bump actions/checkout from 3.4.0 to 3.5.0 by @dependabot in #586
  • Bump google.golang.org/grpc from 1.53.0 to 1.54.0 by @dependabot in #588
  • Bump github.com/golang/glog from 1.1.0 to 1.1.1 by @dependabot in #587
  • Bump github/codeql-action from 2.2.8 to 2.2.9 by @dependabot in #590
  • Bump github.com/go-openapi/strfmt from 0.21.5 to 0.21.7 by @dependabot in #591
  • Bump github.com/sigstore/fulcio from 1.1.0 to 1.2.0 by @dependabot in #592
  • Bump github.com/sigstore/rekor from 1.0.1 to 1.1.0 by @dependabot in #593
  • Bump github.com/docker/docker from 20.10.21+incompatible to 20.10.24+incompatible by @dependabot in #594
  • add flag to specify where to put GCS logs by @bobcallaway in #595
  • disable flow logging in VPC subnets by @bobcallaway in #596
  • Swapping use of external metric to managed prometheus metric by @cdris in #597
  • Bump github.com/sigstore/sigstore from 1.6.0 to 1.6.1 by @dependabot in #602
  • Bump github/codeql-action from 2.2.9 to 2.2.11 by @dependabot in #599
  • Bump golang.org/x/crypto from 0.7.0 to 0.8.0 by @dependabot in #601
  • Bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible by @dependabot in #603
  • Bump actions/checkout from 3.5.0 to 3.5.2 by @dependabot in #605
  • Bump github.com/sigstore/sigstore from 1.6.1 to 1.6.2 by @dependabot in #608
  • Bump k8s.io/client-go from 0.26.3 to 0.27.1 by @dependabot in #610
  • Bump github/codeql-action from 2.2.11 to 2.2.12 by @dependabot in #604
  • Bump github.com/prometheus/client_golang from 1.14.0 to 1.15.0 by @dependabot in #609
  • Bump k8s.io/code-generator from 0.26.3 to 0.27.1 by @dependabot in #606
  • Bump github.com/sigstore/sigstore from 1.6.2 to 1.6.3 by @dependabot in #613
  • Bump github/codeql-action from 2.2.12 to 2.3.0 by @dependabot in #612
  • reduce number of uptime checks for rekor by @bobcallaway in #614
  • Bump github.com/sigstore/cosign/v2 from 2.0.1 to 2.0.2 by @dependabot in #616
  • Bump github.com/go-sql-driver/mysql from 1.7.0 to 1.7.1 by @dependabot in #618
  • Bump github.com/google/certificate-transparency-go from 1.1.4 to 1.1.5 by @dependabot in #617
  • Bump github/codeql-action from 2.3.0 to 2.3.2 by @dependabot in #619
  • Bump sigstore/cosign-installer from 2.8.1 to 3.0.2 by @dependabot in #600
  • Add ko as a prerequisite in the docs. by @therealnb in #621
  • Bump github.com/sigstore/rekor from 1.1.0 to 1.1.1 by @dependabot in #624
  • Bump github.com/sigstore/fulcio from 1.2.0 to 1.3.1 by @dependabot in #628
  • Bump sigstore/cosign-installer from 3.0.2 to 3.0.3 by @dependabot in #625
  • Bump github.com/sigstore/timestamp-authority from 1.0.0 to 1.1.0 by @dependabot in #630
  • Bump github.com/prometheus/client_golang from 1.15.0 to 1.15.1 by @dependabot in #631
  • Bump google.golang.org/grpc from 1.54.0 to 1.55.0 by @dependabot in #627
  • Bump github/codeql-action from 2.3.2 to 2.3.3 by @dependabot in #626
  • Bump github.com/sigstore/sigstore from 1.6.3 to 1.6.4 by @dependabot in #629
  • Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible by @dependabot in #632
  • Bump github.com/sigstore/timestamp-authority from 1.1.0 to 1.1.1 by @dependabot in #633
  • Bump golang.org/x/crypto from 0.8.0 to 0.9.0 by @dependabot in #636
  • Bump actions/setup-go from 4.0.0 to 4.0.1 by @dependabot in #638
  • Bump k8s.io/code-generator from 0.27.1 to 0.27.2 by @dependabot in #643
  • Bump sigs.k8s.io/release-utils from 0.7.3 to 0.7.4 by @dependabot in #642
  • Bump k8s.io/api from 0.27.1 to 0.27.2 by @dependabot in #641
  • Bump sigstore/cosign-installer from 3.0.3 to 3.0.5 by @dependabot in #637
  • Bump k8s.io/client-go from 0.27.1 to 0.27.2 by @dependabot in #640
  • Bump redis max memory size by @codysoyland in #644
  • Redis memory alerts by @cdris in #645
  • Bump github/codeql-action from 2.3.3 to 2.3.5 by @dependabot in #648
  • update deps by @cpanato in #650
  • Labeling severity for low priority alerts by @cdris in #652
  • Bump github/codeql-action from 2.3.5 to 2.3.6 by @dependabot in #653
  • Bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 by @dependabot in #654
  • Update sigstore/sigstore dep and golangci-lint by @cpanato in #656
  • Bump docker/login-action from 2.1.0 to 2.2.0 by @dependabot in #661
  • Bump github/codeql-action from 2.3.6 to 2.13.4 by @dependabot in #659
  • Bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #660
  • Bump github.com/go-openapi/swag from 0.22.3 to 0.22.4 by @dependabot in #662
  • alert on remaining disk instead of utilization by @cdris in #658
  • CloudSQL disk utilization alert tf fix: conditions is a repeated block not a list by @cdris in #664
  • Cloudsql alert fix: can't have multiple conditions with mql by @cdris in #665
  • allow redis cluster size to be set in variable by @bobcallaway in #666
  • Bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 by @dependabot in #667
  • Bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 by @dependabot in #668
  • update de...
Read more